Visible to the public Graph-Based Data-Collection Policies for the Internet of Things

TitleGraph-Based Data-Collection Policies for the Internet of Things
Publication TypeConference Paper
Year of Publication2018
AuthorsFernández, Maribel, Jaimunk, Jenjira, Thuraisingham, Bhavani
Conference NameProceedings of the 4th Annual Industrial Control System Security Workshop
ISBN Number978-1-4503-6220-7
KeywordsCategory-Based Data Collection, composability, Human Behavior, Internet of Things, Metrics, policy analysis, Policy Visualisation, policy-based governance, privacy policy, pubcrawl, Security Policies Analysis, Smart Grid Privacy

Smart industrial control systems (e.g., smart grid, oil and gas systems, transportation systems) are connected to the internet, and have the capability to collect and transmit data; as such, they are part of the IoT. The data collected can be used to improve services; however, there are serious privacy risks. This concern is usually addressed by means of privacy policies, but it is often difficult to understand the scope and consequences of such policies. Better tools to visualise and analyse data collection policies are needed. Graph-based modelling tools have been used to analyse complex systems in other domains. In this paper, we apply this technique to IoT data-collection policy analysis and visualisation. We describe graphical representations of category-based data collection policies and show that a graph-based policy language is a powerful tool not only to specify and visualise the policy, but also to analyse policy properties. We illustrate the approach with a simple example in the context of a chemical plant with a truck monitoring system. We also consider policy administration: we propose a classification of queries to help administrators analyse policies, and we show how the queries can be answered using our technique.

Citation Keyfernandez_graph-based_2018