Abstract
Due to the increasing number of IoT devices and their different manufacturers, it is necessary to ensure that IoT devices are compliant with laws, regulations and standards before they are placed into operation within their application area, such has within organisations, companies or homes. This paper describes how to ensure regulatory/standards compliance of the IoT devices operating within a home, organisation or company; in particular when those devices attach to homes or organisations network and starts working under that network’s authority. Through application of the proposed solution, IoT devices will be able to demonstrate their compliance with regulations and standards without exchanging extraneous information about themselves or related devices. Conversely, a governance framework will be able to integrate this information to verify the IoT devices compliance to the standards and regulations without any third party involvement. The proposed solution can be applied in home environments where a centralised source of truth, such as a BT HomeHub Internet access point, can ensure that all IoT devices trying to connect through it are compliant with legal obligations and regulations such as the General Data Protection Regulation (GDPR).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Statista: The Statistics Portal, Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025 (in billions), March 2019. https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/
Zou, J., Ye, B., Qu, L., Wang, Y., Orgun, M.A., Li, L.: A proof-of-trust consensus protocol for enhancing accountability in crowdsourcing services. IEEE Trans. Serv. Comput. 1 (2018). https://doi.org/10.1109/TSC.2018.2823705
Cerrudo, C.: Hacking US Traffic Control Systems, March 2019. https://defcon.org/images/defcon-22/dc-22-presentations/Cerrudo/DEFCON-22-Cesar-Cerrudo-Hacking-Traffic-Control-Systems-UPDATED.pdf
Abeshu, A., Chilamkurti, N.: Deep learning: the frontier for distributed attack detection in fog-to-things computing. IEEE Commun. Mag. 56(2), 169–175 (2018)
Song, T., Li, R., Mei, B., Yu, J., Xing, X., Cheng, X.: A privacy preserving communication protocol for IoT applications in smart homes. IEEE Internet Things J. 4(6), 1844–1852 (2017)
Allen, C.: The Path to Self-Sovereign Identity, April 2016. http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html
Stuurman, K., Kamara, I.: Iot standardization - the approach in the field of data protection as a model for ensuring compliance of IoT applications?. In: 2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), pp. 336–341 (2016). https://doi.org/10.1109/W-FiCloud.2016.74
Mylrea, M., Gourisetti, S.N.G.: Blockchain for supply chain cybersecurity, optimization and compliance. In: Resilience Week (RWS) 2018, pp. 70–76 (2018). https://doi.org/10.1109/RWEEK.2018.8473517
Bourgeois, J., Kortuem, G., Kawsar, F.: Trusted and GDPR-compliant research with the internet of things. In: Proceedings of the 8th International Conference on the Internet of Things, IOT ’18, pp. 13:1–13:8. ACM, New York, NY, USA (2018). https://doi.org/10.1145/3277593.3277604, http://doi.acm.org/10.1145/3277593.3277604
Wu, R., Ahn, G.-J., Hu, H.: Towards Hipaa-compliant healthcare systems. In: Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium, IHI ’12, pp. 593–602. ACM, New York, NY, USA (2012). https://doi.org/10.1145/2110363.2110429, http://doi.acm.org/10.1145/2110363.2110429
Duncan, B., Whittington, M.: Compliance with standards, assurance and audit: does this equal security?. In: Proceedings of the 7th International Conference on Security of Information and Networks, SIN ’14, pp. 77:77–77:84. ACM, New York, NY, USA (2014). https://doi.org/10.1145/2659651.2659711, http://doi.acm.org/10.1145/2659651.2659711
Acknowledgements
This research work was conducted under the BT Ireland Innovation Centre (BTIIC) project and was funded by Invest Northern Ireland and BT.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Abu-Tair, M., Ali, A., Gebresilassie, S.K., Rafferty, J., Cui, Z. (2024). Regulation Compliance System for IoT Environments: GDPR Compliance as a Use-Case. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2024. Lecture Notes on Data Engineering and Communications Technologies, vol 200. Springer, Cham. https://doi.org/10.1007/978-3-031-57853-3_13
Download citation
DOI: https://doi.org/10.1007/978-3-031-57853-3_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-57852-6
Online ISBN: 978-3-031-57853-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)