TY - GEN
T1 - World of empowered IoT users
AU - Hashemi, Sayed Hadi
AU - Faghri, Faraz
AU - Rausch, Paul
AU - Campbell, Roy H.
N1 - Funding Information:
This research program is supported by a collaborative award from the National Science Foundation (NSF award numbers CNS-1329686, CNS-1329737, CNS-1330142, and CNS-1330491).
Publisher Copyright:
© 2016 IEEE.
PY - 2016/5/17
Y1 - 2016/5/17
N2 - In a world deploying an Internet of Things, sensors and actuators are owned, accessed, and activated by a plethora of individuals and organizations. Access to the data produced by this world can both be beneficial and have drawbacks to society. This data potentially represents the activities of millions of individuals and their possessions collected by billions of "things'. Aggregations of this data can be analyzed through the Internet and Clouds. This raises possible privacy, security, moral and ethical challenges whose solutions will require flexible protection mechanisms. How do we "acquire" and "distribute" data at the IoT world scale while retaining the rights of individuals and organizations to protect, use, and share their data? Clearly a well-defined mechanism and control needs to regulate access to the data and its aggregations. Our paper describes a user-centric multi-level multiple granularity mechanism to share the data from these devices to people and organizations. Revisiting the fundamental mechanisms in security for providing protection, our solution uses capabilities, access lists, and access rights following wellunderstood formal notions for reasoning about access. Our contribution is to describe an auditable, transparent, distributed, decentralized, publication-subscription based, robust mechanism and automation of these ideas in the IoT realm that is well-matched to the current generation of clouds. It is based on well-tested principles and practices used in crypto currencies exploiting block chains of transactions. The scheme puts users (including organizational entities) in the center of control over the access to their collections of sensory data. In our paper, we describe a deployment of these ideas for health care, smart cities, and autonomous cars.
AB - In a world deploying an Internet of Things, sensors and actuators are owned, accessed, and activated by a plethora of individuals and organizations. Access to the data produced by this world can both be beneficial and have drawbacks to society. This data potentially represents the activities of millions of individuals and their possessions collected by billions of "things'. Aggregations of this data can be analyzed through the Internet and Clouds. This raises possible privacy, security, moral and ethical challenges whose solutions will require flexible protection mechanisms. How do we "acquire" and "distribute" data at the IoT world scale while retaining the rights of individuals and organizations to protect, use, and share their data? Clearly a well-defined mechanism and control needs to regulate access to the data and its aggregations. Our paper describes a user-centric multi-level multiple granularity mechanism to share the data from these devices to people and organizations. Revisiting the fundamental mechanisms in security for providing protection, our solution uses capabilities, access lists, and access rights following wellunderstood formal notions for reasoning about access. Our contribution is to describe an auditable, transparent, distributed, decentralized, publication-subscription based, robust mechanism and automation of these ideas in the IoT realm that is well-matched to the current generation of clouds. It is based on well-tested principles and practices used in crypto currencies exploiting block chains of transactions. The scheme puts users (including organizational entities) in the center of control over the access to their collections of sensory data. In our paper, we describe a deployment of these ideas for health care, smart cities, and autonomous cars.
UR - http://www.scopus.com/inward/record.url?scp=84977603974&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84977603974&partnerID=8YFLogxK
U2 - 10.1109/IoTDI.2015.39
DO - 10.1109/IoTDI.2015.39
M3 - Conference contribution
AN - SCOPUS:84977603974
T3 - Proceedings - 2016 IEEE 1st International Conference on Internet-of-Things Design and Implementation, IoTDI 2016
SP - 13
EP - 24
BT - Proceedings - 2016 IEEE 1st International Conference on Internet-of-Things Design and Implementation, IoTDI 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 1st IEEE International Conference on Internet-of-Things Design and Implementation, IoTDI 2016
Y2 - 4 April 2016 through 8 April 2016
ER -