DOCSLIB.ORG

Open Honors-Thesis-Final.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Open Honors-Thesis-Final.Pdf THE PENNSYLVANIA STATE UNIVERSITY SCHREYER HONORS COLLEGE DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING ANDROID LOCATION PERMISSIONS AND HOW THEY AFFECT THE PRIVACY OF USERS DOVILE DROZDOVAITE Fall 2020 A thesis submitted in partial fulfillment of the requirements for a baccalaureate degree in Computer Engineering with honors in Computer Engineering Reviewed and approved* by the following: Trent Jaeger Professor of Computer Science & Engineering Thesis Supervisor John Sampson Assistant Professor of Computer Science & Engineering Honors Adviser * Signatures are on file in the Schreyer Honors College. Abstract It is not rare for a user to be requested permissions while using an application. However, many users are still in the dark as to understanding what happens when they accept the permissions the application requests. In this paper, we will be highlighting Android vulnerabilities used to abuse permission assignment for continuous sensors involved with location based services (LBSs) and GPS location data. Such vulnerabilities include user privacy awareness, ride-hailing services (RHS), side-channel attacks, and white-box and black-box attacks. We will then evaluate these vulnerabilities on the application AbuserGPS, then review and propose different defense strategies to combat these vulnerabilities within the operating system such as the Location-Privacy Preserving Mechanisms (LPPMs), the ASM framework, and MATRIX. i Table of Contents List of Figures…………………………………………………………………………………...iii ​ Acknowledgements……………………………………………………………………………...iv ​ Chapter 1: Introduction………………………………………………………………………....1 ​ Chapter 2: Android Background……………………………………………………………….3 ​ Chapter 3: Android Vulnerabilities…………………………………………………………….8 ​ 3.1 Description of Vulnerabilities……………………………………………………….8 ​ 3.2 Vulnerability Study AbuserGPS……....………...………………………………...11 ​ Chapter 4: Evaluation………………………………………………………………………….15 ​ 4.1 Research on Android Security Mechanisms……….……………………….……..15 ​ 4.2 Proposed Security Mechanisms………………………………………...………….18 ​ 4.3 Candidate Security Experiments…………………………………………………..23 ​ 4.4 Android 11 Location Privacy……………………………………………………....24 ​ Chapter 5: Conclusion………………………………………………………………………….27 ​ References……………………………………………………………………………………….28 ​ ii List of Figures Figure 1: AOSP’s directory structure…………………………………………………………….3 ​ Figure 2: getLastKnownLocation function in LocationManger………………………………….5 ​ Figure 3: Establishing location permissions for AbuserGP………………………..……………11 ​ Figure 4: User’s point of view when accepting permission request from AbuserGPS ​ application………………………………………………………………………………………..12 Figure 5: onCreate function which continuously requests location……...……………………...13 ​ Figure 6: Location Data being received by AbuserGPS………………………………………...13 ​ Figure 7: Modified onLocationChanged function in AbuserGPS………………………………20 ​ Figure 8: Location data received by modified AbuserGPS……………………………………..20 ​ Figure 9: getLastKnownLocation in LocationManagerService………………………………....22 ​ Figure 10: Modified _getLastKnownLocationLocked in LocationManagerService…..………..22 ​ iii Acknowledgments I want to thank Professor Trent Jaeger for his guidance throughout the entire research process as well as the invaluable advice he provided. I would also like to thank Yu Tsung Lee, a graduate student at Penn State University, for sharing his knowledge on the involved concepts and providing valuable feedback. I would also like to thank both of my parents, Valerijus Drozdovas and Vilma Drozdovas, for supporting me mentally and financially throughout my education. Your inspiring words always motivated me to push myself harder. Finally, I would like to thank my friends who supported me throughout the process, ensuring that I always took care of myself throughout this process as well as shared knowledge on subjects that they were knowledgeable in. Thank you for keeping me sane throughout this whole process! iv Chapter 1: Introduction Android is currently the most popular operating system deployed for mobile devices. With over 2.5 billion monthly active Android devices [1], Android has become one of the most common interfaces for users to interact with digital services, specifically mobile applications. Most modern day Android devices are equipped with a variety of sophisticated sensors. Although these sensors improve the user’s interaction with mobile applications, they can also pose significant threats to the user’s privacy. As many applications value their security and privacy, Android as an OS needs to be able to ensure that privacy is ensured to both users as well as the developers. In order to ensure this privacy to all parties, Android is based on a multi-party consent model. In other words, “an action should only happen if all involved parties consent to it” [2]. ​ ​ The parties involved are the platform, user, and developer. If either the platform, user, or developer do not consent to a specific action, the action cannot be completed. This ensures that no application has permission to perform an operation that would impact other applications, the operating system, or the user. The developer must explicitly request in the application that they are requesting a specific permission in the Android Manifest file, or AndroidManifest.xml [3]. Then, the user will be prompted to either allow the permission request to follow through or deny the request. In this paper, we will mainly be focusing on location-based permissions. There are two different types of location access. The first type of location access is foreground location and the second type of location access is background location. Foreground location is used when an application only needs to share or receive location information only once or for some defined amount of time [4]. This feature is particularly useful for navigation applications or messaging applications, when a user may need to share their current location. Background location is used if an application is constantly sharing a location with other users or if the application is using the Geofencing API, which compares the user’s current location to the user’s proximity to specific locations [4]. This feature is particularly useful with a family location sharing application or for specific IoT applications. However, when requesting this 1 permission in the application’s manifest file, the developer will need to be specific on what kind of location permissions the developer is requesting. There are three different types of location permissions that may be deemed necessary to define in the application’s manifest file depending on the type of location access the application requires. These three types of location permissions are ACCESS_COARSE_LOCATION, ACCESS_FINE_LOCATION, and ACCESS_BACKGROUND_LOCATION. ACCESS_COARSE_LOCATION will provide the user’s location to within roughly a city block. ACCESS_FINE_LOCATION will provide a more accurate location compared to ACCESS_COARSE_LOCATION. One of these two types of location permissions must be defined when using foreground location, depending on the usage of the location data. However, if the application is intending to run using background location access, the developer will also need to request the ACCESS_BACKGROUND_PERMISSION permission within the application’s manifest file. Requesting this permission will not give you the location access though, you will still need to request either ACCESS_FINE_LOCATION or ACCESS_COARSE_LOCATION [4]. In this paper, we will be highlighting Android vulnerabilities used to abuse permission assignment for continuous sensors, specifically in this case, sensors involved with location based services (LBSs) and GPS location data. We will also be providing a defense strategy that most Google Play Store applications will comply with, as well as reviewing other existing defense strategies, in order to prevent such vulnerabilities. There is a complementary security feature provided by Google called Google Play Protect (GPP), which is Google’s built-in malware protect for Android. This security feature is backed by Google’s machine learning algorithms, so it is continuously improving [5]. This feature is out of scope for this paper. However, it is important to point out that Google Play does require that new apps and app updates target a recent Android API level, allowing Android to remove APIs which can be abused or that have had security issues [6]. In the following, we will first define the AOSP (Android Open Source Project) structure as well as the Android security and privacy principles and the basis of the Android Security model. Then, we will review different Android vulnerabilities which are used to abuse permission assignment for continuous sensors. Finally, I will speak on a possible defense strategy as well by manipulating an application titled AbuserGPS. 2 Chapter 2: Android Background Before we can introduce the Android vulnerabilities, it is important to understand the AOSP structure, Android’s privacy and security principles, as well as the Android security model. AOSP Structure The Android Open Source Project, or AOSP, is an “open source operating system for mobile devices and a corresponding open source project led by Google” [7]. This open source project allows developers to create a custom variant of the Android OS, while ensuring that devices are still meeting compatibility requirements and therefore ensuring a healthy and stable environment for users. However, when you first download the AOSP, you will find that there are multiple directories,
Load more

Recommended publications
  • A Fine-Grained Spatial Cloaking Scheme for Privacy-Aware Users in Location-Based Services
    A Fine-Grained Spatial Cloaking Scheme for Privacy-Aware Users in Location-Based Services Ben Niu∗, Qinghua Li†, Xiaoyan Zhu∗ and Hui Li∗ ∗National Key Laboratory of Integrated Networks Services, Xidian University, China †Department of Computer Science and Computer Engineering, University of Arkansas, AR, USA ∗[email protected], †[email protected], ∗{xyzhu, lihui}@mail.xidian.edu.cn Abstract—In Location-Based Services (LBSs) mobile users technique is very popular and can be deployed to real smart- submit location-related queries to the untrusted LBS server phones easily. Such schemes either minimize the cloaking to get service. However, such queries increasingly induce pri- region [8], [7] to reduce the system overhead, or maximize vacy concerns from mobile users. To address this problem, we propose FGcloak, a novel fine-grained spatial cloaking scheme the cloaking region [9], [14], [16] to provide better privacy. for privacy-aware mobile users in LBSs. Based on a novel use In trusted anonymization server-based schemes, a query is of modified Hilbert Curve in a particular area, our scheme submitted to the LBS server via a trusted third-party server effectively guarantees k-anonymity and at the same time provides (e.g., location anonymizer [4], [6]), which enlarges the queried σ larger cloaking region. It also uses a parameter for users location into a bigger cloaking region covering k − 1 other to make fine-grained control on the system overhead based on the resource constraints of mobile devices. Security analysis and users to achieve k-anonymity. In this way, the untrusted LBS empirical evaluation results verify the effectiveness and efficiency server cannot identify the user’s real location.
    [Show full text]
  • A Survey on Potential Privacy Leaks of GPS Information in Android Applications
    UNLV Theses, Dissertations, Professional Papers, and Capstones May 2015 A Survey on Potential Privacy Leaks of GPS Information in Android Applications Srinivas Kalyan Yellanki University of Nevada, Las Vegas Follow this and additional works at: https://digitalscholarship.unlv.edu/thesesdissertations Part of the Library and Information Science Commons Repository Citation Yellanki, Srinivas Kalyan, "A Survey on Potential Privacy Leaks of GPS Information in Android Applications" (2015). UNLV Theses, Dissertations, Professional Papers, and Capstones. 2449. http://dx.doi.org/10.34917/7646102 This Thesis is protected by copyright and/or related rights. It has been brought to you by Digital Scholarship@UNLV with permission from the rights-holder(s). You are free to use this Thesis in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s) directly, unless additional rights are indicated by a Creative Commons license in the record and/ or on the work itself. This Thesis has been accepted for inclusion in UNLV Theses, Dissertations, Professional Papers, and Capstones by an authorized administrator of Digital Scholarship@UNLV. For more information, please contact [email protected]. A SURVEY ON POTENTIAL PRIVACY LEAKS OF GPS INFORMATION IN ANDROID APPLICATIONS By Srinivas Kalyan Yellanki Bachelor of Technology, Information Technology Jawaharlal Nehru Technological University, India 2013 A thesis submitted in partial fulfillment
    [Show full text]
  • Location Sharing Without the Central Server. a Peer-To-Peer Model for Location Sharing Services
    Location sharing without the central server. A peer-to-peer model for location sharing services Dmitry Namiot Lomonosov Moscow State University Faculty of Computational Math and Cybernetics Moscow, Russia e-mail: [email protected] Abstract — This paper describes a new model for sharing often implicitly located in order to provide communication location info for mobile users. This approach can operate services (for example, route phone calls). without the need for disclosing identity info to third party Some papers mentioned also so-called unintended servers. It could be described as a safe location sharing model. recipients [3]. For example, we can mention accidental The proposed approach creates a special form of distributed recipient, illegal recipient and law enforcement. database that splits location info and identity information. In Interesting also, that in the most cases talking about LBS this distributed data store identity info is always saved locally. we assume that for a given system, the infrastructure It eliminates one of the main concerns with location-based provider needs to be trusted. In other words the need for systems – privacy. This paper describes a model itself as well as sharing location data with infrastructure providers is non- its implementation in the form of HTML5 mobile web discussable. application. In the most cases location sharing is implemented as the Keywords-lbs;mobile;HTML5;geo-coding;location sharing. ability for the mobile user (mobile phone owner) write down own location info in the some special place (special mobile application). I. INTRODUCTION But it means of course, that user must be registered in this service (download some special application).
    [Show full text]
  • Cloak and Swagger: Understanding Data Sensitivity Through the Lens of User Anonymity
    Cloak and Swagger: Understanding Data Sensitivity Through the Lens of User Anonymity Sai Teja Peddinti∗, Aleksandra Korolova†, Elie Bursztein†, and Geetanjali Sampemane† ∗Polytechnic School of Engineering, New York University, Brooklyn, NY 11201 Email: [email protected] †Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043 Email: korolova, elieb, [email protected] Abstract—Most of what we understand about data sensitivity In this work we explore whether it is possible to perform is through user self-report (e.g., surveys); this paper is the first to a large-scale behavioral data analysis, rather than to rely on use behavioral data to determine content sensitivity, via the clues surveys and self-report, in order to understand what topics that users give as to what information they consider private or sensitive through their use of privacy enhancing product features. users consider sensitive. Our goal is to help online service We perform a large-scale analysis of user anonymity choices providers design policies and develop product features that during their activity on Quora, a popular question-and-answer promote user engagement and safer sharing and increase users’ site. We identify categories of questions for which users are more trust in online services’ privacy practices. likely to exercise anonymity and explore several machine learning Concretely, we perform analysis and data mining of the approaches towards predicting whether a particular answer will be written anonymously. Our findings validate the viability of usage of privacy features on one of the largest question-and- the proposed approach towards an automatic assessment of data answer sites, Quora [7], in order to identify topics potentially sensitivity, show that data sensitivity is a nuanced measure that considered sensitive by its users.
    [Show full text]
  • Pethan-HCI-2020.Pdf
    HUMAN–COMPUTER INTERACTION https://doi.org/10.1080/07370024.2020.1760869 Corporate hackathons, how and why? A multiple case study of motivation, projects proposal and selection, goal setting, coordination, and outcomes Ei Pa Pa Pe-Than a, Alexander Nolteb, Anna Filippovac, Christian Birdd, Steve Scallene, and James Herbsleba aInstitute for Software Research, Carnegie Mellon University, Pittsburgh, Pennsylvania, USA; bInstitute for Software Research, Institute of Computer Science, University of Tartu, Tartu, Estonia; cData Science GitHub Inc., San Francisco, California, USA; dEmpirical Software Engineering, Microsoft Research, Redmond, Washington, USA; eMicrosoft Garage, Redmond, Washington, USA ABSTRACT ARTICLE HISTORY Time-bounded events such as hackathons, data dives, codefests, hack-days, Received 12 October 2019 sprints or edit-a-thons have increasingly gained attention from practitioners Revised 22 April 2020 and researchers. Yet there is a paucity of research on corporate hackathons, Accepted 22 April 2020 which are nearly ubiquitous and present significant organizational, cultural, KEYWORDS and managerial challenges. To provide a comprehensive understanding of coordination; time-bounded team processes and broad array of outcomes of corporate hackathons, we event; hackathon; collocated conducted a mixed-methods, multiple case study of five teams that parti- work; team familiarity; goal cipated in a large scale corporate hackathon. Two teams were “pre-existing” setting; mixed-methods; case teams (PETs) and three were newly-formed “flash” teams (FTs). Our analysis study revealed that PETs coordinated almost as if it was just another day at the office while creating innovations within the boundary of their regular work, whereas FTs adopted role-based coordination adapted to the hackathon context while creating innovations beyond the boundary of their regular work.
    [Show full text]
  • Location Cloaking for Location Privacy Protection and Location Safety Protection Ge Xu Iowa State University
    Iowa State University Capstones, Theses and Graduate Theses and Dissertations Dissertations 2010 Location cloaking for location privacy protection and location safety protection Ge Xu Iowa State University Follow this and additional works at: https://lib.dr.iastate.edu/etd Part of the Computer Sciences Commons Recommended Citation Xu, Ge, "Location cloaking for location privacy protection and location safety protection" (2010). Graduate Theses and Dissertations. 11628. https://lib.dr.iastate.edu/etd/11628 This Dissertation is brought to you for free and open access by the Iowa State University Capstones, Theses and Dissertations at Iowa State University Digital Repository. It has been accepted for inclusion in Graduate Theses and Dissertations by an authorized administrator of Iowa State University Digital Repository. For more information, please contact [email protected]. Location cloaking for location privacy protection and location safety protection by Ge (Toby) Xu A dissertation submitted to the graduate faculty in partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY Major: Computer Science Program of Study Committee: Ying Cai, Major Professor Ahmed Kamal Leslie Miller Wallapak Tavanapong Wensheng Zhang Iowa State University Ames, Iowa 2010 ii DEDICATION To my parents and my wife - Without whose love and support I would not have been able to complete this work iii TABLE OF CONTENTS ACKNOWLEDGEMENTS ............................... v ABSTRACT ....................................... vi CHAPTER1. Introduction .............................. 1 CHAPTER2. Relatedwork .............................. 4 2.1 Regulation and policy-based approaches for location dataprotection . 4 2.2 AnonymoususesofLBSs............................ 6 2.3 Non-locationexposureusesofLBS . ... 10 2.4 Trajectoryperturbation . ... 11 2.5 Trajectoryanonymization. ... 12 2.6 Privacy-aware opportunistic sensing and monitoring . ............ 13 2.7 Anonymousroutinginadhocnetworks .
    [Show full text]
  • Hackathons for Libraries and Librarians
    City University of New York (CUNY) CUNY Academic Works Publications and Research John Jay College of Criminal Justice 2016 Hackathons for Libraries and Librarians Robin Camille Davis CUNY John Jay College How does access to this work benefit ou?y Let us know! More information about this work at: https://academicworks.cuny.edu/jj_pubs/81 Discover additional works at: https://academicworks.cuny.edu This work is made publicly available by the City University of New York (CUNY). Contact: [email protected] 1 This is an electronic version (preprint) of an article published in Behavioral and Social Sciences Librarian. The article is available online at http://dx.doi.org/10.1080/01639269.2016.1208561 (subscription required). Full citation: Davis, R. “Hackathons for Libraries and Librarians.” Behavioral & Social Sciences Librarian 35.2 (2016): 87–91. Web. Hackathons for Libraries and Librarians Internet Connection Column Robin Camille Davis Behavioral & Social Sciences Librarian 35.2 Abstract: Hackathons can be ideal opportunities for libraries and librarians to promote new services and tools. In these social events, attendees form teams and work on a project together within a given time limit. This article explains hackathons, provides a brief history, and details how libraries and librarians can get involved. Similar event structures, like hack days and edit-a-thons, are also considered. When I told a friend recently that I was going to participate in a hackathon, she looked surprised and asked, “What are you hacking into?” She assumed it was an information security event. The word hack has taken on multiple meanings, so her guess wasn’t absurd.
    [Show full text]
  • User Density and Spanal Cloaking Algorithm
    QUICK DESIGN GUIDE QUICK TIPS (--THIS SECTION DOES NOT PRINT--) User Density and SpaNal Cloaking Algorithm SelecNon: (--THIS SECTION DOES NOT PRINT--) This PowerPoint 2007 template produces a 36”x48” professional poster. Improving Privacy ProtecNon of Mobile Users This PowerPoint template requires basic PowerPoint It will save you valuable time placing titles, subtitles, text, and (version 2007 or newer) skills. Below is a list of graphics. MaBhew Chan, Computer Info. Sys. Dept, Boro of ManhaBan Comm. College, CUNY commonly asked questions specific to this template. Hassan Elsherbini, Department of Computer Science, College of Staten Island, CUNY If you are using an older version of PowerPoint some Use it to create your presentation. Then send it to Xiaowen Zhang, Department of Computer Science, College of Staten Island, CUNY template features may not work properly. PosterPresentations.com for premium quality, same day affordable printing. Using the template ABSTRACT We provide a series of online tutorials that will guide you through the poster design process and answer your poster production questions. Verifying the quality of your graphics Data sharing and privacy protection of mobile users have always been a challenge Go to the VIEW menu and click on ZOOM to set your View our online tutorials at: to research and development, as well as commercial and enterprise deployment of preferred magnification. This template is at 100% the size of the final poster. All text and graphics will http://bit.ly/Poster_creation_help the Global Positioning System (GPS) and location-based mobile applications. The (copy and paste the link into your web browser). be printed at 100% their size.
    [Show full text]
  • Universal Location Referencing and Homomorphic Evaluation of Geospatial Query
    1 Universal Location Referencing and Homomorphic Evaluation of Geospatial Query Asma Aloufi, Peizhao Hu, Hang Liu, and Sherman S. M. Chow Abstract—Location data is an important piece of contextual information in location-driven features for geosocial and pervasive computing applications. In this paper, we propose to geo-hash locations using space-filling curves, which are dimension reduction techniques that preserve locality. The proposed location referencing method is agnostic to specific maps or precoded location models and can effectively preserve users’ location privacy based on user preferences. We employ post-quantum-secure encryption on location data and privacy preferences to minimize the risk of data leakage. We also design three algorithms to homomorphically compute geospatial queries on the encrypted location data without revealing either user locations or user preferences. One of the three proposed algorithms reduces the multiplicative depth by more than half; thus, significantly speeding up homomorphic computations. We then present a prototype of the proposed system and algorithms using a somewhat homomorphic encryption scheme and our optimization techniques. A systematic evaluation of the prototype demonstrates its utility in spatial cloaking. Index Terms—Location privacy, Geohashing, Spatial cloaking, Homomorphic encryption F 1 INTRODUCTION location of identification [11], and solutions based on statisti- cal privacy, which obfuscate location data but allow statistical Location data is an enabler in location-based services (LBS) computation [12]. A trusted server is required in many of these and applications (apps), such as social network apps and dating solutions to perform anonymization, obfuscation, or resolution apps [1], [2]. The position of a user or the user’s proximity to reduction via spatial cloaking [13], [14].
    [Show full text]
  • Spatial Cloaking Algorithm for Location Privacy Preservation
    International Journal of Scientific & Engineering Research, Volume 5, Issue 4, April-2014 619 ISSN 2229-5518 Spatial Cloaking algorithm for location privacy preservation. Suchita R. Shastry, Dr. A. B. Bagwan, Department of Computer Engineering, University of Pune. Abstract -Location based Servers (LBS) include services to identify a location also responsible for answering the queries, may disclose user’s sensitive information. Mobile users expect to access services relevant to their locations, and also want preserve their privacy without disclosing their exact location. The spatial cloaking method provides way the where the location of the user get blurred. Location Anomymizing Server (LAS) is trusted third party which cloaks the user’s location and sends to LBS. Peer to peer network (P2P), communication between the peers becomes time consuming and communication overhead. In this paper we have proposed the method where instead of communicating with peers, user directly communicates with LBS. Also mobile client is directly communicating with LBS without the interference of third party trusted server, location Anonymizing server (LAS). In this paper, we have presented two algorithms where first algorithm which where the LBS provide the direct list of in ascending order. The second algorithm for query processing generates the region of different shapes. Hence adversary cannot disclose the user’s exact location. Index terms -Location Based Service (LBS), Location Anonymizing Server (LAS), Privacy Preserving, Spatial Cloaking, k- anonymity. — — — — — — — — — — — — — — — — — — — 1. INTRODUCTION Wi-Fi access points. A LBS database server provides 1.1 Location Based Services tailored and personalized services to users in GPS-enabled mobile phones and palm-tops, has lead to accordance with their precise location information.
    [Show full text]
  • Public Comments on the Second Draft of NIST Special Publication 800-52
    Public Comments on the Second Draft of NIST Special Publication 800-52 Revision 2, Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations (October 15, 2018) Originally Posted: 12/4/2018 Correction Posted: 3/6/2019 NIST received the following public comments on the Second Draft of Special Publication 800- 52 Revision 2, Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations (October 2018). These public comments were received by the November 16, 2018 deadline. From James DeRienzo: Greetings: Consider highlighting the modal auxiliary verbs besides shall, shall not, should and should not. Consider using highlighting instead of boldface type. The highlight legend can indicate model auxiliary verb expression: [The following illustrations were provided by the commenter without attribution.] At some point, you have to draw the line in the sand: Volition will will not shall shall not would would not should should not Recommendations or suggestions: should should not ought to have to A possibility: might, might not, could, could not, A strong possibility: may, may not, An obligation: must, must not An ability or inability: can, cannot, Probability must might can't can cannot should ought to Permission can cannot could may might Advice should ought to might shall Obligation ought to must have to Need Need not Had better Be able to From James DeRienzo: To improve the retention of information, provide an appendix containing a qualitative analysis of action statements by role in structured format. Yes, this requires a significant amount effort to tag the data, scrub the data and convert it into structured format, but others wll find the information more useful, such as finding policy and technology gaps in their own policy.
    [Show full text]
  • Openstreetmap Kerala.Pdf
    OpenStreetMap Naveen Francis Digital Humanitarian What is it? OpenStreetMap (OSM) Not software It's a collaborative project to create a free & editable map of the world. The Wikipedia of Cartography Anyone can contribute www.openstreetmap.org What is it? Open Geo Data There are many “free” basemaps, Google, Here, Bing, MapmyIndia... These only give limited rights of use OSM gives users rights to any kind of reproduction or processing Open Data Commons Open Database License (ODbL) Methodology People, like you and me, gather location data across the globe from a variety of sources such as: Digitizing against free satellite imagery Recordings from GPS devices Public domain data This information then gets uploaded to OpenStreetMap's central database from where it can be further modified, corrected and enriched by anyone who notices missing facts or errors about the area. All OSM users have a stake in having accurate data. If one person puts in inaccurate data, maliciously or accidentally, the other 99.9% of people can check it, fix it, or get rid of it. The Map In India, a death occurs every 3.5 minutes due to road accidents Road Data • National Highways accounted for 30.4 per cent of total road accidents and 36.0 per cent of deaths in 2017. • Accidents on State Highways constitute 25 per cent. In case of fatality, State Highways has accounted for 26.9 per cent. • 63% people die on NH/SH. NH/SH - 3 lakhs kms State Highway Mapping https://en.wikipedia.org/wiki/List_of_state_highways_in_Kerala National Highway Mapping https://en.wikipedia.org/wiki/National_Highway_(India)
    [Show full text]