Designing privacy-aware internet of things applications

Perera, Charith; Barhamgi, Mahmoud; Bandara, Arosha K.; Ajmal, Muhammad; Price, Bob; Nuseibeh, Bashar

doi:10.1016/j.ins.2019.09.061

Cited by 74 publications

(53 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is hoped that this will allow for a more secure and private system, although this remains for further exploration. However, as researchers continue to consider the approaches combined in this work, like [28] for Privacy-by-Design in IoT, and [3] for IoT security with OCTAVE-Allegro, it is expected that this merger will aid developers.…”

Section: Discussionmentioning

confidence: 99%

“…Privacy within ubiquitous systems has been a long-held design consideration [22], but remains a current and important challenge for IoT system designers and engineers [28]. From a legal perspective, privacy has been the subject of much attention, as big data trends continue, and with more personal quantified data being gathered from users [32].…”

Section: Privacy-by-design Strategies For Corementioning

confidence: 99%

“…Recently, Privacy-by-Design strategies have been brought to the forefront [18,32] toward providing inherent data protection, and the concept has had need of frameworks for elucidating the fuzzy privacy needs of systems. Frameworks like [28] are being tested to assess their impact on engineering more private systems.…”

Section: Privacy-by-design Strategies For Corementioning

confidence: 99%

See 2 more Smart Citations

Deriving Privacy and Security Considerations for CORE

Morris

Lessio

2018

Proceedings of the 2nd International Workshop on Multimedia Privacy and Security

View full text Add to dashboard Cite

Adaptive Context Environ m e n t s (ACE) Lab 2018 Deriving privacy and secu rity consid e r a t i o n s for CORE Morris, Alexis and Lessio, Nadin e Su g g e s t e d citat i o n : Morris, Alexis and Lessio, Nadin e (2018) Deriving privacy and secu rity consid e r a t i o n s for CORE. In: MPS '18 Proce e di n g s of the 2nd Inte r n a t i o n a l Works h o p on Multim e di a Privacy and Secu rity, 15-19 Oct 2018, Toront o, Cana d a . Available at http://op e n r e s e a r c h . o c a d u . c a /i d/ e p ri n t/ 2 4 2 1 / Open Res ear c h is a publicly acces si bl e, curat e d repositor y for the pres e r v a ti on and diss e m i n a ti o n of scholarly and creativ e outp u t of the OCAD Univer sity com m u n i t y . Mat erial in Open Res earc h is open acces s and mad e available via the cons e n t of the author and/or rights holder on a non-exclusiv e basis.ABSTRACT The internet-of-things (IoT) consists of embedded devices and their networks of communication as they form decentralized frameworks of ubiquitous computing services. Within such decentralized systems the potential for malicious actors to impact the system is significant, with far-reaching consequences. Hence this work addresses the challenge of providing IoT systems engineers with a framework to elicit privacy and security design considerations, specifically for indoor adaptive smart environments. It introduces a new ambient intelligence indoor adaptive environment framework (CORE) which leverages multiple forms of data, and aims to elicit the privacy and security needs of this representative system. This contributes both a new adaptive IoT framework, but also an approach to systematically derive privacy and security design requirements via a combined and modified OCTAVE-Allegro and Privacy-by-Design methodology. This process also informs the future developments and evaluations of the CORE system, toward engineering more secure and private IoT systems. CCS CONCEPTS• Human-centered computing → Mixed / augmented reality; Ambient intelligence; Ubiquitous and mobile computing design and evaluation methods; Contextual design; • Security and privacy → Mobile platform security; Distributed systems security; Mobile and wireless security; Domain-specific security and privacy architectures; KEYWORDS Privacy; security; internet-of-things; architectural framework; ambient intelligence ACM Reference Format:

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Privacy-by-design Strategies For Corementioning

confidence: 99%

Section: Privacy-by-design Strategies For Corementioning

confidence: 99%

See 1 more Smart Citation

Deriving Privacy and Security Considerations for CORE

Morris

Lessio

2018

Proceedings of the 2nd International Workshop on Multimedia Privacy and Security

View full text Add to dashboard Cite

show abstract

“…The analysis of the privacy methodologies was conducted using six focus areas and aims at pointing out both areas of overlap and existing gaps. One challenge facing such an endeavour is that privacy engineering in IoT is still a new and developing area [8] with significant need for such frameworks [2]. Consequently, the focus areas used here are based on current best practice drawn from the analysed frameworks, as well as the need to develop a single integrated framework for IoT.…”

Section: Methodsmentioning

confidence: 99%

Towards an integrated privacy protection framework for IoT: contextualising regulatory requirements with industry best practices

Thorburn

Margheri

Paci

2019

Living in the Internet of Things (IoT 2019)

View full text Add to dashboard Cite

One of the main obstacles to the widespread adoption of IoT devices and services is consumers' privacy concerns related to personal data collection, processing and sharing with third parties. Indeed, many IoT devices have been found collecting consumers' personal data without their knowledge or consent. While frameworks for identifying and mitigating security concerns of IoT devices and services are available, there is a lack of frameworks that address privacy issues for IoT applications. In this paper we lay the foundations for the future development of such a framework, based on both the experimental analysis of data flows on an IoT Smart Home testbed and a systematic analysis of other frameworks.

show abstract

“…Along with this, technologies are constantly evolving. New types of threats appear [2], and the security of computer networks is evolving into the security of the Internet of Things [3][4][5][6].…”

Section: Introductionmentioning

confidence: 99%

Model of Threats to Computer Network Software

2019

View full text Add to dashboard Cite

This article highlights the issue of identifying information security threats to computer networks. The aim of the study is to increase the number of identified threats. Firstly, it was carried out the analysis of computer network models used to identify threats, as well as in approaches to building computer network threat models. The shortcomings that need to be corrected are highlighted. On the basis of the mathematical apparatus of attributive metagraphs, a computer network model is developed that allows to describe the software components of computer networks and all possible connections between them. On the basis of elementary operations on metagraphs, a model of threats to the security of computer network software is developed, which allows compiling lists of threats to the integrity and confidentiality of computer network software. These lists include more threats in comparison with the considered analogues.

show abstract

Designing privacy-aware internet of things applications

Cited by 74 publications

References 39 publications

Deriving Privacy and Security Considerations for CORE

Deriving Privacy and Security Considerations for CORE

Towards an integrated privacy protection framework for IoT: contextualising regulatory requirements with industry best practices

Model of Threats to Computer Network Software

Contact Info

Product

Resources

About