3 research outputs found

    Blockchain for IoT Access Control: Recent Trends and Future Research Directions

    Full text link
    With the rapid development of wireless sensor networks, smart devices, and traditional information and communication technologies, there is tremendous growth in the use of Internet of Things (IoT) applications and services in our everyday life. IoT systems deal with high volumes of data. This data can be particularly sensitive, as it may include health, financial, location, and other highly personal information. Fine-grained security management in IoT demands effective access control. Several proposals discuss access control for the IoT, however, a limited focus is given to the emerging blockchain-based solutions for IoT access control. In this paper, we review the recent trends and critical needs for blockchain-based solutions for IoT access control. We identify several important aspects of blockchain, including decentralised control, secure storage and sharing information in a trustless manner, for IoT access control including their benefits and limitations. Finally, we note some future research directions on how to converge blockchain in IoT access control efficiently and effectively

    Blockchain enabled fog structure to provide data security in IoT applications

    Get PDF
    International audienceIoT provides services by connecting smart devices to the Internet, and exploiting data generated by said devices. In such cases, if data is exposed, tampered or lost, the service would not behave correctly. In this article, we discuss data security in IoT applications across four dimensions: confidentiality, integrity, authenticity, non-repudiation and availability. We discuss how distributed ledger technology could be used to overcome these issues and propose to use a fog computing architecture as decentralized computational support to deploy the ledger

    Vérification automatisée de la conformité de la confidentialité des applications dans les environnements Fog distribués

    Get PDF
    Fog computing, like any other new technology, raises concerns regarding the security and privacy of its users. In this thesis, we analyze the security of fog computing systems following a systematic approach and from multiple perspectives: device level, system level, and service level. For each perspective, we discuss the possible vulnerabilities that the system may have and highlight some possible solutions. One of the important identified assets in our study of fog platform’s security is the user’s personal data. Because of fog nodes’ proximate location to the user, fog applications have access to significant parts of their users’ personal data. Although applications expose a privacy policy describing how they handle users’ personal data, the compliance of applications to their privacy policy should not be taken for granted but verified. However, manually checking whether applications actually respect the claims made in their privacy policy is both error-prone and time-consuming. In this thesis, we argue that automated privacy compliance checking in fog environment is feasible and outline a research roadmap towards the development of such systems.Le “fog computing,” comme toute nouvelle technologie, soulĂšve des inquiĂ©tudes des utilisateurs concernant la sĂ©curitĂ© et la confidentialitĂ©. Dans cette thĂšse, nous analysons la sĂ©curitĂ© des systĂšmes fog en suivant une approche systĂ©matique sous plusieurs angles : niveau matĂ©riel, niveau systĂšme et niveau service. Pour chaque perspective, nous discutons des vulnĂ©rabilitĂ©s possibles que le systĂšme peut avoir et mettons en Ă©vidence quelques solutions possibles. L’un des aspects importants identifiĂ©s dans notre Ă©tude de la sĂ©curitĂ© de la plate-forme fog est constituĂ© des donnĂ©es personnelles de l’utilisateur. En raison de la proximitĂ© des nƓuds fog par rapport Ă  l’utilisateur, les applications fog ont accĂšs Ă  des parties importantes des donnĂ©es personnelles de leurs utilisateurs. Bien que les applications exposent une politique de confidentialitĂ© dĂ©crivant comment elles traitent les donnĂ©es personnelles des utilisateurs, la conformitĂ© des applications Ă  leur politique de confidentialitĂ© ne doit pas ĂȘtre considĂ©rĂ©e comme acquise mais vĂ©rifiĂ©e expĂ©rimentalement. Cependant, vĂ©rifier manuellement si les applications respectent rĂ©ellement les clauses formulĂ©es dans leur politique de confidentialitĂ© est Ă  la fois sujet aux erreurs et chronophage. Dans cette thĂšse, nous montrons que la vĂ©rification automatisĂ©e de la conformitĂ© Ă  la confidentialitĂ© dans un environnement fog est faisable, et prĂ©sentons une feuille de route de recherche vers le dĂ©veloppement de tels systĂšmes
    corecore