2 research outputs found
Permissão para partilha seletiva em ambientes IoT
The increasing use of smart devices for monitoring spaces has caused an increase
in concerns about the privacy of users of these spaces. Given this problem, the
legislation on the right to privacy has been worked to ensure that the existing
laws on this subject are sufficiently comprehensive to preserve the privacy of users.
In this way, research on this topic evolves in the sense of creating systems that
ensure compliance with these laws, that is, increase transparency in the treatment
of user data. In the context of this dissertation, a demonstrator-based strategy
is presented to provide users control over their stored data during the temporary
use of an intelligent environment. In addition, this strategy includes transparency
guarantees, highlights the right to forgetting, provides the ability to consent and
proof of that consent. A strategy for privacy control in such environments is also
mentioned in this paper. This dissertation was developed within the CASSIOPEIA
project where the case study focuses on the SmartBnB problem where a user rents
a smart home for a limited time. This paper presents the developed system that
ensures the user’s privacy and control over their data.O uso crescente de dispositivos inteligentes para monitorização de espaços tem
provocado um aumento das preocupações sobre a privacidade dos utilizadores destes
espaços. Face a este problema, a legislação sobre o direito à privacidade tem
sido trabalhada de forma a garantir que as leis existentes sobre este tema são
suficientemente abrangentes para preservar a privacidade dos utilizadores. Desta
forma, a investigação neste tópico evolui no sentido de criar sistemas que garantam
o cumprimento destas leis, ou seja aumentam a transparência no tratamentos dos
dados dos utilizadores. No contexto desta dissertação, é apresentada uma estratégia
baseado num demonstrador para fornecer um controlo ao utilizador sobre os
seus dados armazenados durante a utilização temporária de um ambiente inteligente.
Para além disso, esta estratégia inclui garantias de transparência, evidencia
o direito ao esquecimento, fornece a capacidade de consentimento e prova desse
consentimento. É também mencionada neste documento uma estratégia para um
controlo de privacidade neste tipo de ambientes. Esta dissertação foi desenvolvida
no âmbito do projeto CASSIOPEIA onde o caso de estudo se foca no SmartBnB
problem onde um utilizador arrenda uma casa inteligente durante um tempo limitado.
Este documento apresenta o sistema desenvolvido que garante a privacidade
e controlo do utilizador sobre os seus próprios dados.This work is partially funded by NGI Trust, with number 3.85, Pro-ject CASSIOPEIA.Mestrado em Engenharia de Computadores e Telemátic
Effective authorization for the Web of Things
The momentum gained by the Internet of Things (IoT) has lead technology to be sufficiently mature to finally reach the market. The expectations and concerns of users around new products are primarily related to the possibility to interact with things in a seamless and effective way and, above all, to do so securely. Within this context, the main pillars required to support a sustainable and practical IoT are: interoperability, discoverability, and authorization. Based on the concepts and experience gained with the traditional Internet, the Web of Things (WoT) paradigm is chartered to address the former two issues. However, fast-developed and simplistic vertical approaches, due to the rush to launch IoT products, have not considered authorization adequately. Access to smart objects typically occurs through product-bound Cloud platforms, which mediate between vendor-specific smartphone apps and objects. Notwithstanding, effective mechanisms to manage authorized access to resources are required to really make simple and safe to use and share things. In this paper, we propose a standard-based authorization framework for WoT applications, which allows to effectively enforce fine-grained access policies to authorized parties. An implementation is presented to highlight the simplicity of the proposed approach and the benefits that it can introduce