D3.2 Secure IoT Information Access and Privacy Preservation
Internet of Things (IoT); a system of interconnected devices, equipped with a variety of sensors that are capable of sensing, transmitting and receiving data over the Internet; is growing at a rapid pace. IoT devices hold an increasingly large impact on new industrial transformations and human users’ daily lives. The data generated and stored on IoT devices and the ability to perform tasks among interconnected devices over the Internet raise real concerns towards its security and privacy. For example, unauthorized access to IoT devices could let attackers execute malicious commands and extract private and sensitive data of the devices’ owners.
An IoT search engine such as IoTCrawler that provides distributed crawling and indexing mechanisms should enable data collection and retrieval in a secure and privacy- and trust-aware manner.
This deliverable summarises work package 3 outputs focused on securing information access and privacy preservation. The IoTCrawler framework is designed with a distributed and federated architecture where multiple domains (or data source providers) contribute data to the IoT search engine. Managing secure access and preserving privacy of data owners play key roles in the success of the framework deployment in real world applications. To ensure secure access, users first need to provide proper authentication identities. The authorisation to a particular data resource is strictly handled by policy authority and enforcement entity. In this security framework, access control policies are written in standard XACML. Access tokens are generated by using distributed capability approach. Users use granted tokens before accessing to desired resources. To support cross-domain architecture where domains do not necessarily have prior trust relationship, blockchain technology offers multiple benefits for policy and token management. By leveraging blockchain, access control is made auditable, accountable and consensing common policies among multiple domains is straightforward. Policy and token revocability are handled with less complexity compared to previous existing approaches. Regarding how to preserve privacy of data access, attribute encryption and prefix encryption have been adopted. The technique ensures that data is only shared with authorised entities and no one else. This deliverable covers design, implementation and evaluation of secure access and privacy preserving to IoT data. The applicability of proposed secure access and privacy preserving solutions has been demonstrated in several real-world use-cases.
“This deliverable deliverable summarises work package 3 outputs focused on securing information access and privacy preservation. Managing secure access and preserving privacy of data owners play key roles in the success of the framework deployment in real world applications. “