User-driven Privacy Enforcement for Cloud-based Services in the Internet of Things

Internet of Things devices are envisioned to penetrate essentially all aspects of life, including homes and urbanspaces, in use cases such as health care, assisted living, and smart cities. One often proposed solution for dealing with the massive amount of data collected by these devices and offering services on top of them is the federation of the Internet of Things and cloud computing. However, user acceptance of such systems is a critical factor that hinders the adoption of this promising approach due to severe privacy concerns. We present UPECSI, an approach for user-driven privacy enforcement for cloud-based services in the Internet of Things to address this critical factor. UPECSI enables enforcement of all privacy requirements of the user once her sensitive data leaves the border of her network, provides a novel approach for the integration of privacy functionality into the development process of cloud-based services, and offers the user an adaptable and transparent configuration of her privacy requirements. Hence, UPECSI demonstrates an approach for realizing user-accepted cloud services in the Internet of Things.Comment: 6 pages, 2 figures, 1 listing. The 2nd International Conference on Future Internet of Things and Cloud (FiCloud-2014

ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability

Virtualization of Internet of Things(IoT) is a concept of dynamically building customized high-level IoT services which rely on the real time data streams from low-level physical IoT sensors. Security in IoT virtualization is challenging, because with the growing number of available (building block) services, the number of personalizable virtual services grows exponentially. This paper proposes Service Object Capability(SOC) ticket system, a decentralized access control mechanism between servers and clients to effi- ciently authenticate and authorize each other without using public key cryptography. SOC supports decentralized partial delegation of capabilities specified in each server/- client ticket. Unlike PKI certificates, SOC’s authentication time and handshake packet overhead stays constant regardless of each capability’s delegation hop distance from the root delegator. The paper compares SOC’s security bene- fits with Kerberos and the experimental results show SOC’s authentication incurs significantly less time packet overhead compared against those from other mechanisms based on RSA-PKI and ECC-PKI algorithms. SOC is as secure as, and more efficient and suitable for IoT environments, than existing PKIs and Kerberos

Crowdcloud: Cloud of the Crowd

The ever increasing utilisation of crowdsourcing in various domains and its popularity as a method of accessing free or inexpensive labour, services, and innovation, and also as a method of providing fast solutions is observed as a good opportunity for both non-profit and for-profit organisations while it also appeals to members of the crowd. In particular, many cloud-based projects have benefited from crowdsourcing their needs for resources and they rely on the crowd and the resources they provide, either for free or for a nominal fee. However, current cloud platforms either provide services to the crowd or request services from them. Moreover, cloud services generally include a legally binding contract between the cloud service providers and cloud service clients. In this paper, the possible opportunities for applying crowdsourcing principles in the cloud in a new fashion are reviewed by proposing the idea of crowdcloud. Crowdcloud simply refers to the availability of cloud infrastructure, cloud platform, and cloud software services to the crowd by the crowd with or without a legally binding contract. This paper discusses the differences between crowdcloud and other similar notions already in existence. Then, a functional\ud architecture is proposed for crowdcloud and its constituents. Some of the advantages of crowdcloud, along with potential issues in crowdcloud and how to circumvent or minimise them are also reviewed and discussed

Control seguro de una red de sensores/actuadores domésticos /

El presente trabajo tiene como objetivo obtener un sistema hardware-software que permita controlar dispositivos el´ectricos y/o electr´onicos desde una aplicaci´on web de una forma segura, que garantice niveles m´ınimos de autenticaci´on, confidencialidad, integridad, disponibilidad, control de acceso, autenticaci´on y el no repudio. Para el desarrollo de la aplicaci´on se trabajo con plataformas abiertas con el fin de demostrar la implementaci´on de un sistema de bajo costo seguro para controlar remotamente nuestros objetos conectados a la red. Los objetos o cosas conectados a internet se conocen como Internet de las cosas y por tanto, la seguridad debe estar al mismo nivel o mayor prioridad que aspectos tales como la velocidad, el tama˜no y el consumo de energ´ıa. Como resultados preliminares de este trabajo, desarrollamos una aplicaci´on con control de acceso que implementa la detecci´on de movimiento, temperatura, consumo de potencia el´ectrica y control de luces.Incluye referencias bibliográfica