Privacy issues are increasingly critical as the cyber and real worlds converge through mobile devices, yet effective means to protect privacy are lacking. Once users share data with service providers, they lose control over it. While refraining from sharing data might seem like a solution, it limits access to valuable services like navigation applications. This dissertation explores two key aspects of privacy protection. First, it addresses the prevention of unnecessary private information generation, particularly through access-controlled service usage. A proposed solution involves k-anonymous authorization, which provides users with trusted pseudonymous certificates that reflect their authorizations. These certificates, issued by a trusted authority, allow service verification without revealing the user’s identity, ensuring that service usage remains untrackable. The second aspect focuses on maintaining control over private data shared with others. To facilitate context-sensitive services that require temporary access to private data, the dissertation introduces a Privacy Guaranteeing Execution Container (PGEC). This container allows applications to access user data in a secure environment, ensuring data deletion once the service concludes. The PGEC restricts communication to what the user explicitly permits and incorporates defenses against malicious attacks, ensuring that private data is used only once.
