Visible to the public Performance Evaluation of the Policy Enforcement Fog Module for Protecting Privacy of IoT Data

TitlePerformance Evaluation of the Policy Enforcement Fog Module for Protecting Privacy of IoT Data
Publication TypeConference Paper
Year of Publication2018
AuthorsAl-Hasnawi, Abduljaleel, Mohammed, Ihab, Al-Gburi, Ahmed
Conference Name2018 IEEE International Conference on Electro/Information Technology (EIT)
Keywordsactive bundles, active data bundles, cloud, cloud computing, data owners, data privacy, data privacy-penalties, data sources, edge computing, fog, fog computing infrastructure, Human Behavior, Internet of Things, IoT, local IoT applications, PEFM, performance evaluation, policy enforcement, policy enforcement fog module, privacy, privacy controls, Privacy Policies, privacy policy, privacy protection, privacy threats, privacy violations, pubcrawl, real-time IoT applications, Real-time Systems, Scalability, security of data, self-protecting mechanism, sensitive IoT data protection, smart home, smart home proof-of-concept scenario
AbstractThe rapid development of the Internet of Things (IoT) results in generating massive amounts of data. Significant portions of these data are sensitive since they reflect (directly or indirectly) peoples' behaviors, interests, lifestyles, etc. Protecting sensitive IoT data from privacy violations is a challenge since these data need to be communicated, processed, analyzed, and stored by public networks, servers, and clouds; most of them are untrusted parties for data owners. We propose a solution for protecting sensitive IoT data called Policy Enforcement Fog Module (PEFM). The major task of the PEFM solution is mandatory enforcement of privacy policies for sensitive IoT data-wherever these data are accessed throughout their entire lifecycle. The key feature of PEFM is its placement within the fog computing infrastructure, which assures that PEFM operates as closely as possible to data sources within the edge. PEFM enforces policies directly for local IoT applications. In contrast, for remote applications, PEFM provides a self-protecting mechanism based on creating and disseminating Active Data Bundles (ADBs). ADBs are software constructs bundling inseparably sensitive data, their privacy policies, and an execution engine able to enforce privacy policies. To prove effectiveness and efficiency of the proposed module, we developed a smart home proof-of-concept scenario. We investigate privacy threats for sensitive IoT data. We run simulation experiments, based on network calculus, for testing performance of the PEFM controls for different network configurations. The results of the simulation show that-even with using from 1 to 5 additional privacy policies for improved data privacy-penalties in terms of execution time and delay are reasonable (approx. 12-15% and 13-19%, respectively). The results also show that PEFM is scalable regarding the number of the real-time constraints for real-time IoT applications.
Citation Keyal-hasnawi_performance_2018