حفظ حریم خصوصی در اینترنت اشیا
Abstract
1- Introduction
2- Related work
3- Preliminary
4- Game model and formulation
5- User’s response to privacy leakage
6- Game analysis based on Nash bargaining
7- Conclusion
References
Abstract
By exploiting rich personal information, Internet of Things can provide users with various customized experience and services, improving entertainment, convenience and quality for users’ life. However, unavoidably, these users suffer from serious risk of privacy leakage in the presence of untrusted service provider and malicious adversary. Game theory is treated as one of the most promising methodologies to investigate participants’ incentive, response, and behaviors and has been widely applied to design privacy preserving schemes. Nevertheless, the complex interactions among users, service provider, and adversary are not fully investigated in the existing work. What’s more, users’ social connection and interaction are ignored. In this paper, such complex interactions are modeled as a three-party game for the problem of private data trading in IoT with considering user’s social interaction in online social network. Particularly, data trading between service provider and adversary is formulated to be a Nash bargaining game, for which Nash bargaining solutions are analyzed via both theoretical analysis and numerical experiments. Our analysis can clearly illustrate data trading strategies between service provider and adversary and offer guidance for designing privacy protection scheme in IoT.
Introduction
Internet of Things (IoT) has achieved rapid development and promoted many emerging applications in recent years. With ubiquitous IoT devices, about 2.5 quintillion bytes of data are produced in every day [1]. According to estimation of Ahmed et al. [2], there will be 50 billion IoT devices in 2020. When people use IoT services, a lot of sensitive and personal information is uploaded to the service providers, such as personal profiles, sensors data of mobile terminal, and photos [3]. However, usually, users are not aware of how the service provider use their data and who could access their data clearly. Untrusted service providers may sell user’s data to third-party adversaries for extra profit without user’s permission. In 2018, Facebook admitted that an App related to Cambridge Analytica to harvest personal data of up to 87 million Facebook users without their consent [4]. And some OSNs, including twitter, Myspace and LiveJournal, also share user’s personally identifiable information to third parties [5]. Moreover, the study of Enck et al. [6] found that 15 out of 30 popular network services sent user’s information to remote advertisement or analytics servers. In the presence of untrusted service providers and adversaries, IoT users are suffering from severe risk of privacy leakage. As a new kind of IoT, social IoT (SIoT) has become popular [7,8], where the owners of IoT devices are also connected via online social network (OSN). That is, SIoT can be treated as the integration of IoT and OSN. In 2017, there are 2.46 billion social network users around the world, and it is estimated that the number of users will increase to 3.02 billion in 2021 [9].