Privacy-aware in the IoT applications: A systematic literature review

© 2017, Springer International Publishing AG. The Internet of Things (IoT) emerged as a paradigm in which smart things collaborate among them and with other physical and virtual objects using the Internet in order to perform high level tasks. These things appear in a variety of application domains, including smart grid, health care and smart spaces where several parties share data in order to tackle specific tasks. Data in such domains are rich in sensitive data and data owner-specific habits. Thus, IoT raises concerns about privacy and data protection. This paper reports on a systematic literature review of privacy preserving solutions used in Cooperative Information Systems (CIS) in the IoT field. To do so, and after retrieving scientific productions on the subject, we classify the results according to several facets. In this paper, we consider a subset of them: (i) data life cycle, (ii) privacy preserving techniques and (iii) ISO privacy principles. We combine the facets then express and analyze the results as bubble charts. We analyze the proposed solutions in terms of the techniques they deployed and the privacy principles they covered according to the ISO standard and the data privacy laws and regulations of the European Commission on the Protection of Personal Data. Finally, we identifies recommendations to involve privacy principle coverage and security requirement fulfillment in the IoT applications

Knowledge Guided Integration of Structured and Unstructured Data in Health Decision Process

Data in the health domain is continuously increasing. It is collected from several sources, has several formats and is characterized by its sensibility (protection of personal health data). These characteristics make the management and the expert interaction with the collected data, in order to facilitate decision-making in Health Information Systems (HIS) a challenging field. In this paper, we propose a Knowledge guided integration of structured and unstructured data for health decision process. The knowledge is represented by domain ontology, which allows the integration of structured and unstructured data, stored in NoSQL format. Our motivation is to combine the confirmed advantages of ontologies and NoSQL databases both in data integration and decision aided processes. The proposed ontology has been implemented and evaluated using quality metrics. The approach was evaluated and results show response time optimization, compared with traditional approaches, and improvement of data relevance

Cloud computing security taxonomy: From an atomistic to a holistic view

Countless discussions around security challenges affecting cloud computing are often large textual accounts, which can be cumbersome to read and prone to misinterpretation. The growing reliance on cloud computing means that not only should we focus on evaluating its security challenges but devote greater attention towards how challenges are viewed and communicated. With many cloud computing implementations in use and a growing evolution of the cloud paradigm (including fog, edge and cloudlets), comprehending, correlating and classifying diverse perspectives to security challenges increasingly becomes critical. Current classifications are only suited for limited use; both as effective tools for research and countermeasures design. The taxonomic approach has been used as a modeling technique towards classifying concepts across many domains. This paper surveys multiple perspectives of cloud security challenges and systematically develops corresponding graphical taxonomy based upon meta-synthesis of important cloud security concepts in literature. The contributions and significance of this work are as follows: (1) a holistic view simplifies visualization for the reader by providing illustrative graphics of existing textual perspectives, highlighting entity relationships among cloud entities/players thereby exposing security areas at every layer of the cloud. (2) a holistic taxonomy that facilitates the design of enforcement or corrective countermeasures based upon the source or origin of a security incident. (3) a holistic taxonomy highlights security boundary and identifies apt areas to implement security countermeasures

Data Privacy Based on IoT Device Behavior Control Using Blockchain

The Internet of Things (IoT) is expected to improve the individuals’ quality of life. However, ensuring security and privacy in the IoT context is a non-trivial task due to the low capability of these connected devices. Generally, the IoT device management is based on a centralized entity that validates communication and connection rights. Therefore, this centralized entity can be considered as a single point of failure. Yet, in the case of distributed approaches, it is difficult to delegate the right validation to IoT devices themselves in untrustworthy IoT environments. Fortunately, the blockchain may provide decentralization of overcoming the trust problem while designing a privacy-preserving system. To this end, we propose a novel privacy-preserving IoT device management framework based on the blockchain technology. In the proposed system, the IoT devices are controlled by several smart contracts that validate the connection rights according to the privacy permission settings predefined by the data owners and the stored record array of detected misbehavior of each IoT device. In fact, smart contracts can immediately detect the devices that have vulnerabilities and have been hacked or pose a threat to the IoT network. Therefore, the data owner’s privacy is preserved by enforcing the control over the own devices. For validation purposes, we deploy the proposed solution on a private Ethereum blockchain and give the performance evaluatio

Blockchain smart contracts: Applications, challenges, and future trends

In recent years, the rapid development of blockchain technology and cryptocurrencies has influenced the financial industry by creating a new crypto-economy. Then, next-generation decentralized applications without involving a trusted third-party have emerged thanks to the appearance of smart contracts, which are computer protocols designed to facilitate, verify, and enforce automatically the negotiation and agreement among multiple untrustworthy parties. Despite the bright side of smart contracts, several concerns continue to undermine their adoption, such as security threats, vulnerabilities, and legal issues. In this paper, we present a comprehensive survey of blockchain-enabled smart contracts from both technical and usage points of view. To do so, we present a taxonomy of existing blockchain-enabled smart contract solutions, categorize the included research papers, and discuss the existing smart contract-based studies. Based on the findings from the survey, we identify a set of challenges and open issues that need to be addressed in future studies. Finally, we identify future trends

PREDICAT: a semantic service-oriented platform for data interoperability and linking in earth observation and disaster prediction

The increasing volume of data generated by earth observation programs such as Copernicus, NOAA, and NASA Earth Data, is overwhelming. Although these programs are very costly, data usage remains limited due to lack of interoperability and data linking. In fact, multi-source and heterogeneous data exploitation could be significantly improved in different domains especially in the natural disaster prediction one. To deal with this issue, we introduce the PREDICAT project that aims at providing a semantic service-oriented platform to PREDIct natural CATastrophes. The PREDICAT platform considers (1) data access based on web service technology; (2) ontology-based interoperability for the environmental monitoring domain; (3) data integration and linking via big data techniques; (4) a prediction approach based on semantic machine learning mechanisms. The focus in this paper is to provide an overview of the PREDICAT platform architecture. A scenario explaining the operation of the platform is presented based on data provided by our collaborators, including the international intergovernmental Sahara and Sahel Observatory (OSS)

Intelligent integration of heterogeneous data for answering analytics queries in multi-cloud environments

International audienceThis position paper discusses the design of an approach to enable trusted data integration in a multi-cloud environment in the presence of heterogeneous and large data sources. This approach is based on mechanisms to compute trust in data and its providers by applying statistical and probabilistic methods on its provenance. The result is a solution expressing analytics queries as services coordination that can be enacted on multi-cloud settings. This paper describes the associated challenges and possible ways of addressing them. The approach and challenges are based on concrete requirements stemming from a medical scenario related to understanding, modelling, and predicting patients' conditions associated with sleep apnoea

Intelligent integration of heterogeneous data for answering analytics queries in multi-cloud environments

International audienceThis position paper discusses the design of an approach to enable trusted data integration in a multi-cloud environment in the presence of heterogeneous and large data sources. This approach is based on mechanisms to compute trust in data and its providers by applying statistical and probabilistic methods on its provenance. The result is a solution expressing analytics queries as services coordination that can be enacted on multi-cloud settings. This paper describes the associated challenges and possible ways of addressing them. The approach and challenges are based on concrete requirements stemming from a medical scenario related to understanding, modelling, and predicting patients' conditions associated with sleep apnoea

Decentralized Collaborative Business Process Execution Using Blockchain

International audienceBlockchain technology enables several untrustworthy parties to execute inter-organizational business processes in a tamper-proof manner. Existing approaches are based on smart contract code generation. Although the smart contract immutability guarantees that the process model is followed by each participant, any change in the process model makes the existing process instance smart contract not compliant with the process model and therefore, the deployment of a new smart contract becomes a requirement. In this paper, we propose CoBuP, a decentralized Collaborative Business Process execution architecture using blockchain. To address the inflexibility issue, this paper presents an interpreter of BPMN process models, supporting the instantiating, execution, monitoring of process instances. For this reason, one generic smart contract is deployed once, which helps generate a process instance, create BPMN elements by invoking the process instance predefined functions, and dynamically update the adaptation of a process at run time. For validation purposes, two use cases have permitted to carry out different experiments that demonstrate the technical feasibility of our approach. The obtained results of the experimental evaluation shows that our approach cost is similar or lower than that of the existing approaches

Towards an adaptive curation services composition based on machine learning

International audienc