𝜹-π‘Ήπ’Šπ’”π’Œ: Toward Context-aware Multi-objective Privacy Management in Connected Environments

Delta-risk-proposal

Approach overview

In today’s highly connected environments (e.g., IoT environments), multiple systems collect, exchange, store, and process large amounts of fine-granular data in every aspect of life. Such detailed data improve the delivery of advanced services across a wide range of application domains (e.g., smart homes, cities, e-health). However, the produced data is often privacy-sensitive for their users (e.g., location, blood pressure), and its analysis allows data consumers to deduce sensitive information about users, such as their behaviors, activities, preferences, and so on.

Therefore, users must be able to make appropriate data utility-privacy decisions based on their situations and interests, in order to meet their privacy needs while also maximizing the quality of services received in exchange for their data. However, involving users in the management of such trade-offs is challenging due to the: (i) variety of expertise levels of users to express their needs and preferences; (ii) dynamicity of user contexts and the privacy risks involved; and (iii) complexity of reducing privacy risks to meet user needs without compromising main services. This raises consequently the need for a solution that can assist users in optimizing their data privacy decisions. Nonetheless, such a solution must be adaptive, scalable and fast in order to support the user in various contexts.

To address these challenges, we propose here 𝜹-Risk, a user-centric multi-objective approach for context-aware privacy management in connected environments. Our approach features a new privacy risk quantification model to dynamically calculate and select the best data protection strategies for the user based on her situation and preferences. Computed strategies are optimal in that they seek to closely satisfy user preferences, while also maximizing data utility and minimizing the cost of protection. We implemented our proposed approach, evaluated its performance in various scenarios, and formally studied its effectiveness. The results show that d-Risk delivers scalability and efficiency (performance-wise). It also provides the user with at least one best strategy per context.

Publication

Research Areas

  • User-centric Privacy
  • Privacy Risk Quantification
  • Privacy by Design
  • Context-aware Computing
  • Semantic Reasoning
  • Internet of Things

Project Members

  • Karam Bou-Chaaya
  • Richard Chbeir
  • Philippe Arnould
  • Mahmoud Barhamgi
  • Djamal Benslimane

𝜹-π‘Ήπ’Šπ’”π’Œ Prototype