Capturing Communicating and Enforcing Privacy Policies and Preferences Primal Pappachan Martin Degeling Roberto Yus Anupam Das Sruti Bhagavatula William Melicher Pardis Emami Naeini Shikun Zhang ID: 801666
Download The PPT/PDF document "Towards Privacy-Aware Smart Buildings:" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Towards Privacy-Aware Smart Buildings: Capturing, Communicating, and Enforcing Privacy Policies and Preferences
Primal Pappachan, Martin Degeling, Roberto Yus, Anupam Das, Sruti Bhagavatula, William Melicher, Pardis Emami Naeini, Shikun Zhang, Lujo Bauer, Alfred Kobsa, Sharad Mehrotra, Norman Sadeh, and Nalini Venkatasubramanian
Research sponsored by DARPA under agreement number FA8750-16-2-0021
‹#›
Slide2IoT is Making our Spaces Smarter
Smart Spaces: “Cyber-physical systems that are used to manage buildings and services provided in that environment”Services such asLightingHeating, ventilating, and air conditioningSecurity, access, and surveillance
Fire and seismic safety
Special needs
‹#›
Slide3Example of a Smart Building at UCI
Wi-Fi Access PointsSurveillance CamerasBLE BeaconsPower Outlet / Energy Meters
Temperature/HVAC sensors
‹#›
Donald Bren Hall at UCI
Applications
Raw Data (SNMP trap)
2016-01-15 17:38:07.463623 | DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (167664600) 19 days, 9:44:06.00 SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.14179.2.6.3.53 SNMPv2-SMI::enterprises.14179.2.6.2.35.0 = Hex-STRING: 00 19 A9 55 CE B0 NMPv2-SMI::enterprises.14179.2.6.2.36.0 = INTEGER: 1 SNMPv2-SMI::enterprises.14179.2.6.2.43.0 = IpAddress: 169.234.57.122
Semantic Observations
Presence Info:
Sam is present in Room 2065 or 2089 area at time 2016-01-15 17:38:07.463623
Slide4Ebb (of Privacy) and Flow (of Data)‹#›
Event Detection/ Analysis
Sensors data used to detect events of interest to applications.
Sensing/Observation
Diverse sensors used to track objects, entities, envts.
Action Execution/ Adaptation
Detected events may lead to actions – data sharing, device actuations.
Physical World
Privacy preserving
Actuation/control
Privacy preserving analysis
Privacy preserving collection
Slide5Smartness at the Cost of Privacy?Sensor data, events can be used to detect type of users and events
E.g. Berenguer et. al., Lisovich et. al., Eagle and Pentland et. alPrivacy Leakage from TIPPERS WiFi data analysis‹#›
How Tardy are Faculty to their Classes
Time in minutes
People Classification
Even simple classifiers perform well
Slide6Our Approach in a Nutshell
Communicate data collection and usage practices broadcast in the spaceCapture user privacy preferences with help of privacy assistantsEnforce enforces user preferences while ensuring building policies
‹#›
Bases on guidelines by FTC, OECD and studies by Langheinrich et. al., Sadeh et. al.
Slide7Steps Towards Making Smart Spaces Privacy-Aware
‹#›
Slide8IoT Resource Registries (IRR)Web app to register privacy policies of IoT resources and services
Creates a machine-readable privacy policy which can be used by the IoTA‹#›
Slide9IoT Assistant (IoTA)Discovers local IRRs (via nearby bluetooth beacons or using mobile device’s location sensors)
Displays resources and services to the user, provides download links for appsDisplays privacy policies for resources, provides controls for resources’ permissions
‹#›
Slide10Privacy-Aware Data Management System (TIPPERS)Supports collection, storage, management, querying, analysis
Supports Semantic View of IoT SpaceProvides mechanisms for specification and real-time enforcement of privacy policies.
IoT data management & middleware technology to empower applications to be built on top of sensor data.
‹#›
Slide11Interactions in a Privacy-Aware Smart Space
‹#›1
2
3
Slide12Interactions in a Privacy-Aware Smart Space
‹#›4
Slide13Interactions in a Privacy-Aware Smart Space
‹#›5
6
Slide14Interactions in a Privacy-Aware Smart Space
‹#›7
8
Slide15Interactions in a Privacy-Aware Smart Space
‹#›9
10
Slide16Building PoliciesStates requirements for data collection and management
Related to the infrastructure of the building, specific sensors deployed in the building or events taking place inside the building.ExamplesA facility manager sets the thermostat temperature of occupied rooms to 70 ◦ F to match the average comfort level of users.Translated into sensor settings for enforcement (e.g., Policy gets translated into settings on motion sensors and HVAC)
‹#›
Slide17User Preferences
Representation of the user’s expectation of how data pertaining to her should be managed by the pervasive spaceExamplesDo not share the occupancy status of my office in after-hours.Service PreferencesAllow Smart Concierge access to my fine grained location for directions
‹#›
Slide18One Language to Interact with them allExpress “building policies” and “user preferences”
Enable interaction between IoTA, IRR and TIPPERSModels space, user and privacy related conceptsMachine-readable‹#›
Slide19Building model
‹#›Users
Student
ISG
Professor
Space
Building
Floor
Room
Corridor
Spatial Model
Floors, rooms, zones
User Profile
Student, faculty, ISG group
Sensor
Settings
Actuation parameters for a sensor
Observation
Service model
Smart
Concierge
Smart Meeting room
‹#›
Sensors modelled using Haystack and Semantic Sensor Network (SSN) ontologies
Slide20Privacy practices model
ContextLocation owner, Data collector, Policy authorsData collectede.g. WiFi AP Connection
Data inferred
e.g. Location
Purposee.g. Location tracking in Concierge
Additional information that can be modelled
Retention time
Granularity
Level of anonymity of data
...
‹#›
Slide21Language SchemaBased on validatable
JSON-Schema and REST APIExample Policy: Policy related to WiFi data collection inside DBHExample Service Preference: Smart concierge service
‹#›
Slide22‹#›
Slide23ConclusionsDesigned a template for future IoT Privacy-Aware Smart Spaces
IoT Resource Registries to communicate space policies to usersIoT Assistants give users better control over their information in Smart SpacesPrivacy-Aware IoT Data Management Systems (TIPPERS) enforce user’s privacy preferencesFirst version of the language for interaction between 3 componentsFirst implementation of the framework at UCI and currently going deployment at CMU
‹#›
Slide24Challenges and Ongoing WorkCommunicating
Complete specification of Policy LanguageLearning user policiesSpecificity for automation vs generalizability for expressivenessCapturingAutomating IRRConflict resolutionEnforcingMapping from higher-level policies to sensor settings
Efficient storage, representation, and enforcement of policiesSemantics of enforcement
‹#›