Design and Analysis of Privacy Mechanisms for the Internet of Things
No Access Until
Permanent Link(s)
Collections
Other Titles
Author(s)
Abstract
The trend toward embedding internet-connected computers in objects and buildings is often referred to as the Internet of Things (IoT). The IoT has great potential to improve the efficiency of our homes and businesses. It also has the potential to severly undermine individual privacy. IoT devices generally report their states and sensor readings to their manufacturer at frequent intervals. This enables an unprecedented automated collection of information on ordinary citizens on a scale never-before possible. This information may seem trivial at first glance, but can in fact reveal a great deal of sensitive information. Privacy mechanisms offer a potential solution to this problem. A privacy mechanism is an algorithm that enables one to enjoy the benefits of a service without revealing too much personal information. The IoT raises new privacy concerns that existing privacy mechanisms have not been designed to handle. These new problems require new methods to design privacy mechanisms. Engineering design is nothing without engineering analysis, however. We will also need new tools to quantify the privacy afforded by a mechanism and its effect on the utility of the service in question. This dissertation presents three main contributions to the design and analysis of privacy mechanisms for the IoT. It begins with a technical, ethical, and legal examination of online advertisement and ad blocking. Online ads are simultaneously an economic driving force behind the increasing collection of personal information as well as a mechanism enabling said collection. As such, they are integral to any examination of a privacy in the IoT. The next contribution is in the field of location privacy. GPS-enabled IoT devices that users carry on their bodies, such as smartphones, enable broad collection of location information on individuals. Location information is some of the most sensitive information collected by the IoT and is therefore one of the most significant research problems in IoT privacy. The dissertation lays out the analysis and design of location privacy mechanisms that focuses on hiding the semantic information in location data rather than the geographical coordinates themselves. The third contribution shows how the IoT can be used to enhance privacy instead of undermine it. It presents the design of a tamperproof log that can operate in a low-power, low-connectivity IoT network. The tamperproof log enables enforcement of an accountability policy that can be used to protect the privacy of medical records delivered to emergency physicians during disaster response.
Journal / Series
Volume & Issue
Description
Sponsorship
Date Issued
Publisher
Keywords
Location
Effective Date
Expiration Date
Sector
Employer
Union
Union Local
NAICS
Number of Workers
Committee Chair
Committee Co-Chair
Committee Member
Studer, Christoph