Towards enabling privacy preserving smart city apps

Abstract

Smart city applications are increasingly relying on personally identifiable data. A disclosure of such a data to a platform provider and possible 3rd parties represents a risk to the privacy of the application users. To mitigate the privacy risk, two-layer privacy-preserving platform architecture is introduced, wherein the personally identifiable information is dealt with at the inner layer (executed in a trusted environment), whereas only generic and personally unidentifiable information is made available to the apps at the outer layer of the architecture - e.g., in a form of app-specific events. The essential requirements for the platform are described, and the architectural implications of these requirements are considered in the paper. The ongoing prototype implementation and planned evaluation are discussed.