The Internet of Things (IoT) is becoming increasingly popular. It enables a variety of novel applications. Such applications require a lot of data about their users. To this end, sensors continuously monitor various aspects of daily life. Despite the indisputable benefits of IoT applications, this is a severe privacy threat. Due to the GDPR coming into force, there is a need for action on the part of IoT vendors. In this paper, we therefore introduce a Privacy by Design approach for IoT applications called DISPEL. It provides a configuration method enabling users to specify globally, which application may access what data for which purpose. Privacy protection is then applied at the earliest stage possible, i.e., directly on the IoT devices generating the data. Data transmission is protected against unauthorized access and manipulation. Evaluation results show that DISPEL fulfills the requirements towards an IoT privacy system.
%0 Conference Paper
%1 sac_20_dispel
%A Stach, Christoph
%A Gritti, Clémentine
%A Mitschang, Bernhard
%B Proceedings of the 35ᵗʰ ACM/SIGAPP Symposium On Applied Computing
%C Brno
%D 2020
%E Hung, Chih-Cheng
%E Cerny, Tomas
%E Petrlic, Ronald
%E Sorge, Christoph
%I ACM
%K IoT attribute-based_access_control authorization_concept privacy
%P 1272–1279
%R 10.1145/3341105.3375754
%T Bringing Privacy Control Back to Citizens: DISPEL — A Distributed Privacy Management Platform for the Internet of Things
%X The Internet of Things (IoT) is becoming increasingly popular. It enables a variety of novel applications. Such applications require a lot of data about their users. To this end, sensors continuously monitor various aspects of daily life. Despite the indisputable benefits of IoT applications, this is a severe privacy threat. Due to the GDPR coming into force, there is a need for action on the part of IoT vendors. In this paper, we therefore introduce a Privacy by Design approach for IoT applications called DISPEL. It provides a configuration method enabling users to specify globally, which application may access what data for which purpose. Privacy protection is then applied at the earliest stage possible, i.e., directly on the IoT devices generating the data. Data transmission is protected against unauthorized access and manipulation. Evaluation results show that DISPEL fulfills the requirements towards an IoT privacy system.
%@ 978-1-4503-6866-7
@inproceedings{sac_20_dispel,
abstract = {The Internet of Things (IoT) is becoming increasingly popular. It enables a variety of novel applications. Such applications require a lot of data about their users. To this end, sensors continuously monitor various aspects of daily life. Despite the indisputable benefits of IoT applications, this is a severe privacy threat. Due to the GDPR coming into force, there is a need for action on the part of IoT vendors. In this paper, we therefore introduce a Privacy by Design approach for IoT applications called DISPEL. It provides a configuration method enabling users to specify globally, which application may access what data for which purpose. Privacy protection is then applied at the earliest stage possible, i.e., directly on the IoT devices generating the data. Data transmission is protected against unauthorized access and manipulation. Evaluation results show that DISPEL fulfills the requirements towards an IoT privacy system.},
added-at = {2020-09-21T11:45:55.000+0200},
address = {Brno},
author = {Stach, Christoph and Gritti, Clémentine and Mitschang, Bernhard},
biburl = {https://puma.ub.uni-stuttgart.de/bibtex/2fac9c670b59854736a4b2052a4b635c3/christophstach},
booktitle = {Proceedings of the 35ᵗʰ ACM/SIGAPP Symposium On Applied Computing},
doi = {10.1145/3341105.3375754},
editor = {Hung, Chih-Cheng and Cerny, Tomas and Petrlic, Ronald and Sorge, Christoph},
interhash = {389818ee75734a5cb47513ebb5870fb6},
intrahash = {fac9c670b59854736a4b2052a4b635c3},
isbn = {978-1-4503-6866-7},
keywords = {IoT attribute-based_access_control authorization_concept privacy},
month = mar,
pages = {1272–1279},
publisher = {ACM},
series = {PDP '20},
timestamp = {2020-09-21T09:45:55.000+0200},
title = {Bringing Privacy Control Back to Citizens: DISPEL — A Distributed Privacy Management Platform for the Internet of Things},
year = 2020
}