User-Driven Privacy Enforcement for Cloud-Based Services in the Internet of Things

Henze, Martin; Hermerschmidt, Lars; Kerpen, Daniel; HauBling, Roger; Rumpe, Bernhard; Wehrle, Klaus

doi:10.1109/ficloud.2014.38

Cited by 32 publications

(11 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This data can be sent to remote locations for further analysis, processing, or retention on a variety of application and service platforms (e.g, cloud services). Every single device and platform in the IoT space might present a potential risk or threat [3][4][5]7] that could be exploited to harm consumers by (1) enabling unauthorized access and misuse of personal information; (2) Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored.…”

Section: Panel Summarymentioning

confidence: 99%

Panel Security and Privacy in the Age of Internet of Things

Niu

Jin

Lee

et al. 2016

Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies

View full text Add to dashboard Cite

show abstract

Section: Panel Summarymentioning

confidence: 99%

Panel Security and Privacy in the Age of Internet of Things

Niu

Jin

Lee

et al. 2016

Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies

View full text Add to dashboard Cite

show abstract

“…With respect to architectural approaches to technical/automated privacy enforcement, related literature includes Henze et al (2014) and Adams and Barbieri (2006). However, the work of Henze et al proposes an architecture for enforcing user privacy in a network of IoT devices (e.g., a body-area-network of health monitoring devices) connected to cloud-based services.…”

Section: Related Workmentioning

confidence: 99%

Strengthening Enforcement in a Comprehensive Architecture for Privacy Enforcement at Internet Websites

Adams

DesOrmeaux

et al. 2020

Front. Comput. Sci.

View full text Add to dashboard Cite

This paper extends previous work to strengthen the enforcement portion of a comprehensive architecture for enforcing privacy when a user needs to submit personal data to an Internet website in order to obtain goods or services. Our extension proposes to use a website's P3P privacy policy (derived in an automated way from its internal XACML access control policy) as a public key to encrypt the user's data using IBE (identity-based encryption) technology. The website will only acquire the corresponding private key to decrypt this data if a trusted 3rd-party auditor (acting as an IBE private key generator) has verified that the P3P policy is an accurate statement of the site's internal privacy practices. We discuss all the components of this model and describe our proof-of-concept implementation which demonstrates that such an architecture is feasible in real-world scenarios.

show abstract

“…Henze et al [28] propose a policy negotiation mechanism enforced between a 'thing' and cloud storage provider. Much like an enforceable SLA, it considers a particular 'thing'-cloud interaction.…”

Section: Related Workmentioning

confidence: 99%

Securing tags to control information flows within the Internet of Things

Singh

Pasquier

Bacon

2015

2015 International Conference on Recent Advances in Internet of Things (RIoT)

View full text Add to dashboard Cite

To realise the full potential of the Internet of Things (IoT), IoT architectures are moving towards open and dynamic interoperability, as opposed to closed application silos. This is because functionality is realised through the interactions, i.e. the exchange of data, between a wide-range of 'things'.Data sharing requires management. Towards this, we are exploring distributed, decentralised Information Flow Control (IFC) to enable controlled data flows, end-to-end, according to policy. In this paper we make the case for IFC, as a data-centric control mechanism, for securing IoT architectures.Previous research on IFC focuses on a particular system or application, e.g. within an operating system, with little concern for wide-scale, dynamic systems. To render IFC applicable to IoT, we present a certificate-based model for secure, trustworthy policy specification, that also reflects real-world IoT concerns such as 'thing' ownership. This approach enables decentralised, distributed, verifiable policy specification, crucial for securing the wide-ranging, dynamic interactions of future IoT applications.

show abstract

User-Driven Privacy Enforcement for Cloud-Based Services in the Internet of Things

Cited by 32 publications

References 33 publications

Panel Security and Privacy in the Age of Internet of Things

Panel Security and Privacy in the Age of Internet of Things

Strengthening Enforcement in a Comprehensive Architecture for Privacy Enforcement at Internet Websites

Securing tags to control information flows within the Internet of Things

Contact Info

Product

Resources

About