Successfully reported this slideshow.
Your SlideShare is downloading. ×

Iot meetup-thridi

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Loading in …3
×

Check these out next

1 of 11 Ad

Iot meetup-thridi

Download to read offline

The slides of the talk I've given at the IoT London meetup about the THRIDI project. More information on the THRIDI project can be found here: https://www.brunel.ac.uk/research/Projects/Project?id=853f2a38-b594-4494-9e13-e102afa272a1&language=en-GB

The slides of the talk I've given at the IoT London meetup about the THRIDI project. More information on the THRIDI project can be found here: https://www.brunel.ac.uk/research/Projects/Project?id=853f2a38-b594-4494-9e13-e102afa272a1&language=en-GB

Advertisement
Advertisement

More Related Content

Recently uploaded (20)

Advertisement

Iot meetup-thridi

  1. 1. Cigdem Sengul, Arthi Manohar, Jiahong Chen
  2. 2. 2 About Me • Work on networks and systems • Recently more interested in data protection – IETF (ACE) and Kantara (UMA) Working Groups • Even more recently, in multi-disciplinary work
  3. 3. Standardisation Working Groups: Secure IoT based on Web Authorisation OAuth 2.0 is a popular web authorization standard, which allows users to grant limited access to their resources on one site to another site, without exposing their credentials. Has distinct roles • Resource owner: “user” • Authorization server: The interface where authorization is obtained • Client: Application trying to get access to user information • Resource server: Hosts user information Access permissions to a resource are time-bound, scoped, compact tokens Resource owner (User Agent) Resource server Authorization server Client Delegates Obtains token Uses token Access permissions are captured in tokens
  4. 4. Who configures these systems? Standards don’t answer • Are end-users resource owners? • How do they configure authorization servers with privacy policies? • How do different people sharing a device manage privacy? • How can we support them create data sharing policies on-demand? 4
  5. 5. THRIDI We can’t afford people not know how they can protect their privacy
  6. 6. Funded by EPSRC HDI Read Workshop Report
  7. 7. HDI Framework: Legibility, Agency and Negotiability Legibility: helping people understand what is happening to data about them Agency: to change relevant systems to be in better accord with their wishes Negotiability: work with the people using the data to improve its processing.
  8. 8. 1. We are all very different Systems need to learn and adapt to different user behaviour and expectations Participants HS 1 HS 2 HS 3 HS 4 SA 1 SA 2 SA 3 SA 4 SH 1 SH 2 SH 3 ST 1 ST 2 ST 3 ST 4 Bathroom 9 10 8 9 10 10 10 9 10 5 10 10 9 10 10 Bedroom 10 9 9 8 8 8 6 10 9 6 9 9 10 9 9 Wallet 7 8 10 6 9 9 9 7 3 7 8 8 3 8 8 Living room 8 3 7 7 5 7 5 8 8 2 6 7 8 7 7 Window 3 6 5 4 7 6 8 4 7 9 4 2 7 6 5 Padlock 4 5 3 10 3 4 4 6 5 8 7 4 4 3 6 Door 6 7 4 5 4 5 3 3 4 10 3 3 6 4 4 Wall 5 1 6 3 6 2 7 5 6 4 5 5 5 5 1 Café 2 4 2 2 2 3 2 2 2 1 2 1 2 2 3 Public square 1 2 1 1 1 1 1 1 1 1 1 6 1 1 2
  9. 9. 2. We need different perspectives to solve problems • “[Maybe if ] we can just see the different perspectives, then maybe we can just overcome lots of things.” • “You should always minimise data collection. All problems start when you start to collect data. So, the least footprints you have the better in technology” • “the footprints are temporary because, at the end of the day, the environment will eliminate them.”
  10. 10. 3. More questions than answers requiring inter-disciplinary research • Smart Toys: What should be the default privacy settings like when user preferences may vary? • Smart Security: How better to incorporate transparency and accountability so these devices are not used for malicious purposes such as domestic abuse? • Smart Health: How to avoid information overload to users, especially when sharing health data to avoid unnecessary stress? • Smart Appliances: How can we make data flows more legible?
  11. 11. Let’s Talk Twitter: @c_sengu E-mail: cigdem.sengul@brunel.ac.uk

×