Dissertation/Thesis Abstract

The author has requested that access to this graduate work be delayed until 2020-04-12. After this date, this graduate work will be available on an open access basis.
Protecting Privacy of Data in the Internet of Things with Policy Enforcement Fog Module
by Al-Hasnawi, Abduljaleel, Ph.D., Western Michigan University, 2018, 130; 13877008
Abstract (Summary)

The growth of IoT applications has resulted in generating massive volumes of data about people and their surroundings. Significant portions of these data are sensitive since they reflect peoples’ behaviors, interests, lifestyles, etc. Protecting sensitive IoT data from privacy violations is a challenge since these data need to be handled by public networks, servers and clouds, most of which are untrusted parties for data owners. In this study, a solution called Policy Enforcement Fog Module (PEFM) is proposed for protecting sensitive IoT data. The primary task of the PEFM solution is mandatory enforcement of privacy policies for sensitive IoT data—whenever these data are accessed, throughout their entire lifecycle. The key feature of PEFM is its placement within the fog computing infrastructure, which assures that PEFM operates as closely as possible to data sources within the edge of the IoT network. PEFM enforces privacy policies directly for data accessed by local IoT applications, using components inherited from the eXtensible Access Control Markup Language (XACML) architecture. PEFM also assures enforcement of privacy policies for data accessed by remote IoT applications, using XACML and Active Data Bundles (ADBs) that can run on any visited host and enforce policies automatically for data accessed by these hosts.

The Foscam Home Surveillance System (FHSS) was selected as a proof-of-concept case study to test the capabilities of PEFM in protecting sensitive surveillance data. The privacy threats in FHSS are investigated, and the framework of using PEFM for FHSS to address these threats is proposed. Different scenarios are discussed regarding the privacy risk of having malicious insiders or attackers in the system for both local and remote data usages. A scenario with no risk is considered as a baseline with which a scenario with a certain level of privacy risk is compared.

To evaluate the performance of the proposed framework, a comprehensive simulation design, based on realistic FHSS configurations, is developed. Simulation experiments were implemented using SimPy, a process-based discrete-event simulation framework based on standard Python, running in the PyCharm, IDE environment. The experimental results are discussed in terms of the privacy goals achieved by PEFM and the corresponding system performance overhead introduced in terms of latency and throughput. Our results show that PEFM increases users’ control for their data with the number of enforced privacy policies. However, the overhead introduced by enforcing increased polices should not exceed the threshold determined by the real-time constraints. We show that PEFM assures selective data disclosure with better performance than for the baseline mainly due to data minimization. Finally, the results indicate that better privacy controls with minimal overhead can be achieved if most PEFM processes are executed by the local fog nodes. Migrating parts of PEFM processes to remote fog nodes or the cloud incurs more overhead than using strictly local fog nodes. This overhead is the price to be paid for a higher level of privacy in terms of lifecycle data protection. So, there is a tradeoff between overhead and the desired level of privacy. The overhead should be acceptable by applications that are not time-sensitive with hard deadlines.

Indexing (document details)
Advisor: Gupta, Ajay
Commitee: Abdel-Qader, Ikhlas, Car, Steve, Gupta, Ajay
School: Western Michigan University
Department: Computer Science
School Location: United States -- Michigan
Source: DAI-A 80/08(E), Dissertation Abstracts International
Source Type: DISSERTATION
Subjects: Information science
Keywords: Fog module, Internet of Things, Policy enforcement
Publication Number: 13877008
ISBN: 9781392054482
Copyright © 2019 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest