Nowadays, many devices collect data about users’ activities and send it to service providers, offering better services or benefits in exchange for data; however, this can pose serious privacy risks. Despite new regulations created to protect users’ privacy, users are often given little choice over the way their data is collected and used. Also, the advent of the internet-of-things (IoT) has exacerbated the problem. This thesis explores two areas of study relating to data privacy; the first is architecture design for privacy-preserving cloud-IoT platforms. The second is privacy policy specification, visualisation and analysis. To address privacy concerns in cloud-IoT applications, we propose a new architecture, called DataBank, which gives users fine-grained control over their data by allowing them to control which kind of data is transmitted by their devices. DataBank uses a category-based data access model which covers the whole data lifecycle, from data collection to data sharing. The architecture consists of several layers, from IoT objects in the lower layer to web and mobile applications in the top layer, with regulated communication mechanisms to transfer data from the lower level to data processing services in the top level. Our proposed conceptual architecture has been used to implement a prototype platform called Privasee, an open-source platform for privacy-aware web-application development, which provides a plug-in module to support IoT application development. To ensure that data is protected and to understand the scope and consequences of policies, we apply graph-based modelling tools to specify, visualise and analyse IoT data collection and sharing policies in both static and dynamic ways. We propose a classification of queries to help administrators analyse policy properties, and show how the queries can be answered using the proposed technique. We also illustrate the approach with simple examples in the context of a chemical plant, a smart home and a health system.
| Date of Award | 1 Nov 2021 |
|---|
| Original language | English |
|---|
| Awarding Institution | |
|---|
| Supervisor | Maribel Fernandez (Supervisor) |
|---|
Privacy-preserving architecture for cloud-IoT platform
Jaimunk, J. (Author). 1 Nov 2021
Student thesis: Doctoral Thesis › Doctor of Philosophy