PIPER: A Framework for Exploring the Privacy Implications of Pervasive Computing Applications in Their Physical Environments

Pervasive computing presents profound privacy risks for end users because its capabilities to monitor, control, and interact with the physical world. As a first step to support early evaluation of potential privacy violations, we introduce PIPER, a framework for the systematic modeling, analysis, and exploration of Privacy Implications in PERvasive computing systems and their physical environments. UML/OCL is used to model important structures and behaviors of these systems as well as data flow properties and privacy requirements. This framework facilitates consideration and explicit specification of the effects of actions in the physical environment and the tracing of data flow through both cyber and physical components of the system. Using this framework, privacy analysts and software engineers can communicate more objectively about privacy-related issues, identify faults in application logic, and examine the impact that changes to either applications or physical environments have on personal privacy in pervasive systems.