TY - JOUR
T1 - Synthesising Privacy by Design Knowledge Toward Explainable Internet of Things Application Designing in Healthcare
AU - Alkhariji, Lamya
AU - Alhirabi, Nada
AU - Alraja, Mansour Naser
AU - Barhamgi, Mahmoud
AU - Rana, Omer
AU - Perera, Charith
N1 - Funding Information: Charith Perera’s work is partially supported by PETRAS2: National Centre of Excellence for IoT Systems Cyber Security (Grant No. EP/S035362/1) and Quarriable Smart City Data Markets (Grant No. EP/T517203/1). Omer Rana’s work is supported by PACE: Privacy-aware Cloud Ecosystems (Grant No. EP/R033439/1). Mansour Naser Alraja is supported by The Research Council (TRC), Sultanate of Oman (Block Fund-Research Grant) (Grant No. BFP/RGP/ICT/19/186).
PY - 2021/6/14
Y1 - 2021/6/14
N2 - Privacy by Design (PbD) is the most common approach followed by software developers who aim to reduce risks within their application designs, yet it remains commonplace for developers to retain little conceptual understanding of what is meant by privacy. A vision is to develop an intelligent privacy assistant to whom developers can easily ask questions to learn how to incorporate different privacy-preserving ideas into their IoT application designs. This article lays the foundations toward developing such a privacy assistant by synthesising existing PbD knowledge to elicit requirements. It is believed that such a privacy assistant should not just prescribe a list of privacy-preserving ideas that developers should incorporate into their design. Instead, it should explain how each prescribed idea helps to protect privacy in a given application design context - this approach is defined as "Explainable Privacy."A total of 74 privacy patterns were analysed and reviewed using ten different PbD schemes to understand how each privacy pattern is built and how each helps to ensure privacy. Due to page limitations, we have presented a detailed analysis in Reference [3]. In addition, different real-world Internet of Things (IoT) use-cases, including a healthcare application, were used to demonstrate how each privacy pattern could be applied to a given application design. By doing so, several knowledge engineering requirements were identified that need to be considered when developing a privacy assistant. It was also found that, when compared to other IoT application domains, privacy patterns can significantly benefit healthcare applications. In conclusion, this article identifies the research challenges that must be addressed if one wishes to construct an intelligent privacy assistant that can truly augment software developers' capabilities at the design phase.
AB - Privacy by Design (PbD) is the most common approach followed by software developers who aim to reduce risks within their application designs, yet it remains commonplace for developers to retain little conceptual understanding of what is meant by privacy. A vision is to develop an intelligent privacy assistant to whom developers can easily ask questions to learn how to incorporate different privacy-preserving ideas into their IoT application designs. This article lays the foundations toward developing such a privacy assistant by synthesising existing PbD knowledge to elicit requirements. It is believed that such a privacy assistant should not just prescribe a list of privacy-preserving ideas that developers should incorporate into their design. Instead, it should explain how each prescribed idea helps to protect privacy in a given application design context - this approach is defined as "Explainable Privacy."A total of 74 privacy patterns were analysed and reviewed using ten different PbD schemes to understand how each privacy pattern is built and how each helps to ensure privacy. Due to page limitations, we have presented a detailed analysis in Reference [3]. In addition, different real-world Internet of Things (IoT) use-cases, including a healthcare application, were used to demonstrate how each privacy pattern could be applied to a given application design. By doing so, several knowledge engineering requirements were identified that need to be considered when developing a privacy assistant. It was also found that, when compared to other IoT application domains, privacy patterns can significantly benefit healthcare applications. In conclusion, this article identifies the research challenges that must be addressed if one wishes to construct an intelligent privacy assistant that can truly augment software developers' capabilities at the design phase.
KW - Explainable privacy
KW - Healthcare
KW - Internet of Things
KW - Knowledge engineering
KW - Privacy
KW - Privacy assistant
KW - Privacy by design
UR - http://www.scopus.com/inward/record.url?scp=85108506137&partnerID=8YFLogxK
U2 - 10.1145/3434186
DO - 10.1145/3434186
M3 - Article
AN - SCOPUS:85108506137
SN - 1551-6857
VL - 17
SP - 1
EP - 29
JO - ACM Transactions on Multimedia Computing, Communications and Applications
JF - ACM Transactions on Multimedia Computing, Communications and Applications
IS - 2s
M1 - 62
ER -