PARROT

Author:

Alhirabi Nada1ORCID,Beaumont Stephanie2ORCID,Llanos Jose Tomas3ORCID,Meedeniya Dulani4ORCID,Rana Omer5ORCID,Perera Charith5ORCID

Affiliation:

1. Cardiff University, School of Computer Science and Informatics, Cardiff, UK, King Saud University, Riyadh, Saudi Arabia

2. My Data Fix Ltd, London, UK

3. University College London, London, UK

4. University of Moratuwa, Moratuwa, Sri Lanka

5. Cardiff University, Cardiff, UK

Abstract

Internet of Things (IoT) applications typically collect and analyse personal data that is categorised as sensitive or special category of personal data. These data are subject to a higher degree of protection under data privacy laws. Regardless of legal requirements to support privacy practices, such as in Privacy by Design (PbD) schemes, these practices are not yet commonly followed by software developers. The difficulty of developing privacy-preserving applications emphasises the importance of exploring the problems developers face to embed privacy techniques, suggesting the need for a supporting tool. An interactive IoT application design tool - PARROT (PrivAcy by design tool foR inteRnet Of Things) - is presented. This tool helps developers to design privacy-aware IoT applications, taking account of privacy compliance during the design process and providing real-time feedback on potential privacy violations. A user study with 18 developers was conducted, comprising a semi-structured interview and a design exercise to understand how developers typically handle privacy within the design process. Collaboration with a privacy lawyer was used to review designs produced by developers to uncover privacy limitations that could be addressed by developing a software tool. Based on the findings, a proof-of-concept prototype of PARROT was implemented and evaluated in two controlled lab studies. The outcome of the study indicates that IoT applications designed with PARROT addressed privacy concerns better and managed to reduce several of the limitations identified. From a privacy compliance perspective, PARROT helps developers to address compliance requirements throughout the design and testing process. This is achieved by incorporating privacy specific design features into the IoT application from the beginning rather than retrospectively. (Demo Video).

Funder

EPSRC

PACE

King Saud University

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Hardware and Architecture,Human-Computer Interaction

Reference97 articles.

1. Yasemin Acar Sascha Fahl and Michelle L Mazurek. 2016. You are Not Your Developer Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users. In 2016 IEEE Cybersecurity Development (SecDev). 3--8. https://doi.org/10.1109/SecDev.2016.013 10.1109/SecDev.2016.013

2. Yasemin Acar Sascha Fahl and Michelle L Mazurek. 2016. You are Not Your Developer Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users. In 2016 IEEE Cybersecurity Development (SecDev). 3--8. https://doi.org/10.1109/SecDev.2016.013

3. Visual Simple Transformations: Empowering End-Users to Wire Internet of Things Objects;Akiki Pierre A;ACM Trans. Comput.-Hum. Interact,2017

4. Security and Privacy Requirements for the Internet of Things

5. Majedah Alrehiely , Parisa Eslambolchilar , and Rita Borgo . 2018. Evaluating Different Visualization Designs for Personal Health Data. April ( 2018 ). https://doi.org/10.14236/ewic/hci2018.205 10.14236/ewic Majedah Alrehiely, Parisa Eslambolchilar, and Rita Borgo. 2018. Evaluating Different Visualization Designs for Personal Health Data. April (2018). https://doi.org/10.14236/ewic/hci2018.205

Cited by 2 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

1. Empowering IoT Developers with Privacy-Preserving End-User Development Tools;Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies;2024-08-22

2. Designing Privacy-Aware IoT Applications for Unregulated Domains;ACM Transactions on Internet of Things;2024-04-23

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3