Policy-based usage control for a trustworthy data sharing platform in smart cities

Abstract Although data is a key part in smart cities, traditionally there has been no systematic effort to enable the sharing of data in a trustworthy manner among applications or services. In order to promote sharing of data, mechanisms need to be put into place to provide the different actors — data producers, data consumers, etc. means to control and visualize how their data or requests are being processed and used. In this paper we deal with a key issue involved in trust which is usage control, i.e., how data is used once access to it has been granted. We propose a Data Usage Control Model ( DUPO ) to capture the diversity of obligations and constraints that data providers impose on the use of their data. Based on the DUPO model and semantic technologies, we propose a trustworthy data sharing platform which enhances transparency and traceability of data usage in smart cities. Lastly a proof-of-concept is developed to evaluate our solution and results show that the performance of the added trust does not impact negatively on the system.

[1]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[2]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[3]  Rajkumar Buyya,et al.  Attribute-based data access control in mobile cloud computing: Taxonomy and open issues , 2017, Future Gener. Comput. Syst..

[4]  Anthony Townsend,et al.  Smart Cities: Big Data, Civic Hackers, and the Quest for a New Utopia , 2013 .

[5]  Guido Governatori,et al.  The Making of SPINdle , 2009, RuleML.

[6]  Nick Bassiliades,et al.  Deploying defeasible logic rule bases for the semantic web , 2008, Data Knowl. Eng..

[7]  Tim Berners-Lee,et al.  Linked data , 2020, Semantic Web for the Working Ontologist.

[8]  Fabio Martinelli,et al.  Usage control in computer security: A survey , 2010, Comput. Sci. Rev..

[9]  Andrea Zanella,et al.  Internet of Things for Smart Cities , 2014, IEEE Internet of Things Journal.

[10]  Michael J. Maher,et al.  Representation results for defeasible logic , 2000, TOCL.

[11]  Daniel Le Métayer,et al.  Whom to trust? Using technology to enforce privacy. , 2016 .

[12]  Gerald J. Sussman,et al.  Data-Purpose Algebra: Modeling Data Usage Policies , 2007, Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07).

[13]  Serena Villata,et al.  A deontic logic semantics for licenses composition in the web of data , 2013, ICAIL.

[14]  Athanasios V. Vasilakos,et al.  A survey on trust management for Internet of Things , 2014, J. Netw. Comput. Appl..

[15]  Gyu Myoung Lee,et al.  Strengthening trust in the future social-cyber-physical infrastructure: an ITU-T perspective , 2016, IEEE Communications Magazine.

[16]  Antonio Kung PEARs: Privacy Enhancing ARchitectures , 2014, APF.

[17]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[18]  Fabio Martinelli,et al.  Usage Control on Cloud systems , 2016, Future Gener. Comput. Syst..

[19]  Alexander Pretschner,et al.  Negotiation of Usage Control Policies - Simply the Best? , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[20]  Delphine Reinhardt Privacy in mobile participatory sensing: Current trends and future challenges , 2016, J. Syst. Softw..

[21]  Jianzhong Zhang,et al.  LTE-advanced in 3GPP Rel -13/14: an evolution toward 5G , 2016, IEEE Communications Magazine.

[22]  Nick Bassiliades,et al.  Visualizing Semantic Web proofs of defeasible logic in the DR-DEVICE system , 2011, Knowl. Based Syst..

[23]  Guido Governatori,et al.  BIO logical agents: Norms, beliefs, intentions in defeasible logic , 2008, Autonomous Agents and Multi-Agent Systems.

[24]  Sebastian Speiser,et al.  Data-Centric Privacy Policies for Smart Grids , 2012, Semantic Cities @ AAAI.

[25]  Evangelos Theodoridis,et al.  SmartSantander: IoT experimentation over a smart city testbed , 2014, Comput. Networks.

[26]  David M. Eyers,et al.  Access control in publish/subscribe systems , 2008, DEBS.

[27]  Serena Villata,et al.  One License to Compose Them All - A Deontic Logic Approach to Data Licensing on the Web of Data , 2013, SEMWEB.

[28]  Jaehong Park,et al.  Towards usage control models: beyond traditional access control , 2002, SACMAT '02.

[29]  Sharon Paradesi,et al.  Aintno: Demonstration of Information Accountability on the Web , 2011, 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing.

[30]  Imran Khan,et al.  A trust model for data sharing in smart cities , 2016, 2016 IEEE International Conference on Communications (ICC).

[31]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[32]  Guido Governatori,et al.  A modal and deontic defeasible reasoning system for modelling policies and multi-agent systems , 2009, Expert Syst. Appl..

[33]  Sebastian Speiser,et al.  Web technologies and privacy policies for the Smart Grid , 2013, IECON 2013 - 39th Annual Conference of the IEEE Industrial Electronics Society.

[34]  Delphine Christin,et al.  Privacy in mobile participatory sensing , 2016 .