skip to main content
research-article

δ-Risk: Toward Context-aware Multi-objective Privacy Management in Connected Environments

Published:24 May 2021Publication History
Skip Abstract Section

Abstract

In today’s highly connected cyber-physical environments, users are becoming more and more concerned about their privacy and ask for more involvement in the control of their data. However, achieving effective involvement of users requires improving their privacy decision-making. This can be achieved by: (i) raising their awareness regarding the direct and indirect privacy risks they accept to take when sharing data with consumers; (ii) helping them in optimizing their privacy protection decisions to meet their privacy requirements while maximizing data utility. In this article, we address the second goal by proposing a user-centric multi-objective approach for context-aware privacy management in connected environments, denoted δ-Risk. Our approach features a new privacy risk quantification model to dynamically calculate and select the best protection strategies for the user based on her preferences and contexts. Computed strategies are optimal in that they seek to closely satisfy user requirements and preferences while maximizing data utility and minimizing the cost of protection. We implemented our proposed approach and evaluated its performance and effectiveness in various scenarios. The results show that δ-Risk delivers scalability and low-complexity in time and space. Besides, it handles privacy reasoning in real-time, making it able to support the user in various contexts, including ephemeral ones. It also provides the user with at least one best strategy per context.

References

  1. Betsy George, James M. Kang, and Shashi Shekhar. 2009. Spatio-temporal sensor graphs (stsg): A data model for the discovery of spatio-temporal patterns. Intell. Data Anal. 13, 3 (2009), 457–475. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Karam Bou Chaaya, Mahmoud Barhamgi, Richard Chbeir, Philippe Arnould, and Djamal Benslimane. 2019. Context-aware system for dynamic privacy risk inference: Application to smart IoT environments. Future Gen. Comput. Syst. 101 (2019), 1096–1111.Google ScholarGoogle ScholarCross RefCross Ref
  3. Mikhail A. Lisovich, Deirdre K. Mulligan, and Stephen B. Wicker. 2010. Inferring personal information from demand-response systems. IEEE Secur. Privacy 8, 1 (2010), 11–20. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Nicholas Vollmer. 2018. Table of contents EU General Data Protection Regulation (EU-GDPR). https://www.privacy-regulation.eu/en/.Google ScholarGoogle Scholar
  5. State of California Department of Justice. 2018. California Consumer Privacy Act (CCPA). https://oag.ca.gov/privacy/ccpa.Google ScholarGoogle Scholar
  6. C. Castelluccia, M. Cunche, D. Le Metayer, and V. Morel. 2018. Enhancing transparency and consent in the IoT. In Proceedings of the IEEE European Symposium on Security and Privacy Workshops (EuroSPW’18). 116–119. DOI:http://dx.doi.org/10.1109/EuroSPW.2018.00023Google ScholarGoogle Scholar
  7. I. D. Addo, S. I. Ahamed, S. S. Yau, and A. Buduru. 2014. A reference architecture for improving security and privacy in Internet of Things applications. In Proceedings of the IEEE International Conference on Mobile Services. 108–115. DOI:http://dx.doi.org/10.1109/MobServ.2014.24 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Santosh Kumar, Sanjay Kumar Singh, Amit Kumar Singh, Shrikant Tiwari, and Ravi Shankar Singh. 2018. Privacy preserving security using biometrics in cloud computing. Multimedia Tools Appl. 77, 9 (2018), 11017–11039. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. David W. Chadwick and Kaniz Fatema. 2012. A privacy preserving authorisation system for the cloud. J. Comput. Syst. Sci. 78, 5 (2012), 1359–1373. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Akber Datoo. 2018. Data in the post-GDPR world. Computer Fraud and Security 9 (2018), 17–18.Google ScholarGoogle ScholarCross RefCross Ref
  11. Tim Collins. 2018. Marketing firm exactis leaks 340 million files containing private data. Mail Online (2018). https://www.dailymail.co.uk/sciencetech/article-5900071/Marketing-firm-Exactis-leaks-340-million-files-containing-private-data.html.Google ScholarGoogle Scholar
  12. Mahmoud Barhamgi, Charith Perera, Chirine Ghedira, and Djamal Benslimane. 2018. User-centric privacy engineering for the Internet of Things. IEEE Cloud Comput. 5, 5 (2018), 47–57.Google ScholarGoogle ScholarCross RefCross Ref
  13. Victoria Y. Pillitteri and Tanya L. Brewer. 2014. Guidelines for Smart Grid Cybersecurity. Technical Report NISTIR 7628 Revision 1. National Institute of Standards and Technology. DOI:http://dx.doi.org/10.6028/NIST.IR.7628r1Google ScholarGoogle Scholar
  14. Alston S. Householder. 2013. The Theory of Matrices in Numerical Analysis. Courier Corporation.Google ScholarGoogle Scholar
  15. D. Nagarajan, T. Tamizhi, M. Lathamaheswari, and J. Kavikumar. 2019. Traffic control management using Gauss Jordan method under neutrosophic environment. In AIP Conference Proceedings, Vol. 2112.Google ScholarGoogle Scholar
  16. L. Shang, S. Petiton, and M. Hugues. 2009. A new parallel paradigm for block-based Gauss-Jordan algorithm. In Proceedings of the 8th International Conference on Grid and Cooperative Computing. 193–200. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. L. M. Aouad and S. G. Petiton. 2006. Parallel basic matrix algebra on the Grid’5000 large scale distributed platform. In Proceedings of the IEEE International Conference on Cluster Computing. 1–8.Google ScholarGoogle Scholar
  18. Ling Shang, Zhijian Wang, Serge G. Petiton, Yuansheng Lou, and Zhizhong Liu. 2008. Large scale computing on component based framework easily adaptive to cluster and grid environments. In Proceedings of the 3rd ChinaGrid Annual Conference. IEEE, 70–77. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Lamine M. Aouad, Serge G. Petiton, and Mitsuhisa Sato. 2005. Grid and cluster matrix computation with persistent storage and out-of-core programming. In Proceedings of the IEEE International Conference on Cluster Computing. IEEE, 1–9.Google ScholarGoogle ScholarCross RefCross Ref
  20. Mingqiang Xue, Panos Kalnis, and Hung Keng Pung. 2009. Location diversity: Enhanced privacy protection in location based services. In Proceedings of the International Symposium on Location-and Context-Awareness. Springer, 70–87. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Alexander Chernev, Ulf Böckenholt, and Joseph Goodman. 2015. Choice overload: A conceptual review and meta-analysis. J. Consum. Psychol. 25, 2 (2015), 333–358.Google ScholarGoogle ScholarCross RefCross Ref
  22. Ann Cavoukian and Michelle Chibba. 2018. Start with privacy by design in all big data applications. In Guide to Big Data Applications. Springer, 29–48.Google ScholarGoogle Scholar
  23. Ann Cavoukian. 2012. Privacy by design [leading edge]. IEEE Technol. Soc. Mag. 31, 4 (2012), 18–19.Google ScholarGoogle ScholarCross RefCross Ref
  24. 2018. ISO/PC 317 Consumer Protection: Privacy by Design for Consumer Goods and Services. https://www.iso.org/committee/6935430/x/catalogue/.Google ScholarGoogle Scholar
  25. Ricardo Neisse, Gary Steri, Gianmarco Baldini, Elias Tragos, I. Nai Fovino, and Maarten Botterman. 2014. Dynamic context-aware scalable and trust-based IoT security, privacy framework. Internet of Things Applications: From Research and Innovation to Market Deployment, IERC Cluster Book.Google ScholarGoogle Scholar
  26. Everton de Matos, Ramão Tiago Tiburski, Leonardo Albernaz Amaral, and Fabiano Hessel. 2018. Providing context-aware security for IoT environments through context sharing feature. In Proceedings of the 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom’18). IEEE, 1711–1715.Google ScholarGoogle ScholarCross RefCross Ref
  27. Mehdi Gheisari, Guojun Wang, Wazir Zada Khan, and Christian Fernández-Campusano. 2019. A context-aware privacy-preserving method for IoT-based smart city using software defined networking. Comput. Secur. 87 (2019), 101470.Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Tidiane Sylla, Mohamed Aymen Chalouf, Francine Krief, and Karim Samaké. 2019. Towards a context-aware security and privacy as a service in the Internet of Things. In Proceedings of the International Conference on Information Security Theory and Practice (IFIP’19). 240–252.Google ScholarGoogle Scholar
  29. Vangalur Alagar, Alaa Alsaig, Olga Ormandjiva, and Kaiyu Wan. 2018. Context-based security and privacy for healthcare IoT. In Proceedings of the IEEE International Conference on Smart Internet of Things (SmartIoT). IEEE, 122–128.Google ScholarGoogle ScholarCross RefCross Ref
  30. Delphine Christin, Martin Michalak, and Matthias Hollick. 2013. Raising user awareness about privacy threats in participatory sensing applications through graphical warnings. In Proceedings of the International Conference on Advances in Mobile Computing and Multimedia. 445–454. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Majid Hatamian and Jetzabel Serna-Olvera. 2017. Beacon alarming: Informed decision-making supporter and privacy risk analyser in smartphone applications. In Proceedings of the IEEE International Conference on Consumer Electronics. IEEE, 468–471.Google ScholarGoogle ScholarCross RefCross Ref
  32. Xuejun Zhang, Xiaolin Gui, Feng Tian, Si Yu, and Jian An. 2014. Privacy quantification model based on the Bayes conditional risk in Location-based services. Tsinghua Sci. Technol. 19, 5 (2014), 452–462.Google ScholarGoogle Scholar
  33. Mishtu Banerjee, Rosa Karimi Adl, Leanne Wu, and Ken Barker. 2011. Quantifying privacy violations. In Proceedings of the Workshop on Secure Data Management. Springer, 1–17. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. δ-Risk: Toward Context-aware Multi-objective Privacy Management in Connected Environments

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Article Metrics

        • Downloads (Last 12 months)48
        • Downloads (Last 6 weeks)7

        Other Metrics

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      HTML Format

      View this article in HTML Format .

      View HTML Format
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!