Abstract
The rapid technological progress causes smart environments, such as smart homes, cities, etc., to become more ubiquitous in our daily lives. Privacy issues arise when the smart objects in those smart environments collect and disclose sensitive data without users’ consent. Therefore, existing works and the European General Data Protection Regulation (GDPR) are still calling for privacy-preserving solutions with more user involvement and automated decision-making. Existing works show research gaps regarding context-aware privacy-preference modellings. They do not present best-practice-based frameworks for user-centric privacy-preserving approaches allowing context-aware adapting of users’ privacy and data disclosure preferences while considering their past activities. Hence, this paper proposes a best-practice-based framework for user-centric privacy-preserving solutions with automation options. The proposed approach supplies users data sharing recommendations with minimum human interference while considering (1) GDPR requirements, (2) context-sensitive factors and (3) users’ past activities. The paper also outlines how the proposed framework can be integrated in an existing user-centric privacy-preserving approach in the future. In this way, the proposed approach can be integrated in the existing IoT architecture systems, which allow users to control the entire data collection, storage and disclosure process in smart home environments.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
From the second iteration the \(B_{d}\) and \(B_{di}\) do not contain the same data in case the users decide to adjust the data sharing recommendations.
- 2.
“The setting options regarding data aggregation allow end users to choose between two options. The two options are (1) the exact time of each action of the smart object for daily review (\(t_{Act1}\)) or (2) the time period users want to aggregate and review the collected data by their smart objects (\(t_{Act2}\)), for example, weekly, monthly. An example for \(t_{Act1}\) could be that the smart object owner is absent at 07:30 am on the 5th of February and present again at 8 pm in the living room. He gets up at 06:30 am and switches on his smart bulbs in two rooms, namely the bathroom and sleeping room. In contrast to this, an example for \(t_{Act2}\) could be that the smart object owner is available at home at various times per month and switches on his smart bulbs 200 times per month.” [45].
- 3.
Examples for user details are age, country.
- 4.
“The default settings for \(So_{Act}\) regarding data aggregation layer is assigned to \(So_{Act1}\), which means that the granularity of the data is set at the layer of sensors.” [45].
- 5.
“\(dCon\) include third parties getting access to disclosed data, such as doctors, insurance company, government agencies, etc.” [45].
- 6.
“... usage purposes informs end users for which purpose, such as personal health plan, statistical purposes, etc., the shared data are used by the \(dCon\)...” [45].
- 7.
WEKA 3 is considered a very highly ranked top detection tool and data mining tool [35].
References
GDPR Art. 9 Processing of Special Categories of Personal Data. https://gdpr-info.eu/art-9-gdpr/. Accessed May 2022
Aher, S.B., Lobo, L.: Data mining in educational system using Weka. In: International Conference on Emerging Technology Trends (ICETT), vol. 3, pp. 20–25 (2011)
Aïvodji, U.M., Gambs, S., Martin, A.: IOTFLA : a secured and privacy-preserving smart home architecture implementing federated learning: a secured and privacy-preserving smart home architecture implementing federated learning. In: Proceedings of 2019 IEEE Security and Privacy Workshops (SPW), pp. 175–180 (2019)
Al-Ameen, M.N., Tamanna, T., Nandy, S., Ahsan, M.M., Chandra, P., Ahmed, S.I.: We Don’t Give a Second Thought Before Providing our Information: Understanding Users’ Perceptions of Information Collection by Apps in Urban Bangladesh, pp. 32–43 (2020)
Awasthi, A., Read, H.O., Xynos, K., Sutherland, I.: Welcome PWN: almond smart home hub forensics. Digit. Investig. 26, 38-S46 (2018)
Balapour, A., Nikkhah, H.R., Sabherwal, R.: Mobile application security: role of perceived privacy as the predictor of security perceptions. Int. J. Inf. Manage. 52, 102063 (2020)
Bennett, S.: Development of the PID controller. IEEE Control Syst. Mag. 13(6), 58–62 (1993)
Bermingham, M.L., et al.: Application of high-dimensional feature selection: evaluation for genomic prediction in man. Sci. Rep. 5(1), 1–12 (2015)
Binkhonain, M., Zhao, L.: A review of machine learning algorithms for identification and classification of non-functional requirements. Expert Syst. Appl. X. 1, 100001 (2019)
Bondi, A.B.: Characteristics of scalability and their impact on performance. In: Proceedings of the 2nd International Workshop on Software and Performance, pp. 195–203 (2000)
Carretero, J., García, J.D.: The internet of things: connecting the world. Personal Ubiquit. Comput. 18(2), 445–447 (2014)
Consulting, I.: Art. 22 GDPR Automated Individual Decision-Making, Including Profiling.https://gdpr-info.eu/art-22-gdpr/. Accessed July 2022
Das, A., Degeling, M., Wang, X., Wang, J., Sadeh, N., Satyanarayanan, M.: Assisting users in a world full of cameras: a privacy-aware infrastructure for computer vision applications. In: 2017 IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW), pp. 1387–1396 (2017)
De Choudhury, M., Lin, Y.R., Sundaram, H., Candan, K.S., Xie, L., Kelliher, A.: How does the data sampling strategy impact the discovery of information diffusion in social media? In: Fourth International AAAI Conference on Weblogs and Social Media (2010)
Dutta, S., Chukkapalli, S.S.L., Sulgekar, M., Krithivasan, S., Das, P.K., Joshi, A.: Context sensitive access control in smart home environments. In: IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing (HPSC) and IEEE International Conference on Intelligent Data and Security (IDS), pp. 35–41 (2020)
Fang, L., LeFevre, K.: Privacy Wizards For Social Networking Sites. In: Proceedings of the 19th International Conference on World Wide Web, pp. 351–360 (2010)
Fietkiewicz, K., Ilhan, A.: Fitness tracking technologies: data privacy doesn’t matter? The (Un)Concerns of users, former users, and non-users. In: Proceedings of the 53rd Hawaii International Conference on System Sciences, pp. 1–10 (2020)
Gray, J., Siewiorek, D.P.: High-availability computer systems. Computer 24(9), 39–48 (1991)
Guhr, N., Werth, O., Blacha, P.P.H., Breitner, M.H.: Privacy concerns in the smart home context. SN Appl. Sci. 2(2), 1–12 (2020)
Jahan, N., Ghani, T., Rasheduzzaman, M., Marzan, Y., Ridoy, S.H., Khan, M.M.: Design and feasibility analysis of nsugt a machine learning-based mobile application for education. In: 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC), pp. 0926–0929. IEEE (2021)
Jozani, M., Ayaburi, E., Ko, M., Choo, K.K.R.: Privacy concerns and benefits of engagement with social media-enabled apps: a privacy calculus perspective. Comput. Human Behav. 107, 106–260 (2020)
Keshavarz, M., Anwar, M.: Towards improving privacy control for smart homes: a privacy decision framework. In: 2018 16th Annual Conference on Privacy, Security and Trust (PST), pp. 1–3 (2018)
Keshavarz, M., Anwar, M.: The automatic detection of sensitive data in smart homes. In: International Conference on Human-Computer Interaction, pp. 404–416 (2019)
Knijnenburg, B., Jin, H.: The persuasive effect of privacy recommendations for location sharing services. SSRN Electron. J. 2399725 (2013)
Kounoudes, A.D., Kapitsaki, G.M.: A mapping of IoT user-centric privacy preserving approaches to the GDPR. Internet Things 11, 100179 (2020)
Kounoudes, A.D., Kapitsaki, G.M., Katakis, I., Milis, M.: User-centred privacy inference detection for smart home devices. In: 2021 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/IOP/SCI), pp. 210–218 (2021)
Kremer, J., Steenstrup Pedersen, K., Igel, C.: Active learning with support vector machines. Wiley Interdiscipl. Rev. Data Mining Knowl. Disc. 4(4), 313–326 (2014)
Kulyk, O., Reinheimer, B., Aldag, L., Mayer, P., Gerber, N., Volkamer, M.: Security and privacy awareness in smart environments-a cross-country investigation. In: International Conference on Financial Cryptography and Data Security, pp. 84–101 (2020)
Liu, B., et al.: Follow my recommendations: a personalized privacy assistant for mobile app permissions. In: Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), pp. 27–41 (2016)
Malhotra, R., Chug, A.: Software maintainability prediction using machine learning algorithms. Softw. Eng. Int. J. (SeiJ). 2(2) (2012)
Milne, G., Pettinico, G., Hajjat, F., Markos, E.: Information sensitivity typology: mapping the degree and type of risk consumers perceive in personal data sharing. J. Consum. Affairs 51(1), 133–161 (2016)
Mohammed, R., Rawashdeh, J., Abdullah, M.: Machine learning with oversampling and undersampling techniques: overview study and experimental results. In: 2020 11th International Conference on Information and Communication Systems (ICICS), pp. 243–248. IEEE (2020)
Oetzel, M.C., Spiekermann, S.: A systematic methodology for privacy impact assessments: a design science approach. Eur. J. Inf. Syst. 23(2), 126–150 (2014)
Pallapa, G., Das, S.K., Di Francesco, M., Aura, T.: Adaptive and context-aware privacy preservation exploiting user interactions in smart environments. Pervas. Mob. Comput. 12, 232–243 (2014)
Peerspot: WEKA Review. https://www.peerspot.com/products/weka-reviews. Accessed July 2022
Rahm, E., Do, H.H.: Data cleaning: problems and current approaches. IEEE Data Eng. Bull. 23(4), 3–13 (2000)
Raskin, J.: The Human Interface: New directions for designing interactive systems. Addison-Wesley Professional (2000)
Regulation (EU): 2016/679 of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data, and Repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union L119/1, pp. 1–88 (2016)
Rumbold, J., Pierscionek, B.: What are data? A categorization of the data sensitivity spectrum. Big Data Res. 12, 49–59 (2018)
Sadeh, N., et al.: Understanding and capturing people’s privacy policies in a mobile social networking application. Pers. Ubiquit. Comput. 13(6), 401–412 (2009)
Schomakers, E.M., Lidynia, C., Müllmann, D., Ziefle, M.: Internet users’ perceptions of information sensitivity-insights from Germany. Int. J. Inf. Manage. 46, 142–150 (2019)
Sheehan, K.B., Hoy, M.G.: Dimensions of privacy concern among online consumers. J. Publ. Policy Mark. 19(1), 62–73 (2000)
Shen, M., Tang, X., Zhu, L., Du, X., Guizani, M.: Privacy-preserving support vector machine training over blockchain-based encrypted IoT data in smart cities. IEEE Internet Things J. 6(5), 7702–7712 (2019)
Wegner, P.: Interoperability. ACM Comput. Surv. (CSUR) 28(1), 285–287 (1996)
Wickramasinghe, C.I., Reinhardt, D.: A user-centric privacy-preserving approach to control data collection, storage, and disclosure in own smart home environments. In: International Conference on Mobile and Ubiquitous Systems: Computing, Networking, and Services, pp. 190–206 (2021)
Wu, H., Knijnenburg, B.P., Kobsa, A.: Improving the prediction of users’ disclosure behavior by making them disclose more predictably? In: Symposium on Usable Privacy and Security (SOUPS) (2014)
Xie, J., Knijnenburg, B.P., Jin, H.: Location sharing privacy preference: analysis and personalized recommendation. In: Proceedings of the 19th international conference on Intelligent User Interfaces, pp. 189–198 (2014)
Yazici, M.T., Basurra, S., Gaber, M.M.: Edge machine learning: enabling smart internet of things applications. Big Data Cogn. Comput. 2(3), 26 (2018)
Zeng, E., Mare, S., Roesner, F.: End user security and privacy concerns with smart homes. In: Proceedings of SOUPS 2013, Symposium on Usable Privacy and Security, pp. 65–80 (2017)
Zhou, W., Jia, Y., Peng, A., Zhang, Y., Liu, P.: The effect of IoT new features on security and privacy: new threats, existing solutions, and challenges yet to be solved. IEEE Internet Things J. 6(2), 1606–1616 (2019)
Acknowledgments
We thank the anonymous reviewers for their feedback, and special thanks to Lindrit Kqiku, Alexandr Railean, Patrick Kühtreiber and Alexander Richter for the exchange and feedback.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Wickramasinghe, C.I. (2023). Best-Practice-Based Framework for User-Centric Privacy-Preserving Solutions in Smart Home Environments. In: Longfei, S., Bodhi, P. (eds) Mobile and Ubiquitous Systems: Computing, Networking and Services. MobiQuitous 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 492. Springer, Cham. https://doi.org/10.1007/978-3-031-34776-4_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-34776-4_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-34775-7
Online ISBN: 978-3-031-34776-4
eBook Packages: Computer ScienceComputer Science (R0)