24 research outputs found
Poster Abstract: Security Comes First, A Public-key Cryptography Framework for the Internet of Things
Abstract—Novel Internet services are emerging around an increasing number of sensors and actuators in our surroundings, commonly referred to as smart devices. Smart devices, which form the backbone of the Internet of Things (IoT), enable alternative forms of user experience by means of automation, convenience, and efficiency. At the same time new security and safety issues arise, given the Internet-connectivity and the interaction possibility of smart devices with human’s proximate living space. Hence, security is a fundamental requirement of the IoT design. In order to remain interoperable with the existing infrastructure, we postulate a security framework compatible to standard IP-based security solutions, yet optimized to meet the constraints of the IoT ecosystem. In this ongoing work, we first identify necessary components of an interoperable secure End-to-End communication while incorporating Public-key Cryptography (PKC). To this end, we tackle involved computational and communication overheads. The required components on the hardware side are the affordable hardware acceleration engines for cryptographic operations and on the software side header compression and long-lasting secure sessions. In future work, we focus on integration of these components into a framework and the evaluation of an early prototype of this framework. I
Cohere: Privacy Management in Large Scale Systems
The need for a privacy management layer in today's systems started to
manifest with the emergence of new systems for privacy-preserving analytics and
privacy compliance. As a result, we began to see many independent efforts
emerge that try to provide system support for privacy. Recently, the scope of
privacy solutions used in systems has expanded to encompass more complex
techniques such as Differential Privacy (DP). The use of these solutions in
large-scale systems imposes new challenges and requirements. Careful planning
and coordination are necessary to ensure that privacy guarantees are maintained
across a wide range of heterogeneous applications and data systems. This
requires new solutions for managing shared application state and allocating
scarce and non-replenishable privacy resources. In this paper, we introduce
Cohere, a new data management system that simplifies the use of DP in
large-scale systems. Cohere implements a unified interface that allows
heterogeneous applications to operate on a unified view of users' data. Cohere
further extends existing accounting systems with the ability to manage and
optimally allocate shared privacy resources, i.e., budget, under complex
preferences. We show that Cohere can effectively enable advanced privacy
solutions in existing large-scale systems with minimal modifications to
existing data management systems and with moderate overhead
Droplet: Decentralized Authorization for IoT Data Streams
This paper presents Droplet, a decentralized data access control service,
which operates without intermediate trust entities. Droplet enables data owners
to securely and selectively share their encrypted data while guaranteeing data
confidentiality against unauthorized parties. Droplet's contribution lies in
coupling two key ideas: (i) a new cryptographically-enforced access control
scheme for encrypted data streams that enables users to define fine-grained
stream-specific access policies, and (ii) a decentralized authorization service
that handles user-defined access policies. In this paper, we present Droplet's
design, the reference implementation of Droplet, and experimental results of
three case-study apps atop of Droplet: Fitbit activity tracker, Ava health
tracker, and ECOviz smart meter dashboard
Towards Blockchain-based Auditable Storage and Sharing of IoT Data
International audienceToday the cloud plays a central role in storing, processing , and distributing data. Despite contributing to the rapid development of various applications, including the IoT, the current centralized storage architecture has led into a myriad of isolated data silos and is preventing the full potential of holistic data-driven analytics for IoT data. In this abstract, we advocate a data-centric design for IoT with focus on resilience, sharing, and auditable protection of information. We introduce the initial design of our blockchain-based end-to-end encrypted data storage system. We enable a secure and persistent data management, by utilizing the blockchain as an auditable access control layer to a decentralized storage layer
Understanding the Impact of Cross Technology Interference on IEEE 802.15.4
Over the last few decades, we witnessed notable progress in wireless communication. This has led to rapid emergence of heterogeneous wireless technologies that share the RF spectrum in an un-coordinated way. Such a coexistence introduces high uncertainty and complexity to the medium, affecting reliability and availability of wireless networks. This problem aggravates for technologies operating in the lightly regulated, yet crowded ISM bands. To address coexistence of different technologies in the scarce RF spectrum, provide proper interference-aware protocols, and mitigation schemes, we need to develop a good understanding of the interaction patterns of these technologies. In this paper, we provide a thorough study of the implications of Cross Technology Interference (CTI) on the particularly vulnerable low-power IEEE 802.15.4 wireless networks. We identify the underlying vulnerabilities that hamper 802.15.4 to withstand CTI. We show that the uncertainty that CTI induces on the wireless channel is not completely stochastic; CTI exhibits distinct patterns that can be exploited by interference-aware protocols