4 research outputs found
User-driven Privacy Enforcement for Cloud-based Services in the Internet of Things
Internet of Things devices are envisioned to penetrate essentially all
aspects of life, including homes and urbanspaces, in use cases such as health
care, assisted living, and smart cities. One often proposed solution for
dealing with the massive amount of data collected by these devices and offering
services on top of them is the federation of the Internet of Things and cloud
computing. However, user acceptance of such systems is a critical factor that
hinders the adoption of this promising approach due to severe privacy concerns.
We present UPECSI, an approach for user-driven privacy enforcement for
cloud-based services in the Internet of Things to address this critical factor.
UPECSI enables enforcement of all privacy requirements of the user once her
sensitive data leaves the border of her network, provides a novel approach for
the integration of privacy functionality into the development process of
cloud-based services, and offers the user an adaptable and transparent
configuration of her privacy requirements. Hence, UPECSI demonstrates an
approach for realizing user-accepted cloud services in the Internet of Things.Comment: 6 pages, 2 figures, 1 listing. The 2nd International Conference on
Future Internet of Things and Cloud (FiCloud-2014
ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability
Virtualization of Internet of Things(IoT) is a concept of dynamically
building customized high-level IoT services which
rely on the real time data streams from low-level physical
IoT sensors. Security in IoT virtualization is challenging,
because with the growing number of available (building
block) services, the number of personalizable virtual
services grows exponentially. This paper proposes Service
Object Capability(SOC) ticket system, a decentralized access
control mechanism between servers and clients to effi-
ciently authenticate and authorize each other without using
public key cryptography. SOC supports decentralized
partial delegation of capabilities specified in each server/-
client ticket. Unlike PKI certificates, SOC’s authentication
time and handshake packet overhead stays constant regardless
of each capability’s delegation hop distance from the
root delegator. The paper compares SOC’s security bene-
fits with Kerberos and the experimental results show SOC’s
authentication incurs significantly less time packet overhead
compared against those from other mechanisms based on
RSA-PKI and ECC-PKI algorithms. SOC is as secure as,
and more efficient and suitable for IoT environments, than
existing PKIs and Kerberos
Crowdcloud: Cloud of the Crowd
The ever increasing utilisation of crowdsourcing in
various domains and its popularity as a method of accessing
free or inexpensive labour, services, and innovation, and also
as a method of providing fast solutions is observed as a good
opportunity for both non-profit and for-profit organisations
while it also appeals to members of the crowd. In particular,
many cloud-based projects have benefited from crowdsourcing
their needs for resources and they rely on the crowd and the
resources they provide, either for free or for a nominal fee.
However, current cloud platforms either provide services to the
crowd or request services from them. Moreover, cloud services
generally include a legally binding contract between the cloud
service providers and cloud service clients. In this paper, the
possible opportunities for applying crowdsourcing principles in
the cloud in a new fashion are reviewed by proposing the idea of
crowdcloud. Crowdcloud simply refers to the availability of cloud
infrastructure, cloud platform, and cloud software services to the
crowd by the crowd with or without a legally binding contract.
This paper discusses the differences between crowdcloud and
other similar notions already in existence. Then, a functional\ud
architecture is proposed for crowdcloud and its constituents.
Some of the advantages of crowdcloud, along with potential issues
in crowdcloud and how to circumvent or minimise them are also
reviewed and discussed
Control seguro de una red de sensores/actuadores domésticos /
El presente trabajo tiene como objetivo obtener un sistema hardware-software que
permita controlar dispositivos el´ectricos y/o electr´onicos desde una aplicaci´on web de
una forma segura, que garantice niveles m´ınimos de autenticaci´on, confidencialidad,
integridad, disponibilidad, control de acceso, autenticaci´on y el no repudio. Para el
desarrollo de la aplicaci´on se trabajo con plataformas abiertas con el fin de demostrar
la implementaci´on de un sistema de bajo costo seguro para controlar remotamente
nuestros objetos conectados a la red. Los objetos o cosas conectados a internet se
conocen como Internet de las cosas y por tanto, la seguridad debe estar al mismo nivel
o mayor prioridad que aspectos tales como la velocidad, el tamaËśno y el consumo de
energ´ıa. Como resultados preliminares de este trabajo, desarrollamos una aplicaci´on
con control de acceso que implementa la detecci´on de movimiento, temperatura,
consumo de potencia el´ectrica y control de luces.Incluye referencias bibliográfica