IoT Expunge: Implementing Verifiable Retention of IoT Data

Nisha Panwar; Shantanu Sharma; Peeyush Gupta; Dhrubajyoti Ghosh; Sharad Mehrotra; Nalini Venkatasubramanian

doi:10.1145/3374664.3375737

IoT Expunge: Implementing Verifiable Retention of IoT Data

Nisha Panwar, Shantanu Sharma, Peeyush Gupta, Dhrubajyoti Ghosh, Sharad Mehrotra, Nalini Venkatasubramanian

Computer & Cyber Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Scopus citations

Abstract

The growing deployment of Internet of Things (IoT) systems aims to ease the daily life of end-users by providing several value-added services. However, IoT systems may capture and store sensitive, personal data about individuals in the cloud, thereby jeopardizing user-privacy. Emerging legislation, such as California's CalOPPA and GDPR in Europe, support strong privacy laws to protect an individual's data in the cloud. One such law relates to strict enforcement of data retention policies. This paper proposes a framework, entitled IoT Expunge that allows sensor data providers to store the data in cloud platforms that will ensure enforcement of retention policies. Additionally, the cloud provider produces verifiable proofs of its adherence to the retention policies. Experimental results on a real-world smart building testbed show that IoT Expunge imposes minimal overheads to the user to verify the data against data retention policies.

Original language	English (US)
Title of host publication	CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy
Publisher	Association for Computing Machinery, Inc
Pages	283-294
Number of pages	12
ISBN (Electronic)	9781450371070
DOIs	https://doi.org/10.1145/3374664.3375737
State	Published - Mar 16 2020
Event	10th ACM Conference on Data and Application Security and Privacy, CODASPY 2020 - New Orleans, United States Duration: Mar 16 2020 → Mar 18 2020

Publication series

Name	CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy

Conference

Conference	10th ACM Conference on Data and Application Security and Privacy, CODASPY 2020
Country/Territory	United States
City	New Orleans
Period	3/16/20 → 3/18/20

Keywords

data deletion
internet of things
smart building
user privacy
verification

ASJC Scopus subject areas

Software
Computer Science Applications

Access to Document

10.1145/3374664.3375737

Cite this

Panwar, N., Sharma, S., Gupta, P., Ghosh, D., Mehrotra, S., & Venkatasubramanian, N. (2020). IoT Expunge: Implementing Verifiable Retention of IoT Data. In CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy (pp. 283-294). (CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy). Association for Computing Machinery, Inc. https://doi.org/10.1145/3374664.3375737

IoT Expunge: Implementing Verifiable Retention of IoT Data. / Panwar, Nisha; Sharma, Shantanu; Gupta, Peeyush et al.
CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2020. p. 283-294 (CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Panwar, N, Sharma, S, Gupta, P, Ghosh, D, Mehrotra, S & Venkatasubramanian, N 2020, IoT Expunge: Implementing Verifiable Retention of IoT Data. in CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy. CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery, Inc, pp. 283-294, 10th ACM Conference on Data and Application Security and Privacy, CODASPY 2020, New Orleans, United States, 3/16/20. https://doi.org/10.1145/3374664.3375737

Panwar N, Sharma S, Gupta P, Ghosh D, Mehrotra S, Venkatasubramanian N. IoT Expunge: Implementing Verifiable Retention of IoT Data. In CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc. 2020. p. 283-294. (CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy). doi: 10.1145/3374664.3375737

Panwar, Nisha ; Sharma, Shantanu ; Gupta, Peeyush et al. / IoT Expunge : Implementing Verifiable Retention of IoT Data. CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2020. pp. 283-294 (CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy).

@inproceedings{f5c05cd5f3ba47e4a53157575c78c28d,

title = "IoT Expunge: Implementing Verifiable Retention of IoT Data",

abstract = "The growing deployment of Internet of Things (IoT) systems aims to ease the daily life of end-users by providing several value-added services. However, IoT systems may capture and store sensitive, personal data about individuals in the cloud, thereby jeopardizing user-privacy. Emerging legislation, such as California's CalOPPA and GDPR in Europe, support strong privacy laws to protect an individual's data in the cloud. One such law relates to strict enforcement of data retention policies. This paper proposes a framework, entitled IoT Expunge that allows sensor data providers to store the data in cloud platforms that will ensure enforcement of retention policies. Additionally, the cloud provider produces verifiable proofs of its adherence to the retention policies. Experimental results on a real-world smart building testbed show that IoT Expunge imposes minimal overheads to the user to verify the data against data retention policies.",

keywords = "data deletion, internet of things, smart building, user privacy, verification",

author = "Nisha Panwar and Shantanu Sharma and Peeyush Gupta and Dhrubajyoti Ghosh and Sharad Mehrotra and Nalini Venkatasubramanian",

note = "Publisher Copyright: {\textcopyright} 2020 ACM.; 10th ACM Conference on Data and Application Security and Privacy, CODASPY 2020 ; Conference date: 16-03-2020 Through 18-03-2020",

year = "2020",

month = mar,

day = "16",

doi = "10.1145/3374664.3375737",

language = "English (US)",

series = "CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy",

publisher = "Association for Computing Machinery, Inc",

pages = "283--294",

booktitle = "CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy",

}

TY - GEN

T1 - IoT Expunge

T2 - 10th ACM Conference on Data and Application Security and Privacy, CODASPY 2020

AU - Panwar, Nisha

AU - Sharma, Shantanu

AU - Gupta, Peeyush

AU - Ghosh, Dhrubajyoti

AU - Mehrotra, Sharad

AU - Venkatasubramanian, Nalini

PY - 2020/3/16

Y1 - 2020/3/16

N2 - The growing deployment of Internet of Things (IoT) systems aims to ease the daily life of end-users by providing several value-added services. However, IoT systems may capture and store sensitive, personal data about individuals in the cloud, thereby jeopardizing user-privacy. Emerging legislation, such as California's CalOPPA and GDPR in Europe, support strong privacy laws to protect an individual's data in the cloud. One such law relates to strict enforcement of data retention policies. This paper proposes a framework, entitled IoT Expunge that allows sensor data providers to store the data in cloud platforms that will ensure enforcement of retention policies. Additionally, the cloud provider produces verifiable proofs of its adherence to the retention policies. Experimental results on a real-world smart building testbed show that IoT Expunge imposes minimal overheads to the user to verify the data against data retention policies.

AB - The growing deployment of Internet of Things (IoT) systems aims to ease the daily life of end-users by providing several value-added services. However, IoT systems may capture and store sensitive, personal data about individuals in the cloud, thereby jeopardizing user-privacy. Emerging legislation, such as California's CalOPPA and GDPR in Europe, support strong privacy laws to protect an individual's data in the cloud. One such law relates to strict enforcement of data retention policies. This paper proposes a framework, entitled IoT Expunge that allows sensor data providers to store the data in cloud platforms that will ensure enforcement of retention policies. Additionally, the cloud provider produces verifiable proofs of its adherence to the retention policies. Experimental results on a real-world smart building testbed show that IoT Expunge imposes minimal overheads to the user to verify the data against data retention policies.

KW - data deletion

KW - internet of things

KW - smart building

KW - user privacy

KW - verification

UR - http://www.scopus.com/inward/record.url?scp=85083385073&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85083385073&partnerID=8YFLogxK

U2 - 10.1145/3374664.3375737

DO - 10.1145/3374664.3375737

M3 - Conference contribution

AN - SCOPUS:85083385073

T3 - CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy

SP - 283

EP - 294

BT - CODASPY 2020 - Proceedings of the 10th ACM Conference on Data and Application Security and Privacy

PB - Association for Computing Machinery, Inc

Y2 - 16 March 2020 through 18 March 2020

ER -

IoT Expunge: Implementing Verifiable Retention of IoT Data

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this