Institutional Repository
Technical University of Crete
EN  |  EL

Search

Browse

My Space

Towards evaluating GDPR compliance in IoT applications

Karageorgiou-Kanin Christos, Petrakis Evripidis

Full record


URI: http://purl.tuc.gr/dl/dias/FDBD70AE-0B62-4440-A215-1F695E9054AC
Year 2020
Type of Item Conference Publication
License
Details
Bibliographic Citation C. Karageorgiou-Kaneen and E. G. M. Petrakis, “Towards evaluating GDPR compliance in IoT applications,” in Knowledge-Based and Intelligent Information & Engineering Systems: Proceedings of the 24th International Conference, (KES 2020), 2020, vol. 176, pp. 2989–2998, doi: 10.1016/j.procs.2020.09.204. https://doi.org/10.1016/j.procs.2020.09.204
Appears in Collections

Summary

The General Data Protection Regulation (GDPR) was created for regulating how organizations that collect personal data process and protect it. In cases of digital handling of personal data, GDPR compliance must be proven by analyzing the actions that a system applies in order to gather, process and safeguard the data. We advocate that compliance must be considered in the design phase of the system, by analyzing the dependencies between system entities (e.g. personal data, users etc.) and the processes enacted upon them. Then, it is possible to generate a series of data reports that can be assessed by regulators who inspect the system for GDPR compliance. However, there can not be a universal methodology that covers all application domains and systems. To show proof of concept, we apply the methodology to a remote patient monitoring service that runs in the cloud.

Available Files

Services

Statistics