ABSTRACT
Designing Internet of things (IoT) applications (apps) is challenging due to the heterogeneous nature of the systems on which these apps are deployed. Personal data, often classified as sensitive, may be collected and analysed by IoT apps, where data privacy laws are expected to protect such information. Various approaches already exist to support privacy-by-design (PbD) schemes, enabling developers to take data privacy into account at the design phase of application development. However, developers are not widely adopting these approaches because of understandability and interpretation challenges. A limited number of tools currently exist to assist developers in this context – leading to our proposal for “PARROT" (PrivAcy by design tool foR inteRnet Of Things). PARROT supports a number of techniques to enable PbD techniques to be more widely used. We present the findings of a controlled study and discuss how this privacy-preserving tool increases the ability of IoT developers to apply privacy laws (such as GDPR) and privacy patterns. Our students demonstrate that the PARROT prototype tool increases the awareness of privacy requirements in design and increases the likelihood of the subsequent design to be more cognisant of data privacy requirements.
- Nada Alhirabi, Omer Rana, and Charith Perera. 2021. Security and Privacy Requirements for the Internet of Things: A Survey. ACM Trans. Internet Things 2, 1, Article 6 (Feb 2021), 37 pages. https://doi.org/10.1145/3437537Google ScholarDigital Library
- Nada Alhirabi, Omer Rana, and Charith Perera. 2022. Demo Abstract: PARROT: Privacy by Design Tool for Internet of Things. In 2022 IEEE/ACM Seventh International Conference on Internet-of-Things Design and Implementation (IoTDI). 107–108. https://doi.org/10.1109/IoTDI54339.2022.00023Google ScholarCross Ref
- Ann Cavoukian. 2009. Privacy by design: The 7 foundational principles. Information and privacy commissioner of Ontario, Canada 5 (2009), 12.Google Scholar
- Lorrie Faith Cranor, Praveen Guduru, and Manjula Arjula. 2006. User interfaces for privacy agents. ACM Transactions on Computer-Human Interaction (TOCHI) 13, 2(2006), 135–178.Google ScholarDigital Library
- Martin Höst, Björn Regnell, and Claes Wohlin. 2000. Using students as subjects—a comparative study of students and professionals in lead-time impact assessment. Empirical Software Engineering 5, 3 (2000), 201–214.Google ScholarDigital Library
- Sachin Kumar, Prayag Tiwari, and Mikhail Zymbler. 2019. Internet of Things is a revolutionary approach for future technology enhancement: a review. Journal of Big Data 6, 1 (2019). https://doi.org/10.1186/s40537-019-0268-2Google ScholarCross Ref
- Tianshi Li, Elizabeth Louie, Laura Dabbish, and Jason I. Hong. 2021. How Developers Talk About Personal Data and What It Means for User Privacy. Proceedings of the ACM on Human-Computer Interaction 4, CSCW3(2021), 1–28. https://doi.org/10.1145/3432919Google ScholarDigital Library
- Daniel L. Moody, Patrick Heymans, and Raimundas Matulevičius. 2010. Visual syntax does matter: Improving the cognitive effectiveness of the i* visual notation. Requirements Engineering 15, 2 (2010), 141–175. https://doi.org/10.1007/s00766-010-0100-1Google ScholarDigital Library
Index Terms
- Privacy-Patterns for IoT Application Developers
Recommendations
PARROT: Interactive Privacy-Aware Internet of Things Application Design Tool
Internet of Things (IoT) applications typically collect and analyse personal data that is categorised as sensitive or special category of personal data. These data are subject to a higher degree of protection under data privacy laws. Regardless of legal ...
Designing Privacy-Aware IoT Applications for Unregulated Domains
Internet of Things (IoT) applications (apps) are challenging to design because of the heterogeneous systems on which they are deployed. IoT devices and apps may collect and analyse sensitive personal data, which is often protected by data privacy laws, ...
IoT Security & Privacy: Threats and Challenges
IoTPTS '15: Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and SecurityThe era of the Internet of Things (IoT) has already started and it will profoundly change our way of life. While IoT provides us many valuable benefits, IoT also exposes us to many different types of security threats in our daily life. Before the advent ...
Comments