An Improvised Framework for Privacy Preservation in IoT

An Improvised Framework for Privacy Preservation in IoT

Muzzammil Hussain, Neha Kaliya
Copyright: © 2021 |Pages: 17
DOI: 10.4018/978-1-7998-8954-0.ch022
OnDemand:
(Individual Chapters)
Available
$37.50
Current Special Offers
No Current Special Offers
TOTAL SAVINGS: $37.50

Abstract

Data privacy is now-a-days a special issue in era of Internet of Things because of the big data stored and transmitted by the public/private devices. Different types and levels of privacy can be provided at different layers of IoT architecture, also different mechanisms operate at different layers of IoT architecture. This article presents the work being done towards the design of a generic framework to integrate these privacy preserving mechanisms at different layers of IoT architecture and can ensure privacy preservation in a heterogeneous IoT environment. The data is classified into different levels of secrecy and appropriate rules and mechanisms are applied to ensure this privacy. The proposed framework is implemented and evaluated for its performance with security and execution time or primary parameters. Various scenarios are also evaluated, and a comparison is done with an existing mechanism ABE (Attribute Based Encryption). It has been found that the proposed work takes less time and is more secure due to short key length and randomness of the parameters used in encryption algorithm.
Chapter Preview
Top

2. Proposed Work

In the traditional data management framework, the security manager is focusing on data protection and privacy measures (Abu-Elkheir, Hayajneh, & Ali, 2013). Due to massive amount of data available, data classification and accessing with full security and also at the same time, keeping a track to give access rights only to authorized user is a very challenging task. Hence, authors have proposed a module of security framework including different modules leading to successful deployment of IoT. In the data management framework described, the security manager deals with data protection and privacy measures in accordance with some rules of security that are of relevance to both the protected data and to the final users.

Authors designed a framework of security manager with some security components such as access control list (ACL), user authentication mechanism and data classification module.

2.1. Data Classification Model

Data classification mechanism must be very easy, and the strategy chosen must classify the data properly. During data classification, confidentiality and security of data is considered at highest priority. While maintaining integrity, low-quality data cannot be trusted. Looking at its availability, high availability needs resilient storage and networking. We need to use an effective metadata strategy to tag the data as well. This model is represented in Figure 1.

Data classification model steps

  • 1.

    Analyze the source/entities which are generating and transmitting the data.

  • 2.

    Categorize the data sources on the basis of the type of information they are collecting.

  • 3.

    If the data sources are public devices, e.g., Wi-Fi etc., they will collect “general data”. Store this data in database after assigning tag value 00 to it.

  • 4.

    If the data is coming from sensors, it may be general or private data, so, assign tag 01 to it and store in database.

  • 5.

    If the data is generated from private devices as mobile, pagers etc., the information is confidential and hence, needs to be secure. Assign tag 10 to the data and store in database.

The data is classified as.

  • General data with tag value 00.

  • General and Private data with tag value 01.

  • Private data with tag value 10.

Figure 1.

Data Classification Model

978-1-7998-8954-0.ch022.f01

Complete Chapter List

Search this Book:
Reset