IoT Big Data Security and Privacy vs. Innovation

Abstract

In this paper, we address the conflict in the collection, use and management of Big Data at the intersection of security and privacy requirements and the demand of innovative uses of the data. This problem is exaggerated in the context of the Internet of Things (IoT). We propose a three-part decomposition of the design space, in order to clarify requirements and constraints. To reach this final analysis, we begin by clarifying the challenges in the design space: (1) there is little agreement on what is meant by IoT, and in particular the security and privacy implications of different definitions; (2) we then consider the requirement and constraints on the big data that result from various IoT system designs; (3) in parallel, we examine the intricacies of the demand for innovation from the both the legal and economic perspectives. In this context, we then can decompose the set of drivers and objectives for security/privacy of data as well as innovation into (1) the regulatory and social policy context, (2) economic and business context, and (3) technology and design context. By identifying these distinct objectives for the design of IoT Big Data management, we propose that more effective design and control is possible at the intersection of these forces, through an iterative process of review and redesign