-
PriviFy: Designing Tangible Interfaces for Configuring IoT Privacy Preferences
Authors:
Bayan Al Muhander,
Omer Rana,
Charith Perera
Abstract:
The Internet of Things (IoT) devices, such as smart speakers can collect sensitive user data, necessitating the need for users to manage their privacy preferences. However, configuring these preferences presents users with multiple challenges. Existing privacy controls often lack transparency, are hard to understand, and do not provide meaningful choices. On top of that, users struggle to locate p…
▽ More
The Internet of Things (IoT) devices, such as smart speakers can collect sensitive user data, necessitating the need for users to manage their privacy preferences. However, configuring these preferences presents users with multiple challenges. Existing privacy controls often lack transparency, are hard to understand, and do not provide meaningful choices. On top of that, users struggle to locate privacy settings due to multiple menus or confusing labeling, which discourages them from using these controls. We introduce PriviFy (Privacy Simplify-er), a novel and user-friendly tangible interface that can simplify the configuration of smart devices privacy settings. PriviFy is designed to propose an enhancement to existing hardware by integrating additional features that improve privacy management. We envision that positive feedback and user experiences from our study will inspire consumer product developers and smart device manufacturers to incorporate the useful design elements we have identified. Using fidelity prototy**, we iteratively designed PriviFy prototype with 20 participants to include interactive features such as knobs, buttons, lights, and notifications that allow users to configure their data privacy preferences and receive confirmation of their choices. We further evaluated PriviFy high-fidelity prototype with 20 more participants. Our results show that PriviFy helps simplify the complexity of privacy preferences configuration with a significant usability score at p < .05 (P = 0.000000017, t = -8.8639). PriviFy successfully met users privacy needs and enabled them to regain control over their data. We conclude by recommending the importance of designing specific privacy configuration options.
△ Less
Submitted 8 June, 2024;
originally announced June 2024.
-
PrivacyCube: Data Physicalization for Enhancing Privacy Awareness in IoT
Authors:
Bayan Al Muhander,
Nalin Arachchilage,
Yasar Majib,
Mohammed Alosaimi,
Omer Rana,
Charith Perera
Abstract:
People are increasingly bringing Internet of Things (IoT) devices into their homes without understanding how their data is gathered, processed, and used. We describe PrivacyCube, a novel data physicalization designed to increase privacy awareness within smart home environments. PrivacyCube visualizes IoT data consumption by displaying privacy-related notices. PrivacyCube aims to assist smart home…
▽ More
People are increasingly bringing Internet of Things (IoT) devices into their homes without understanding how their data is gathered, processed, and used. We describe PrivacyCube, a novel data physicalization designed to increase privacy awareness within smart home environments. PrivacyCube visualizes IoT data consumption by displaying privacy-related notices. PrivacyCube aims to assist smart home occupants to (i) understand their data privacy better and (ii) have conversations around data management practices of IoT devices used within their homes. Using PrivacyCube, households can learn and make informed privacy decisions collectively. To evaluate PrivacyCube, we used multiple research methods throughout the different stages of design. We first conducted a focus group study in two stages with six participants to compare PrivacyCube to text and state-of-the-art privacy policies. We then deployed PrivacyCube in a 14-day-long field study with eight households. Our results show that PrivacyCube helps home occupants comprehend IoT privacy better with significantly increased privacy awareness at p < .05 (p=0.00041, t= -5.57). Participants preferred PrivacyCube over text privacy policies because it was comprehensive and easier to use. PrivacyCube and Privacy Label, a state-of-the-art approach, both received positive reviews from participants, with PrivacyCube being preferred for its interactivity and ability to encourage conversations. PrivacyCube was also considered by home occupants as a piece of home furniture, encouraging them to socialize and discuss IoT privacy implications using this device.
△ Less
Submitted 8 June, 2024;
originally announced June 2024.
-
Exploring the Relationships between Privacy by Design Schemes and Privacy Laws: A Comparative Analysis
Authors:
Atheer Aljeraisy,
Masoud Barati,
Omer Rana,
Charith Perera
Abstract:
Internet of Things (IoT) applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complyi…
▽ More
Internet of Things (IoT) applications have the potential to derive sensitive information about individuals. Therefore, developers must exercise due diligence to make sure that data are managed according to the privacy regulations and data protection laws. However, doing so can be a difficult and challenging task. Recent research has revealed that developers typically face difficulties when complying with regulations. One key reason is that, at times, regulations are vague, and could be challenging to extract and enact such legal requirements. In our research paper, we have conducted a systematic analysis of the data protection laws that are used across different continents, namely: (i) General Data Protection Regulations (GDPR), (ii) the Personal Information Protection and Electronic Documents Act (PIPEDA), (iii) the California Consumer Privacy Act (CCPA), (iv) Australian Privacy Principles (APPs), and (v) New Zealand's Privacy Act 1993. In this technical report, we presented the detailed results of the conducted framework analysis method to attain a comprehensive view of different data protection laws and highlighted the disparities, in order to assist developers in adhering to the regulations across different regions, along with creating a Combined Privacy Law Framework (CPLF). After that, we gave an overview of various Privacy by Design (PbD) schemes developed previously by different researchers. Then, the key principles and individuals' rights of the CPLF were mapped with the privacy principles, strategies, guidelines, and patterns of the Privacy by Design (PbD) schemes in order to investigate the gaps in existing schemes.
△ Less
Submitted 5 October, 2022;
originally announced October 2022.
-
PrivacyCube: A Tangible Device for Improving Privacy Awareness in IoT
Authors:
Bayan Al Muhander,
Omer Rana,
Nalin Arachchilage,
Charith Perera
Abstract:
Consumers increasingly bring IoT devices into their living spaces without understanding how their data is collected, processed, and used. We present PrivacyCube, a novel tangible device designed to explore the extent to which privacy awareness in smart homes can be elevated. PrivacyCube visualises IoT devices' data consumption displaying privacy-related notices. PrivacyCube aims at assisting famil…
▽ More
Consumers increasingly bring IoT devices into their living spaces without understanding how their data is collected, processed, and used. We present PrivacyCube, a novel tangible device designed to explore the extent to which privacy awareness in smart homes can be elevated. PrivacyCube visualises IoT devices' data consumption displaying privacy-related notices. PrivacyCube aims at assisting families to (i) understand key privacy aspects better and (ii) have conversations around data management practices of IoT devices. Thus, families can learn and make informed privacy decisions collectively.
△ Less
Submitted 5 October, 2022;
originally announced October 2022.
-
Feasibility on Detecting Door Slamming towards Monitoring Early Signs of Domestic Violence
Authors:
Osian Morgan,
Hakan Kayan,
Charith Perera
Abstract:
By using low-cost microcontrollers and TinyML, we investigate the feasibility of detecting potential early warning signs of domestic violence and other anti-social behaviors within the home. We created a machine learning model to determine if a door was closed aggressively by analyzing audio data and feeding this into a convolutional neural network to classify the sample. Under test conditions, wi…
▽ More
By using low-cost microcontrollers and TinyML, we investigate the feasibility of detecting potential early warning signs of domestic violence and other anti-social behaviors within the home. We created a machine learning model to determine if a door was closed aggressively by analyzing audio data and feeding this into a convolutional neural network to classify the sample. Under test conditions, with no background noise, accuracy of 88.89\% was achieved, declining to 87.50\% when assorted background noises were mixed in at a relative volume of 0.5 times that of the sample. The model is then deployed on an Arduino Nano BLE 33 Sense attached to the door, and only begins sampling once an acceleration greater than a predefined threshold acceleration is detected. The predictions made by the model can then be sent via BLE to another device, such as a smartphone of Raspberry Pi.
△ Less
Submitted 5 October, 2022;
originally announced October 2022.
-
ForestQB: An Adaptive Query Builder to Support Wildlife Research
Authors:
Omar Mussa,
Omer Rana,
Benoît Goossens,
Pablo Orozco-terWengel,
Charith Perera
Abstract:
This paper presents ForestQB, a SPARQL query builder, to assist Bioscience and Wildlife Researchers in accessing Linked-Data. As they are unfamiliar with the Semantic Web and the data ontologies, ForestQB aims to empower them to benefit from using Linked-Data to extract valuable information without having to grasp the nature of the data and its underlying technologies. ForestQB is integrating Form…
▽ More
This paper presents ForestQB, a SPARQL query builder, to assist Bioscience and Wildlife Researchers in accessing Linked-Data. As they are unfamiliar with the Semantic Web and the data ontologies, ForestQB aims to empower them to benefit from using Linked-Data to extract valuable information without having to grasp the nature of the data and its underlying technologies. ForestQB is integrating Form-Based Query builders with Natural Language to simplify query construction to match the user requirements. Demo available at https://iotgarage.net/demo/forestQB
△ Less
Submitted 5 October, 2022;
originally announced October 2022.
-
Privacy-Patterns for IoT Application Developers
Authors:
Nada Alhirabi,
Stephanie Beaumont,
Omer Rana,
Charith Perera
Abstract:
Designing Internet of things (IoT) applications (apps) is challenging due to the heterogeneous nature of the systems on which these apps are deployed. Personal data, often classified as sensitive, may be collected and analysed by IoT apps, where data privacy laws are expected to protect such information. Various approaches already exist to support privacy-by-design (PbD) schemes, enabling develope…
▽ More
Designing Internet of things (IoT) applications (apps) is challenging due to the heterogeneous nature of the systems on which these apps are deployed. Personal data, often classified as sensitive, may be collected and analysed by IoT apps, where data privacy laws are expected to protect such information. Various approaches already exist to support privacy-by-design (PbD) schemes, enabling developers to take data privacy into account at the design phase of application development. However, developers are not widely adopting these approaches because of understandability and interpretation challenges. A limited number of tools currently exist to assist developers in this context -- leading to our proposal for "PARROT" (PrivAcy by design tool foR inteRnet Of Things). PARROT supports a number of techniques to enable PbD techniques to be more widely used. We present the findings of a controlled study and discuss how this privacy-preserving tool increases the ability of IoT developers to apply privacy laws (such as GDPR) and privacy patterns. Our students demonstrate that the PARROT prototype tool increases the awareness of privacy requirements in design and increases the likelihood of the subsequent design to be more cognisant of data privacy requirements.
△ Less
Submitted 4 October, 2022;
originally announced October 2022.
-
Detecting Anomalies within Smart Buildings using Do-It-Yourself Internet of Things
Authors:
Yasar Majib,
Mahmoud Barhamgi,
Behzad Momahed Heravi,
Sharadha Kariyawasam,
Charith Perera
Abstract:
Detecting anomalies at the time of happening is vital in environments like buildings and homes to identify potential cyber-attacks. This paper discussed the various mechanisms to detect anomalies as soon as they occur. We shed light on crucial considerations when building machine learning models. We constructed and gathered data from multiple self-build (DIY) IoT devices with different in-situ sen…
▽ More
Detecting anomalies at the time of happening is vital in environments like buildings and homes to identify potential cyber-attacks. This paper discussed the various mechanisms to detect anomalies as soon as they occur. We shed light on crucial considerations when building machine learning models. We constructed and gathered data from multiple self-build (DIY) IoT devices with different in-situ sensors and found effective ways to find the point, contextual and combine anomalies. We also discussed several challenges and potential solutions when dealing with sensing devices that produce data at different sampling rates and how we need to pre-process them in machine learning models. This paper also looks at the pros and cons of extracting sub-datasets based on environmental conditions.
△ Less
Submitted 4 October, 2022;
originally announced October 2022.
-
Semantics-based Privacy by Design for Internet of Things Applications
Authors:
Lamya Alkhariji,
Suparna De,
Omer Rana,
Charith Perera
Abstract:
As Internet of Things (IoT) technologies become more widespread in everyday life, privacy issues are becoming more prominent. The aim of this research is to develop a personal assistant that can answer software engineers' questions about Privacy by Design (PbD) practices during the design phase of IoT system development. Semantic web technologies are used to model the knowledge underlying PbD meas…
▽ More
As Internet of Things (IoT) technologies become more widespread in everyday life, privacy issues are becoming more prominent. The aim of this research is to develop a personal assistant that can answer software engineers' questions about Privacy by Design (PbD) practices during the design phase of IoT system development. Semantic web technologies are used to model the knowledge underlying PbD measurements, their intersections with privacy patterns, IoT system requirements and the privacy patterns that should be applied across IoT systems. This is achieved through the development of the PARROT ontology, developed through a set of representative IoT use cases relevant for software developers. This was supported by gathering Competency Questions (CQs) through a series of workshops, resulting in 81 curated CQs. These CQs were then recorded as SPARQL queries, and the developed ontology was evaluated using the Common Pitfalls model with the help of the Protégé HermiT Reasoner and the Ontology Pitfall Scanner (OOPS!), as well as evaluation by external experts. The ontology was assessed within a user study that identified that the PARROT ontology can answer up to 58\% of privacy-related questions from software engineers.
△ Less
Submitted 4 October, 2022;
originally announced October 2022.
-
AnoML-IoT: An End to End Re-configurable Multi-protocol Anomaly Detection Pipeline for Internet of Things
Authors:
Hakan Kayan,
Yasar Majib,
Wael Alsafery,
Mahmoud Barhamgi,
Charith Perera
Abstract:
The rapid development in ubiquitous computing has enabled the use of microcontrollers as edge devices. These devices are used to develop truly distributed IoT-based mechanisms where machine learning (ML) models are utilized. However, integrating ML models to edge devices requires an understanding of various software tools such as programming languages and domain-specific knowledge. Anomaly detecti…
▽ More
The rapid development in ubiquitous computing has enabled the use of microcontrollers as edge devices. These devices are used to develop truly distributed IoT-based mechanisms where machine learning (ML) models are utilized. However, integrating ML models to edge devices requires an understanding of various software tools such as programming languages and domain-specific knowledge. Anomaly detection is one of the domains where a high level of expertise is required to achieve promising results. In this work, we present AnoML which is an end-to-end data science pipeline that allows the integration of multiple wireless communication protocols, anomaly detection algorithms, deployment to the edge, fog, and cloud platforms with minimal user interaction. We facilitate the development of IoT anomaly detection mechanisms by reducing the barriers that are formed due to the heterogeneity of an IoT environment. The proposed pipeline supports four main phases: (i) data ingestion, (ii) model training, (iii) model deployment, (iv) inference and maintaining. We evaluate the pipeline with two anomaly detection datasets while comparing the efficiency of several machine learning algorithms within different nodes. We also provide the source code (https://gitlab.com/IOTGarage/anoml-iot-analytics) of the developed tools which are the main components of the pipeline.
△ Less
Submitted 4 October, 2022;
originally announced October 2022.
-
Low-Cost SMS Driven Location Tracking Platform Towards Anti-Poaching Efforts
Authors:
Jack Burkett,
Pablo Orozco Ter Wengel,
Benoit Goossens,
Omer Rana,
Charith Perera
Abstract:
Throughout the world, poaching has been an ever-present threat to a vast array of species for over many decades. Traditional anti-poaching initiatives target catching the poachers. However, the challenge is far more complicated than catching individual poachers. Poaching is an industry which needs to be fully investigated. Many stakeholders are directly and indirectly involved in poaching activiti…
▽ More
Throughout the world, poaching has been an ever-present threat to a vast array of species for over many decades. Traditional anti-poaching initiatives target catching the poachers. However, the challenge is far more complicated than catching individual poachers. Poaching is an industry which needs to be fully investigated. Many stakeholders are directly and indirectly involved in poaching activities (e.g., some local restaurants illegally providing meat to tourists). Therefore, stop** or severely decapitating the poaching industry requires a unified understanding of all stakeholders. The best way to uncover these geographical and social relationships is to track the movements of poachers. However, location tracking is challenging in most rural areas where wildlife sanctuaries are typically located. Internet-connected communication (e.g. 3G) technologies typically used in urban cities are not feasible in these rural areas. Therefore, we decided to develop an SMS (short message service) base low-cost tracking system (SMS-TRACCAR) to track poachers. The proposed system was developed to be deployed in Kinabatangan Wildlife Sanctuary, Sabah, Malaysia and nearby villages and cities where poachers typically move around. Our evaluations demonstrated that SMS-based tracking could provide sufficient quality (granular) data (with minimum energy consumption) that enable us to monitor poacher vehicle movements within rural areas where no other modern communication technologies are feasible to use. However, it is important to note that our system can be used in any domain that requires SMS-based geo-location tracking. SMS-TRACCAR can be configured to track individuals as well as groups. Therefore, SMS-TRACCAR contributes not only to the wildlife domain but in the wider context as well.
△ Less
Submitted 4 October, 2022;
originally announced October 2022.
-
Cybersecurity of Industrial Cyber-Physical Systems: A Review
Authors:
Hakan Kayan,
Matthew Nunes,
Omer Rana,
Pete Burnap,
Charith Perera
Abstract:
Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the "physics" data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the "security by obscurity" principle provided by air-gap** is no longer…
▽ More
Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the "physics" data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the "security by obscurity" principle provided by air-gap** is no longer followed. As the interconnectivity in ICPSs increases, so does the attack surface. Industrial vulnerability assessment reports have shown that a variety of new vulnerabilities have occurred due to this transition while the most common ones are related to weak boundary protection. Although there are existing surveys in this context, very little is mentioned regarding these reports. This paper bridges this gap by defining and reviewing ICPSs from a cybersecurity perspective. In particular, multi-dimensional adaptive attack taxonomy is presented and utilized for evaluating real-life ICPS cyber incidents. We also identify the general shortcomings and highlight the points that cause a gap in existing literature while defining future research directions.
△ Less
Submitted 10 January, 2021;
originally announced January 2021.
-
Synthesising Privacy by Design Knowledge Towards Explainable Internet of Things Application Designing in Healthcare
Authors:
Lamya Alkhariji,
Nada Alhirabi,
Mansour Naser Alraja,
Mahmoud Barhamgi,
Omer Rana,
Charith Perera
Abstract:
Privacy by Design (PbD) is the most common approach followed by software developers who aim to reduce risks within their application designs, yet it remains commonplace for developers to retain little conceptual understanding of what is meant by privacy. A vision is to develop an intelligent privacy assistant to whom developers can easily ask questions in order to learn how to incorporate differen…
▽ More
Privacy by Design (PbD) is the most common approach followed by software developers who aim to reduce risks within their application designs, yet it remains commonplace for developers to retain little conceptual understanding of what is meant by privacy. A vision is to develop an intelligent privacy assistant to whom developers can easily ask questions in order to learn how to incorporate different privacy-preserving ideas into their IoT application designs. This paper lays the foundations toward develo** such a privacy assistant by synthesising existing PbD knowledge so as to elicit requirements. It is believed that such a privacy assistant should not just prescribe a list of privacy-preserving ideas that developers should incorporate into their design. Instead, it should explain how each prescribed idea helps to protect privacy in a given application design context-this approach is defined as 'Explainable Privacy'. A total of 74 privacy patterns were analysed and reviewed using ten different PbD schemes to understand how each privacy pattern is built and how each helps to ensure privacy. Due to page limitations, we have presented a detailed analysis in [3]. In addition, different real-world Internet of Things (IoT) use-cases, including a healthcare application, were used to demonstrate how each privacy pattern could be applied to a given application design. By doing so, several knowledge engineering requirements were identified that need to be considered when develo** a privacy assistant. It was also found that, when compared to other IoT application domains, privacy patterns can significantly benefit healthcare applications. In conclusion, this paper identifies the research challenges that must be addressed if one wishes to construct an intelligent privacy assistant that can truly augment software developers' capabilities at the design phase.
△ Less
Submitted 7 November, 2020;
originally announced November 2020.
-
Privacy-Aware Internet of Things Notices in Shared Spaces: A Survey
Authors:
Bayan Al Muhander,
Jason Wiese,
Omer Rana,
Charith Perera
Abstract:
The balance between protecting users' privacy while providing cost-effective devices that are functional and usable is a key challenge in the burgeoning Internet of Things (IoT) industry. While in traditional desktop and mobile contexts the primary user interface is a screen, in IoT screens are rare or very small, which invalidate most of the traditional approaches. We examine how end-users intera…
▽ More
The balance between protecting users' privacy while providing cost-effective devices that are functional and usable is a key challenge in the burgeoning Internet of Things (IoT) industry. While in traditional desktop and mobile contexts the primary user interface is a screen, in IoT screens are rare or very small, which invalidate most of the traditional approaches. We examine how end-users interact with IoT products and how those products convey information back to the users, particularly `what is going on' with regards to their data. We focus on understanding what the breadth of IoT, privacy, and ubiquitous computing literature tells us about how individuals with average technical expertise can be notified about the privacy-related information of the spaces they inhabit in an easily understandable way. In this survey, we present a review of the various methods available to notify the end-users while taking into consideration the factors that should be involved in the notification alerts within the physical domain. We identify five main factors: (1) data type, (2) data usage, (3) data storage, (4) data retention period, and (5) notification method. The survey also includes literature discussing individuals' reactions and their potentials to provide feedback about their privacy choices as a response to the received notification. The results of this survey highlight the most effective mechanisms for providing awareness of privacy and data-use-practices in the context of IoT in shared spaces.
△ Less
Submitted 18 March, 2021; v1 submitted 24 June, 2020;
originally announced June 2020.
-
Cyberattacks and Countermeasures For In-Vehicle Networks
Authors:
Emad Aliwa,
Omer Rana,
Charith Perera,
Peter Burnap
Abstract:
As connectivity between and within vehicles increases, so does concern about safety and security. Various automotive serial protocols are used inside vehicles such as Controller Area Network (CAN), Local Interconnect Network (LIN) and FlexRay. CAN bus is the most used in-vehicle network protocol to support exchange of vehicle parameters between Electronic Control Units (ECUs). This protocol lacks…
▽ More
As connectivity between and within vehicles increases, so does concern about safety and security. Various automotive serial protocols are used inside vehicles such as Controller Area Network (CAN), Local Interconnect Network (LIN) and FlexRay. CAN bus is the most used in-vehicle network protocol to support exchange of vehicle parameters between Electronic Control Units (ECUs). This protocol lacks security mechanisms by design and is therefore vulnerable to various attacks. Furthermore, connectivity of vehicles has made the CAN bus not only vulnerable from within the vehicle but also from outside. With the rise of connected cars, more entry points and interfaces have been introduced on board vehicles, thereby also leading to a wider potential attack surface. Existing security mechanisms focus on the use of encryption, authentication and vehicle Intrusion Detection Systems (IDS), which operate under various constrains such as low bandwidth, small frame size (e.g. in the CAN protocol), limited availability of computational resources and real-time sensitivity. We survey In-Vehicle Network (IVN) attacks which have been grouped under: direct interfaces-initiated attacks, telematics and infotainment-initiated attacks, and sensor-initiated attacks. We survey and classify current cryptographic and IDS approaches and compare these approaches based on criteria such as real time constrains, types of hardware used, changes in CAN bus behaviour, types of attack mitigation and software/ hardware used to validate these approaches. We conclude with potential mitigation strategies and research challenges for the future.
△ Less
Submitted 22 April, 2020;
originally announced April 2020.
-
Privacy in Data Service Composition
Authors:
Mahmoud Barhamgi,
Charith Perera,
Chia-Mu Yu,
Djamal Benslimane,
David Camacho,
Christine Bonnet
Abstract:
In modern information systems different information features, about the same individual, are often collected and managed by autonomous data collection services that may have different privacy policies. Answering many end-users' legitimate queries requires the integration of data from multiple such services. However, data integration is often hindered by the lack of a trusted entity, often called a…
▽ More
In modern information systems different information features, about the same individual, are often collected and managed by autonomous data collection services that may have different privacy policies. Answering many end-users' legitimate queries requires the integration of data from multiple such services. However, data integration is often hindered by the lack of a trusted entity, often called a mediator, with which the services can share their data and delegate the enforcement of their privacy policies. In this paper, we propose a flexible privacy-preserving data integration approach for answering data integration queries without the need for a trusted mediator. In our approach, services are allowed to enforce their privacy policies locally. The mediator is considered to be untrusted, and only has access to encrypted information to allow it to link data subjects across the different services. Services, by virtue of a new privacy requirement, dubbed k-Protection, limiting privacy leaks, cannot infer information about the data held by each other. End-users, in turn, have access to privacy-sanitized data only. We evaluated our approach using an example and a real dataset from the healthcare application domain. The results are promising from both the privacy preservation and the performance perspectives.
△ Less
Submitted 3 January, 2020;
originally announced January 2020.
-
Context Aware Family Dynamics based Internet of Things Access Control Towards Better Child Safety
Authors:
Yasar Majib,
Charith Perera
Abstract:
Today, children are increasingly connected to the Internet and consume content and services through various means. It has been a challenge for less tech-savvy parents to protect children from harmful content and services. Internet of Things (IoT) has made the situation much worse as IoT devices allow children to connect to the Internet in novel ways (e.g., connected refrigerators, TVs, and so on).…
▽ More
Today, children are increasingly connected to the Internet and consume content and services through various means. It has been a challenge for less tech-savvy parents to protect children from harmful content and services. Internet of Things (IoT) has made the situation much worse as IoT devices allow children to connect to the Internet in novel ways (e.g., connected refrigerators, TVs, and so on). In this paper, we propose mySafeHome, an approach which utilises family dynamics to provide a more natural, and intuitive access control mechanism to protect children from harmful content and services in the context of IoT. In mySafeHome, access control dynamically adapts based on the physical distance between family members. For example, a particular type of content can only be consumed, through TV, by children if the parents are in the same room (or hearing distance). mySafeHome allows parents to assess a given content by themselves. Our approach also aims to create granular levels of access control (e.g., block / limit certain content, features, services, on certain devices when the parents are not in the vicinity). We developed a prototype using OpenHAB and several smart home devices to demonstrate the proposed approach. We believe that our approach also facilitates the creation of better relationships between family members. A demo can be viewed here: http://safehome.technology/demo.
△ Less
Submitted 5 November, 2019;
originally announced November 2019.
-
Exploring the Suitability of BLE Beacons to Track Poacher Vehicles in Harsh Jungle Terrains
Authors:
Karan Juj,
Charith Perera
Abstract:
Our overall aim is focused on exploring whether we could use Bluetooth Low Energy (BLE) technology to track poacher vehicles in remote and rural areas such as Sabah, in Malaysia, especially deep inside the jungle terrain with little or no communication technologies exists. Tracking technologies are currently limited to relying on satellites or cellular towers, for environments that do not permit a…
▽ More
Our overall aim is focused on exploring whether we could use Bluetooth Low Energy (BLE) technology to track poacher vehicles in remote and rural areas such as Sabah, in Malaysia, especially deep inside the jungle terrain with little or no communication technologies exists. Tracking technologies are currently limited to relying on satellites or cellular towers, for environments that do not permit access to these signals, very few viable alternatives exist. This paper explores the use of BLE as a method to track vehicles. It works by mounting Bluetooth beacons beside a road and placing a receiver concealed somewhere inside the vehicle. As the vehicle drives past the beacon, the receiver and beacon are momentarily in range, the receiver then stores a unique ID from the beacon and when the vehicle is then in an area with GSM signal, an SMS is sent containing the unique IDs of the beacons that have been detected. This project is prototyped and tested in collaboration with the Danau Girang Field Centre in Sabah, Malaysia. The results offer insights for how effective BLE beacons are in a tracking situation for where the beacon and receiver are in range for a short period of time as well as how different obstructions will affect the range and strength of the signal. It is important to note that our objective is not to catch the poacher, instead to understand how they move around within jungle terrain, as we can use such information to develop a comprehensive plan against poaching activities.
△ Less
Submitted 5 November, 2019;
originally announced November 2019.
-
Designing Security and Privacy Requirements in Internet of Things: A Survey
Authors:
Nada Alhirabi,
Omer Rana,
Charith Perera
Abstract:
The design and development process for the Internet of Things (IoT) applications is more complicated than that for desktop, mobile, or web applications. First, IoT applications require both software and hardware to work together across different nodes with different capabilities under different conditions. Secondly, IoT application development involves different software engineers such as desktop,…
▽ More
The design and development process for the Internet of Things (IoT) applications is more complicated than that for desktop, mobile, or web applications. First, IoT applications require both software and hardware to work together across different nodes with different capabilities under different conditions. Secondly, IoT application development involves different software engineers such as desktop, web, embedded and mobile to cooperate. In addition, the development process required different software\hardware stacks to integrated together. Due to above complexities, more often non-functional requirements (such as security and privacy) tend to get ignored in IoT application development process.
In this paper, we have reviewed techniques, methods and tools that are being developed to support incorporating security and privacy requirements into traditional application designs. By doing so, we aim to explore how those techniques could be applicable to the IoT domain.
In this paper, we primarily focused on two different aspects: (1) design notations, models, and languages that facilitate capturing non-functional requirements (i.e., security and privacy), and (2) proactive and reactive interaction techniques that can be used to support and augment the IoT application design process. Our goal is not only to analyse past research work but also to discuss their applicability towards the IoT.
△ Less
Submitted 22 October, 2019;
originally announced October 2019.
-
Envisioning Tool Support for Designing Privacy-Aware Internet of Thing Applications
Authors:
Charith Perera,
Mahmoud Barhamgi,
Massimo Vecchio
Abstract:
The design and development process for Internet of Things (IoT) applications is more complicated than for desktop, mobile, or web applications. IoT applications require both software and hardware to work together across multiple different types of nodes (e.g., microcontrollers, system-on-chips, mobile phones, miniaturised single-board computers, and cloud platforms) with different capabilities und…
▽ More
The design and development process for Internet of Things (IoT) applications is more complicated than for desktop, mobile, or web applications. IoT applications require both software and hardware to work together across multiple different types of nodes (e.g., microcontrollers, system-on-chips, mobile phones, miniaturised single-board computers, and cloud platforms) with different capabilities under different conditions. IoT applications typically collect and analyse personal data that can be used to derive sensitive information about individuals. Without proper privacy protections in place, IoT applications could lead to serious privacy violations. Thus far, privacy concerns have not been explicitly considered in software engineering processes when designing and develo** IoT applications, partly due to a lack of tools, technologies, and guidance. This paper presents a research vision that argues the importance of develo** a privacy-aware IoT application design tool to address the challenges mentioned above. This tool should not only transform IoT application designs into privacy-aware application designs but also validate and verify them. First, we outline how this proposed tool should work in practice and its core functionalities. Then, we identify research challenges and potential directions towards develo** the proposed tool. We anticipate that this proposed tool will save many engineering hours which engineers would otherwise need to spend on develo** privacy expertise and applying it. We also highlight the usefulness of this tool towards privacy education and privacy compliance.
△ Less
Submitted 28 November, 2020; v1 submitted 6 August, 2019;
originally announced August 2019.
-
PizzaBox: Studying Internet Connected Physical Object Manipulation based Food Ordering
Authors:
Luke Jones,
Charith Perera
Abstract:
This paper presents the designing and testing of PizzaBox, a 3D printed, interactive food ordering system that aims to differ from conventional food ordering systems and provide an entertaining and unique experience when ordering a pizza by incorporating underlying technologies that support ubiquitous computing. The PizzaBox has gone through both low and medium fidelity testing while working colla…
▽ More
This paper presents the designing and testing of PizzaBox, a 3D printed, interactive food ordering system that aims to differ from conventional food ordering systems and provide an entertaining and unique experience when ordering a pizza by incorporating underlying technologies that support ubiquitous computing. The PizzaBox has gone through both low and medium fidelity testing while working collaboratively with participants to co-design and refine a product that is approachable to all age groups while maintaining a simple process for ordering food from start to finish. Final testing was conducted at an independent pizzeria where interviews with participants lead us to develop four discussion themes 1) usability and end user engagement, 2) towards connected real-time products and services, 3) healthy eating, 4) evolution of food ordering systems. Our interviews show that in general, PizzaBox would have a greater appeal to a younger audience by providing a fantasy of hel** in the creation and baking of the pizza but also has a novelty value that all ages would enjoy. We investigate the effect that the PizzaBox has in encouraging new healthy habits or promoting a healthier lifestyle as well as how we can improve PizzaBox to better encourage these lifestyle changes.
△ Less
Submitted 8 June, 2019;
originally announced June 2019.
-
IoT Skullfort: Exploring the Impact of Internet Connected Cosplay
Authors:
Rhys Beckett,
Charith Perera
Abstract:
In this paper, we explore the potential impact of Internet of Things (IoT) technology may have on the cosplay community. We developed a costume (an IoT Skullfort) and embedded IoT technology to enhance its capabilities and user interactions. Sensing technologies are widely used in many different wearable domains including cosplay scenarios. However, in most of these scenarios, typical interaction…
▽ More
In this paper, we explore the potential impact of Internet of Things (IoT) technology may have on the cosplay community. We developed a costume (an IoT Skullfort) and embedded IoT technology to enhance its capabilities and user interactions. Sensing technologies are widely used in many different wearable domains including cosplay scenarios. However, in most of these scenarios, typical interaction pattern is that the costume responds to its environment or the player's behaviour (e.g., colour of lights may get changed when player moves hands). In contrast, our research focuses on exploring scenarios where the audience (third party) get to manipulate the costume behaviour (e.g., the audience get to change the colour of the Skullfort using a mobile application). We believe such an audience (third party) influenced cosplay brings new opportunities for enhanced entertainment. However, it also creates significant challenges. We report the results gathered through a focus group conducted in collaboration with cosplay community experts.
△ Less
Submitted 8 July, 2019; v1 submitted 28 May, 2019;
originally announced June 2019.
-
Crowdsourced Peer Learning Activity for Internet of Things Education: A Case Study
Authors:
Ahmed Hussein,
Mahmoud Barhamgi,
Massimo Vecchio,
Charith Perera
Abstract:
Computing devices such as laptops, tablets and mobile phones have become part of our daily lives. End users increasingly know more and more information about these devices. Further, more technically savvy end users know how such devices are being built and know how to choose one over the others. However, we cannot say the same about the Internet of Things (IoT) products. Due to its infancy nature…
▽ More
Computing devices such as laptops, tablets and mobile phones have become part of our daily lives. End users increasingly know more and more information about these devices. Further, more technically savvy end users know how such devices are being built and know how to choose one over the others. However, we cannot say the same about the Internet of Things (IoT) products. Due to its infancy nature of the marketplace, end users have very little idea about IoT products. To address this issue, we developed a method, a crowdsourced peer learning activity, supported by an online platform (OLYMPUS) to enable a group of learners to learn IoT products space better. We conducted two different user studies to validate that our tool enables better IoT education. Our method guide learners to think more deeply about IoT products and their design decisions. The learning platform we developed is open source and available for the community.
△ Less
Submitted 28 May, 2019;
originally announced May 2019.
-
A Spatial-Temporal Correlation Approach for Data Reduction in Cluster-Based Sensor Networks
Authors:
Gaby Bou Tayeh,
Abdallah Makhoul,
Charith Perera,
Jacques Demerjian
Abstract:
In a resource-constrained Wireless Sensor Networks (WSNs), the optimization of the sampling and the transmission rates of each individual node is a crucial issue. A high volume of redundant data transmitted through the network will result in collisions, data loss, and energy dissipation. This paper proposes a novel data reduction scheme, that exploits the spatial-temporal correlation among sensor…
▽ More
In a resource-constrained Wireless Sensor Networks (WSNs), the optimization of the sampling and the transmission rates of each individual node is a crucial issue. A high volume of redundant data transmitted through the network will result in collisions, data loss, and energy dissipation. This paper proposes a novel data reduction scheme, that exploits the spatial-temporal correlation among sensor data in order to determine the optimal sampling strategy for the deployed sensor nodes. This strategy reduces the overall sampling/transmission rates while preserving the quality of the data. Moreover, a back-end reconstruction algorithm is deployed on the workstation (Sink). This algorithm can reproduce the data that have not been sampled by finding the spatial and temporal correlation among the reported data set, and filling the 'non-sampled' parts with predictions. We have used real sensor data of a network that was deployed at the Grand-St-Bernard pass located between Switzerland and Italy. We tested our approach using the previously mentioned data-set and compared it to a recent adaptive sampling based data reduction approach. The obtained results show that our proposed method consumes up to 60% less energy and can handle non-stationary data more effectively.
△ Less
Submitted 14 April, 2019;
originally announced April 2019.
-
The Role of Big Data Analytics in Industrial Internet of Things
Authors:
Muhammad Habib ur Rehman,
Ibrar Yaqoob,
Khaled Salah,
Muhammad Imran,
Prem Prakash Jayaraman,
Charith Perera
Abstract:
Big data production in industrial Internet of Things (IIoT) is evident due to the massive deployment of sensors and Internet of Things (IoT) devices. However, big data processing is challenging due to limited computational, networking and storage resources at IoT device-end. Big data analytics (BDA) is expected to provide operational- and customer-level intelligence in IIoT systems. Although numer…
▽ More
Big data production in industrial Internet of Things (IIoT) is evident due to the massive deployment of sensors and Internet of Things (IoT) devices. However, big data processing is challenging due to limited computational, networking and storage resources at IoT device-end. Big data analytics (BDA) is expected to provide operational- and customer-level intelligence in IIoT systems. Although numerous studies on IIoT and BDA exist, only a few studies have explored the convergence of the two paradigms. In this study, we investigate the recent BDA technologies, algorithms and techniques that can lead to the development of intelligent IIoT systems. We devise a taxonomy by classifying and categorising the literature on the basis of important parameters (e.g. data sources, analytics tools, analytics techniques, requirements, industrial analytics applications and analytics types). We present the frameworks and case studies of the various enterprises that have benefited from BDA. We also enumerate the considerable opportunities introduced by BDA in IIoT.We identify and discuss the indispensable challenges that remain to be addressed as future research directions as well.
△ Less
Submitted 11 April, 2019;
originally announced April 2019.
-
Designing Sensing as a Service (S2aaS) Ecosystem for Internet of Things
Authors:
Charith Perera,
Mahmoud Barhamgi,
Suparna De,
Tim Baarslag,
Massimo Vecchio,
Kim-Kwang Raymond Choo
Abstract:
The Internet of Things (IoT) envisions the creation of an environment where everyday objects (e.g. microwaves, fridges, cars, coffee machines, etc.) are connected to the internet and make users' lives more productive, efficient, and convenient. During this process, everyday objects capture a vast amount of data that can be used to understand individuals and their behaviours. In the current IoT eco…
▽ More
The Internet of Things (IoT) envisions the creation of an environment where everyday objects (e.g. microwaves, fridges, cars, coffee machines, etc.) are connected to the internet and make users' lives more productive, efficient, and convenient. During this process, everyday objects capture a vast amount of data that can be used to understand individuals and their behaviours. In the current IoT ecosystems, such data is collected and used only by the respective IoT solutions. There is no formal way to share data with external entities. We believe this is very efficient and unfair for users. We believe that users, as data owners, should be able to control, manage, and share data about them in any way that they choose and make or gain value out of them. To achieve this, we proposed the Sensing as a Service (S2aaS) model. In this paper, we discuss the Sensing as a Service ecosystem in terms of its architecture, components and related user interaction designs. This paper aims to highlight the weaknesses of the current IoT ecosystem and to explain how S2aaS would eliminate those weaknesses. We also discuss how an everyday user may engage with the S2aaS ecosystem and design challenges.
△ Less
Submitted 10 April, 2019;
originally announced April 2019.
-
Exploring the Effectiveness of Service Decomposition in Fog Computing Architecture for the Internet of Things
Authors:
Badraddin Alturki,
Stephan Reiff-Marganiec,
Charith Perera,
Suparna De
Abstract:
The Internet of Things (IoT) aims to connect everyday physical objects to the internet. These objects will produce a significant amount of data. The traditional cloud computing architecture aims to process data in the cloud. As a result, a significant amount of data needs to be communicated to the cloud. This creates a number of challenges, such as high communication latency between the devices an…
▽ More
The Internet of Things (IoT) aims to connect everyday physical objects to the internet. These objects will produce a significant amount of data. The traditional cloud computing architecture aims to process data in the cloud. As a result, a significant amount of data needs to be communicated to the cloud. This creates a number of challenges, such as high communication latency between the devices and the cloud, increased energy consumption of devices during frequent data upload to the cloud, high bandwidth consumption, while making the network busy by sending the data continuously, and less privacy because of less control on the transmitted data to the server. Fog computing has been proposed to counter these weaknesses. Fog computing aims to process data at the edge and substantially eliminate the necessity of sending data to the cloud. However, combining the Service Oriented Architecture (SOA) with the fog computing architecture is still an open challenge. In this paper, we propose to decompose services to create linked-microservices (LMS). Linked-microservices are services that run on multiple nodes but closely linked to their linked-partners. Linked-microservices allow distributing the computation across different computing nodes in the IoT architecture. Using four different types of architectures namely cloud, fog, hybrid and fog+cloud, we explore and demonstrate the effectiveness of service decomposition by applying four experiments to three different type of datasets. Evaluation of the four architectures shows that decomposing services into nodes reduce the data consumption over the network by 10% - 70%. Overall, these results indicate that the importance of decomposing services in the context of fog computing for enhancing the quality of service.
△ Less
Submitted 31 March, 2019;
originally announced April 2019.
-
Deterrence and Prevention-based Model to Mitigate Information Security Insider Threats in Organisations
Authors:
Nader Sohrabi Safa,
Carsten Maple,
Steve Furnell,
Muhammad Ajmal Azad,
Charith Perera,
Mohammad Dabbagh,
Mehdi Sookhak
Abstract:
Previous studies show that information security breaches and privacy violations are important issues for organisations and people. It is acknowledged that decreasing the risk in this domain requires consideration of the technological aspects of information security alongside human aspects. Employees intentionally or unintentionally account for a significant portion of the threats to information as…
▽ More
Previous studies show that information security breaches and privacy violations are important issues for organisations and people. It is acknowledged that decreasing the risk in this domain requires consideration of the technological aspects of information security alongside human aspects. Employees intentionally or unintentionally account for a significant portion of the threats to information assets in organisations. This research presents a novel conceptual framework to mitigate the risk of insiders using deterrence and prevention approaches. Deterrence factors discourage employees from engaging in information security misbehaviour in organisations, and situational crime prevention factors encourage them to prevent information security misconduct. Our findings show that perceived sanctions certainty and severity significantly influence individuals' attitudes and deter them from information security misconduct. In addition, the output revealed that increasing the effort, risk and reducing the reward (benefits of crime) influence the employees' attitudes towards prevent information security misbehaviour. However, removing excuses and reducing provocations do not significantly influence individuals' attitudes towards prevent information security misconduct. Finally, the output of the data analysis also showed that subjective norms, perceived behavioural control and attitude influence individuals' intentions, and, ultimately, their behaviour towards avoiding information security misbehaviour.
△ Less
Submitted 15 March, 2019;
originally announced March 2019.
-
Data-driven Air Quality Characterisation for Urban Environments: a Case Study
Authors:
Yuchao Zhou,
Suparna De,
Gideon Ewa,
Charith Perera,
Klaus Moessner
Abstract:
The economic and social impact of poor air quality in towns and cities is increasingly being recognised, together with the need for effective ways of creating awareness of real-time air quality levels and their impact on human health. With local authority maintained monitoring stations being geographically sparse and the resultant datasets also featuring missing labels, computational data-driven m…
▽ More
The economic and social impact of poor air quality in towns and cities is increasingly being recognised, together with the need for effective ways of creating awareness of real-time air quality levels and their impact on human health. With local authority maintained monitoring stations being geographically sparse and the resultant datasets also featuring missing labels, computational data-driven mechanisms are needed to address the data sparsity challenge. In this paper, we propose a machine learning-based method to accurately predict the Air Quality Index (AQI), using environmental monitoring data together with meteorological measurements. To do so, we develop an air quality estimation framework that implements a neural network that is enhanced with a novel Non-linear Autoregressive neural network with exogenous input (NARX), especially designed for time series prediction. The framework is applied to a case study featuring different monitoring sites in London, with comparisons against other standard machine-learning based predictive algorithms showing the feasibility and robust performance of the proposed method for different kinds of areas within an urban region.
△ Less
Submitted 1 December, 2018;
originally announced January 2019.
-
Hybrid Microaggregation for Privacy-Preserving Data Mining
Authors:
Balkis Abidi,
Sadok Ben Yahia,
Charith Perera
Abstract:
k-Anonymity by microaggregation is one of the most commonly used anonymization techniques. This success is owe to the achievement of a worth of interest tradeoff between information loss and identity disclosure risk. However, this method may have some drawbacks. On the disclosure limitation side, there is a lack of protection against attribute disclosure. On the data utility side, dealing with a r…
▽ More
k-Anonymity by microaggregation is one of the most commonly used anonymization techniques. This success is owe to the achievement of a worth of interest tradeoff between information loss and identity disclosure risk. However, this method may have some drawbacks. On the disclosure limitation side, there is a lack of protection against attribute disclosure. On the data utility side, dealing with a real datasets is a challenging task to achieve. Indeed, the latter are characterized by their large number of attributes and the presence of noisy data, such that outliers or, even, data with missing values. Generating an anonymous individual data useful for data mining tasks, while decreasing the influence of noisy data is a compelling task to achieve. In this paper, we introduce a new microaggregation method, called HM-PFSOM, based on fuzzy possibilistic clustering. Our proposed method operates through an hybrid manner. This means that the anonymization process is applied per block of similar data. Thus, we can help to decrease the information loss during the anonymization process. The HMPFSOM approach proposes to study the distribution of confidential attributes within each sub-dataset. Then, according to the latter distribution, the privacy parameter k is determined, in such a way to preserve the diversity of confidential attributes within the anonymized microdata. This allows to decrease the disclosure risk of confidential information.
△ Less
Submitted 4 December, 2018;
originally announced December 2018.
-
User-centric Privacy Engineering for the Internet of Things
Authors:
Mahmoud Barhamgi,
Charith Perera,
Chirine Ghedira,
Djamal Benslimane
Abstract:
User privacy concerns are widely regarded as a key obstacle to the success of modern smart cyber-physical systems. In this paper, we analyse, through an example, some of the requirements that future data collection architectures of these systems should implement to provide effective privacy protection for users. Then, we give an example of how these requirements can be implemented in a smart home…
▽ More
User privacy concerns are widely regarded as a key obstacle to the success of modern smart cyber-physical systems. In this paper, we analyse, through an example, some of the requirements that future data collection architectures of these systems should implement to provide effective privacy protection for users. Then, we give an example of how these requirements can be implemented in a smart home scenario. Our example architecture allows the user to balance the privacy risks with the potential benefits and take a practical decision determining the extent of the sharing. Based on this example architecture, we identify a number of challenges that must be addressed by future data processing systems in order to achieve effective privacy management for smart cyber-physical systems.
△ Less
Submitted 4 September, 2018;
originally announced September 2018.
-
Rentable Internet of Things Infrastructure for Sensing as a Service (S2aaS)
Authors:
Charith Perera
Abstract:
Sensing as a Service (S2aaS) model [1] [2] is inspired by the traditional Everything as a service (XaaS) approaches [3]. It aims to better utilize the existing Internet of Things (IoT) infrastructure. S2aaS vision aims to create 'rentable infrastructure' where interested parties can gather IoT data by paying a fee for the infrastructure owners.
Sensing as a Service (S2aaS) model [1] [2] is inspired by the traditional Everything as a service (XaaS) approaches [3]. It aims to better utilize the existing Internet of Things (IoT) infrastructure. S2aaS vision aims to create 'rentable infrastructure' where interested parties can gather IoT data by paying a fee for the infrastructure owners.
△ Less
Submitted 13 July, 2018;
originally announced July 2018.
-
A Unified Knowledge Representation and Context-aware Recommender System in Internet of Things
Authors:
Yinhao Li,
Awa Alqahtani,
Ellis Solaiman,
Charith Perera,
Prem Prakash Jayaraman,
Boualem Benatallah,
Rajiv Ranjan
Abstract:
Within the rapidly develo** Internet of Things (IoT), numerous and diverse physical devices, Edge devices, Cloud infrastructure, and their quality of service requirements (QoS), need to be represented within a unified specification in order to enable rapid IoT application development, monitoring, and dynamic reconfiguration. But heterogeneities among different configuration knowledge representat…
▽ More
Within the rapidly develo** Internet of Things (IoT), numerous and diverse physical devices, Edge devices, Cloud infrastructure, and their quality of service requirements (QoS), need to be represented within a unified specification in order to enable rapid IoT application development, monitoring, and dynamic reconfiguration. But heterogeneities among different configuration knowledge representation models pose limitations for acquisition, discovery and curation of configuration knowledge for coordinated IoT applications. This paper proposes a unified data model to represent IoT resource configuration knowledge artifacts. It also proposes IoT-CANE (Context-Aware recommendatioN systEm) to facilitate incremental knowledge acquisition and declarative context driven knowledge recommendation.
△ Less
Submitted 24 May, 2018; v1 submitted 10 May, 2018;
originally announced May 2018.
-
A Hybrid Approach for Data Analytics for Internet of Things
Authors:
Badraddin Alturki,
Stephan Reiff-Marganiec,
Charith Perera
Abstract:
The vision of the Internet of Things is to allow currently unconnected physical objects to be connected to the internet. There will be an extremely large number of internet connected devices that will be much more than the number of human being in the world all producing data. These data will be collected and delivered to the cloud for processing, especially with a view of finding meaningful infor…
▽ More
The vision of the Internet of Things is to allow currently unconnected physical objects to be connected to the internet. There will be an extremely large number of internet connected devices that will be much more than the number of human being in the world all producing data. These data will be collected and delivered to the cloud for processing, especially with a view of finding meaningful information to then take action. However, ideally the data needs to be analysed locally to increase privacy, give quick responses to people and to reduce use of network and storage resources. To tackle these problems, distributed data analytics can be proposed to collect and analyse the data either in the edge or fog devices. In this paper, we explore a hybrid approach which means that both innetwork level and cloud level processing should work together to build effective IoT data analytics in order to overcome their respective weaknesses and use their specific strengths. Specifically, we collected raw data locally and extracted features by applying data fusion techniques on the data on resource constrained devices to reduce the data and then send the extracted features to the cloud for processing. We evaluated the accuracy and data consumption over network and thus show that it is feasible to increase privacy and maintain accuracy while reducing data communication demands.
△ Less
Submitted 21 August, 2017;
originally announced August 2017.
-
Privacy Guidelines for Internet of Things: A Cheat Sheet
Authors:
Charith Perera
Abstract:
This document presents 30 different privacy guidelines that can be used to both design and assess IoT applications and IoT middleware platforms. These guidelines can be broadly categorised into eight categories, namely, MINIMIZE ( ), HIDE ( ), SEPARATE ( ), AGGREGATE ( ), INFORM ( ), CONTROL ( ), ENFORCE ( ), DEMONSTRATE ( ). This document uses the following structure to introduce the each privacy…
▽ More
This document presents 30 different privacy guidelines that can be used to both design and assess IoT applications and IoT middleware platforms. These guidelines can be broadly categorised into eight categories, namely, MINIMIZE ( ), HIDE ( ), SEPARATE ( ), AGGREGATE ( ), INFORM ( ), CONTROL ( ), ENFORCE ( ), DEMONSTRATE ( ). This document uses the following structure to introduce the each privacy guidelines. First, we describe the philosophy behind each guideline in general. Then, we present the questions that software architects need to think about when designing or assessing an IoT platform or application. The questions slightly vary depending on whether the architect is assessing a platform or an application.
△ Less
Submitted 12 August, 2017;
originally announced August 2017.
-
Fog Computing for Sustainable Smart Cities: A Survey
Authors:
Charith Perera,
Yongrui Qin,
Julio C. Estrella,
Stephan Reiff-Marganiec,
Athanasios V. Vasilakos
Abstract:
The Internet of Things (IoT) aims to connect billions of smart objects to the Internet, which can bring a promising future to smart cities. These objects are expected to generate large amounts of data and send the data to the cloud for further processing, specially for knowledge discovery, in order that appropriate actions can be taken. However, in reality sensing all possible data items captured…
▽ More
The Internet of Things (IoT) aims to connect billions of smart objects to the Internet, which can bring a promising future to smart cities. These objects are expected to generate large amounts of data and send the data to the cloud for further processing, specially for knowledge discovery, in order that appropriate actions can be taken. However, in reality sensing all possible data items captured by a smart object and then sending the complete captured data to the cloud is less useful. Further, such an approach would also lead to resource wastage (e.g. network, storage, etc.). The Fog (Edge) computing paradigm has been proposed to counterpart the weakness by pushing processes of knowledge discovery using data analytics to the edges. However, edge devices have limited computational capabilities. Due to inherited strengths and weaknesses, neither Cloud computing nor Fog computing paradigm addresses these challenges alone. Therefore, both paradigms need to work together in order to build an sustainable IoT infrastructure for smart cities. In this paper, we review existing approaches that have been proposed to tackle the challenges in the Fog computing domain. Specifically, we describe several inspiring use case scenarios of Fog computing, identify ten key characteristics and common features of Fog computing, and compare more than 30 existing research efforts in this domain. Based on our review, we further identify several major functionalities that ideal Fog computing platforms should support and a number of open challenges towards implementing them, so as to shed light on future research directions on realizing Fog computing for building sustainable smart cities.
△ Less
Submitted 21 March, 2017;
originally announced March 2017.
-
A Contextual Investigation of Location in the Home Using Bluetooth Low Energy Beacons
Authors:
Charith Perera,
Saeed Aghaee,
Ramsey Faragher,
Robert Harle,
Alan Blackwell
Abstract:
Location sensing is a key enabling technology for Ubicomp to support contextual interaction. However, the laboratories where calibrated testing of location technologies is done are very different to the domestic situations where `context' is a problematic social construct. This study reports measurements of Bluetooth beacons, informed by laboratory studies, but done in diverse domestic settings. T…
▽ More
Location sensing is a key enabling technology for Ubicomp to support contextual interaction. However, the laboratories where calibrated testing of location technologies is done are very different to the domestic situations where `context' is a problematic social construct. This study reports measurements of Bluetooth beacons, informed by laboratory studies, but done in diverse domestic settings. The design of these surveys has been motivated by the natural environment implied in the Bluetooth beacon standards - relating the technical environment of the beacon to the function of spaces within the home. This research method can be considered as a situated, `ethnographic' technical response to the study of physical infrastructure that arises through social processes. The results offer insights for the future design of `seamful' approaches to indoor location sensing, and to the ways that context might be constructed and interpreted in a seamful manner.
△ Less
Submitted 12 March, 2017;
originally announced March 2017.
-
Designing Privacy-aware Internet of Things Applications
Authors:
Charith Perera,
Mahmoud Barhamgi,
Arosha K. Bandara,
Muhammad Ajmal,
Blaine Price,
Bashar Nuseibeh
Abstract:
Internet of Things (IoT) applications typically collect and analyse personal data that can be used to derive sensitive information about individuals. However, thus far, privacy concerns have not been explicitly considered in software engineering processes when designing IoT applications. The advent of behaviour driven security mechanisms, failing to address privacy concerns in the design of IoT ap…
▽ More
Internet of Things (IoT) applications typically collect and analyse personal data that can be used to derive sensitive information about individuals. However, thus far, privacy concerns have not been explicitly considered in software engineering processes when designing IoT applications. The advent of behaviour driven security mechanisms, failing to address privacy concerns in the design of IoT applications can have security implications. In this paper, we explore how a Privacy-by-Design (PbD) framework, formulated as a set of guidelines, can help software engineers integrate data privacy considerations into the design of IoT applications. We studied the utility of this PbD framework by studying how software engineers use it to design IoT applications. We also explore the challenges in using the set of guidelines to influence the IoT applications design process. In addition to highlighting the benefits of having a PbD framework to make privacy features explicit during the design of IoT applications, our studies also surfaced a number of challenges associated with the approach. A key finding of our research is that the PbD framework significantly increases both novice and expert software engineers' ability to design privacy into IoT applications.
△ Less
Submitted 11 April, 2019; v1 submitted 10 March, 2017;
originally announced March 2017.
-
Sensing as a Service (S2aaS): Buying and Selling IoT Data
Authors:
Charith Perera
Abstract:
The Internet of Things (IoT) [1] envisions the creation of an environment where everyday objects (e.g. microwaves, fridges, cars, coffee machines, etc.) are connected to the internet and make users' lives more convenient. It will also lead users to consume resources more efficiently.
The Internet of Things (IoT) [1] envisions the creation of an environment where everyday objects (e.g. microwaves, fridges, cars, coffee machines, etc.) are connected to the internet and make users' lives more convenient. It will also lead users to consume resources more efficiently.
△ Less
Submitted 8 February, 2017;
originally announced February 2017.
-
Multi-criteria IoT Resource Discovery: A Comparative Analysis
Authors:
Luiz H. Nunes,
Julio C. Estrella,
Charith Perera,
Stephan Reiff-Marganiec,
Alexandre N. Delbem
Abstract:
The growth of real world objects with embedded and globally networked sensors allows to consolidate the Internet of Things paradigm and increase the number of applications in the domains of ubiquitous and context-aware computing. The merging between Cloud Computing and Internet of Things named Cloud of Things will be the key to handle thousands of sensors and their data. One of the main challenges…
▽ More
The growth of real world objects with embedded and globally networked sensors allows to consolidate the Internet of Things paradigm and increase the number of applications in the domains of ubiquitous and context-aware computing. The merging between Cloud Computing and Internet of Things named Cloud of Things will be the key to handle thousands of sensors and their data. One of the main challenges in the Cloud of Things is context-aware sensor search and selection. Typically, sensors require to be searched using two or more conflicting context properties. Most of the existing work uses some kind of multi-criteria decision analysis to perform the sensor search and selection, but does not show any concern for the quality of the selection presented by these methods. In this paper, we analyse the behaviour of the SAW, TOPSIS and VIKOR multi-objective decision methods and their quality of selection comparing them with the Pareto-optimality solutions. The gathered results allow to analyse and compare these algorithms regarding their behaviour, the number of optimal solutions and redundancy.
△ Less
Submitted 16 November, 2016;
originally announced November 2016.
-
The Effects of Relative Importance of User Constraints in Cloud of Things Resource Discovery: A Case Study
Authors:
Luiz H. Nunes,
Julio C. Estrella,
Alexandre C. B. Delbem,
Charith Perera,
Stephan Reiff-Marganiec
Abstract:
Over the last few years, the number of smart objects connected to the Internet has grown exponentially in comparison to the number of services and applications. The integration between Cloud Computing and Internet of Things, named as Cloud of Things, plays a key role in managing the connected things, their data and services. One of the main challenges in Cloud of Things is the resource discovery o…
▽ More
Over the last few years, the number of smart objects connected to the Internet has grown exponentially in comparison to the number of services and applications. The integration between Cloud Computing and Internet of Things, named as Cloud of Things, plays a key role in managing the connected things, their data and services. One of the main challenges in Cloud of Things is the resource discovery of the smart objects and their reuse in different contexts. Most of the existent work uses some kind of multi-criteria decision analysis algorithm to perform the resource discovery, but do not evaluate the impact that the user constraints has in the final solution. In this paper, we analyse the behaviour of the SAW, TOPSIS and VIKOR multi-objective decision analyses algorithms and the impact of user constraints on them. We evaluated the quality of the proposed solutions using the Pareto-optimality concept.
△ Less
Submitted 16 November, 2016;
originally announced November 2016.
-
Privacy-by-Design Framework for Assessing Internet of Things Applications and Platforms
Authors:
Charith Perera,
Ciaran McCormick,
Arosha K. Bandara,
Blaine A. Price,
Bashar Nuseibeh
Abstract:
The Internet of Things (IoT) systems are designed and developed either as standalone applications from the ground-up or with the help of IoT middleware platforms. They are designed to support different kinds of scenarios, such as smart homes and smart cities. Thus far, privacy concerns have not been explicitly considered by IoT applications and middleware platforms. This is partly due to the lack…
▽ More
The Internet of Things (IoT) systems are designed and developed either as standalone applications from the ground-up or with the help of IoT middleware platforms. They are designed to support different kinds of scenarios, such as smart homes and smart cities. Thus far, privacy concerns have not been explicitly considered by IoT applications and middleware platforms. This is partly due to the lack of systematic methods for designing privacy that can guide the software development process in IoT. In this paper, we propose a set of guidelines, a privacy-by-design framework, that can be used to assess privacy capabilities and gaps of existing IoT applications as well as middleware platforms. We have evaluated two open source IoT middleware platforms, namely OpenIoT and Eclipse SmartHome, to demonstrate how our framework can be used in this way.
△ Less
Submitted 13 September, 2016;
originally announced September 2016.
-
Valorising the IoT Databox: Creating Value for Everyone
Authors:
Charith Perera,
Susan Wakenshaw,
Tim Baarslag,
Hamed Haddadi,
Arosha Bandara,
Richard Mortier,
Andy Crabtree,
Irene Ng,
Derek McAuley,
Jon Crowcroft
Abstract:
The Internet of Things (IoT) is expected to generate large amounts of heterogeneous data from diverse sources including physical sensors, user devices, and social media platforms. Over the last few years, significant attention has been focused on personal data, particularly data generated by smart wearable and smart home devices. Making personal data available for access and trade is expected to b…
▽ More
The Internet of Things (IoT) is expected to generate large amounts of heterogeneous data from diverse sources including physical sensors, user devices, and social media platforms. Over the last few years, significant attention has been focused on personal data, particularly data generated by smart wearable and smart home devices. Making personal data available for access and trade is expected to become a part of the data driven digital economy. In this position paper, we review the research challenges in building personal Databoxes that hold personal data and enable data access by other parties, and potentially thus sharing of data with other parties. These Databoxes are expected to become a core part of future data marketplaces.
△ Less
Submitted 12 September, 2016;
originally announced September 2016.
-
A Knowledge-Based Resource Discovery for Internet of Things
Authors:
Charith Perera,
Athanasios V. Vasilakos
Abstract:
In the sensing as a service paradigm, Internet of Things (IoT) Middleware platforms allow data consumers to retrieve the data they want without knowing the underlying technical details of IoT resources (i.e. sensors and data processing components). However, configuring an IoT middleware platform and retrieving data is a significant challenge for data consumers as it requires both technical knowled…
▽ More
In the sensing as a service paradigm, Internet of Things (IoT) Middleware platforms allow data consumers to retrieve the data they want without knowing the underlying technical details of IoT resources (i.e. sensors and data processing components). However, configuring an IoT middleware platform and retrieving data is a significant challenge for data consumers as it requires both technical knowledge and domain expertise. In this paper, we propose a knowledge driven approach called Context Aware Sensor Configuration Model (CASCOM) to simplify the process of configuring IoT middleware platforms, so the data consumers, specifically non-technical personnel, can easily retrieve the data they required. In this paper, we demonstrate how IoT resources can be described using semantics in such away that they can later be used to compose service work-flows. Such automated semantic-knowledge based IoT resource composition approach advances the current research. We demonstrate the feasibility and the usability of our approach through a prototype implementation based on an IoT middleware called Global Sensor Networks (GSN), though our model can be generalized to any other middleware platform.
△ Less
Submitted 29 June, 2016;
originally announced June 2016.
-
Privacy Knowledge Modelling for Internet of Things: A Look Back
Authors:
Charith Perera,
Chang Liu,
Rajiv Ranjan,
Lizhe Wang,
Albert Y. Zomaya
Abstract:
Internet of Things (IoT) and cloud computing together give us the ability to sense, collect, process, and analyse data so we can use them to better understand behaviours, habits, preferences and life patterns of users and lead them to consume resources more efficiently. In such knowledge discovery activities, privacy becomes a significant challenge due to the extremely personal nature of the knowl…
▽ More
Internet of Things (IoT) and cloud computing together give us the ability to sense, collect, process, and analyse data so we can use them to better understand behaviours, habits, preferences and life patterns of users and lead them to consume resources more efficiently. In such knowledge discovery activities, privacy becomes a significant challenge due to the extremely personal nature of the knowledge that can be derived from the data and the potential risks involved. Therefore, understanding the privacy expectations and preferences of stakeholders is an important task in the IoT domain. In this paper, we review how privacy knowledge has been modelled and used in the past in different domains. Our goal is not only to analyse, compare and consolidate past research work but also to appreciate their findings and discuss their applicability towards the IoT. Finally, we discuss major research challenges and opportunities.
△ Less
Submitted 27 June, 2016;
originally announced June 2016.
-
Analytics-as-a-Service in a Multi-Cloud Environment through Semantically enabled Hierarchical Data Processing
Authors:
Prem Prakash Jayaraman,
Charith Perera,
Dimitrios Georgakopoulos,
Schahram Dustdar,
Dhavalkumar Thakker,
Rajiv Ranjan
Abstract:
A large number of cloud middleware platforms and tools are deployed to support a variety of Internet of Things (IoT) data analytics tasks. It is a common practice that such cloud platforms are only used by its owners to achieve their primary and predefined objectives, where raw and processed data are only consumed by them. However, allowing third parties to access processed data to achieve their o…
▽ More
A large number of cloud middleware platforms and tools are deployed to support a variety of Internet of Things (IoT) data analytics tasks. It is a common practice that such cloud platforms are only used by its owners to achieve their primary and predefined objectives, where raw and processed data are only consumed by them. However, allowing third parties to access processed data to achieve their own objectives significantly increases integration, cooperation, and can also lead to innovative use of the data. Multicloud, privacy-aware environments facilitate such data access, allowing different parties to share processed data to reduce computation resource consumption collectively. However, there are interoperability issues in such environments that involve heterogeneous data and analytics-as-a-service providers. There is a lack of both - architectural blueprints that can support such diverse, multi-cloud environments, and corresponding empirical studies that show feasibility of such architectures. In this paper, we have outlined an innovative hierarchical data processing architecture that utilises semantics at all the levels of IoT stack in multicloud environments. We demonstrate the feasibility of such architecture by building a system based on this architecture using OpenIoT as a middleware, and Google Cloud and Microsoft Azure as cloud environments. The evaluation shows that the system is scalable and has no significant limitations or overheads.
△ Less
Submitted 25 June, 2016;
originally announced June 2016.
-
A Distributed Sensor Data Search Platform for Internet of Things Environments
Authors:
Luiz Nunes,
Julio Estrella,
Luis Nakamura,
Rafael de Libardi,
Carlos Ferreira,
Liuri Jorge,
Charith Perera,
Stephan Reiff-Marganiec
Abstract:
Recently, the number of devices has grown increasingly and it is hoped that, between 2015 and 2016, 20 billion devices will be connected to the Internet and this market will move around 91.5 billion dollars. The Internet of Things (IoT) is composed of small sensors and actuators embedded in objects with Internet access and will play a key role in solving many challenges faced in today's society. H…
▽ More
Recently, the number of devices has grown increasingly and it is hoped that, between 2015 and 2016, 20 billion devices will be connected to the Internet and this market will move around 91.5 billion dollars. The Internet of Things (IoT) is composed of small sensors and actuators embedded in objects with Internet access and will play a key role in solving many challenges faced in today's society. However, the real capacity of IoT concepts is constrained as the current sensor networks usually do not exchange information with other sources. In this paper, we propose the Visual Search for Internet of Things (ViSIoT) platform to help technical and non-technical users to discover and use sensors as a service for different application purposes. As a proof of concept, a real case study is used to generate weather condition reports to support rheumatism patients. This case study was executed in a working prototype and a performance evaluation is presented.
△ Less
Submitted 25 June, 2016;
originally announced June 2016.
-
Applying Seamful Design in Location-based Mobile Museum Applications
Authors:
Tommy Nilsson,
Carl Hogsden,
Charith Perera,
Saeed Aghaee,
David Scruton,
Andreas Lund,
Alan F. Blackwell
Abstract:
The application of mobile computing is currently altering patterns of our behavior to a greater degree than perhaps any other invention. In combination with the introduction of power efficient wireless communication technologies, such as Bluetooth Low Energy (BLE), designers are today increasingly empowered to shape the way we interact with our physical surroundings and thus build entirely new exp…
▽ More
The application of mobile computing is currently altering patterns of our behavior to a greater degree than perhaps any other invention. In combination with the introduction of power efficient wireless communication technologies, such as Bluetooth Low Energy (BLE), designers are today increasingly empowered to shape the way we interact with our physical surroundings and thus build entirely new experiences. However, our evaluations of BLE and its abilities to facilitate mobile location-based experiences in public environments revealed a number of potential problems. Most notably, the position and orientation of the user in combination with various environmental factors, such as crowds of people traversing the space, were found to cause major fluctuations of the received BLE signal strength. These issues are rendering a seamless functioning of any location-based application practically impossible. Instead of achieving seamlessness by eliminating these technical issues, we thus choose to advocate the use of a seamful approach, i.e. to reveal and exploit these problems and turn them into a part of the actual experience. In order to demonstrate the viability of this approach, we designed, implemented and evaluated the Ghost Detector - an educational location-based museum game for children. By presenting a qualitative evaluation of this game and by motivating our design decisions, this paper provides insight into some of the challenges and possible solutions connected to the process of develo** location-based BLE-enabled experiences for public cultural spaces.
△ Less
Submitted 8 June, 2016; v1 submitted 18 May, 2016;
originally announced May 2016.
-
Energy Efficient Location and Activity-aware On-Demand Mobile Distributed Sensing Platform for Sensing as a Service in IoT Clouds
Authors:
Charith Perera,
Dumidu Talagala,
Chi Harold Liu,
Julio C. Estrella
Abstract:
The Internet of Things (IoT) envisions billions of sensors deployed around us and connected to the Internet, where the mobile crowd sensing technologies are widely used to collect data in different contexts of the IoT paradigm. Due to the popularity of Big Data technologies, processing and storing large volumes of data has become easier than ever. However, large scale data management tasks still r…
▽ More
The Internet of Things (IoT) envisions billions of sensors deployed around us and connected to the Internet, where the mobile crowd sensing technologies are widely used to collect data in different contexts of the IoT paradigm. Due to the popularity of Big Data technologies, processing and storing large volumes of data has become easier than ever. However, large scale data management tasks still require significant amounts of resources that can be expensive regardless of whether they are purchased or rented (e.g. pay-as-you-go infrastructure). Further, not everyone is interested in such large scale data collection and analysis. More importantly, not everyone has the financial and computational resources to deal with such large volumes of data. Therefore, a timely need exists for a cloud-integrated mobile crowd sensing platform that is capable of capturing sensors data, on-demand, based on conditions enforced by the data consumers. In this paper, we propose a context-aware, specifically, location and activity-aware mobile sensing platform called C-MOSDEN ( Context-aware Mobile Sensor Data ENgine) for the IoT domain. We evaluated the proposed platform using three real-world scenarios that highlight the importance of 'selective sensing'. The computational effectiveness and efficiency of the proposed platform are investigated and is used to highlight the advantages of context-aware selective sensing.
△ Less
Submitted 4 January, 2016;
originally announced January 2016.
-
City Data Fusion: Sensor Data Fusion in the Internet of Things
Authors:
Meisong Wang,
Charith Perera,
Prem Prakash Jayaraman,
Miranda Zhang,
Peter Strazdins,
Rajiv Ranjan
Abstract:
Internet of Things (IoT) has gained substantial attention recently and play a significant role in smart city application deployments. A number of such smart city applications depend on sensor fusion capabilities in the cloud from diverse data sources. We introduce the concept of IoT and present in detail ten different parameters that govern our sensor data fusion evaluation framework. We then eval…
▽ More
Internet of Things (IoT) has gained substantial attention recently and play a significant role in smart city application deployments. A number of such smart city applications depend on sensor fusion capabilities in the cloud from diverse data sources. We introduce the concept of IoT and present in detail ten different parameters that govern our sensor data fusion evaluation framework. We then evaluate the current state-of-the art in sensor data fusion against our sensor data fusion framework. Our main goal is to examine and survey different sensor data fusion research efforts based on our evaluation framework. The major open research issues related to sensor data fusion are also presented.
△ Less
Submitted 30 June, 2015;
originally announced June 2015.
