Privacy-Aware Smart Buildings: Ensuring Privacy Policies and Preferences

 
Towards Privacy-Aware Smart Buildings:
Capturing, Communicating, and Enforcing
Privacy Policies and Preferences
 
P
r
i
m
a
l
 
P
a
p
p
a
c
h
a
n
,
 
M
a
r
t
i
n
 
D
e
g
e
l
i
n
g
,
 
R
o
b
e
r
t
o
 
Y
u
s
,
 
A
n
u
p
a
m
 
D
a
s
,
Sruti Bhagavatula, William Melicher, Pardis Emami Naeini, Shikun Zhang,
Lujo Bauer, Alfred Kobsa, Sharad Mehrotra, Norman Sadeh, and Nalini Venkatasubramanian
 
Research sponsored by DARPA under agreement number FA8750-16-2-0021
 
1
IoT is Making our Spaces 
Smarter
 
Smart Spaces: 
“Cyber-physical systems that
are used to manage buildings and services
provided in that environment”
Services such as
Lighting
Heating, ventilating, and air conditioning
Security, access, and surveillance
Fire and seismic safety
Special needs
2
Example of a Smart Building at UCI
Wi-Fi Access Points
Surveillance Cameras
BLE Beacons
Power Outlet / Energy Meters
Temperature/HVAC sensors
3
Donald Bren Hall at UCI
Applications
 
Ebb (of Privacy) and Flow (of Data)
 
4
P
h
y
s
i
c
a
l
 
W
o
r
l
d
Privacy preserving
Actuation/control
Privacy preserving
analysis
Privacy preserving
collection
Smartness at the Cost of Privacy?
 
Sensor data, events can be used to detect type of users and events
E.g. Berenguer et. al., Lisovich et. al., Eagle and Pentland et. al
Privacy Leakage from TIPPERS WiFi data analysis
5
H
o
w
 
T
a
r
d
y
 
a
r
e
 
F
a
c
u
l
t
y
 
t
o
 
t
h
e
i
r
 
C
l
a
s
s
e
s
T
i
m
e
 
i
n
 
m
i
n
u
t
e
s
P
e
o
p
l
e
 
C
l
a
s
s
i
f
i
c
a
t
i
o
n
E
v
e
n
 
s
i
m
p
l
e
 
c
l
a
s
s
i
f
i
e
r
s
p
e
r
f
o
r
m
 
w
e
l
l
Our Approach in a Nutshell
 
Communicate
 data collection and usage practices broadcast
in the space
Capture
 user privacy preferences with help of privacy
assistants
Enforce
 enforces user preferences while ensuring building
policies
6
Bases on guidelines by FTC, OECD and studies by Langheinrich et. al., Sadeh et. al.
Steps Towards Making Smart Spaces Privacy-
Aware
7
 
IoT Resource Registries (IRR)
 
Web app to register privacy
policies of IoT resources and
services
Creates a machine-readable
privacy policy which can be
used by the IoTA
 
8
 
IoT Assistant (IoTA)
 
Discovers local IRRs (via nearby
bluetooth beacons or using
mobile device’s location
sensors)
Displays resources and services
to the user, provides download
links for apps
Displays privacy policies for
resources, provides controls
for resources’ permissions
 
9
Privacy-Aware Data Management System (TIPPERS)
 
Supports collection, storage,
management, querying, analysis
Supports Semantic View of IoT Space
Provides mechanisms for specification
and real-time enforcement of privacy
policies.
IoT data management & middleware technology to empower
applications to be built on top of sensor data.
10
Interactions in a Privacy-Aware Smart Space
11
1
2
3
 
Interactions in a Privacy-Aware Smart Space
 
12
4
Interactions in a Privacy-Aware Smart Space
13
5
6
Interactions in a Privacy-Aware Smart Space
14
7
8
Interactions in a Privacy-Aware Smart Space
15
9
10
Building Policies
 
States requirements for data collection and management
Related to the infrastructure of the building, specific sensors deployed in the
building or events taking place inside the building.
Examples
A facility manager sets the thermostat temperature of occupied rooms to 70 ◦ F to match the
average comfort level of users.
Translated into sensor settings for enforcement (e.g., Policy gets translated into
settings on motion sensors and HVAC)
16
User Preferences
 
Representation of the user’s expectation of how data pertaining to her should be
managed by the pervasive space
Examples
Do not share the occupancy status of my office in after-hours.
Service Preferences
Allow Smart Concierge access to my fine grained location for directions
17
 
One Language to Interact with them all
 
Express “building policies” and “user preferences”
Enable interaction between IoTA, IRR and TIPPERS
Models space, user and privacy related concepts
Machine-readable
 
18
 
Building model
 
19
Users
Student
ISG
Professor
Space
Building
Floor
Room
Corridor
 
Spatial Model
Floors, rooms, zones
User Profile
Student, faculty, ISG group
Sensor
Settings
Actuation parameters for a sensor
Observation
Service model
Smart Concierge
Smart Meeting room
 
19
 
Sensors modelled using Haystack and Semantic Sensor Network (SSN) ontologies
 
Privacy practices model
 
Context
Location owner, Data collector, Policy
authors
Data collected
e.g. WiFi AP Connection
Data inferred
e.g. Location
Purpose
e.g. Location tracking in Concierge
 
Additional information that can be
modelled
Retention time
Granularity
Level of anonymity of data
...
 
20
 
Language Schema
 
Based on validatable 
JSON-Schema
 and REST API
Example Policy: Policy related to WiFi data collection inside DBH
Example Service Preference: Smart concierge service
 
21
 
22
Conclusions
 
Designed a template for future IoT Privacy-Aware Smart Spaces
IoT Resource Registries to communicate space policies to users
IoT Assistants give users better control over their information in Smart Spaces
Privacy-Aware IoT Data Management Systems (TIPPERS) enforce user’s privacy preferences
First version of the language for interaction between 3 components
First implementation of the framework at UCI and currently going deployment at
CMU
23
Challenges and Ongoing Work
 
Communicating
Complete specification of Policy Language
Learning user policies
Specificity for automation vs generalizability for expressiveness
Capturing
Automating IRR
Conflict resolution
Enforcing
Mapping from higher-level policies to sensor settings
Efficient storage, representation, and enforcement of policies
Semantics of enforcement
24
Slide Note
Embed
Share

Smart buildings equipped with IoT technology raise concerns about privacy. This research explores capturing, communicating, and enforcing privacy policies and preferences in smart buildings, addressing issues like data collection, user preferences, and policy enforcement based on FTC and OECD guidelines and relevant studies.


Uploaded on Sep 08, 2024 | 0 Views


Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript


  1. Towards Privacy-Aware Smart Buildings: Capturing, Communicating, and Enforcing Privacy Policies and Preferences Primal Pappachan, Martin Degeling, Roberto Yus, Anupam Das, Sruti Bhagavatula, William Melicher, Pardis Emami Naeini, Shikun Zhang, Lujo Bauer, Alfred Kobsa, Sharad Mehrotra, Norman Sadeh, and Nalini Venkatasubramanian Research sponsored by DARPA under agreement number FA8750-16-2-0021 1

  2. IoT is Making our Spaces Smarter Smart Spaces: Cyber-physical systems that are used to manage buildings and services provided in that environment Services such as Lighting Heating, ventilating, and air conditioning Security, access, and surveillance Fire and seismic safety 2 Special needs

  3. Example of a Smart Building at UCI Raw Data (SNMP trap) 2016-01-15 17:38:07.463623 | DISMAN-EVENT- MIB::sysUpTimeInstance = Timeticks: (167664600) 19 days, 9:44:06.00 SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.14179.2.6.3.53 SNMPv2-SMI::enterprises.14179.2.6.2.35.0 = Hex- STRING: 00 19 A9 55 CE B0 NMPv2- SMI::enterprises.14179.2.6.2.36.0 = INTEGER: 1 SNMPv2-SMI::enterprises.14179.2.6.2.43.0 = IpAddress: 169.234.57.122 Applications Donald Bren Hall at UCI Wi-Fi Access Points Surveillance Cameras BLE Beacons Power Outlet / Energy Meters Temperature/HVAC sensors Semantic Observations Presence Info: Sam is present in Room 2065 or 2089 area at time 2016-01-15 17:38:07.463623 3

  4. Ebb (of Privacy) and Flow (of Data) Action Execution/ Adaptation Detected events may lead to actions data sharing, device actuations. Privacy preserving Actuation/control Event Detection/ Analysis Sensors data used to detect events of interest to applications. Privacy preserving analysis Privacy preserving collection Sensing/Observation Diverse sensors used to track objects, entities, envts. 4 Physical World

  5. Smartness at the Cost of Privacy? Sensor data, events can be used to detect type of users and events E.g. Berenguer et. al., Lisovich et. al., Eagle and Pentland et. al Privacy Leakage from TIPPERS WiFi data analysis People Classification How Tardy are Faculty to their Classes Time in minutes Even simple classifiers perform well 5

  6. Our Approach in a Nutshell Communicate data collection and usage practices broadcast in the space Capture user privacy preferences with help of privacy assistants Enforce enforces user preferences while ensuring building policies 6 Bases on guidelines by FTC, OECD and studies by Langheinrich et. al., Sadeh et. al.

  7. Steps Towards Making Smart Spaces Privacy- Aware 7

  8. IoT Resource Registries (IRR) Web app to register privacy policies of IoT resources and services Creates a machine-readable privacy policy which can be used by the IoTA 8

  9. IoT Assistant (IoTA) Discovers local IRRs (via nearby bluetooth beacons or using mobile device s location sensors) Displays resources and services to the user, provides download links for apps Displays privacy policies for resources, provides controls for resources permissions 9

  10. Privacy-Aware Data Management System (TIPPERS) IoT data management & middleware technology to empower applications to be built on top of sensor data. Supports collection, storage, management, querying, analysis Supports Semantic View of IoT Space Provides mechanisms for specification and real-time enforcement of privacy policies. 10

  11. Interactions in a Privacy-Aware Smart Space 1 2 3 11

  12. Interactions in a Privacy-Aware Smart Space 4 12

  13. Interactions in a Privacy-Aware Smart Space 5 6 13

  14. Interactions in a Privacy-Aware Smart Space 8 7 14

  15. Interactions in a Privacy-Aware Smart Space 9 10 15

  16. Building Policies States requirements for data collection and management Related to the infrastructure of the building, specific sensors deployed in the building or events taking place inside the building. Examples A facility manager sets the thermostat temperature of occupied rooms to 70 F to match the average comfort level of users. Translated into sensor settings for enforcement (e.g., Policy gets translated into settings on motion sensors and HVAC) 16

  17. User Preferences Representation of the user s expectation of how data pertaining to her should be managed by the pervasive space Examples Do not share the occupancy status of my office in after-hours. Service Preferences Allow Smart Concierge access to my fine grained location for directions 17

  18. One Language to Interact with them all Express building policies and user preferences Enable interaction between IoTA, IRR and TIPPERS Models space, user and privacy related concepts Machine-readable 18

  19. Space Building model Spatial Model Building Floor Room Corridor Floors, rooms, zones User Profile Users Student, faculty, ISG group Sensor Professor Student ISG Settings 19 19 Actuation parameters for a sensor Observation Sensors modelled using Haystack and Semantic Sensor Network (SSN) ontologies

  20. Privacy practices model Context Additional information that can be modelled Location owner, Data collector, Policy authors Retention time Data collected Granularity e.g. WiFi AP Connection Level of anonymity of data Data inferred ... e.g. Location Purpose 20 e.g. Location tracking in Concierge

  21. Language Schema Based on validatable JSON-Schema and REST API Example Policy: Policy related to WiFi data collection inside DBH Example Service Preference: Smart concierge service 21

  22. 22

  23. Conclusions Designed a template for future IoT Privacy-Aware Smart Spaces IoT Resource Registries to communicate space policies to users IoT Assistants give users better control over their information in Smart Spaces Privacy-Aware IoT Data Management Systems (TIPPERS) enforce user s privacy preferences First version of the language for interaction between 3 components First implementation of the framework at UCI and currently going deployment at CMU 23

  24. Challenges and Ongoing Work Communicating Complete specification of Policy Language Learning user policies Specificity for automation vs generalizability for expressiveness Capturing Automating IRR Conflict resolution Enforcing 24 Mapping from higher level policies to sensor settings

Related


More Related Content

giItT1WQy@!-/#giItT1WQy@!-/#giItT1WQy@!-/#giItT1WQy@!-/#giItT1WQy@!-/#