Knowledge Driven Privacy by Design for IoT
Project Overview
Internet of Things applications require both software and hardware components to cooperate across multiple nodes with different capabilities, making the incorporation of privacy considerations inherently complex. This project develops AI-based techniques to assist software engineers in embedding Privacy by Design (PbD) principles into IoT application development from the earliest design stages. The central contribution is Privacy Captain, a context-aware privacy assistant that semantically models privacy patterns and IoT system architectures using knowledge-based AI. Privacy Captain leverages ontologies and knowledge graphs to represent relationships between IoT components, data flows, and established privacy strategies, enabling it to automatically annotate system designs with appropriate privacy-preserving measures. By reasoning over these semantic models, the tool identifies potential privacy risks and recommends applicable design patterns drawn from a synthesised catalogue of privacy strategies.
The research objectives include reviewing and synthesising existing privacy-by-design schemes through systematic analysis of privacy strategies in IoT contexts, creating semantic models of privacy patterns and IoT systems, and developing and evaluating the Privacy Captain tool. This comprehensive approach ensures that the tool is grounded in a thorough understanding of the current landscape of privacy-preserving techniques.
Evaluations encompass healthcare and smart home application scenarios, demonstrating how the approach reduces breakdowns in the software design process and supports explainable privacy decisions. The project contributes towards making privacy-by-design practices more accessible and systematic for IoT practitioners, bridging the gap between privacy research and engineering practice.
Team
Partners
Repositories
parrot-ontology
PARROT is an ontology describing privacy principles, strategies and patterns for connected devices. Built in OWL/RDF, it integrates vocabularies like SSN, SOSA, SKOS, IoT-Lite and GDPRtEXT. The model defines extensive classes, individuals and relationships to support privacy-aware system design.
privacy-patterns-booklet
LaTeX source for the "Privacy Patterns for Internet of Things" handbook. Includes chapters, numerous pattern definitions, images, bibliography, and a compiled PDF. Use these materials to explore privacy-preserving design strategies and tailor your own documentation.
pbd-knowledge-platform
Next.js platform for modelling Privacy by Design knowledge. Provides user authentication, principle and relationship tracking, question generation, email alerts and visualization. Uses Prisma, SQLite and Tailwind with modular components for easy extension and deployment.
pbd-schemes-analysis
Visualization and interaction tool for examining relationships among privacy-by-design elements. Provides Plotly scripts to build Sankey diagrams and a Flask web app for collecting user assessments. Data is stored in a SQLite database with HTML templates for a simple UI.