PICO: Privacy-Preserving Access Control in IoT Scenarios through Incomplete Information

Abstract

Internet of Things (IoT) platforms typically require IoT devices and users to provide fine-grained information to determine whether access to resources and services can be granted. However, this information can be sensitive for users and its disclosure can lead to severe privacy threats, forcing users to decide between receiving a service or protecting their privacy. To close this gap, this work proposes PICO, a framework for privacy-preserving access control in IoT scenarios through incomplete information. PICO allows IoT devices to evaluate the privacy risks of disclosing the information needed to access a service and determine at which level of granularity such information can be disclosed. At the same time, PICO empowers IoT platforms to evaluate access control policies even when incomplete information is provided and possibly grant access to services based on a customized service-dependent risk factor. Through simulations using data from real IoT devices, we show the existence of a trade-off between privacy and energy consumption on IoT devices running PICO, and that more privacy can be achieved for such devices only by sacrificing a consistent portion of the overall energy capacity.