Work item:
|
X.1363 (ex X.iotsec-3)
|
Subject/title:
|
Technical framework of personally identifiable information (PII) handling system in Internet of things (IoT) environment
|
Status:
|
Approved on 2020-05-29
|
Approval process:
|
TAP
|
Type of work item:
|
Recommendation
|
Version:
|
New
|
Equivalent number:
|
-
|
Timing:
|
-
|
Liaison:
|
ITU-T SG20, ISO/IEC JTC1 SC27/WG5
|
Supporting members:
|
KDDI, NICT, China Mobile, China Unicom, Soonchunhyang University
|
Summary:
|
Internet of things (IoT) devices can collect many kinds of data, including personally identifiable information (PII). Because PII data are useful for different types of services, they may be shared among multiple service providers.
It is better for users to manage their own data, including PII, in IoT environment based on their own intentions. As data usage in IoT environment with multiple service providers is complicated, user intentions for data usage should be accommodated flexibly. For example, if an IoT service provider provides the following functions, user can appreciate that the service provider collects and controls data collected (including PII) properly:
? Users can configure their own PII preferences. These preferences include a list of permitted data for sharing among other service providers.
? Collection and share of data are subject to controlled access based on PII preferences. Unauthorized data cannot be stored in data storage, and cannot be shared among other service providers.
? Users can check history log of data sharing among service providers. Users can also check times of data usage.
This Recommendation specifies a technical framework for PII handling in IoT environment with single or multiple service providers.
|
Comment:
|
-
|
Reference(s):
|
|
|
Historic references:
|
Contact(s):
|
|
ITU-T A.5 justification(s): |
|
|
|
First registration in the WP:
2017-04-06 10:39:38
|
Last update:
2020-06-11 12:18:08
|