Trustworthy Privacy Policy Translation in Untrusted IoT Environments

Thumbnail Image

Files

67655.pdf (526.77 KB)

Links to Files

https://www.scitepress.org/Link.aspx?doi=10.5220/0006765501320143

Permanent Link

http://hdl.handle.net/11603/29032
 https://doi.org/10.5220/0006765501320143

Collections

UMBC Computer Science and Electrical Engineering Department

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0002-9311-954X

Date

2018

Type of Work

conference papers and proceedings
Text

Department

Program

Citation of Original Publication

Diallo, M.; Panwar, N.; Yus, R. and Mehrotra, S. (2018). Trustworthy Privacy Policy Translation in Untrusted IoT Environments. In Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS; ISBN 978-989-758-296-7; ISSN 2184-4976, SciTePress, pages 132-143. DOI: 10.5220/0006765501320143

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)

Subjects

Abstract

Internet of Thing (IoT) systems, such as smart buildings and smart cities, provide services to users (individuals and organizations) in various aspect of our lives. To provide such services, IoT systems need to handle data captured from multiple devices/sensors, and translation of data processing policies agreed by users (high-level) into commands for devices (device-level). The underlying assumption is that users trust IoT systems in honoring their policies. However, this trust assumption is incorrectly positioned since IoT systems may not be honest or may fall victim to cyberattacks. We address such concerns by providing mechanisms to help in ensuring trust and accountability at the time of translating a contract (agreed and signed policies). The objective of the proposed scheme is two fold, (1) translation of contracts from a high-level to device-level, (2) attestation of the translation. We have implemented the proposed scheme for contract translation and attestation of translation as a module and integrated it with the TIPPERS system (our IoT testbed under development). The results of our experiments highlight the feasibility of our proposed schemes.