论文信息 - Automated determination of security services to ensure personal data protection in the Internet of Things applications

Automated determination of security services to ensure personal data protection in the Internet of Things applications

This paper describes a method aimed at automatically determining security services to be implemented in products, services and devices involved on the Internet of Things scenarios. It is important to consider the specific context, legislative diversity and nature of the information since its main objective is to have correct and fair data processing that avoids users in perceiving any danger to their privacy. This paper gives a brief overview based on several types of security threat scenarios. It tries to introduce “Utility Matrix” concept that connects involved users, their security needs, and legal imperatives all together. Based on “Utility Matrix”, an expert system is proposed in order to automate security service decisions and solution for personal data protection on the area of Internet of Things. Different approaches are presented, and several applied use cases are given for AWARE product, such as application. This automated system is in the development phase. Nevertheless, this project has to connect areas of the Industry to the judicial and technology, taking into account that users are in the middle of the scenario. As a result of this project, a certificate of personal data protection to users and companies could be obtained. It could be a tool to simulate and evaluate the impact of new services, new laws, and new needs in technology and research.

[1] Rodrigo Roman,et al. Integrating wireless sensor networks and the internet: a security analysis , 2009, Internet Res..

[2] Jiming Chen,et al. RFID and Sensor Networks: Architectures, Protocols, Security, and Integrations , 2009 .

[3] Alessandro Leonardi,et al. Context Privacy in the Internet of Things , 2011 .

[4] Katrin Borcea-Pfitzmann,et al. Privacy Implications of the Internet of Things , 2011, AmI Workshops.

[5] Herbert Burkert,et al. Some Preliminary Comments on the DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. , 1996 .

[6] Arne-Kristian Groven,et al. On the Internet of Things, Trust is Relative , 2011, AmI Workshops.

[7] Y. Poullet,et al. CONSULTATIVE COMMITTEE OF THE CONVENTION FOR THE PROTECTION OF INDIVIDUALS WITH REGARD TO AUTOMATIC PROCESSING OF PERSONAL DATA CONVENTION 108 Guidelines on Facial Recognition Directorate General of Human Rights and Rule of Law , 2008 .

[8] José-Fernán Martínez,et al. Pervasive Smart Spaces and Environments: A Service-Oriented Middleware Architecture for Wireless Ad Hoc and Sensor Networks , 2012, Int. J. Distributed Sens. Networks.

[9] Mukesh Singhal,et al. Security in wireless sensor networks , 2008, Wirel. Commun. Mob. Comput..