The Open UniversitySkip to content

Designing Privacy-aware Internet of Things Applications

Perera, Charith; Barhamgi, Mahmoud; Bandara, Arosha; Ajmal, Muhammed; Price, Blaine and Nuseibeh, Bashar (2019). Designing Privacy-aware Internet of Things Applications. Information Sciences (In Press).

Full text available as:
Full text not publicly available (Accepted Manuscript)
Due to publisher licensing restrictions, this file is not available for public download until 27 September 2020
Click here to request a copy from the OU Author.
DOI (Digital Object Identifier) Link:
Google Scholar: Look up in Google Scholar


Internet of Things (IoT) applications typically collect and analyse personal data that can be used to derive sensitive information about individuals. However, thus far, privacy concerns have not been explicitly considered in software en- gineering processes when designing IoT applications. The advent of behaviour driven security mechanisms, failing to address privacy concerns in the design of IoT applications can have security implications. In this paper, we explore how a Privacy-by-Design (PbD) framework, formulated as a set of guidelines, can help software engineers integrate data privacy considerations into the design of IoT applications. We studied the utility of this PbD framework by studying how software engineers use it to design IoT applications. We also explore the challenges in using the set of guidelines to influence the IoT applications design process. In addition to highlighting the benefits of having a PbD framework to make privacy features explicit during the design of IoT applications, our studies also surfaced a number of challenges associated with the approach. A key find- ing of our research is that the PbD framework significantly increases both novice and expert software engineers’ ability to design privacy into IoT applications.

Item Type: Journal Item
Copyright Holders: 2019 Elsevier Inc.
ISSN: 0020-0255
Project Funding Details:
Funded Project NameProject IDFunding Body
SAUSE: Secure, Adaptive, Usable Software EngineeringEP/R013144/1 (previous: EP/R005095/1)EPSRC (Engineering and Physical Sciences Research Council)
Adaptive Security And Privacy (XC-11-004-BN)291652EC (European Commission): FP (inc.Horizon2020 & ERC schemes)
Lero Research Centre13/RC/2094Science Foundation Ireland (SFI)
Keywords: Internet of Things; Software Engineering; Privacy by Design
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Research Group: Centre for Research in Computing (CRC)
Item ID: 66920
Depositing User: Arosha Bandara
Date Deposited: 26 Sep 2019 11:33
Last Modified: 10 Oct 2019 16:41
Share this page:


Altmetrics from Altmetric

Citations from Dimensions

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU