With the rapid expansion of smart cyber–physical systems and environments, users become more and more concerned about their privacy, and ask for more involvement in the protection of their data. However, users may not be necessarily aware of the direct and indirect privacy risks they take to properly protect their privacy. In this paper, we propose a context-aware semantic reasoning system, denoted as the Privacy Oracle, capable of providing users with a dynamic overview of the privacy risks taken as their context evolves. To do so, the system continuously models, according to a proposed Semantic User Environment Modeling (SUEM) ontology, the knowledge (received by the system) about the user of interest and his surrounding cyber–physical environment. In parallel, it performs continuous reasoning over modeled information, by relying on set of privacy rules, in order to dynamically infer the privacy risks taken by the user. To validate our approach, we developed a prototype based on the semantic web tools such as OWL API, SWRL API and the inference engine Pellet. We evaluated the system performance by considering multiple use cases. Our experimental results show that the Privacy Oracle can assist users by dynamically detecting their incurred privacy risks, and by tracking, in real-time, the evolution of those risks as user context changes.
Read full abstract