POWoT : a Privacy Ontology for the Web of Things

The W3C Web of Things (WoT) is a set of Web standards intended to enable interoperability between IoT platforms. The idea consists to propose WoT Thing Description (TD) specification that describes the metadata and interaction's interfaces of Things (IoT devices or services) at an appropriate level of abstraction based on a small vocabulary that makes it possible both to integrate diverse devices and to allow diverse applications to interoperate. TDs are made available on the network encoded in a JSON format that also allows JSON-LD processing to provide a powerful foundation to represent knowledge about Things in machine-understandable way. TD instances consist mainly of metadata about the functional part of the Thing itself, i.e., a set of interaction capabilities that indicate how the Thing can be used, possible input/output data schema, binding protocols, linking to other TD as well as the followed security schemes. Even if the latter is important to minimize some security risks in the WoT, it unfortunately does not fully take privacy aspects into consideration. We propose in this article an ontology-based privacy model to minimize privacy violation risks in the IoT context in which connected devices are increasingly able to access and manage personal data when monitoring human activities. We propose a WoT privacy ontology to enrich the TD representation with an information model allowing to specify the terms and conditions of private information management in the WoT. We then integrate this non-functional aspect in TD logic-based matchmaking and discovery process in TD Directories.