skip to main content
10.1145/3147234.3148124acmconferencesArticle/Chapter ViewAbstractPublication PagesuccConference Proceedingsconference-collections
research-article

Pushing Data Privacy Control to the Edge in IoT Using Policy Enforcement Fog Module

Published: 05 December 2017 Publication History

Abstract

Some IoT data are time-sensitive and cannot be processed in clouds, which are too far away from IoT devices. Fog computing, located as close as possible to data sources at the edge of IoT systems, deals with this problem. Some IoT data are sensitive and require privacy controls. The proposed Policy Enforcement Fog Module (PEFM), running within a single fog, operates close to data sources connected to their fog, and enforces privacy policies for all sensitive IoT data generated by these data sources. PEFM distinguishes two kinds of fog data processing. First, fog nodes process data for local IoT applications, running within the local fog. All real-time data processing must be local to satisfy real-time constraints. Second, fog nodes disseminate data to nodes beyond the local fog (including remote fogs and clouds) for remote (and non-real-time) IoT applications. PEFM has two components for these two kinds of fog data processing. First, Local Policy Enforcement Module (LPEM), performs direct privacy policy enforcement for sensitive data accessed by local IoT applications. Second, Remote Policy Enforcement Module (RPEM), sets up a mechanism for indirectly enforcing privacy policies for sensitive data sent to remote IoT applications. RPEM is based on creating and disseminating Active Data Bundles-software constructs bundling inseparably sensitive data, their privacy policies, and an execution engine able to enforce privacy policies. To prove effectiveness and efficiency of the solution, we developed a proof-of-concept scenario for a smart home IoT application. We investigate privacy threats for sensitive IoT data and show a framework for using PEFM to overcome these threats.

References

[1]
Vormetric Data Security, "Trends in encryption and data security," (Slides). Cloud, Big Data and IoT Edition, Vormetric Data Threat Report, San Jose, CA, 2016.
[2]
E. McCallister, T. Grance, and S. Kent, "Guide to protecting the confidentiality of personally identifiable information (PII): Recommendations of the national institute of standards and technology," National Institute of Standards and Technology, NIST Special Publication 800--122, 2010.
[3]
Cisco, "Fog computing and the Internet of Things: extend the Cloud to where the things are," White paper, San Jose, CA, 2015. Online: https://www.cisco.com/c/dam/en_us/solutions/trends/iot/docs/computing-overview.pdf
[4]
F. Bonomi, R. Milito, J. Zhu, and S. Addepalli, "Fog computing and its role in the Internet of Things," First ACM edition of the MCC W. on Mobile Cloud Computing (MCC), Helsinki, Finland, Aug. 2012, pp 13--16.
[5]
L. Ben Othmane and L. Lilien, "Preservation of sensitive data throughout its life cycle," Graduate Student Symp., 6th Annual Conf. on Privacy, Security and Trust, Fredericton, New Brunswick, Canada, Oct. 2008, pp. 12--13.
[6]
L. Ben Othmane and L. Lilien, "Protecting privacy in sensitive data dissemination with active bundles," Seventh Annual Conf. on Privacy, Security and Trust (PST), Saint John, New Brunswick, Canada, Aug. 2009, pp. 202--213.
[7]
E. M. Tordera, X. Masip-Bruin, J. Garcia-Alminana, A. Jukan, G. J. Ren, J. Zhu, and J. Farre, What is a fog node a tutorial on current concepts towards a common definition. arXiv:1611.09193v1, Nov. 2016.
[8]
W. Shi, J. Cao, Q. Zhang, Y. Li, and L. Xu, L, "Edge computing: vision and challenges," IEEE Internet of Things J., vol. 3(5), Oct. 2016, pp. 637--646.
[9]
L. Ben Othmane, "Active bundles for protecting confidentiality of sensitive data throughout their lifecycle," Ph.D. Dissertation, Department of Computer Science, Western Michigan University, Kalamazoo, MI, Dec. 2010.
[10]
K. Barker et al., "A data privacy taxonomy," British National Conf. on Databases, Dataspace: The Final Frontier, BNCOD, Lecture Notes in Computer Science (LNCS), vol. 5588, Springer, Berlin, Germany, 2009, pp. 42--54.
[11]
A. Anderson et al., "Extensible access control markup language (XACML) version 1.0," Organization for the Advancement of Structured Information Standards (OASIS), Burlington, MA, Feb. 2003.
[12]
D. Ferraiolo, R. Chandramouli, R. Kuhn, and V. Hu, "Extensible access control markup language (XACML) and next generation access control (NGAC)," ACM Intl. W. on Attribute-Based Access Control (ABAC), New Orleans, LA, March 2016, pp. 13--24.
[13]
T. D Mendes, R. Godina, E. M. Rodrigues, J. C. Matias, and J. P. Catalão, "Smart home communication technologies and applications: Wireless protocol assessment for home area network resources," Energies, 8(7), 7279--7311, 2015.
[14]
Policy and Research Group, "The Internet of Things: An introduction to privacy issues with a focus on the retail and home environments," Office of the Privacy Commissioner of Canada, Feb. 2016. Online: https://www.priv.gc.ca/en/opc-actions-and-decisions/research/explore-privacy-research/2016/iot_201602/
[15]
K. T. Weaver, "A perspective on how smart meters invade individual privacy," 2014.
[16]
M. Deng, "Privacy preserving content protection," Doctoral dissertation, Katholieke University, Leuven, Belgium, 2010.
[17]
C. Dsouza, G. J. Ahn, and M. Taguinod, "Policy-driven security management for fog computing: preliminary framework and a case study," 15th IEEE Intl. Conf. on Information Reuse and Integration (IRI), Redwood City, CA, Aug. 2014, pp. 16--23.
[18]
N. Davies, N. Taft, M. Satyanarayanan, S. Clinch, and B. Amos, "Privacy mediators: helping IoT cross the chasm," 17th ACM Intl. W. on Mobile Computing Systems and Applications (HotMobile), St. Augustine, FL, Feb. 2016, pp. 39--44.
[19]
S. A. Bagüés, A. Zeidler, C. F. Valdivielso, and I. R. Matias, "Sentry@ Home--Leveraging the smart home for privacy in pervasive computing," Intl. J. of Smart Home, vol. 1(2), July 2007, pp. 129--145.
[20]
G. Myles, A. Friday, and N. Davies, "Preserving privacy in environments with location-based applications," IEEE Pervasive Computing, vol. 2(1), Jan.--Mar. 2003, pp. 56--64.
[21]
M. Mun et al., "Personal data vaults: a locus of control for personal data streams," 6th ACM Intl. Conf. (Co-EXT), Philadelphia, PA, Article No. 17, Nov.--Dec. 2010.
[22]
S. Jana et al., "Enabling fine-grained permissions for augmented reality applications with recognizers," 22nd USENIX Security Symp., Washington, D.C., Aug. 2013, pp. 415--430.
[23]
H. Gupta, A.V. Dastjerdi, S.K. Ghosh, and R. Buyya, "IFogSim: A toolkit for modelling and simulation of resource management techniques in the Internet of Things," Software Practice and Experience, vol.47, 2017, pp. 1275--1296.

Cited By

View all
  • (2022)Personal IoT Privacy Control at the EdgeIEEE Security & Privacy10.1109/MSEC.2021.310186520:1(23-32)Online publication date: Jan-2022
  • (2022)A Single Point of Contact for Privacy Management in Cyber-Physical SystemsSubject-Oriented Business Process Management. Dynamic Digital Design of Everything – Designing or being designed?10.1007/978-3-031-19704-8_8(133-143)Online publication date: 15-Nov-2022
  • (2021)A Survey from Real-Time to Near Real-Time Applications in Fog Computing EnvironmentsTelecom10.3390/telecom20400282:4(489-517)Online publication date: 3-Dec-2021
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
UCC '17 Companion: Companion Proceedings of the10th International Conference on Utility and Cloud Computing
December 2017
252 pages
ISBN:9781450351959
DOI:10.1145/3147234
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 December 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. active data bundles
  2. cloud computing
  3. fog computing
  4. internet of things
  5. privacy
  6. real-time processing
  7. sensitive data
  8. smart home

Qualifiers

  • Research-article

Conference

UCC '17
Sponsor:

Acceptance Rates

Overall Acceptance Rate 38 of 125 submissions, 30%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)7
  • Downloads (Last 6 weeks)0
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Personal IoT Privacy Control at the EdgeIEEE Security & Privacy10.1109/MSEC.2021.310186520:1(23-32)Online publication date: Jan-2022
  • (2022)A Single Point of Contact for Privacy Management in Cyber-Physical SystemsSubject-Oriented Business Process Management. Dynamic Digital Design of Everything – Designing or being designed?10.1007/978-3-031-19704-8_8(133-143)Online publication date: 15-Nov-2022
  • (2021)A Survey from Real-Time to Near Real-Time Applications in Fog Computing EnvironmentsTelecom10.3390/telecom20400282:4(489-517)Online publication date: 3-Dec-2021
  • (2020)Designing privacy preserving data sharing middleware for internet of thingsProceedings of the Third Workshop on Data: Acquisition To Analysis10.1145/3419016.3431484(1-6)Online publication date: 16-Nov-2020
  • (2020)Internet of Things Management Based on Software Defined Networking: A SurveyInternational Journal of Wireless Information Networks10.1007/s10776-020-00488-2Online publication date: 22-May-2020
  • (2020)Empowering Users Through a Privacy Middleware WatchdogTrust, Privacy and Security in Digital Business10.1007/978-3-030-58986-8_11(156-170)Online publication date: 14-Sep-2020
  • (2019)Privacy Enhancing Technologies in the Internet of Things: Perspectives and ChallengesIEEE Internet of Things Journal10.1109/JIOT.2018.28786586:2(2159-2187)Online publication date: Apr-2019
  • (2018)Performance Evaluation of the Policy Enforcement Fog Module for Protecting Privacy of IoT Data2018 IEEE International Conference on Electro/Information Technology (EIT)10.1109/EIT.2018.8500157(0951-0957)Online publication date: May-2018

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media