Decentralizing Privacy Enforcement for Internet of Things Smart Objects

TL;DR

This paper proposes a decentralized privacy enforcement framework for IoT smart objects, allowing users to specify preferences and enabling smart objects to check compliance locally, addressing privacy challenges in decentralized IoT systems.

Contribution

It introduces a novel framework for decentralized privacy enforcement in IoT, allowing user preferences to be directly checked by smart objects without centralized control.

Findings

Framework is feasible with acceptable overhead.

Smart objects can enforce privacy preferences locally.

Extensive testing confirms practical applicability.

Abstract

Internet of Things (IoT) is now evolving into a loosely coupled, decentralized system of cooperating smart objects, where high- speed data processing, analytics and shorter response times are becoming more necessary than ever. Such decentralization has a great impact on the way personal information generated and consumed by smart objects should be protected, because, without centralized data management, it is more difficult to control how data are combined and used by smart objects. To cope with this issue, in this paper, we propose a framework where users of smart objects can specify their privacy preferences. Compliance check of user individual privacy preferences is performed directly by smart objects. Moreover, acknowledging that embedding the enforcement mechanism into smart objects implies some overhead, we have extensively tested the proposed framework on different scenarios, and the obtained results show the feasibility of our approach.