Context-Aware Enforcement of Privacy Policies in Edge Computing

Privacy is a fundamental concern that confronts systems dealing with sensitive data. The lack of robust solutions for defining and enforcing privacy measures continues to hinder the general acceptance and adoption of these systems. Edge computing has been recognized as a key enabler for privacy enhanced applications, and has opened new opportunities. In this paper, we propose a novel privacy model based on context-aware edge computing. Our model leverages the context of data to make decisions about how these data need to be processed and managed to achieve privacy. Based on a scenario from the eHealth domain, we show how our generalized model can be used to implement and enact complex domain-specific privacy policies. We illustrate our approach by constructing real world use cases involving a mobile Electronic Health Record that interacts with, and in different environments.

[1]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[2]  Andrew Christopher Burroughs,et al.  Medication dispensing device of fixed dose. , 2004 .

[3]  David R. Kuhn,et al.  Role-Based Access Control (RBAC): Features and Motivations | NIST , 1995 .

[4]  Weisong Shi,et al.  Edge Computing: Vision and Challenges , 2016, IEEE Internet of Things Journal.

[5]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[6]  Armando Solar-Lezama,et al.  A language for automatically enforcing privacy policies , 2012, POPL '12.

[7]  Jun Pang,et al.  Challenges in eHealth: From Enabling to Enforcing Privacy , 2011, FHIES.

[8]  David C. Klonoff,et al.  Fog Computing and Edge Computing Architectures for Processing Data From Diabetes Devices Connected to the Medical Internet of Things , 2017, Journal of diabetes science and technology.

[9]  Mani B. Srivastava,et al.  A framework for context-aware privacy of sensor data on mobile systems , 2013, HotMobile '13.

[10]  Dmitry Namiot,et al.  Geofence and Network Proximity , 2013, NEW2AN.

[11]  Michael Weber,et al.  Context-Adaptive Privacy: Leveraging Context Awareness to Support Privacy Decision Making , 2015, IEEE Pervasive Computing.

[12]  Weisong Shi,et al.  The Promise of Edge Computing , 2016, Computer.

[13]  D. Richard Kuhn,et al.  Role-Based Access Control ( RBAC ) : Features and Motivations , 2014 .

[14]  Yang Xiao,et al.  Security and privacy in RFID and applications in telemedicine , 2006, IEEE Commun. Mag..

[15]  U. Arjun,et al.  A short review on data security and privacy issues in cloud computing , 2016, 2016 IEEE International Conference on Current Trends in Advanced Computing (ICCTAC).

[16]  Ada Gavrilovska,et al.  PiMiCo: Privacy Preservation via Migration in Collaborative Mobile Clouds , 2015, 2015 48th Hawaii International Conference on System Sciences.

[17]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[18]  Sasikanth Avancha,et al.  A privacy framework for mobile health and home-care systems , 2009, SPIMACS '09.