This is the QA environment of the MD-SOAR platform. It is for TESTING PURPOSES ONLY. Navigate to https://mdsoar.org to access the latest open access research from MD-SOAR institutions.
QA Environment
 

Ensuring Privacy Policy Compliance of Wearables with IoT Regulations

Thumbnail Image

Files

1254.pdf (1.11 MB)

Links to Files

https://ebiquity.umbc.edu/paper/html/id/1111/Ensuring-Privacy-Policy-Compliance-of-Wearables-with-IoT-Regulations

Permanent Link

http://hdl.handle.net/11603/30385

Collections

UMBC Information Systems Department
UMBC Center for Accelerated Real Time Analysis
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0002-8881-3369
 https://orcid.org/0000-0002-6354-1686

Date

2023-11-01

Type of Work

conference papers and proceedings
preprints
Text

Department

Program

Citation of Original Publication

Rights

This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessible.

Subjects

Abstract

In an era where wearables, particularly those in non-hospital settings, collect and transmit sensitive personal data, it is imperative to implement stringent privacy safeguards. The National Institute of Standards and Technology (NIST) Internal Report 8228 provides regulations for securing Internet of Things (IoT) devices, data, and the privacy of individuals. We have developed a novel framework for examining the privacy policies governing the data and information utilized by wearable devices to ensure that these IoT devices work in adherence to the NIST controls. Our approach entails constructing an ontology of the pertinent NIST regulations, extracting key regulation terms, establishing clear annotation guidelines, and reasoning over the developed ontology. Our primary contribution is developing a novel method to accurately retrieve the expectations, privacy risk mitigation areas, and the associated regulations using Natural Language Processing and Semantic Web concepts. Ultimately, vendors and users can use our publicly available ontology to semi-automate the privacy compliance process for wearables, ensuring that the data collected and transmitted through the devices are secure, thereby protecting both the devices and the individuals who use them.