Privacy Knowledge Modelling for Internet of Things: A Look Back

📝 Abstract

Internet of Things (IoT) and cloud computing together give us the ability to sense, collect, process, and analyse data so we can use them to better understand behaviours, habits, preferences and life patterns of users and lead them to consume resources more efficiently. In such knowledge discovery activities, privacy becomes a significant challenge due to the extremely personal nature of the knowledge that can be derived from the data and the potential risks involved. Therefore, understanding the privacy expectations and preferences of stakeholders is an important task in the IoT domain. In this paper, we review how privacy knowledge has been modelled and used in the past in different domains. Our goal is not only to analyse, compare and consolidate past research work but also to appreciate their findings and discuss their applicability towards the IoT. Finally, we discuss major research challenges and opportunities.

💡 Analysis

Internet of Things (IoT) and cloud computing together give us the ability to sense, collect, process, and analyse data so we can use them to better understand behaviours, habits, preferences and life patterns of users and lead them to consume resources more efficiently. In such knowledge discovery activities, privacy becomes a significant challenge due to the extremely personal nature of the knowledge that can be derived from the data and the potential risks involved. Therefore, understanding the privacy expectations and preferences of stakeholders is an important task in the IoT domain. In this paper, we review how privacy knowledge has been modelled and used in the past in different domains. Our goal is not only to analyse, compare and consolidate past research work but also to appreciate their findings and discuss their applicability towards the IoT. Finally, we discuss major research challenges and opportunities.

📄 Content

1

Privacy Knowledge Modelling for Internet of Things: A Look Back
Charith Perera (Open University), Chang Liu (CSIRO), Rajiv Ranjan (Newcastle University), Lizhe Wang (China University of Geosciences), Albert Y. Zomaya (University of Sydney)

Abstract Internet of Things (IoT) and cloud computing together give us the ability to sense, collect, process, and analyse data so we can use them to better understand behaviours, habits, preferences and life patterns of users and lead them to consume resources more efficiently. In such knowledge discovery activities, privacy becomes a significant challenge due to the extremely personal nature of the knowledge that can be derived from the data and the potential risks involved. Therefore, understanding the privacy expectations and preferences of stakeholders is an important task in the IoT domain. In this paper, we review how privacy knowledge has been modelled and used in the past in different domains. Our goal is not only to analyse, compare and consolidate past research work but also to appreciate their findings and discuss their applicability towards the IoT. Finally, we discuss major research challenges and opportunities.

Keywords: Internet of Things, Privacy Preferences, Knowledge Modelling

Introduction The Internet of Things allows people and things to be connected anytime, anyplace, with anything and anyone, ideally using any path, any network and any service [1]. Over the last few years, a large number of Internet of Things (IoT) solutions have come to the IoT marketplace [2]. These IoT solutions together collect a large amount of data that can be used to derive useful but extremely personal knowledge about users [3]. On the other hand, cloud computing provides ubiquitous, convenient, on- demand access to a shared pool of configurable computing resources. As such services are becoming more powerful and cheaper, the risk of users’ privacy being violated due to knowledge discovery increases significantly.

A business model that has been developed to derive value out of such data is open data markets [3]. The idea of an open data market envisions the creation of a data trading model to facilitate exchange of data between different parties in the Internet of Things (IoT) domain. The data collected by IoT products and solutions are expected to be traded in these markets. Data owners will collect data using IoT products and solutions. Data consumers who are interested will negotiate with the data owners to get access to such data. Data captured by IoT products will allow data consumers to further understand the preferences and behaviours of data owners and to generate additional business value using different techniques ranging from waste reduction to personalized service offerings. In open data markets, data consumers will be able to give back part of the additional value generated to the data owners. However, privacy becomes a significant issue when data that can be used to derive extremely personal information is being traded. Therefore, it is important to understand what privacy is and what privacy means for each user of a given system in order to design the systems to ensure privacy is protected at all times.

One of the widely accepted definitions, presented by Alan F. Westin [4], describes information privacy as “the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others”. Knowledge modelling is a process of creating a computer interpretable model of knowledge or standard specifications about a process, a product, or a concept. In this paper, our focus is on ‘privacy’. We consider any piece of information 2

that can be used to understand the privacy expectation of an individual in any given context as privacy knowledge.
Our objective in this paper is to survey how privacy knowledge has been modelled in the past in different domains. It is important to note that we do not intend to review an exhaustive amount of past work, but to capture insights from a broad range of approaches. We also discuss how past approaches can be used or are relevant in the IoT domain. In web domain, only the users’ online activities are captured. In contrast, IoT systems can capture users’ activities and behaviours 24/7 through various kinds of devices. Therefore, IoT domain poses significant privacy risks compared to web domain. We also analyse different privacy modelling approaches to identify any common patterns and applications.

In the rest of this paper, we briefly look back at major attempts in the past towards giving privacy control to users. Next, we examine how privacy knowledge has been modelled by researchers in the past including the factors they have considered in their models, techniques used to implement it, application domains and so on. Then, we present lessons learnt from our review by identifying maj

This content is AI-processed based on ArXiv data.