Security policy enforcement for networked smart objects

In the Internet of Things (IoT) heterogeneous technologies concur to the provisioning of customized services able to bridge the gap between the physical and digital realms. Security, privacy and data quality are acknowledged to represent key issues to be tackled in order to foster the large-scale adoption of IoT systems and technologies. One instrumental aspect concerns the ability of the system to preserve security in the presence of external attacks. In such a scenario, the integration of a flexible IoT middleware, able to handle a large number of data streams and of interconnected devices, with a flexible policy enforcement framework is needed and presented in this paper. The proposed solution aims to ease the management of interactions across different realms and policy conflicts. Its effectiveness is validated by means of a lightweight and cross-domain prototypical implementation.

[1]  Lifeng Wang,et al.  An innovative simulation environment for cross-domain policy enforcement , 2011, Simul. Model. Pract. Theory.

[2]  Zhu Wang,et al.  Opportunistic IoT: Exploring the harmonious interaction between human and the internet of things , 2013, J. Netw. Comput. Appl..

[3]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[4]  Daniele Miorandi,et al.  Networked Smart Objects: Moving Data Processing Closer to the Source , 2015, IoT 360.

[5]  Gennaro Boggia,et al.  Standardized Protocol Stack for the Internet of (Important) Things , 2013, IEEE Communications Surveys & Tutorials.

[6]  Norman M. Sadeh,et al.  A meta-control architecture for orchestrating policy enforcement across heterogeneous information sources , 2009, J. Web Semant..

[7]  Ravi S. Sandhu,et al.  Role-Based Access Control , 1998, Adv. Comput..

[8]  Nora Cuppens-Boulahia,et al.  Formal enforcement and management of obligation policies , 2012, Data Knowl. Eng..

[9]  Schahram Dustdar,et al.  Data Quality Observation in Pervasive Environments , 2012, 2012 IEEE 15th International Conference on Computational Science and Engineering.

[10]  Athman Bouguettaya,et al.  Deploying and managing Web services: issues, solutions, and directions , 2008, The VLDB Journal.

[11]  Uday B. Desai,et al.  Editorial: Security, privacy and trust management in the internet of things era - SePriT , 2013, ADHOCNETS 2013.

[12]  Bo Yang,et al.  Efficient naming, addressing and profile services in Internet-of-Things sensory environments , 2014, Ad Hoc Networks.

[13]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[14]  Soma Bandyopadhyay,et al.  A Survey of Middleware for Internet of Things , 2011, WiMo/CoNeCo.

[15]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[16]  Paolo Traverso,et al.  Service-Oriented Computing: State of the Art and Research Challenges , 2007, Computer.

[17]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[18]  William J. Buchanan,et al.  Formal security policy implementations in network firewalls , 2012, Comput. Secur..

[19]  Jos C. M. Baeten,et al.  A brief history of process algebra , 2005, Theor. Comput. Sci..

[20]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[21]  Steven A. Demurjian,et al.  A framework for security assurance of access control enforcement code , 2010, Comput. Secur..

[22]  Annapaola Marconi,et al.  Research challenges on online service quality prediction for proactive adaptation , 2012, 2012 First International Workshop on European Software Services and Systems Research - Results and Challenges (S-Cube).

[23]  Vijayalakshmi Atluri,et al.  The Policy Machine: A novel architecture and framework for access control policy specification and enforcement , 2011, J. Syst. Archit..

[24]  Ramjee Prasad,et al.  Proposed embedded security framework for Internet of Things (IoT) , 2011, 2011 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE).

[25]  Olivier Hersent,et al.  M2M Communications: A Systems Approach , 2012 .

[26]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[27]  Maurizio A. Spirito,et al.  The VIRTUS Middleware: An XMPP Based Architecture for Secure IoT Communications , 2012, 2012 21st International Conference on Computer Communications and Networks (ICCCN).

[28]  Daniele Miorandi,et al.  A security-and quality-aware system architecture for Internet of Things , 2014, Information Systems Frontiers.

[29]  Mahjoub Langar,et al.  Formal enforcement of security policies on concurrent systems , 2011, J. Symb. Comput..

[30]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[31]  Hailong Feng,et al.  Study of Recent Development about Privacy and Security of the Internet of Things , 2010, 2010 International Conference on Web Information Systems and Mining.

[32]  Muhammad Sabir Idrees,et al.  HiPoLDS: A Hierarchical Security Policy Language for Distributed Systems , 2013, Inf. Secur. Tech. Rep..

[33]  Utz Roedig,et al.  Combined secure storage and communication for the Internet of Things , 2013, 2013 IEEE International Conference on Sensing, Communications and Networking (SECON).

[34]  Diego López-de-Ipiña,et al.  Otsopack: Lightweight semantic framework for interoperable ambient intelligence applications , 2014, Comput. Hum. Behav..

[35]  David M. Eyers,et al.  Policy enforcement within emerging distributed, event-based systems , 2014, DEBS '14.

[36]  Nils Ulltveit-Moe,et al.  Decision-cache based XACML authorisation and anonymisation for XML documents , 2012, Comput. Stand. Interfaces.

[37]  Cinzia Cappiello,et al.  A NFP Model for Internet of Things applications , 2014, 2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[38]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[39]  Nader Mohamed,et al.  Challenges in middleware solutions for the internet of things , 2012, 2012 International Conference on Collaboration Technologies and Systems (CTS).