TY - JOUR
T1 - Knapsack graph-based privacy checking for smart environments
AU - Alom, Zulfikar
AU - Singh, Bikash Chandra
AU - Aung, Zeyar
AU - Azim, Mohammad Abdul
N1 - Publisher Copyright:
© 2021
PY - 2021/6
Y1 - 2021/6
N2 - A smart environment consisting of sensors and actuators that network a physical space makes the lives of users extremely convenient. In such environments, service providers collect, store, and process a huge amount of personal information from the users, and provide appropriate services in return. Processing personal information helps service providers dispense personalized services to users. The flow of personal information requires legal documents such as privacy preferences and privacy policies from the users and service providers, respectively. A software agent (to be installed either at the client's or server's end) performs the privacy checking (i.e., matches the service provider's privacy policies with the user's privacy preferences), and produces a decision based on a “take it or leave it” approach. Often, this check is too restrictive such that the user is denied the services, even if the privacy policies partially satisfy the user preferences. In this work, the privacy checking problem is envisaged as a knapsack problem, and to address it, we derive (i) knapsack privacy checking (KPC), and (ii) knapsack graph-based privacy checking (KPC-G) techniques. The system developed using these techniques finds the services that best match the user's privacy preferences as well as the service provider's policies, with a twofold functionality: (a) it recommends the best matching services based on user-supplied tolerance values, or (b) it solves an optimization problem to suggest services after adjusting the user-supplied tolerance values. Our experimental results demonstrate the effectiveness of the proposed model.
AB - A smart environment consisting of sensors and actuators that network a physical space makes the lives of users extremely convenient. In such environments, service providers collect, store, and process a huge amount of personal information from the users, and provide appropriate services in return. Processing personal information helps service providers dispense personalized services to users. The flow of personal information requires legal documents such as privacy preferences and privacy policies from the users and service providers, respectively. A software agent (to be installed either at the client's or server's end) performs the privacy checking (i.e., matches the service provider's privacy policies with the user's privacy preferences), and produces a decision based on a “take it or leave it” approach. Often, this check is too restrictive such that the user is denied the services, even if the privacy policies partially satisfy the user preferences. In this work, the privacy checking problem is envisaged as a knapsack problem, and to address it, we derive (i) knapsack privacy checking (KPC), and (ii) knapsack graph-based privacy checking (KPC-G) techniques. The system developed using these techniques finds the services that best match the user's privacy preferences as well as the service provider's policies, with a twofold functionality: (a) it recommends the best matching services based on user-supplied tolerance values, or (b) it solves an optimization problem to suggest services after adjusting the user-supplied tolerance values. Our experimental results demonstrate the effectiveness of the proposed model.
KW - Data security
KW - Knapsack problem
KW - Optimization
KW - Privacy policy checking
KW - Similarity measurement
KW - User privacy
UR - http://www.scopus.com/inward/record.url?scp=85103410275&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2021.102240
DO - 10.1016/j.cose.2021.102240
M3 - Article
AN - SCOPUS:85103410275
SN - 0167-4048
VL - 105
JO - Computers and Security
JF - Computers and Security
M1 - 102240
ER -