A Distributed Context-Aware Trust Management Architecture

The realization of a pervasive context-aware service platform imposes new challenges for the security and privacy aspects of the system in relation to traditional service platforms. One important aspect is related with the management of trust relationships, which is especially hard in a pervasive environment because users are supposed to interact with entities unknown before hand in an ad-hoc and dynamic manner. Current trust management solutions do not adapt nor scale well in this dynamic service provisioning scenario because they require previously defined trust relationships in order to operate. The objective of this thesis is to design, prototype and validate a context-aware distributed trust management architecture in order to address: (a) the lack of integration between available trust solutions and security and privacy management languages, and (b) the dynamic characteristics of a context-aware service platform

Trustworthiness and Quality of Context Information

Context-aware service platforms use context information to customize their services to the current users’ situation. Due to technical limitations in sensors and context reasoning algorithms, context information does not always represent accurately the reality, and Quality of Context (QoC) models have been proposed to quantify this inaccuracy. The problems we have identified with existing QoC models is that they do not follow a standard terminology and none of them clearly differentiate quality attributes related to instances of context information (e.g. accuracy and precision) from trustworthiness, which is a quality attribute related to the context information provider. In this paper we propose a QoC model and management architecture that supports the management of QoC trustworthiness and also contributes to the terminology alignment of existing QoC models.\ud In our QoC model, trustworthiness is a measurement of the reliability of a context information provider to provide context information about a specific entity according to a certain quality level. This trustworthiness value is used in our QoC management architecture to support context-aware service providers in the selection of trustworthy context\ud providers. As a proof of concept to demonstrate the feasibility of our work we show a prototype implementation of our QoC model and management architecture

A Blockchain-based Approach for Data Accountability and Provenance Tracking

The recent approval of the General Data Protection Regulation (GDPR) imposes new data protection requirements on data controllers and processors with respect to the processing of European Union (EU) residents' data. These requirements consist of a single set of rules that have binding legal status and should be enforced in all EU member states. In light of these requirements, we propose in this paper the use of a blockchain-based approach to support data accountability and provenance tracking. Our approach relies on the use of publicly auditable contracts deployed in a blockchain that increase the transparency with respect to the access and usage of data. We identify and discuss three different models for our approach with different granularity and scalability requirements where contracts can be used to encode data usage policies and provenance tracking information in a privacy-friendly way. From these three models we designed, implemented, and evaluated a model where contracts are deployed by data subjects for each data controller, and a model where subjects join contracts deployed by data controllers in case they accept the data handling conditions. Our implementations show in practice the feasibility and limitations of contracts for the purposes identified in this paper

Trust management in pervasive and service-oriented architectures

In service-oriented architectures, services are the basic building blocks to dynamically compose complex business process across multiple administrative domains. The main goal is to support companies in the outsourcing of services to service providers that best suit their business needs, and dynamically re-assign the services to other providers when changes in the business are necessary. The dynamic re-assignment of service providers in an open service market will only be successful if appropriate trust management mechanisms are put in place to provide guarantees that the desired service requirements are fulfilled. In pervasive and service-oriented architectures, there are additional trust requirements, because this type of service-oriented architecture makes use of privacy sensitive end-users' information collected from sensors and information providers surrounding the end users' physical space. In this extended abstract, I will focus on trust and policy management iss ues in pervasive and service-oriented architectures. I will briefly discuss the social and legal requirements, describe the trust and policy management challenges we have identified, and introduce our trust and policy management approach to support end-users and service consumers in this service scenario

Vers la Sécurité et la Protection de la Vie Privée Sensibles au Contexte comme un Service dans l'Internet des Objets

International audienceSmart city is one of the most known Internet of Things (IoT) applications. The smart city services improve user’s daily lives. However, security and privacy issues are slowing down their adoption. In addition, the characteristics of IoT devices, applications and users make security implementation of the considered applications a challenging task. To address these issues, we present, in this paper, a new context-aware security and privacy architecture for the IoT. Thanks to the “as a service” approach, this new architecture will be user-centric. It will also support known context-aware security issues: dynamicity, flexibility. In addition, it will address mobility, customization of security and privacy services, and support for generic IoT applications, particularly for smart city. To do so, a knowledge plane allowing effective management of context-awareness is proposed. A security and privacy plane allowing better implementation of context-aware security and privacy mechanisms is also proposed. This will be done through dynamic composition of context-based micro services. The role of the different components of these two planes are also described