Abstract
This paper presents a new privacy negotiation mechanism for an IoT environment that is both efficient and practical to cope with the IoT special need of seamlessness. This mechanism allows IoT users to express and enforce their personal privacy preferences in a seamless manner while interacting with IoT deployments. A key contribution of the paper is that it addresses the privacy concerns of individual users as well as a group of users where privacy preferences of all individual users are combined into a group privacy profile to be negotiated with the IoT owner. In addition, the proposed mechanism satisfies the privacy requirements of the IoT deployment owner. Finally, the proposed privacy mechanism is agnostic to the actual IoT architecture and can be used over a user-managed, edge-managed or a cloud-managed IoT architecture. Prototypes of the proposed mechanism have been implemented for each of these three architectures, and the results show the capability of the protocol to negotiate privacy while adding insignificant time overhead.
Similar content being viewed by others
References
Alanezi, K. and Mishra, S. A privacy negotiation mechanism for the internet of things. In 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), pages 512 519. IEEE, 2018.
Alanezi, K., Rafiq, R. I., Chen, L., and Mishra, S. Leveraging ble and social trust to enable mobile in situ collaborations. In Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, page 98. ACM, 2017.
Bluetooth SIG. Bluetooth Core Specification 5.0 FAQ, 2016. URL https://www.mouser.com/pdfdocs/bluetooth-5-faq.pdf. [Accessed 27 Dec 2020].
Broenink, G., Hoepman, J.-H., Hof, C. v., Van Kranenburg, R., Smits, D., and Wisman, T. The privacy coach: Supporting customer privacy in the internet of things. arXiv preprint arXiv: 1001.4459, 2010.
Oracle Corporation. Oracle java message service (jms) interface, 2012. URL https://docs.oracle.com/cd/B19306_01/server.102/b14257/jm_create.htm. [Accessed 8 July 2019].
Cranor, L. Web privacy with P3P. " O’Reilly Media,Inc.", 2002.
Das, A., Degeling, M., Wang, X., Wang, J., Sadeh, N., and Satyanarayanan, M. Assisting users in a world full of cameras: A privacy-aware infrastructure for computer vision applications. In 2017 IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW), pages 1387 1396. IEEE, 2017.
Davies, N., Taft, N., Satyanarayanan, M., Clinch, S., and Amos, B. Privacy mediators: Helping iot cross the chasm. In Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications, pages 39 44. ACM, 2016.
Docker, Inc. Docker containers, 2013. URL https://www.docker.com/. [Accessed 27 Dec 2020].
Dorri, A., Kanhere, S. S., Jurdak, R., and Gauravaram, P. Blockchain for iot security and privacy: The case study of a smart home. In 2017 IEEE international conference on pervasive computing and communications workshops (PerCom workshops), pages 618 623. IEEE, 2017.
Dragoni N, Giallorenzo S, Lafuente AL, Mazzara M, Montesi F, Mustafin R, Safina L (2017) Microservices: yesterday, today, and tomorrow. In: Present and ulterior software engineering. Springer, pp 195–216
Emami Naeini P, Degeling M, Bauer L, Chow R, Cranor LF, Haghighat MR, Patterson H (2018) The influence of friends and experts on privacy decision making in IoT scenarios. Proc ACM Hum Comput Interact 2:1–26
Fogues RL, Murukannaiah PK, Such JM, Singh MP (2017) Sosharp: Recommending sharing policies in multiuser privacy scenarios. IEEE Internet Comput 21(6):28–36
Henze, M., Hermerschmidt, L., Kerpen, D., H u ling, R., Rumpe, B., and Wehrle, K. User-driven privacy enforcement for cloud-based services in the internet of things. In 2014 International Conference on Future Internet of Things and Cloud, pages 191 196. IEEE, 2014.
Hu H, Ahn G-J, Jorgensen J (2012) Multiparty access control for online social networks: model and mechanisms. IEEE Trans Knowl Data Eng 25(7):1614–1627
IEEE Working Group for WLAN Standards. IEEE Publishes 802.11ah-2016 Standard Amendment, 2017. URL https://standards.ieee.org/standard/802_11ah-2016.html. [Accessed Dec 27th, 2020].
Lampinen, A., Lehtinen, V., Lehmuskallio, A., and Tamminen, S. We’re in it together: interpersonal management of disclosure in social network services. In Proceedings of the SIGCHI conference on human factors in computing systems, pages 3217 3226. ACM, 2011.
Min M, Wan X, Xiao L, Chen Y, Xia M, Wu D, Dai H (2018) Learning-based privacy-aware offloading for healthcare iot with energy harvesting. IEEE Internet Things J 6(3):4307–4316
Mittelstadt B (2017) From individual to group privacy in big data analytics. Philos Technol 30(4):475–494
Naeini, P. E., Bhagavatula, S., Habib, H., Degeling, M., Bauer, L., Cranor, L. F., and Sadeh, N. Privacy expectations and preferences in an IoT world. In Thirteenth Symposium on Usable Privacy and Security SOUPS 2017, pages 399 412, 2017.
Pratama, A. R., Hidayat, R., et al. Smartphone-based pedestrian dead reckoning as an indoor positioning system. In 2012 International Conference on System Engineering and Technology (ICSET), pages 1 6. IEEE, 2012.
Preibusch, S. Implementing privacy negotiations in e-commerce. In Asia-Pacific Web Conference, pages 604 615. Springer, 2006.
Satyanarayanan M (2017) The emergence of edge computing. Computer 50(1):30–39
Squicciarini, A. C., Shehab, M., and Paci, F. Collective privacy management in social networks. In Proceedings of the 18th international conference on World wide web, pages 521 530. ACM, 2009.
Stankovic JA (2014) Research directions for the internet of things. IEEE Internet Things J 1(1):3–9
Such JM, Criado N (2016) Resolving multi-party privacy conflicts in social media. IEEE Trans Knowl Data Eng 28(7):1851–1863
Such JM, Rovatsos M (2016) Privacy policy negotiation in social media. ACM Trans Auton Adapt Syst (TAAS) 11(1):4
The Eclipse Foundation. Eclipse kura, 2018. URL https://www.eclipse.org/kura/. [Accessed Dec 27th, 2020].
Thomas, K., Grier, C., and Nicol, D. M. unfriendly: Multi-party privacy risks in social networks. In International Symposium on Privacy Enhancing Technologies Symposium, pages 236 252. Springer, 2010.
Wyatt, D., Choudhury, T., and Bilmes, J. Conversation detection and speaker segmentation in privacy-sensitive situated speech data. In Eighth Annual Conference of the International Speech Communication Association, 2007.
Ziegeldorf JH, Morchon OG, Wehrle K (2014) Privacy in the internet of things: threats and challenges. Secur Commun Netw 7(12):2728–2742
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Alanezi, K., Mishra, S. Incorporating individual and group privacy preferences in the internet of things. J Ambient Intell Human Comput 13, 1969–1984 (2022). https://doi.org/10.1007/s12652-021-02959-7
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-021-02959-7