User-centric Privacy Engineering for the Internet of Things

TL;DR

This paper discusses user-centric privacy engineering in IoT, proposing an architecture that enables users to balance privacy risks and benefits, and highlights challenges for future privacy management in smart systems.

Contribution

It introduces a privacy architecture for IoT that empowers users to control data sharing and discusses key challenges for implementing effective privacy management.

Findings

Proposed a user-centric privacy architecture for smart homes.

Identified challenges for privacy management in IoT systems.

Illustrated how users can balance privacy and benefits.

Abstract

User privacy concerns are widely regarded as a key obstacle to the success of modern smart cyber-physical systems. In this paper, we analyse, through an example, some of the requirements that future data collection architectures of these systems should implement to provide effective privacy protection for users. Then, we give an example of how these requirements can be implemented in a smart home scenario. Our example architecture allows the user to balance the privacy risks with the potential benefits and take a practical decision determining the extent of the sharing. Based on this example architecture, we identify a number of challenges that must be addressed by future data processing systems in order to achieve effective privacy management for smart cyber-physical systems.