Security Management Suitable for Lifecycle of Personal Information in Multi-User IoT Environment
In recent years, as all actions of Internet users become information, the importance of personal information is emphasized, but in reality, the management of personal information is still insufficient. With the advent of the concept of sharing systems such as the sharing economy, the numbers of IoT...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2021-11-01
|
| Series: | Sensors |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1424-8220/21/22/7592 |
| _version_ | 1827675382171566080 |
|---|---|
| author | Yong Lee Goo Yeon Lee |
| author_facet | Yong Lee Goo Yeon Lee |
| author_sort | Yong Lee |
| collection | DOAJ |
| description | In recent years, as all actions of Internet users become information, the importance of personal information is emphasized, but in reality, the management of personal information is still insufficient. With the advent of the concept of sharing systems such as the sharing economy, the numbers of IoT application services (for example, a healthcare service using sharing IoT devices, or a vehicle sharing system with IoT devices) using users’ personal information are increasing, but the risk of using personal information is not managed. To solve this issue, the European GDPR stipulates the content of personal information protection. In this paper, we present a method to securely manage personal information in IoT devices in IoT application environments in accordance with the GDPR. We first describe the lifecycle stages of personal information occurring in IoT application services and propose a method to securely manage personal information at each stage of the lifecycle according to the flow of personal information in IoT devices. We also evaluated the usefulness and applicability of the proposed scheme through two service scenarios. Since the proposed method satisfies the requirements for personal information management in IoT application environments, it is expected to contribute to the development of the IoT business field that handles personal information. |
| first_indexed | 2024-03-10T05:05:11Z |
| format | Article |
| id | doaj.art-9a58d949f32843899192c758eb7e987f |
| institution | Directory Open Access Journal |
| issn | 1424-8220 |
| language | English |
| last_indexed | 2024-03-10T05:05:11Z |
| publishDate | 2021-11-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Sensors |
| spelling | doaj.art-9a58d949f32843899192c758eb7e987f2023-11-23T01:26:17ZengMDPI AGSensors1424-82202021-11-012122759210.3390/s21227592Security Management Suitable for Lifecycle of Personal Information in Multi-User IoT EnvironmentYong Lee0Goo Yeon Lee1Department of Software and Security Convergence, Baewha Women’s University, Seoul 03039, KoreaDepartment of Computer and Communications Engineering, Kangwon National University, Chuncheon 24341, KoreaIn recent years, as all actions of Internet users become information, the importance of personal information is emphasized, but in reality, the management of personal information is still insufficient. With the advent of the concept of sharing systems such as the sharing economy, the numbers of IoT application services (for example, a healthcare service using sharing IoT devices, or a vehicle sharing system with IoT devices) using users’ personal information are increasing, but the risk of using personal information is not managed. To solve this issue, the European GDPR stipulates the content of personal information protection. In this paper, we present a method to securely manage personal information in IoT devices in IoT application environments in accordance with the GDPR. We first describe the lifecycle stages of personal information occurring in IoT application services and propose a method to securely manage personal information at each stage of the lifecycle according to the flow of personal information in IoT devices. We also evaluated the usefulness and applicability of the proposed scheme through two service scenarios. Since the proposed method satisfies the requirements for personal information management in IoT application environments, it is expected to contribute to the development of the IoT business field that handles personal information.https://www.mdpi.com/1424-8220/21/22/7592Internet of Thingspersonal informationinformation lifecycleIoT suitabilityGDPR |
| spellingShingle | Yong Lee Goo Yeon Lee Security Management Suitable for Lifecycle of Personal Information in Multi-User IoT Environment Sensors Internet of Things personal information information lifecycle IoT suitability GDPR |
| title | Security Management Suitable for Lifecycle of Personal Information in Multi-User IoT Environment |
| title_full | Security Management Suitable for Lifecycle of Personal Information in Multi-User IoT Environment |
| title_fullStr | Security Management Suitable for Lifecycle of Personal Information in Multi-User IoT Environment |
| title_full_unstemmed | Security Management Suitable for Lifecycle of Personal Information in Multi-User IoT Environment |
| title_short | Security Management Suitable for Lifecycle of Personal Information in Multi-User IoT Environment |
| title_sort | security management suitable for lifecycle of personal information in multi user iot environment |
| topic | Internet of Things personal information information lifecycle IoT suitability GDPR |
| url | https://www.mdpi.com/1424-8220/21/22/7592 |
| work_keys_str_mv | AT yonglee securitymanagementsuitableforlifecycleofpersonalinformationinmultiuseriotenvironment AT gooyeonlee securitymanagementsuitableforlifecycleofpersonalinformationinmultiuseriotenvironment |