Graph-based data-collection policies for the internet of things

Maribel Fernández, Jenjira Jaimunk, Bhavani Thuraisingham

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

5 Citations (Scopus)


Smart industrial control systems (e.g., smart grid, oil and gas systems, transportation systems) are connected to the internet, and have the capability to collect and transmit data; as such, they are part of the IoT. The data collected can be used to improve services; however, there are serious privacy risks. This concern is usually addressed by means of privacy policies, but it is often difficult to understand the scope and consequences of such policies. Better tools to visualise and analyse data collection policies are needed. Graph-based modelling tools have been used to analyse complex systems in other domains. In this paper, we apply this technique to IoT data-collection policy analysis and visualisation. We describe graphical representations of category-based data collection policies and show that a graph-based policy language is a powerful tool not only to specify and visualise the policy, but also to analyse policy properties. We illustrate the approach with a simple example in the context of a chemical plant with a truck monitoring system. We also consider policy administration: we propose a classification of queries to help administrators analyse policies, and we show how the queries can be answered using our technique.

Original languageEnglish
Title of host publicationProceedings - 4th Annual Industrial Control System Security Workshop, ICSS 2018
PublisherAssociation for Computing Machinery
Number of pages8
ISBN (Electronic)9781450362207
Publication statusPublished - 4 Dec 2018
Event4th Annual Industrial Control System Security Workshop, ICSS 2018 - San Juan, United States
Duration: 4 Dec 2018 → …


Conference4th Annual Industrial Control System Security Workshop, ICSS 2018
Country/TerritoryUnited States
CitySan Juan
Period4/12/2018 → …


  • Category-Based Data Collection
  • Internet of Things
  • Policy Analysis
  • Policy Visualisation
  • Privacy Policy


Dive into the research topics of 'Graph-based data-collection policies for the internet of things'. Together they form a unique fingerprint.

Cite this