GDPR Compliance Verification in Internet of Things

Barati, Masoud; Rana, Omer; Petri, Ioan; Theodorakopoulos, George

doi:10.1109/access.2020.3005509

Cited by 42 publications

(18 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another pertinent issue, but which was not addressed by this work, is related to issues of ethics and information privacy. Even if the individual provides all the authorizations to have his life analyzed by the system, there are laws that prevent certain information, even if released by the individual, from being analyzed for the creation of profiles (Barati et al, 2020). And how to analyze the information derived from the individual's interaction with his peers, without hurting ethics and data protection laws?…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Information management and exponencial learning in Society 5.0: foundations for an integrated system

Oliveira¹,

Pereira²

2021

Preprint

View full text Add to dashboard Cite

Humanity uses the information to reduce discomfort, effort, and errors. With this in mind, headphones were invented, so that the music could be heard without disturbing others; home appliances were created to reduce the effort in washing dishes or clothes, and calculating machines were developed so that human distraction would not cause an accident in calculating the weight that a bridge could support. But the information has hardly changed the certainties and doubts about which university course to take, what the individual's daily life will be like in the academic path, which includes when and what to study, what to eat and what to do in their free time. Is there a hobby that the individual could enjoy, but does not know? There is greater access to information, but many times instead of navigating this information, the individual sinks in the middle of it. In addition, teachers and students remain stuck in the curriculum, with the same menu being provided for carnivores, vegetarians or lactose intolerants. If before, students were beaten with wood in their hands and were attacked psychologically, having to learn the same as everyone else, nowadays only hands are no longer suffering from wood, at least in theory. Reducing mistakes in choosing a higher education course and the whole life that governs the academic path, can be a dream for many individuals, and software that collects enough information to learn about the individual and guide him/her on the beginning of their academic path could be an extremely useful compass. Knowing which university course to take, which discipline, among the electives, to choose, knowing the right time to get up according to the circadian cycle, what to do throughout the day, what and when to eat, are all informational outputs that utopian software could provide so as to contribute to the individual's success. But would such informational management drastically reduce the hassles, efforts, and mistakes to be made, or would it negatively affect the individual's life due to lack of experience with failure? Is the information learned from failure really necessary for success? This article starts from a brief history about information in education, analyses information management in Society 5.0, in the era of exponential technologies, and the construction of competence matrices. The goal is to start a debate about the delegation and trust in software, the management of personal information for individual success.

show abstract

Section: Discussionmentioning

confidence: 99%

“…What Web Cookies and algorithms like those of the RMSE system do, is the creation of user profiles (cf. Barati et al, 2020) useful to recognize the individual and insert him in categories, in order to improve the marketing of products and services for these individuals.…”

Section: Exponential and Disruptive Technologiesmentioning

confidence: 99%

Information management and exponencial learning in Society 5.0: foundations for an integrated system

Oliveira¹,

Pereira²

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Therefore, a significant related issue is consent to share information. Among several obligations the GDPR imposes on software operators and service providers, a key obligation is user consent [33]. The complex granularity in the IoV together with the fleeting character of services, however, obfuscate the matter of making informed consensual decisions.…”

Section: B Trust In the Iovmentioning

confidence: 99%

“…Method Application [23], [29] Privacy Labels Data privacy [1], [33] Blockchain methods GDPR compliance [83], [84] Virtual Trip Lines Anonymous data collection [96] Private Info. Retrieval Anonymous data retrieval [97]- [99] Differential Privacy Anonymous data retrieval…”

Section: Papermentioning

confidence: 99%

Privacy and Trust in the Internet of Vehicles

Zavvos

Gerding

Yazdanpanah

et al. 2022

IEEE Trans. Intell. Transport. Syst.

View full text Add to dashboard Cite

The Internet of Vehicles aims to fundamentally improve transportation by connecting vehicles, drivers, passengers, and service providers together. Several new services such as parking space identification, platooning and intersection control-to name just a few-are expected to improve traffic congestion, reduce pollution, and improve the efficiency, safety and logistics of transportation. Proposed end-user services, however, make extensive use of private information with little consideration for the impact on users and third parties (those individuals whose information is indirectly involved). This article provides the first comprehensive overview of privacy and trust issues in the Internet of Vehicles at the service level. Various concerns over privacy are formalised into four basic categories: privacy of personal information, trust, consent to provide information, and multi-party privacy. To help analyse services and to facilitate future research, the main relevant end-user services are taxonomised according to voluntary and involuntary information they require and produce. Finally, this work identifies several open research problems and highlights general approaches to address them. These especially relate to measuring the tradeoff between privacy and service functionality, automated consent negotiation, trust towards the IoV and its individual services, and identifying and resolving multi-party privacy conflicts.

show abstract

“…However, a solution for checking the compliance of such obligations in an automatic way was not provided. The authors in [26] proposed a formal representation for verification of GDPR obligations. Such obligations are encoded in smart contracts to provide an automatic approach for data accountability.…”

Section: Fig 1: Overview Of the Research Approachmentioning

confidence: 99%

Privacy-Aware Cloud Auditing for GDPR Compliance Verification in Online Healthcare

Barati

Aujla

Llanos

et al. 2022

IEEE Trans. Ind. Inf.

Self Cite

View full text Add to dashboard Cite

Emerging multi-tenant cloud computing ecosystems allow multiple applications to share virtualised pool of computing and networking resources. As a result such ecosystems are becoming increasingly prone to data privacy concerns (personal data leakages and unauthorised access). While cloud computing providers support robust security and privacy mechanisms (e.g, public key cryptography, firewalls, virtual private networks, among many others), they lack mechanisms and frameworks to monitor, audit and verify these data privacy concerns. The emergence of data protection regulations around the world, such as General Data Protection Regulation (GDPR) in Europe and the Data Protection Act (DPA) in the UK, further emphasise the need to overcome these privacy limitations. A novel technique for monitoring, auditing and verifying the operations carried out on a user's personal data in cloud computing ecosystems is proposed. Our research methodology leverages distributed ledger technologies (e.g., Blockchain, Smart Contracts) for developing an immutable recording technique, which transparently logs, monitors and verifies the operations carried out on user data. Using a healthcare pharmacy scenario and extensive real-world experiments, we validate the feasibility of the proposed technique. The proposed work handles a large pool of requests (> 13K) ensuring minimal latency (≈50-60 ms) and overheads for three different service packages varied with respect to the number of actors and operations).

show abstract

GDPR Compliance Verification in Internet of Things

Cited by 42 publications

References 40 publications

Information management and exponencial learning in Society 5.0: foundations for an integrated system

Information management and exponencial learning in Society 5.0: foundations for an integrated system

Privacy and Trust in the Internet of Vehicles

Privacy-Aware Cloud Auditing for GDPR Compliance Verification in Online Healthcare

Contact Info

Product

Resources

About