Poster Abstract: Security Comes First, A Public-key Cryptography Framework for the Internet of Things

Abstract—Novel Internet services are emerging around an increasing number of sensors and actuators in our surroundings, commonly referred to as smart devices. Smart devices, which form the backbone of the Internet of Things (IoT), enable alternative forms of user experience by means of automation, convenience, and efficiency. At the same time new security and safety issues arise, given the Internet-connectivity and the interaction possibility of smart devices with human’s proximate living space. Hence, security is a fundamental requirement of the IoT design. In order to remain interoperable with the existing infrastructure, we postulate a security framework compatible to standard IP-based security solutions, yet optimized to meet the constraints of the IoT ecosystem. In this ongoing work, we first identify necessary components of an interoperable secure End-to-End communication while incorporating Public-key Cryptography (PKC). To this end, we tackle involved computational and communication overheads. The required components on the hardware side are the affordable hardware acceleration engines for cryptographic operations and on the software side header compression and long-lasting secure sessions. In future work, we focus on integration of these components into a framework and the evaluation of an early prototype of this framework. I

Cohere: Privacy Management in Large Scale Systems

The need for a privacy management layer in today's systems started to manifest with the emergence of new systems for privacy-preserving analytics and privacy compliance. As a result, we began to see many independent efforts emerge that try to provide system support for privacy. Recently, the scope of privacy solutions used in systems has expanded to encompass more complex techniques such as Differential Privacy (DP). The use of these solutions in large-scale systems imposes new challenges and requirements. Careful planning and coordination are necessary to ensure that privacy guarantees are maintained across a wide range of heterogeneous applications and data systems. This requires new solutions for managing shared application state and allocating scarce and non-replenishable privacy resources. In this paper, we introduce Cohere, a new data management system that simplifies the use of DP in large-scale systems. Cohere implements a unified interface that allows heterogeneous applications to operate on a unified view of users' data. Cohere further extends existing accounting systems with the ability to manage and optimally allocate shared privacy resources, i.e., budget, under complex preferences. We show that Cohere can effectively enable advanced privacy solutions in existing large-scale systems with minimal modifications to existing data management systems and with moderate overhead

Droplet: Decentralized Authorization for IoT Data Streams

This paper presents Droplet, a decentralized data access control service, which operates without intermediate trust entities. Droplet enables data owners to securely and selectively share their encrypted data while guaranteeing data confidentiality against unauthorized parties. Droplet's contribution lies in coupling two key ideas: (i) a new cryptographically-enforced access control scheme for encrypted data streams that enables users to define fine-grained stream-specific access policies, and (ii) a decentralized authorization service that handles user-defined access policies. In this paper, we present Droplet's design, the reference implementation of Droplet, and experimental results of three case-study apps atop of Droplet: Fitbit activity tracker, Ava health tracker, and ECOviz smart meter dashboard

Towards Blockchain-based Auditable Storage and Sharing of IoT Data

International audienceToday the cloud plays a central role in storing, processing , and distributing data. Despite contributing to the rapid development of various applications, including the IoT, the current centralized storage architecture has led into a myriad of isolated data silos and is preventing the full potential of holistic data-driven analytics for IoT data. In this abstract, we advocate a data-centric design for IoT with focus on resilience, sharing, and auditable protection of information. We introduce the initial design of our blockchain-based end-to-end encrypted data storage system. We enable a secure and persistent data management, by utilizing the blockchain as an auditable access control layer to a decentralized storage layer

Understanding the Impact of Cross Technology Interference on IEEE 802.15.4

Over the last few decades, we witnessed notable progress in wireless communication. This has led to rapid emergence of heterogeneous wireless technologies that share the RF spectrum in an un-coordinated way. Such a coexistence introduces high uncertainty and complexity to the medium, affecting reliability and availability of wireless networks. This problem aggravates for technologies operating in the lightly regulated, yet crowded ISM bands. To address coexistence of different technologies in the scarce RF spectrum, provide proper interference-aware protocols, and mitigation schemes, we need to develop a good understanding of the interaction patterns of these technologies. In this paper, we provide a thorough study of the implications of Cross Technology Interference (CTI) on the particularly vulnerable low-power IEEE 802.15.4 wireless networks. We identify the underlying vulnerabilities that hamper 802.15.4 to withstand CTI. We show that the uncertainty that CTI induces on the wireless channel is not completely stochastic; CTI exhibits distinct patterns that can be exploited by interference-aware protocols