A groundbreaking and innovative data privacy protection framework

In scenarios like smart healthcare, smart communi ties, and smart buildings, data collected by Internet of Things IoT devices often pertains to user privacy. However, due to the limited computing power and storage capacity of IoT devices, the data of Data Subject DS are generally stored in the cloud, causing DS to lose control over his data and increasing the risk of privacy leakage. Additionally, resource-constrained IoT devices often face affordability issues regarding encryption costs. In this paper, we propose PPFID, an efficient privacy preserving framework with the DS’s intentions. Specifically, PPFID enforces isolated compu tation and permission control via secure enclaves of Intel SGX on cen trally aggregated data, and encrypts data to guarantee confidential ac cess, computation, and delivery throughout the entire life of the data. To support fine grained access control with the wishes of DS as its core, we design the Privacy Metadata-Based Access Control PMBAC model, which consider the wishes of DS to make access control decisions for each piece of data. Compared to other schemes, PPFID provides more data processing methods and introduces access control schemes that are both strongly isolated and respect DS’s rights. We successfully implemented PPFID on Intel SGX and the embedded device, and evaluated the its feasibility. Our evaluation shows PMBAC can process an access request in the enclave in just 140 ms, meeting DS’s real-time requirements. Al though the computing time has increased compared to the non-protected environments, the prediction accuracy of VGG19 and CNN remains es sentially the same. Experimental results demonstrate that PPFID is ap plicable in general IoT scenarios involving users’ privacy data, and can ensure the confidentiality, integrity, and availability of data while re specting the wishes of DS