Survey on Differential Privacy for Industrial IoT
Abstract
The development of technologies and infrastructure is growing day by day using the Internet of Things (IoT), especially in the industrial industry. Due to the large number of applications connected and they share a large amount of data between them. The protection of privacy is required either by laws or user’s preferences. Protecting privacy is difficult as IoT devices are connected to different types of devices. This brings a lot of challenges to protect privacy. In this paper, I will review the privacy-related issues and approaches to resolve those privacy issues using some algorithms and techniques which improve data availability significantly.
Introduction
Internet of things, IoT is a system of interconnected computing machines that are connected to collect and exchange information. This information can be then used in business to maximize savings and increase efficiencies in the operation of a business. The industrial system is an expansion of IoT which is used in industrial sectors and applications. It generates an enormous amount of data that can be used for different purposes. When there is a huge amount of data, security, and privacy must be applied to secure the information. Privacy is complex as there are several privacy laws and legislations that need to satisfy. Differential privacy is a system for sharing your information in public about a dataset with the patterns. This process must reserve information about the individual in the dataset. Differential privacy is the modern privacy protection model where the model overlooks the background knowledge of an attacker. The differential privacy protection method ensures the model provides differential privacy to assure that data privacy is not exposed and diminishes the error generated by noise to enhance the accessibility of data. The principal idea of differential privacy is to add adequate noise in the original data so that meaning of any single individual on the outcome is comparatively small to the noise.
Privacy challenges
IoT devices are considered as major privacy concerns as they produce, process, and interchange enormous quantities of personal and sensitive data which holds critical information about the When there is a large amount of data then that data needs to be protected. Personal data can be sensitive and industrial systems collect personal information such as user identity, location, and multiple other personal characteristics. Such information can disclose a lot about user’s behaviour such as daily life actions. Many users are not comfortable revealing private data to unrestricted servers without appropriate trust and privacy models. It is important to assure the integrity of data that industrial systems generate and process.
There are several challenges with the privacy of data that industrial systems generate and process for different purposes. These data hold information about different applications such as wireless sensor networks. Besides, the collected data contains information about the location which is distinct and of high significance. Lack of well-designed IoT will have many security and privacy issues. IoT devices are data fusion which means they are integrated with multiple data sources to compute so that the model or the system produces a better result in terms of consistency and accuracy. Because of this data needs to be anonymized and differential privacy is one of the most adapted solutions to interact information without negotiating integrity and privacy (Hassan, et al., 2019). If the raw data is stored in the server, it is vulnerable to attacks, threats, and intrusion.
Identification is one of the privacy concerns in IoT that has the threat of associating an identifier such as the name or address of a person. Personal information is collected for various purposes in IoT such as RFID technology. Similarly, localization and tracking are another privacy issue with the threat of finding out a person’s location through time and space. Many violations of privacy can be associated with cell phone location and GPS systems.
De-identification of IoT data is crucial in the industrial system for various purposes such as research or competition. To do this, data must be released publicly online which might contain personal information. A common way to fix this issue is to de-identify the data so that data doesn’t reflect on a certain person. However, it is very difficult in IoT as the data is in an extremely rough nature.
Methodology
It is crucial to develop a privacy protection data plan for protecting privacy-sensitive information. The data should not disclose the sensitive information of any applications that are used for generating and processing the information. Therefore, it is essential to protect the integrity of data with data privacy protection strategy. Privacy needs to be preserved in different layers of IoT. The application, platform, and device layers hold information about users and the network.
The Differential privacy for IoT uses k-anonymity with traditional differential privacy. Generalization and suppression techniques are used to get anonymity in the dataset. It is a process of enhanced anonymization. Data anonymization is the process of eliminating recognizable information that may lead to personal identification. The main purpose is to substitute feature values with more complex values for example date of birth can be the range of 25–30. The main goal of data anonymization is to keep user’s privacy private. In addition, it also permits service providers to use composed information to modify the services for users. The main intentions of data anonymization include that protecting the privacy of connected users, hiding any information about the network internal structure, ad maintaining the anonymized traffic traces as realistic as practicable to the non-anonymized packet stream.
The differential privacy protection technology developed on low-cohesion can be useful to enhance data efficiency while preserving differential privacy through low-cohesion technology to accomplish privacy protection (Hou, et al., 2020). The methods of frequent pattern mining are based on candidate sets which are expressed by the apriori algorithm. This model is very comparable to the traditional k-anonymity model where generalization and suppression techniques use distinct methods for various data. In addition, it will not attach new features to the initial data which helps to reduce the complexity of data analysis (Xi, 2020). Similarly, it will prevent data suppression which means it is easy when using software for analysis of k-anonymous data. It is ideal for preserving the privacy of continuous data as it holds the numerical semantics of continuous data.
The low-cohesion algorithm for K-anonymisation has two methods which are either partitioning or aggregating (Xi, 2020). Partitioning is the process of grouping data table into many clusters which are also known as k-partitioning. Aggregation is the method of aggregating the quasi-identifiers in the individual cluster and determine the centroid of every collection which is the average value of continuous data and the median value of classification data.
Location privacy for industrial systems using Differential privacy is a technique of differential privacy where tree node obtaining frequency model is used with Laplacian noise (Xi, 2020). It maximizes the data utility and decreases the amount of time. Location privacy requires to be protected. It is the location privacy of each node in industrial systems and the location privacy of the industrial systems in providing multiple location services. Location privacy tree (LPT) and differential privacy-k (DP-k) location privacy protection systems can be applied to protect the location data privacy in big data which is generated in industrial systems.
The traditional measures for securing privacy can be applied when designing industrial systems. The role-based access control (RBAC) and authentication can be practised preventing user’s privacy leaks and shield from unauthorized access. Similarly, data encryption can offer secure and reliable data exchange that can guarantee the anonymization of data. Cryptography technology helps to protect the privacy, confidentiality, authenticity, and integrity of data.
Conclusion
IoT and industrial systems are using cutting edge technologies such as machine learning models and artificial intelligence applications where such systems are accumulating a tremendous number of data. Similarly, there are a lot of distinct privacy laws that need to be obeyed to preserve the integrity of the information that is stored and exchanged between the systems. There are several difficulties to preserve the privacy of the data. However, some multiple procedures and standards can be used to protect the privacy and solve the difficulty of privacy protection in industrial systems.
References
Hassan, M. U., Rehmani, M. H. & Chen, J., 2019. Differential Privacy Techniques for Cyber Physical Systems: A Survey. [Online]
Available at: https://arxiv.org/abs/1812.02282
[Accessed 2020 May 2020].Hou, J. et al., 2020. Low-cohesion differential privacy protection for industrial Internet. [Online]
Available at: https://link.springer.com/article/10.1007/s11227-019-03122-y
[Accessed 20 May 2020].Xi, J., 2020. Location Privacy Protection Based on Differential Privacy Strategy for Big Data in Industrial Internet of Things. [Online]
Available at: https://www.researchgate.net/publication/337592019_Location_Privacy_Protection_Based_on_Differential_Privacy_Strategy_for_Big_Data_in_Industrial_Internet_of_Things
[Accessed 20 May 2020].
