Privacy guidance for IoT has been proposed by organisations, including OWASP, the GSM Association, and OneM2M. However, guidance regarding confidential information disclosure, one of the most alarming privacy threats, has not been instantiated nor implemented in real IoT testing environments. That is, existing methods either assume static data, which makes them unsuited for these environments, or focus on the prevention of other privacy threats. Therefore, Modio has designed and implemented Qiqbus components to help IoT manufacturers or service providers to assess the privacy strength of their devices and/or services against confidential information disclosure. Our Qiqbus ‘privacy analysis’ feature enables: (i) automatic detection and classification of confidential data from streaming data collected from experiments, (ii) evaluation of the level of privacy protection offered by encryption, de-identification, and anonymisation, (iii) option for users to express their preferences, regarding information that is deemed as confidential, through privacy policies, and (iv) visualisation of the outcomes of the privacy tests using intuitive and informative User Interfaces (UIs). To offer such functionality, we developed methods based on machine learning, Big Data analytics, and web-based visualisation, using Qiqbus, our commercial platform for large-scale machine learning and analytics for streaming data.
Specifically, we apply the privacy methods and measures of Poulis, Loukides et al. https://doi.org/10.1016/j.jbi.2016.11.001 as the backbone of the Qickbus Privacy analyser component.
We hereby depict an indicative User Interface displaying at real time the outcomes of our privacy algorithms, which was developed within F-INTEROP H2020 project, which we designed and completed in collaboration with Kings College London (Principal Investigator: Dr Loukides).
The UI is fully customisable from the end user. The MVP of the SaaS edition shall be soon announced in a major IoT event.