Architecture for Privacy in Cloud of Things

Luis Pacheco, Eduardo Alchieri, Priscila Solis

2017

Abstract

A large number of devices are connected to the internet through the Internet of Things (IoT) paradigm, resulting in a huge amount of produced data. Cloud computing is a computing paradigm currently adopted to process, store and provide access control to these data. This integration is called Cloud of Things - CoT and is useful in personal networks, like residential automation and health care, since it facilitates the access to the information. Although this integration brings benefits to the users, it introduces many security challenges since the information leaves the user control and is stored at the cloud providers. Particularly interesting, in order for these technologies to be adopted, it is important to provide protocols and mechanisms to preserve the users privacy when storing their data in the cloud. In this context, this paper proposes an architecture for privacy in Cloud of Things, which allows the users to fully control the access to the data generated by the devices of their IoT networks and stored in the cloud. The proposed architecture enables a fine grained control over data, since the privacy protocols and controls are executed at the IoT devices instead of at the network border by a gateway, which also could represent a single point of failure or a component that could impair the security properties of the system once it is compromised by a successful attack.

References

  1. Aazam, M., Khan, I., Alsaffar, A. A., and Huh, E.-N. (2014). Cloud of things: Integrating internet of things and cloud computing and the issues involved. In Proceedings of 11th International Bhurban Conference on Applied Sciences & Technology, pages 414-419.
  2. Akyildiz, I. F. and Vuran, M. C. (2010). Wireless sensor networks, volume 4. John Wiley & Sons.
  3. Botta, A., de Donato, W., Persico, V., and Pescapé, A. (2016). Integration of Cloud computing and Internet of Things: A survey. Future Generation Computer Systems, 56:684-700.
  4. Chui, M., Löffler, M., and Roberts, R. (2010). The internet of things. McKinsey Quarterly, 2(2010):1-9.
  5. Deering, S. E. (1998). Internet protocol, version 6 (ipv6) specification. RFC 2460.
  6. Dierks, T. (2008). The transport layer security (tls) protocol version 1.2. RFC 5246.
  7. Eggert, M., Häußling, R., Henze, M., Hermerschmidt, L., Hummen, R., Kerpen, D., Pérez, A. N., Rumpe, B., Thißen, D., and Wehrle, K. (2014). Sensorcloud: Towards the interdisciplinary development of a trustworthy platform for globally interconnected sensors and actuators. In Trusted Cloud Computing.
  8. Fox, G. C., Kamburugamuve, S., and Hartman, R. D. (2012). Architecture and measured characteristics of a cloud based internet of things. In International Conference on Collaboration Technologies and Systems.
  9. Granjal, J., Monteiro, E., and Silva, J. S. (2015). Security in the integration of low-power wireless sensor networks with the internet: A survey. Ad Hoc Networks, 24:264-287.
  10. Group, W. W. (2006). Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks (WPANs). IEEE Standard for Information Technology.
  11. Hardt, D. (2012). The oauth 2.0 authorization framework. RFC 6749.
  12. Henze, M., Großfengels, M., Koprowski, M., and Wehrle, K. (2013a). Towards data handling requirementsaware cloud computing. In IEEE International Conference on Cloud Computing Technology and Science.
  13. Henze, M., Hermerschmidt, L., Kerpen, D., Häußling, R., Rumpe, B., and Wehrle, K. (2016). A comprehensive approach to privacy in the cloud-based internet of things. Future Generation Computer Systems, 56:701-718.
  14. Henze, M., Hummen, R., and Wehrle, K. (2013b). The cloud needs cross-layer data handling annotations. In IEEE Security and Privacy Workshops (SPW).
  15. Hummen, R., Shafagh, H., Raza, S., Voig, T., and Wehrle, K. (2014). Delegation-based authentication and authorization for the ip-based internet of things. In Annual IEEE International Conference on Sensing, Communication, and Networking.
  16. Kushalnagar, N., Montenegro, G., and Schumacher, C. (2007). Ipv6 over low-power wireless personal area networks (6lowpans): overview, assumptions, problem statement, and goals. Technical report.
  17. McGrew, D. and Rescorla, E. (2010). Datagram transport layer security (dtls) extension to establish keys for secure real-time transport protocol (srtp).
  18. Nadeem, Q., Rasheed, M. B., Javaid, N., Khan, Z., Maqsood, Y., and Din, A. (2013). M-gear: gateway-based energy-aware multi-hop routing protocol for wsns. In Broadband and Wireless Computing, Communication and Applications (BWCCA), 2013 Eighth International Conference on, pages 164-169. IEEE.
  19. Roman, R., Zhou, J., and Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10):2266- 2279.
  20. Salomaa, A. (2013). Public-key cryptography. Springer Science & Business Media.
  21. Sautner, B. (2016). Nimbits. http://bsautner.github. io/com.nimbits/. Accessed at 2017-01-19.
  22. Sethi, M., Arkko, J., and Keränen, A. (2012). End-to-end security for sleepy smart object networks. In IEEE Conference on Local Computer Networks Workshops.
  23. Shelby, Z., Hartke, K., and Bormann, C. (2014). The constrained application protocol (coap). RFC 7275.
  24. Sundmaeker, H., Guillemin, P., Friess, P., and Woelffl é, S. (2010). Vision and challenges for realising the internet of things. Cluster of European Research Projects on the Internet of Things, European Commision.
  25. Tschofenig, H. and Fossati, T. (2016). Transport layer security (tls)/datagram transport layer security (dtls) profiles for the internet of things. RFC 7925.
  26. Winter, T. (2012). Rpl: Ipv6 routing protocol for low-power and lossy networks. RFC 6550.
  27. Zhu, Q., Wang, R., Chen, Q., Liu, Y., and Qin, W. (2010). Iot gateway: Bridgingwireless sensor networks into internet of things. In IEEE/IFIP 8th International Conference on Embedded and Ubiquitous Computing.
Download


Paper Citation


in Harvard Style

Pacheco L., Alchieri E. and Solis P. (2017). Architecture for Privacy in Cloud of Things . In Proceedings of the 19th International Conference on Enterprise Information Systems - Volume 2: ICEIS, ISBN 978-989-758-248-6, pages 487-494. DOI: 10.5220/0006357504870494


in Bibtex Style

@conference{iceis17,
author={Luis Pacheco and Eduardo Alchieri and Priscila Solis},
title={Architecture for Privacy in Cloud of Things},
booktitle={Proceedings of the 19th International Conference on Enterprise Information Systems - Volume 2: ICEIS,},
year={2017},
pages={487-494},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006357504870494},
isbn={978-989-758-248-6},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 19th International Conference on Enterprise Information Systems - Volume 2: ICEIS,
TI - Architecture for Privacy in Cloud of Things
SN - 978-989-758-248-6
AU - Pacheco L.
AU - Alchieri E.
AU - Solis P.
PY - 2017
SP - 487
EP - 494
DO - 10.5220/0006357504870494