3 research outputs found
Blockchain for IoT Access Control: Recent Trends and Future Research Directions
With the rapid development of wireless sensor networks, smart devices, and
traditional information and communication technologies, there is tremendous
growth in the use of Internet of Things (IoT) applications and services in our
everyday life. IoT systems deal with high volumes of data. This data can be
particularly sensitive, as it may include health, financial, location, and
other highly personal information. Fine-grained security management in IoT
demands effective access control. Several proposals discuss access control for
the IoT, however, a limited focus is given to the emerging blockchain-based
solutions for IoT access control. In this paper, we review the recent trends
and critical needs for blockchain-based solutions for IoT access control. We
identify several important aspects of blockchain, including decentralised
control, secure storage and sharing information in a trustless manner, for IoT
access control including their benefits and limitations. Finally, we note some
future research directions on how to converge blockchain in IoT access control
efficiently and effectively
Blockchain enabled fog structure to provide data security in IoT applications
International audienceIoT provides services by connecting smart devices to the Internet, and exploiting data generated by said devices. In such cases, if data is exposed, tampered or lost, the service would not behave correctly. In this article, we discuss data security in IoT applications across four dimensions: confidentiality, integrity, authenticity, non-repudiation and availability. We discuss how distributed ledger technology could be used to overcome these issues and propose to use a fog computing architecture as decentralized computational support to deploy the ledger
Vérification automatisée de la conformité de la confidentialité des applications dans les environnements Fog distribués
Fog computing, like any other new technology, raises concerns regarding the security and privacy of its users. In this thesis, we analyze the security of fog computing systems following a systematic approach and from multiple perspectives: device level, system level, and service level. For each perspective, we discuss the possible vulnerabilities that the system may have and highlight some possible solutions. One of the important identified assets in our study of fog platformâs security is the userâs personal data. Because of fog nodesâ proximate location to the user, fog applications have access to significant parts of their usersâ personal data. Although applications expose a privacy policy describing how they handle usersâ personal data, the compliance of applications to their privacy policy should not be taken for granted but verified. However, manually checking whether applications actually respect the claims made in their privacy policy is both error-prone and time-consuming. In this thesis, we argue that automated privacy compliance checking in fog environment is feasible and outline a research roadmap towards the development of such systems.Le âfog computing,â comme toute nouvelle technologie, soulĂšve des inquiĂ©tudes des utilisateurs concernant la sĂ©curitĂ© et la confidentialitĂ©. Dans cette thĂšse, nous analysons la sĂ©curitĂ© des systĂšmes fog en suivant une approche systĂ©matique sous plusieurs angles : niveau matĂ©riel, niveau systĂšme et niveau service. Pour chaque perspective, nous discutons des vulnĂ©rabilitĂ©s possibles que le systĂšme peut avoir et mettons en Ă©vidence quelques solutions possibles. Lâun des aspects importants identifiĂ©s dans notre Ă©tude de la sĂ©curitĂ© de la plate-forme fog est constituĂ© des donnĂ©es personnelles de lâutilisateur. En raison de la proximitĂ© des nĆuds fog par rapport Ă lâutilisateur, les applications fog ont accĂšs Ă des parties importantes des donnĂ©es personnelles de leurs utilisateurs. Bien que les applications exposent une politique de confidentialitĂ© dĂ©crivant comment elles traitent les donnĂ©es personnelles des utilisateurs, la conformitĂ© des applications Ă leur politique de confidentialitĂ© ne doit pas ĂȘtre considĂ©rĂ©e comme acquise mais vĂ©rifiĂ©e expĂ©rimentalement. Cependant, vĂ©rifier manuellement si les applications respectent rĂ©ellement les clauses formulĂ©es dans leur politique de confidentialitĂ© est Ă la fois sujet aux erreurs et chronophage. Dans cette thĂšse, nous montrons que la vĂ©rification automatisĂ©e de la conformitĂ© Ă la confidentialitĂ© dans un environnement fog est faisable, et prĂ©sentons une feuille de route de recherche vers le dĂ©veloppement de tels systĂšmes