Sharing data among applications is a growing phenomenon. With the IoT, this phenomenon becomes more significant. As already studied in social networks, data sharing has the drawback of privacy risks. Authorization protocols and cryptographic systems may not be enough to ensure that user data and metadata are not used for non-legitimate purposes. There are different scenarios and several personal data management proposals aimed to improve privacy protection. However, a risk that is always present is related to the possibility of processing and aggregating public and authorized data to infer sensitive information and data that the user may not want to share. These approaches, often called inference attacks, concern the disclosure of personal user data and have been widely studied in social networks. In this paper we describe the problem and some techniques to face it, showing its relevance in the IoT. Then we present the concept of an Adaptive Inference Discovery Service AID-S, conceived as a service that may support users to prevent this kind of information leakage and that can be integrated into personal data managers.
Preventing Disclosure of Personal Data in IoT Networks
TORRE, ILARIA;ADORNI, GIOVANNI;KOCEVA, FROSINA;SANCHEZ, ODNAN REF
2016-01-01
Abstract
Sharing data among applications is a growing phenomenon. With the IoT, this phenomenon becomes more significant. As already studied in social networks, data sharing has the drawback of privacy risks. Authorization protocols and cryptographic systems may not be enough to ensure that user data and metadata are not used for non-legitimate purposes. There are different scenarios and several personal data management proposals aimed to improve privacy protection. However, a risk that is always present is related to the possibility of processing and aggregating public and authorized data to infer sensitive information and data that the user may not want to share. These approaches, often called inference attacks, concern the disclosure of personal user data and have been widely studied in social networks. In this paper we describe the problem and some techniques to face it, showing its relevance in the IoT. Then we present the concept of an Adaptive Inference Discovery Service AID-S, conceived as a service that may support users to prevent this kind of information leakage and that can be integrated into personal data managers.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.