Towards a Security, Privacy, Dependability, Interoperability Framework for the Internet of Things

A popular application of ambient intelligence systems constitutes of assisting living services on smart buildings. As intelligence is imported in embedded equipment, the system becomes able to provide smart services (e.g. control lights, airconditioning, provide energy management services etc.). IoT is the main enabler of such environments. However, the interconnection of these cyber-physical systems and the processing of personal data raise serious security and privacy issues. In this paper we present a framework that can guarantee Security, Privacy, Dependability and Interoperability (SPDI) in IoT. Taking advantage of the underlying IoT deployment, the proposed framework not only implements the requested smart functionality but also provide modelling and administration that can guarantee those SPDI properties. Moreover, we provide an application example of the framework in a smart building scenario

Privacy in Internet of Things: A Model and Protection Framework

AbstractA new form of computation is being evolved to include massive number of diverse set of conventional computing systems, sensors, devices, equipments, software and information services and apps. This new form of computing environment is known as the “Internet-of-Things” (IoT). The adoption of IoT is fast and the “things” are becoming integral part of people day-to-day life as well as essential elements in the businesses everyday activities and processes. Open characteristics of IoT environments raises privacy concern as “things” are autonomous with some degree of authority to sharing their capabilities and knowledge to fulfil their individual or collective tasks. As such privacy becomes central and an inherit computational aspect of the “things”. The work presented here is based on modelling IoT as Cooperative Distributed Systems (CDS). It proposes a novel approach of analysing and modelling privacy concepts and concerns. Privacy protection is captured as a form of “sensitive information” management at the interaction level. A privacy protection management framework for CDS at the interaction level is proposed. The application of the framework has been demonstrated by extending Contract Net Protocol (CNP) to support privacy protection for CDS

A Flexible Privacy-preserving Framework for Singular Value Decomposition under Internet of Things Environment

The singular value decomposition (SVD) is a widely used matrix factorization tool which underlies plenty of useful applications, e.g. recommendation system, abnormal detection and data compression. Under the environment of emerging Internet of Things (IoT), there would be an increasing demand for data analysis to better human's lives and create new economic growth points. Moreover, due to the large scope of IoT, most of the data analysis work should be done in the network edge, i.e. handled by fog computing. However, the devices which provide fog computing may not be trustable while the data privacy is often the significant concern of the IoT application users. Thus, when performing SVD for data analysis purpose, the privacy of user data should be preserved. Based on the above reasons, in this paper, we propose a privacy-preserving fog computing framework for SVD computation. The security and performance analysis shows the practicability of the proposed framework. Furthermore, since different applications may utilize the result of SVD operation in different ways, three applications with different objectives are introduced to show how the framework could flexibly achieve the purposes of different applications, which indicates the flexibility of the design.Comment: 24 pages, 4 figure

The RFID PIA – developed by industry, agreed by regulators

This chapter discusses the privacy impact assessment (PIA) framework endorsed by the European Commission on February 11th, 2011. This PIA, the first to receive the Commission's endorsement, was developed to deal with privacy challenges associated with the deployment of radio frequency identification (RFID) technology, a key building block of the Internet of Things. The goal of this chapter is to present the methodology and key constructs of the RFID PIA Framework in more detail than was possible in the official text. RFID operators can use this article as a support document when they conduct PIAs and need to interpret the PIA Framework. The chapter begins with a history of why and how the PIA Framework for RFID came about. It then proceeds with a description of the endorsed PIA process for RFID applications and explains in detail how this process is supposed to function. It provides examples discussed during the development of the PIA Framework. These examples reflect the rationale behind and evolution of the text's methods and definitions. The chapter also provides insight into the stakeholder debates and compromises that have important implications for PIAs in general.Series: Working Papers on Information Systems, Information Business and Operation

Privacy in Cooperative Distributed Systems: Modeling and Protection Framework

A new form of computation is emerging rapidly with cloud computing, mobile computing, wearable computing and the Internet-of-Things. All can be characterized as a class of “Cooperative Distributed Systems” (CDS) in open environment. A major driver of the growth is the exponential adoption by people and organizations within all aspects of their day-to-day matters. In this context, users’ requirements for privacy protection are becoming essential and complex beyond the traditional approaches. This requires a formal treatment of “privacy” as a fundamental computation concept in CDS paradigm. The objective is to develop a comprehensive formal model for “privacy” as base to build a CDS based framework and platform in which various applications allow users to enjoy the comprehensive services in open environments while protecting their privacy seamlessly. To this end, this thesis presents a novel way of understudying, modeling and analyzing privacy concerns in CDS. A formal foundations and model of privacy is developed within the context of information management. This served as a base for developing a privacy protection management framework for CDS. It includes a privacy-aware agent model for CDS platform with the ability to support interaction-based privacy protection. The feasibility of the proposed models has been demonstrated by developing an agent-based CDS platform using JIAC framework and a privacy-based Contract Net Protocol. It also included the application scenarios for the framework for privacy protection is Internet-of-Tings, cloud-based resource scheduling and personal assistance

Privacy and the emerging Internet of Things

Conference paper from the Pacific Telecommunications Council Annual Conference (2012).The Internet of Things is an emerging global infrastructure that employs wireless sensors to collect, store, and exchange data. Increasingly, applications for marketing and advertising have been articulated as a means to enhance the consumer shopping experience, in addition to improving efficiency. However, privacy advocates have challenged the mass aggregation of personally-identifiable information in databases and geotracking, the use of location-based services to identify one’s precise location over time. This paper employs the framework of contextual integrity related to privacy developed by Nissenbaum (2010) as a tool to understand citizens in Hawaii’s response to specific implementations of Internet of Things-related technologies. The purpose of the study was to identify and understand specific changes in information practices that will be brought about by the Internet of Things that may be perceived as privacy violations. Specifically, what changes in actors, attributes, and transmission principle related to the Internet of Things can be identified, and what do these reveal about underlying norms? Eight citizens were interviewed, read a scenario of near-term Internet of Things implementations in the supermarket, and were asked to reflect on changes in the key actors involved, information attributes, principles of transmission. Areas where new practices occur with the Internet of Things were then highlighted as potential problems (privacy violations). Issues identified included the mining of medical data, invasive targeted advertising, and loss of autonomy through marketing profiles or personal affect monitoring. While there were numerous aspects deemed desirable by the participants, some developments appeared to tip the balance between consumer benefit and corporate gain. Their surveillance power creates an imbalance between the consumer and the corporation that may also impact individual autonomy. The policy implications of these findings are discussed

A Federated Filtering Framework for Internet of Medical Things

Based on the dominant paradigm, all the wearable IoT devices used in the healthcare sector also known as the internet of medical things (IoMT) are resource constrained in power and computational capabilities. The IoMT devices are continuously pushing their readings to the remote cloud servers for real-time data analytics, that causes faster drainage of the device battery. Moreover, other demerits of continuous centralizing of data include exposed privacy and high latency. This paper presents a novel Federated Filtering Framework for IoMT devices which is based on the prediction of data at the central fog server using shared models provided by the local IoMT devices. The fog server performs model averaging to predict the aggregated data matrix and also computes filter parameters for local IoMT devices. Two significant theoretical contributions of this paper are the global tolerable perturbation error (${To{l_F}}$) and the local filtering parameter ($\delta$); where the former controls the decision-making accuracy due to eigenvalue perturbation and the later balances the tradeoff between the communication overhead and perturbation error of the aggregated data matrix (predicted matrix) at the fog server. Experimental evaluation based on real healthcare data demonstrates that the proposed scheme saves upto 95\% of the communication cost while maintaining reasonable data privacy and low latency.Comment: 6 pages, 6 Figures, accepted for oral presentation in IEEE ICC 2019, Internet of Things, Federated Learning and Perturbation theor