Smart homes are IoT systems enabling the automation of household operation. The unrestricted collection and processing of data by smart home systems raises legitimate privacy concerns for their users. Over the past decade, there has been significant interest in privacy-enhancing technologies applied at the level of a local smart hub physically located in the home and acting as a gateway between sensors, applications, platform providers, and services in the cloud. The number and variety of projects and research proposals can, however, make their comparison a daunting and unnecessarily complex task. We systematize existing knowledge in this field through the analysis and categorization of 10 industrial and community-contributed systems and 37 research proposals from the literature of the past 11 years. Our results shed light on the diversity of system and trust models considered in the state-of-the-art and on the associated privacy-enhancing technologies. We further identify open research problems and promising approaches that would benefit the smart home hub model and the protection of smart home users’ privacy.
Privacy-aware usage control is a control of the usage of private data with the aim to protect data owner privacy. In privacy-aware system, the purpose of data usage 1 is strictly controlled to ensure that data owner privacy is properly protected and data would never be used beyond what it is authorized for. To fulfill that level of protection, it requires the strong enforcement of usage policy, in particular, the enforcement of the purpose of data usage. However, there are many difficulties in purpose enforcement. One of which is to validate the purpose of an agent when it requests to perform an action, particularly in distributed environments where the processing of data is carried out on client side application and direct control of it is limited. Generally, validating "a particular purpose" may require different mechanisms and can happen at different points in time 2 during the lifecycle of data usage. Hence, there is a need to express "how purpose should be validated" by indicating which validation mechanisms should be used and when the validation should take place so that the remote system can act as instructed. In this paper, we discuss the design issue of purpose validation policy 3 expression based on our proposed validation structure: pre-, ongoing-, and post-validation. Furthermore, we discuss how the existing languages such as EPAL, XACML, and ODRL can directly be used or extended to support our proposed purpose validation policy model.
Theory
KeywordsPurpose enforcement, purpose validation policy expression, distributed system, security, privacy, usage policy, usage policy management.
Enforcing the purpose of data usage means to ensure that data are used as it intends for and that excessive usage cannot happen. In general, the enforcement of purpose is a complicated task. The main difficulty is to identify the purpose of an agent when it requests to perform an action. In this paper, we discuss the design issue of usage purpose enforcement model based on our proposed enforcement structure: pre-, ongoing-, and post-enforcement. We also propose an enforcement solution for usage control designed for distributed healthcare information system, particularly, the pre-and ongoing-enforcement of purpose. Furthermore, we validate our model with a prototype developed in Java.Reference to this paper should be made as follows: Rath, A.T. and Colin, J-N. (2013) 'Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare', Int.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.