Knowledge Driven Privacy by Design for IoT

Project Overview

Internet of Things applications require both software and hardware components to cooperate across multiple nodes with different capabilities, making the incorporation of privacy considerations inherently complex. This project develops AI-based techniques to assist software engineers in embedding Privacy by Design (PbD) principles into IoT application development from the earliest design stages. The central contribution is Privacy Captain, a context-aware privacy assistant that semantically models privacy patterns and IoT system architectures using knowledge-based AI. Privacy Captain leverages ontologies and knowledge graphs to represent relationships between IoT components, data flows, and established privacy strategies, enabling it to automatically annotate system designs with appropriate privacy-preserving measures. By reasoning over these semantic models, the tool identifies potential privacy risks and recommends applicable design patterns drawn from a synthesised catalogue of privacy strategies.

The research objectives include reviewing and synthesising existing privacy-by-design schemes through systematic analysis of privacy strategies in IoT contexts, creating semantic models of privacy patterns and IoT systems, and developing and evaluating the Privacy Captain tool. This comprehensive approach ensures that the tool is grounded in a thorough understanding of the current landscape of privacy-preserving techniques.

Evaluations encompass healthcare and smart home application scenarios, demonstrating how the approach reduces breakdowns in the software design process and supports explainable privacy decisions. The project contributes towards making privacy-by-design practices more accessible and systematic for IoT practitioners, bridging the gap between privacy research and engineering practice.

Team

Alkhariji

Omer Rana

Charith Perera

Partners

PETRAS 2 UK research consortium exploring privacy, ethics, and trust in IoT.

Outcomes