A new paper connected to the INTERSECT project has been just accepted for conference presentation and publication.
The research, namely “PICO: Privacy-Preserving Access Control in IoT Scenarios through Incomplete Information”, has been conducted at TU/e by Dr. Savio Sciancalepore and Dr. Nicola Zannone. It will be presented in the Cyber-Physical Systems (CPS) Track of the 37th ACM Symposium on Applied Computing (SAC), to be held in Brno (Czech Republic) on April 25-29, 2022.
PICO is a novel framework for privacy-preserving access control in IoT scenarios, which uses incomplete information to enhance privacy guarantees on IoT devices. In a nutshell, PICO allows IoT devices to evaluate the privacy risks of disclosing the information needed to access a service, and to determine at which level of granularity such information can be disclosed. At the same time, PICO empowers IoT platforms to evaluate access control policies even when incomplete information is provided, so as to possibly grant access to services based on a customized service-dependent risk factor. Through simulations using data from real IoT devices, it is shown the existence of a trade-off between privacy and energy consumption on IoT devices running PICO. Accordingly, more privacy can be achieved for such devices, but only by sacrificing a consistent portion of the overall energy capacity.
Interested readers can have a look to the author-version of the accepted paper, available here.