Privacy-by-design for Internet of Things (IoT): Implementing user autonomous options in a smart home scenario
In traditional Internet of Things (IoT) systems, users are unable to authorize and/or deauthorize the collection of user data. Hence, the problem of the absence of user autonomy in IoT systems. The project aims to tackle this problem by suggesting a human-centered privacy-by-design option in the design and implementation of IoT systems. It aims to prioritize the need for the privacy of the user in designing IoT systems. It proposes to do this through the provision of user autonomous commands that enable the user to opt out of the collection of a particular data type and restore the collection of that data type at will. A Smart Home was built and designed, as the IoT system, for the proof of concept. Various data types were collected at the edge level and three of them (audio, image and temperature) were selected to be transmitted to a remote NoSQL database. Through the user web application, the user was able to authorize and/or deauthorize the transmission of data types by choice. In addition, the user was given access to view a user-friendly presentation of the cloud database, to validate the execution of their autonomous actions taken. This was demonstrated in several use case scenarios. The results shown from this research illustrate that user autonomous actions for privacy can successfully be implemented in the design of IoT systems.
Capstone Project submitted to the Department of Engineering, Ashesi University in partial fulfillment of the requirements for the award of Bachelor of Science degree in Electrical and Electronic Engineering, May 2020
smart home, Internet of Things (IoT), privacy, user autonomy, web-based application