ABSTRACT
The emerging Edge computing paradigm facilitates the deployment of distributed AI-applications and hardware, capable of processing video data in real time. AI-assisted video analytics can provide valuable information and benefits for parties in various domains. Face recognition, object detection, or movement tracing are prominent examples enabled by this technology. However, the widespread deployment of such mechanism in public areas are a growing cause of privacy and security concerns. Data protection strategies need to be appropriately designed and correctly implemented in order to mitigate the associated risks. Most existing approaches focus on privacy and security related operations of the video stream itself or protecting its transmission. In this paper, we propose a privacy preserving system for AI-assisted video analytics, that extracts relevant information from video data and governs the secure access to that information. The system ensures that applications leveraging extracted data have no access to the video stream. An attribute-based authorization scheme allows applications to only query a predefined subset of extracted data. We demonstrate the feasibility of our approach by evaluating an application motivated by the recent COVID-19 pandemic, deployed on typical edge computing infrastructure. © 2021 IEEE.
ABSTRACT
The COVID19 Pandemic has highlighted our dependence on online services (from government, e-commerce/retail, and entertainment), often hosted over external cloud computing infrastructure. The users of these services interact with a web interface rather than the larger distributed service provisioning chain that can involve an interlinked group of providers. The data and identity of users are often provided to service provider who may share it (or have automatic sharing agreement) with backend services (such as advertising and analytics). We propose the development of compliance-aware cloud application engineering, which is able to improve transparency of personal data use-particularly with reference to the European GDPR regulation. Key compliance operations and the perceived implementation challenges for the realization of these operations in current cloud infrastructure are outlined. © 1997-2012 IEEE.