Knowledge is at the Edge! How to Search in Distributed Machine Learning Models

With the advent of the Internet of Things and Industry 4.0 an enormous amount of data is produced at the edge of the network. Due to a lack of computing power, this data is currently send to the cloud where centralized machine learning models are trained to derive higher level knowledge. With the recent development of specialized machine learning hardware for mobile devices, a new era of distributed learning is about to begin that raises a new research question: How can we search in distributed machine learning models? Machine learning at the edge of the network has many benefits, such as low-latency inference and increased privacy. Such distributed machine learning models can also learn personalized for a human user, a specific context, or application scenario. As training data stays on the devices, control over possibly sensitive data is preserved as it is not shared with a third party. This new form of distributed learning leads to the partitioning of knowledge between many devices which makes access difficult. In this paper we tackle the problem of finding specific knowledge by forwarding a search request (query) to a device that can answer it best. To that end, we use a entropy based quality metric that takes the context of a query and the learning quality of a device into account. We show that our forwarding strategy can achieve over 95% accuracy in a urban mobility scenario where we use data from 30 000 people commuting in the city of Trento, Italy.Comment: Published in CoopIS 201

Data provenance to audit compliance with privacy policy in the Internet of Things

Managing privacy in the IoT presents a significant challenge. We make the case that information obtained by auditing the flows of data can assist in demonstrating that the systems handling personal data satisfy regulatory and user requirements. Thus, components handling personal data should be audited to demonstrate that their actions comply with all such policies and requirements. A valuable side-effect of this approach is that such an auditing process will highlight areas where technical enforcement has been incompletely or incorrectly specified. There is a clear role for technical assistance in aligning privacy policy enforcement mechanisms with data protection regulations. The first step necessary in producing technology to accomplish this alignment is to gather evidence of data flows. We describe our work producing, representing and querying audit data and discuss outstanding challenges.Engineering and Applied Science

A Framework to Navigate the Privacy Trade-offs for Human-Centred Manufacturing

New technological advances can offer personalised and timely services for industry workers. Exoskeletons, HoloLens, Process Mining and Social Knowledge Networks are some of these services offered to workers by the EU HuMan project. These services could alleviate a worker’s physical stress, their cognitive load or provide help based on the knowledge and experiences of their peers. The successful application of several such services depends on the availability of data about a worker’s state, including their performance. This paper focusses on the design of cognitive systems that provide personalised services while respecting a worker’s privacy and the needs of an organisation. We present a framework for supporting privacy by design and the risks, threats and needs of users, organisations and developers.acceptedVersio

IoTFC: A Secure and Privacy Preserving Architecture for Smart Buildings

In the pursuit of cities to be more efficient and responsive, various kind of Internet of Things (IoT) devices, such as actuators and sensors are used. This paper focuses on one specific IoT application - the smart building, and investigates the security and privacy issues in an integrated IoT-fog-cloud (IoTFC) smart building architecture. We consider the surveillance, maintenance, environment, and concierge use cases for smart building, in terms of their characteristics, compatible communication technology, and security and privacy requirements. IoTFC provides a comprehensive solution to the security and privacy challenges of authentication, access control, anomaly detection, data privacy and location privacy. To the best of our knowledge, IoTFC is a novel architecture, as it combines a complete set of light-weight security and privacy solutions suitable for smart buildings

Assessing privacy policies of internet of things services

This paper provides an assessment framework for privacy policies of Internet of Things Services which is based on particular GDPR requirements. The objective of the framework is to serve as supportive tool for users to take privacy-related informed decisions. For example when buying a new fitness tracker, users could compare different models in respect to privacy friendliness or more particular aspects of the framework such as if data is given to a third party. The framework consists of 16 parameters with one to four yes-or-no-questions each and allows the users to bring in their own weights for the different parameters. We assessed 110 devices which had 94 different policies. Furthermore, we did a legal assessment for the parameters to deal with the case that there is no statement at all regarding a certain parameter. The results of this comparative study show that most of the examined privacy policies of IoT devices/services are insufficient to address particular GDPR requirements and beyond. We also found a correlation between the length of the policy and the privacy transparency score, respectively

IoT security, privacy, safety and ethics

The Internet of Things (IoT) represents a revolution of the Internet which can connect nearly all environment devices over the Internet to share their data to create novel services and applications for improving our quality of life. Using cheap sensors, the IoT enables various devices and objects around us to be addressable, recognizable and locatable. Although the IoT brought infinite benefits, it creates several challenges, especially in security and privacy. Handling these issues and ensuring security and privacy for IoT products and services must be a fundamental priority. Users need to trust IoT devices and related services are secure. Moreover, the IoT safety must be considered to prevent the IoT system and its components from causing an unacceptable risk of injury or physical damage and at the same time considering social behaviour and ethical use of IoT technologies to enable effective security and safety. This chapter provides a discussion of IoT security, privacy, safety and ethics. It starts by providing an overview of the IoT system, its architecture and essential characteristics. This is followed by discussing IoT security challenges, requirements and best practices to protect IoT devices. The IoT privacy is also discussed by highlighting various IoT privacy threats and solutions to preserve the privacy of IoT devices. The IoT safety, ethics, the need for the ethical design and challenges encountered are also discussed. In the end, smart cities are introduced as a case study to investigate various security threats and suggested solutions to maintain a good security level in a smart city.N/