GDPR-inspired IoT Ontology enabling Semantic Interoperability, Federation of Deployments and Privacy-Preserving Applications

Abstract: Testing and experimentation are crucial for promoting innovation and building systems that can evolve to meet high levels of service quality. IoT data that belong to users and from which their personal information can be inferred are frequently shared in the background of IoT systems with third parties for experimentation and building quality services. This data sharing raises privacy concerns especially since in most cases the data are gathered and shared without the user's knowledge or explicit consent or fo… Show more

“…Privacy is violated if sensitive data of an individual, such as Personal Identifiable Information (PII) is exposed to malicious or unintended recipients (Dasgupta, Gill, & Hussain, 2019). Based on this definition, existing IoT privacy ontologies (Agarwal et al, 2020;Arruda & Bulcão-Neto, 2019;Gheisari et al, 2019) have specified technical requirements to prevent privacy breaches.…”

“…An ontology is a formal model to represent knowledge in a specific domain (McGuinness et al, 2004); and ontologies have proven to be a key success factor in representing privacy requirements, as they facilitate the understanding of privacy-related concepts between designers and stakeholders of sociotechnical systems (Dzung & Ohnishi, 2009;Schaub et al, 2015;Uschold & Gruninger, 1996). There are a wide variety of ontologies (Agarwal et al, 2020;Arruda & Bulcão-Neto, 2019;Gharib et al, 2020) that represent privacy requirements in IoT systems. Most of these ontologies have focused on the technical aspects of privacy requirements such as access control, data minimization, confidentiality, and accountability, among others.…”

“…Data integrity is needed to ensure the correctness of data and protect it from loss or corruption. Agarwal et al (2020) developed an ontology where they define some GDPR-inspired, General Data Protection Regulation (Voigt & Von dem Bussche, 2017), content-oriented privacy requirements that are related to IoT data flow (such as sharing and collection of data) as follows: (i) Consent and choice: The explicit consent of a data subject 2 should be sought before data is collected. The data subject should also have a choice to allow (resp.…”

A Survey on Understanding and Representing Privacy Requirements in the Internet-of-Things

“…Privacy is violated if sensitive data of an individual, such as Personal Identifiable Information (PII) is exposed to malicious or unintended recipients (Dasgupta, Gill, & Hussain, 2019). Based on this definition, existing IoT privacy ontologies (Agarwal et al, 2020;Arruda & Bulcão-Neto, 2019;Gheisari et al, 2019) have specified technical requirements to prevent privacy breaches.…”

“…An ontology is a formal model to represent knowledge in a specific domain (McGuinness et al, 2004); and ontologies have proven to be a key success factor in representing privacy requirements, as they facilitate the understanding of privacy-related concepts between designers and stakeholders of sociotechnical systems (Dzung & Ohnishi, 2009;Schaub et al, 2015;Uschold & Gruninger, 1996). There are a wide variety of ontologies (Agarwal et al, 2020;Arruda & Bulcão-Neto, 2019;Gharib et al, 2020) that represent privacy requirements in IoT systems. Most of these ontologies have focused on the technical aspects of privacy requirements such as access control, data minimization, confidentiality, and accountability, among others.…”

“…Data integrity is needed to ensure the correctness of data and protect it from loss or corruption. Agarwal et al (2020) developed an ontology where they define some GDPR-inspired, General Data Protection Regulation (Voigt & Von dem Bussche, 2017), content-oriented privacy requirements that are related to IoT data flow (such as sharing and collection of data) as follows: (i) Consent and choice: The explicit consent of a data subject 2 should be sought before data is collected. The data subject should also have a choice to allow (resp.…”

A Survey on Understanding and Representing Privacy Requirements in the Internet-of-Things