Protecting personal data in IoT platform scenarios through encryption-based selective disclosure

Abstract As the Internet of Things evolves, citizens are starting to change the way they share information and communicate with their surrounding environment, enabling a constant, invisible and sometimes unintended information exchange. This trend raises new challenges regarding user’s privacy and personal consent about the disclosure of personal data that must be addressed by flexible and scalable mechanisms. Towards this end, this work introduces the concept of bubble, as a coalition or group of smart objects that can be created according to the relationship between their owners. The proposed approach is based on the use of attribute-based encryption to protect the associated data according to users’ preferences, and FI-WARE components for deployment purposes. As a scenario example, the solution is integrated with a radio localization system, in order to protect location data in the context of smart buildings. Finally, this work provides implementation details about the required components, as well as their evaluation on real smart environment scenarios.

[1]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[2]  Óscar García-Morchón,et al.  Securing the IP-based internet of things with HIP and DTLS , 2013, WiSec '13.

[3]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[4]  Antonio F. Gómez-Skarmeta,et al.  Holistic Privacy-Preserving Identity Management System for the Internet of Things , 2017, Mob. Inf. Syst..

[5]  Naoko Ito,et al.  The Context API in the OMA Next Generation Service Interface , 2010, 2010 14th International Conference on Intelligence in Next Generation Networks.

[6]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[7]  Jessye Dos Santos,et al.  Security Protocols and Privacy Issues into 6LoWPAN Stack: A Synthesis , 2014, IEEE Internet of Things Journal.

[8]  Hadi Noureddine,et al.  Assessment of cooperative and heterogeneous indoor localization algorithms with real radio devices , 2014, 2014 IEEE International Conference on Communications Workshops (ICC).

[9]  R.T.Subhalakshmi,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-Based Encryption , 2016 .

[10]  Laurent Ouvry,et al.  A Flexible Distributed Maximum Log-Likelihood Scheme for UWB Indoor Positioning , 2007, 2007 4th Workshop on Positioning, Navigation and Communication.

[11]  Anass Sedrati,et al.  Internet of Things challenges: A focus on security aspects , 2017, 2017 8th International Conference on Information and Communication Systems (ICICS).

[12]  Agusti Solanas,et al.  The pursuit of citizens' privacy: a privacy-aware smart city is possible , 2013, IEEE Communications Magazine.

[13]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[14]  Javier Herranz,et al.  Attribute-based encryption schemes with constant-size ciphertexts , 2012, Theor. Comput. Sci..

[15]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[16]  Antonio F. Gómez-Skarmeta,et al.  ARMY: architecture for a secure and privacy-awar e lifecycle of smar t objects in the internet of my things , 2016, IEEE Commun. Mag..

[17]  Fuchun Guo,et al.  CP-ABE With Constant-Size Keys for Lightweight Devices , 2014, IEEE Transactions on Information Forensics and Security.

[18]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[19]  Klaus Moessner,et al.  SocIoTal — The development and architecture of a social IoT framework , 2017, 2017 Global Internet of Things Summit (GIoTS).

[20]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[21]  Angelo De Caro,et al.  jPBC: Java pairing based cryptography , 2011, 2011 IEEE Symposium on Computers and Communications (ISCC).

[22]  Zhi Chen,et al.  A lightweight attribute-based encryption scheme for the Internet of Things , 2015, Future Gener. Comput. Syst..

[23]  Antonio Iera,et al.  The Social Internet of Things (SIoT) - When social networks meet the Internet of Things: Concept, architecture and network characterization , 2012, Comput. Networks.

[24]  Bernard Uguen,et al.  Enhancing Positioning Accuracy through Direct Position Estimators Based on Hybrid RSS Data Fusion , 2009, VTC Spring 2009 - IEEE 69th Vehicular Technology Conference.

[25]  Antonio F. Skarmeta,et al.  A Lightweight and Flexible Encryption Scheme to Protect Sensitive Data in Smart Building Scenarios , 2018, IEEE Access.

[26]  Mischa Schmidt,et al.  Selective decryption of outsourced IoT data , 2015, 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT).

[27]  Laurence T. Yang,et al.  Data Mining for Internet of Things: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[28]  P. Nijkamp,et al.  Smart Cities in Europe , 2011 .

[29]  Jan Camenisch,et al.  Design and implementation of theidemixanonymous credential system , 2002, CCS 2002.

[30]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[31]  Giancarlo Fortino,et al.  Evaluating Critical Security Issues of the IoT World: Present and Future Challenges , 2018, IEEE Internet of Things Journal.

[32]  G. Aceto The social internet of things (SIoT)-When social networks meet the internet of things: Concept, architecture and network characterization , 2017 .

[33]  Yacine Challal,et al.  C-CP-ABE: Cooperative Ciphertext Policy Attribute-Based Encryption for the Internet of Things , 2014, 2014 International Conference on Advanced Networking Distributed Systems and Applications.

[34]  P. Balamuralidhar,et al.  Secure MQTT for Internet of Things (IoT) , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.

[35]  Tooska Dargahi,et al.  On the Feasibility of Attribute-Based Encryption on Smartphone Devices , 2015, IoT-Sys@MobiSys.

[36]  M V Patil,et al.  HASBE: A HIERARCHICAL ATTRIBUTE-BASED SOLUTION FOR FLEXIBLE AND SCALABLE ACCESS CONTROL IN CLOUD COMPUTING , 2006 .

[37]  John Hughes,et al.  Security Assertion Markup Language (SAML) 2.0 Technical Overview , 2004 .

[38]  Tooska Dargahi,et al.  On the Feasibility of Attribute-Based Encryption on Internet of Things Devices , 2016, IEEE Micro.

[39]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[40]  Phil Hunt,et al.  System for Cross-domain Identity Management: Core Schema , 2015, RFC.

[41]  Jian Shen,et al.  User Collusion Avoidance CP-ABE With Efficient Attribute Revocation for Cloud Storage , 2018, IEEE Systems Journal.

[42]  Luis Muñoz,et al.  Design and Implementation of a Cloud-Based Platform for Unleashing the Personal and Communal Internet of Things , 2017, Mob. Inf. Syst..

[43]  L. Ouvry,et al.  Localization and Tracking for LDR-UWB Systems , 2007, 2007 16th IST Mobile and Wireless Communications Summit.

[44]  Jaeho Kim,et al.  Standards-Based Worldwide Semantic Interoperability for IoT , 2016, IEEE Communications Standards.

[45]  Jianqing Zhang,et al.  Performance evaluation of Attribute-Based Encryption: Toward data privacy in the IoT , 2014, 2014 IEEE International Conference on Communications (ICC).

[46]  Lei Yang,et al.  Accurate online power estimation and automatic battery behavior based power model generation for smartphones , 2010, 2010 IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[47]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[48]  Chiara Petrioli,et al.  AGREE: exploiting energy harvesting to support data-centric access control in WSNs , 2013, Ad Hoc Networks.

[49]  Axel Küpper,et al.  Applying Attribute-Based Encryption on Publish Subscribe Messaging Patterns for the Internet of Things , 2015, 2015 IEEE International Conference on Data Science and Data Intensive Systems.