Giotto: Internet of Things Privacy

Project Length: 3 months

Advising Professor: Jason Hong

Team Members: Sharon Rajkumar, Bharadwaj Ramachandran, Joonho Park

Giotto is a project aimed towards increasing the capabilities of humans interacting with ubiquitous devices and sensors. This Internet of Things (IoT) expedition keeps privacy at its core, and creates a framework for developers to create secure IoT applications.

Motivation

For IoT applications and systems, streams of user data collected from connected devices is crucial. This data allows for unique and interesting solutions and interactions. However, in the current state of IoT, user-friendly privacy control is often extremely limited, if it exists at all.

Architecture

Our team created two services to create a new paradigm for IoT privacy policies. The first is BuildingDepot, which handles the storing of data streams from sensors, which can be combined and used to answer specific queries. The second service is ActiveMap, which is where user-controlled privacy policies regarding their data are enforced.

User Privacy Policy Control

User-controlled privacy policies are at the core of Giotto. In order to allow users the ability to dynamically update who can have access to their data streams, we designed a structure and interface that can be used to quickly and easily group permissions into buckets.

Process

Scenarios and User Testing

In order to gauge how end users view and value their privacy in the context of ubiquitous applications, our team ideated a plethora of potential IoT use cases. We used these along with student surveys to determine the important insight that users think IoT applications are extremely interesting and helpful, but are timid to provide personal data in order to fuel said applications.