CaSPI: A Context-aware Semantic Reasoning Approach For Dynamic Privacy Risk Inference

Approach Overview

With the rapid expansion of smart cyber–physical systems and environments, users are becoming increasingly concerned about their privacy, and asking for more involvement in the control and protection of their data. However, users may not be completely aware of the direct and indirect privacy risks involved with exchanging data with data consumers to properly manage their privacy decisions.

Existing approaches of user privacy risk awareness suffer from several drawbacks, including: (i) no consideration of user contextual knowledge and its impact on data sensitivity, and thus on user privacy; (ii) lack of expressiveness in risk definitions to consider various simple/complex data combinations; (iii) lack of representation and serialization of data that are heterogeneous in terms of types, formats, sources, and semantics, to allow for holistic (all-data-inclusive) risk reasoning; (iv) lack of value-based reasoning; (v) lack of high-level risk detection that encompasses risks of various types and inferences; (vi) lack of an adaptable/user-friendly risk overview; (vii) lack of efficiency, performance-wise, to support the user in various contexts; and (viii) lack of re-usability in different application domains.

To address the aforementioned limitations, we propose in this chapter CaSPI, a context-aware semantic reasoning approach for dynamic privacy risk inference. This approach relies on the use of ontologies and inference rules for contextual knowledge representation and privacy risk definitions with high semantic expressiveness power. The risk inferences are thus achieved by performing rule-based reasoning over modeled context knowledge, which includes sensed data, as well as other background data about the user and her environment, with their relationships. CaSPI is generic and re-usable in different domains. Performance results showed that it provides scalability and computational and storage efficiency, making it able to assist the user in different contexts, including ephemeral ones.

Publication

• Bou-Chaaya, K., Barhamgi, M., Chbeir, R., Arnould, P., & Benslimane, D. (2019). Context-aware system for dynamic privacy risk inference: Application to smart iot environments. Future Generation Computer Systems, 101, 1096-1111.

Research Areas

• Privacy Engineering
• Privacy Risk
• Semantic Reasoning
• Context-aware Computing
• Internet of Things

Project Members

• Karam Bou-Chaaya
• Richard Chbeir
• Philippe Arnould
• Mahmoud Barhamgi
• Djamal Benslimane

Risk Reasoner Prototype

• Download Prototype Files (including Java code and uCSN Ontology files)