Privacy Mediators: Helping IoT Cross the Chasm

Unease over data privacy will retard consumer acceptance of IoT deployments. The primary source of discomfort is a lack of user control over raw data that is streamed directly from sensors to the cloud. This is a direct consequence of the over-centralization of today's cloud-based IoT hub designs. We propose a solution that interposes a locally-controlled software component called a privacy mediator on every raw sensor stream. Each mediator is in the same administrative domain as the sensors whose data is being collected, and dynamically enforces the current privacy policies of the owners of the sensors or mobile users within the domain. This solution necessitates a logical point of presence for mediators within the administrative boundaries of each organization. Such points of presence are provided by cloudlets, which are small locally-administered data centers at the edge of the Internet that can support code mobility. The use of cloudlet-based mediators aligns well with natural personal and organizational boundaries of trust and responsibility.

[1]  Geoffrey A. Moore,et al.  Crossing the Chasm , 1991 .

[2]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.

[3]  Timothy W. Finin,et al.  A policy language for a pervasive computing environment , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[4]  Nigel Davies,et al.  Preserving Privacy in Environments with Location-Based Applications , 2003, IEEE Pervasive Comput..

[5]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[6]  Susana Alcalde Bagüés,et al.  Sentry@Home - Leveraging the Smart Home for Privacy in Pervasive Computing , 2007 .

[7]  Minho Shin,et al.  Anonysense: privacy-aware people-centric sensing , 2008, MobiSys '08.

[8]  Paramvir Bahl,et al.  The Case for VM-Based Cloudlets in Mobile Computing , 2009, IEEE Pervasive Computing.

[9]  Sudheendra Hangal,et al.  PrPl: a decentralized social networking infrastructure , 2010, MCS '10.

[10]  Deborah Estrin,et al.  Personal data vaults: a locus of control for personal data streams , 2010, CoNEXT.

[11]  Allison Woodruff,et al.  Common Sense Community: Scaffolding Mobile Sensing and Analysis for Novice Users , 2010, Pervasive.

[12]  Helen J. Wang,et al.  Enabling Fine-Grained Permissions for Augmented Reality Applications with Recognizers , 2013, USENIX Security Symposium.

[13]  Suman Banerjee,et al.  Final report from the NSF Workshop on Future Directions in Wireless Networking , 2013 .

[14]  Thomas Weng,et al.  BuildingDepot 2.0: An Integrated Management System for Building Analysis and Control , 2013, BuildSys@SenSys.

[15]  Mahadev Satyanarayanan,et al.  Scalable crowd-sourcing of video from mobile devices , 2013, MobiSys '13.

[16]  Norman M. Sadeh,et al.  Reconciling mobile app privacy and usability on smartphones: could user privacy profiles help? , 2014, WWW.

[17]  Albrecht Schmidt,et al.  Security and Privacy Implications of Pervasive Memory Augmentation , 2015, IEEE pervasive computing.

[18]  Maria Ebling,et al.  An open ecosystem for mobile-cloud convergence , 2015, IEEE Communications Magazine.

[19]  Lorrie Faith Cranor,et al.  Your Location has been Shared 5,398 Times!: A Field Study on Mobile App Privacy Nudging , 2015, CHI.

[20]  Mahadev Satyanarayanan,et al.  OpenFace: Face recognition with Google's FaceNet deep neural network. , 2015 .

[21]  Bill N. Schilit,et al.  Enabling the Internet of Things , 2015, Computer.

[22]  Zhuo Chen,et al.  Edge Analytics in the Internet of Things , 2015, IEEE Pervasive Computing.

[23]  Albrecht Schmidt,et al.  Collecting Shared Experiences through Lifelogging: Lessons Learned , 2016, IEEE Pervasive Computing.