Towards Usable Privacy and Identity Management for Smart Environments

Abstract: Smart environments provide users with a large number of new services that will improve their lives, however, they also have the potential for collecting staggering amounts of personal information, which, if misused, poses a multitude of privacy threats to users ranging from identification, tracking, stalking, monitoring and profiling. Consequently, the users’ right to informational self-determination is at stake in smart environments. Usable Privacy-Enhancing Identity Management (PE-IdM) can re-establish user control by offering users a selection of meaningful privacy preference settings that they could choose from. However, different privacy trade-offs need to be considered and managed for the configuration of the identity management system as well as cultural privacy aspects influencing user's privacy preferences. Guidelines for usable management of privacy settings that address varying end user preferences for control and privacy conflicting goals are needed.  The objective of this thesis is to explore approaches for enforcing usable PE-IdM for smart environments, with a focus on vehicular ad hoc networks (VANETs). To that end, we unravel the technical state of the art regarding the problem space and solutions, as well as investigating users’ privacy preferences cross-culturally in Sweden and South Africa. We elicit requirements for achieving usable PE-IdM, which are based on usable configuration options, offering suitable selectable privacy settings that will cater for the needs and preferences of users with different cultural backgrounds.