Blockchain-based Privacy Enforcement in the IoT domain : CONCORDIA

Blockchain-based Privacy Enforcement in the IoT domain

In 2021 there are 13.8 billion interconnected IoT devices, with an upward trend. IoT devices collect data on the surrounding environment, including sensitive and private information (e.g., wearable IoT devices). As a result, users are experiencing a loss of control over how their data is distributed and processed. Even worse, users are often unaware of which new data could be inferred from the collected ones. In contrast, end users, being the owners of the data, must be able to state which data can be collected, for which purpose and how these can be accessed and, more importantly must have the guarantee that his/her privacy preferences are enforced independently from the IoT devices they interact with.

In contrast, end users, being the owners of the data, must be able to state which data can be collected, for which purpose and how these can be accessed and, more importantly must have the guarantee that his/her privacy preferences are enforced independently from the IoT devices they interact with.

Figure 1: Block-chain based privacy enforcement.

At the Strict SociaLab, University of Insubria (Italy), aligned with the CONCORDIA’s user-centric view in protecting data privacy, we have designed a solution that solves these problems by introducing the blockchain-based privacy enforcement, shown in Figure 1. Here, the data owners state a set of privacy preferences to specify how their data should be managed. On the other hand, consumers state their privacy policy, specifying how they manage the collected personal data. At the end, the Privacy Compliance Check matches the data owner’s privacy preferences and the consumer’s privacy policy. If the preferences are satisfied, the data is released to the consumer.

Traditionally, due to a lack of trust in the consumer, privacy enforcement is entrusted to a third party. Thanks to the introduction of blockchain technology, we can eliminate the centralized trusted entity to rely on an inherently reliable distributed system.

With the implementation of this platform, we have demonstrated how a non-centralized entity, such as the blockchain, can guarantee user privacy with transparency in a demanding scenario like IoT.

Blockchain-based Privacy Enforcement in the IoT domain https://ieeexplore.ieee.org/document/9528990

(By: Barbara Carminati and Elena Ferrari , University of Insumbria)

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Blockchain-based Privacy Enforcement in the IoT domain

Read more

Our site saves cookies on your device in order to deliver better content. By browsing our website you grant us the permission to store that information on your device.