IoT-Reg: A Comprehensive Knowledge Graph for Real-Time IoT Data Privacy Compliance

Thumbnail Image

Files

1282.pdf (777.25 KB)

Links to Files

https://ieeexplore.ieee.org/document/10386545

Permanent Link

http://hdl.handle.net/11603/31110

Collections

UMBC Information Systems Department
UMBC Center for Accelerated Real Time Analysis
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0002-6354-1686

Date

2023-12-15

Type of Work

conference papers and proceedings
preprints
Text

Department

Program

Citation of Original Publication

Echenim, Kelvin Uzoma, and Karuna Pande Joshi. “IoT-Reg: A Comprehensive Knowledge Graph for Real-Time IoT Data Privacy Compliance.” In 2023 IEEE International Conference on Big Data (BigData), 2897–2906, 2023. https://doi.org/10.1109/BigData59044.2023.10386545.

Rights

© 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Subjects

UMBC Ebiquity Research Group

Abstract

The proliferation of the Internet of Things (IoT) has led to an exponential increase in data generation, especially from wearable IoT devices. While this data influx offers unparalleled insights and connectivity, it also brings significant privacy and security challenges. Existing regulatory frameworks like the United States (US) National Institute of Standards and Technology Interagency or Internal Report (NISTIR) 8228, the US Health Insurance Portability and Accountability Act (HIPAA), and the European Union (EU) General Data Protection Regulation (GDPR) aim to address these challenges but often operate in isolation, making their compliance in the vast IoT ecosystem inconsistent. This paper presents the IoT-Reg ontology, a holistic semantic framework that amalgamates these regulations, offering a stratified approach based on the IoT data lifecycle stages and providing a comprehensive yet granular approach to IoT data handling practices. The IoT-Reg ontology aims to transform the IoT domain into a realm where regulatory controls are seamlessly integrated system components by emphasizing risk management, compliance, and the pivotal role of manufacturers’ privacy policies, ensuring consistent adherence, enhancing user trust, and promoting a privacy-centric IoT environment. We include the results of validating this framework against risk mitigation for Wearable IoT devices.