short-paper

Privacy-enhancing Federated Middleware for the Internet of Things

Author:

Paul FremantleAuthors Info & Claims

Middleware Doctoral Symposium'16: Proceedings of the Doctoral Symposium of the 17th International Middleware Conference

Article No.: 4, Pages 1 - 4

https://doi.org/10.1145/3009925.3009929

Published: 12 December 2016 Publication History

Get Access

Abstract

The Internet of Things (IoT) offers new opportunities, but alongside those come many challenges for security and privacy. Most IoT devices offer no choice to users of where data is published, which data is made available and what identities are used for both devices and users. The aim of this work is to explore new middleware models and techniques that can provide users with more choice as well as enhance privacy and security. This paper outlines a new model and a prototype of a middleware system that implements this model.

References

[1]

B. Aziz, A. Arenas, and B. Crispo. Engineering secure Internet of Things systems. Institution of Engineering and Technology, 2016.

Crossref

Google Scholar

[2]

J. B. Bernabe, J. L. Hernández, M. V. Moreno, and A. F. S. Gomez. Privacy-preserving security framework for a social-aware internet of things. In International Conference on Ubiquitous Computing and Ambient Intelligence, pages 408--415. Springer, 2014.

Crossref

Google Scholar

[3]

A. Cavoukian, S. Taylor, and M. E. Abrams. Privacy by design: essential for organizational accountability and strong business practices. Identity in the Information Society, 3(2):405--413, 2010.

Crossref

Google Scholar

[4]

S. Cirani, M. Picone, P. Gonizzi, L. Veltri, and G. Ferrari. IoT-OAS: An OAuth-based Authorization Service Architecture for Secure Services in IoT Scenarios. 2015.

Google Scholar

[5]

M. Cohn. User stories applied: For agile software development. Addison-Wesley Professional, 2004.

Digital Library

Google Scholar

[6]

H. Desruelle, J. Lyle, S. Isenberg, and F. Gielen. On the challenges of building a web-based ubiquitous application platform. In Proceedings of the 2012 ACM Conference on Ubiquitous Computing, pages 733--736. ACM, 2012.

Digital Library

Google Scholar

[7]

S. Emerson, Y.-K. Choi, D.-Y. Hwang, K.-S. Kim, and K.-H. Kim. An oauth based authentication mechanism for iot networks. In Information and Communication Technology Convergence (ICTC), 2015 International Conference on, pages 1072--1074. IEEE, 2015.

Crossref

Google Scholar

[8]

P. Fremantle, B. Aziz, J. Kopecky, and P. Scott. Federated identity and access management for the internet of things. In Secure Internet of Things (SIoT), 2014 International Workshop on, pages 10--17. IEEE, 2014.

Digital Library

Google Scholar

[9]

P. Fremantle, J. Kopecky, and B. Aziz. Web api management meets the internet of things. In European Semantic Web Conference, pages 367--375. Springer, 2015.

Digital Library

Google Scholar

[10]

IETF. Authentication and authorization for constrained environments (ace) - documents. https://datatracker.ietf.org/wg/ace/documents/. (Accessed on 30th August 2016).

Google Scholar

[11]

T. Kohno, A. Broido, and K. C. Claffy. Remote physical device fingerprinting. IEEE Transactions on Dependable and Secure Computing, 2(2):93--108, 2005.

Digital Library

Google Scholar

[12]

A. Niruntasukrat, C. Issariyapat, P. Pongpaibool, K. Meesublak, P. Aiumsupucgul, and A. Panya. Authorization mechanism for mqtt-based internet of things. In 2016 IEEE International Conference on Communications Workshops (ICC), pages 290--295. IEEE, 2016.

Crossref

Google Scholar

[13]

D. Rotondi, C. Seccia, and S. Piccione. Access control & iot: Capability based authorization access control system. In 1st IoT International Forum, Berlin, November, 2011.

Google Scholar

[14]

S. Spiekermann and L. F. Cranor. Engineering privacy. IEEE Transactions on software engineering, 35(1):67--82, 2009.

Digital Library

Google Scholar

Cited By

View all

Cha SHsu TXiang YYeh K(2019)Privacy Enhancing Technologies in the Internet of Things: Perspectives and ChallengesIEEE Internet of Things Journal10.1109/JIOT.2018.28786586:2(2159-2187)Online publication date: Apr-2019
https://doi.org/10.1109/JIOT.2018.2878658
Reinfurt LBreitenbücher UFalkenthal MFremantle PLeymann FIba T(2017)Internet of things security patternsProceedings of the 24th Conference on Pattern Languages of Programs10.5555/3290281.3290305(1-28)Online publication date: 23-Oct-2017
https://dl.acm.org/doi/10.5555/3290281.3290305
Hong NKim MJun MKang J(2017)A Study on a JWT-Based User Authentication and API Assessment Scheme Using IMEI in a Smart Home EnvironmentSustainability10.3390/su90710999:7(1099)Online publication date: 23-Jun-2017
https://doi.org/10.3390/su9071099

Recommendations

Privacy-enhancing Federated Middleware for the Internet of Things
Middleware Posters and Demos '16: Proceedings of the Posters and Demos Session of the 17th International Middleware Conference

OAuthing and IGNITE are federated middleware that together provide an improved model for sharing data from Internet of Things (IoT) devices to Cloud Services. OAuthing provides an identity broker and authorization server that issues OAuth2 anonymised ...
Privacy preserving Internet of Things

The Internet of Things (IoT) is the latest web evolution that incorporates billions of devices that are owned by different organisations and people who are deploying and using them for their own purposes. IoT-enabled harnessing of the information that ...
Ontologies for the internet of things
MDS '11: Proceedings of the 8th Middleware Doctoral Symposium

Challenges the Internet of Things (IoT) is facing are directly inherited from today's Internet. However, they are amplified by the anticipated large scale deployments of devices and services, information flow and direct user involvment in the IoT. ...

Comments

Information & Contributors

Information

Published In

Middleware Doctoral Symposium'16: Proceedings of the Doctoral Symposium of the 17th International Middleware Conference

December 2016

31 pages

ISBN:9781450346658

DOI:10.1145/3009925

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 December 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Conference

Middleware '16

Sponsor:

ACM
USENIX Assoc

Middleware '16: 17th International Middleware Conference

December 12 - 16, 2016

Trento, Italy

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
173
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Cha SHsu TXiang YYeh K(2019)Privacy Enhancing Technologies in the Internet of Things: Perspectives and ChallengesIEEE Internet of Things Journal10.1109/JIOT.2018.28786586:2(2159-2187)Online publication date: Apr-2019
https://doi.org/10.1109/JIOT.2018.2878658
Reinfurt LBreitenbücher UFalkenthal MFremantle PLeymann FIba T(2017)Internet of things security patternsProceedings of the 24th Conference on Pattern Languages of Programs10.5555/3290281.3290305(1-28)Online publication date: 23-Oct-2017
https://dl.acm.org/doi/10.5555/3290281.3290305
Hong NKim MJun MKang J(2017)A Study on a JWT-Based User Authentication and API Assessment Scheme Using IMEI in a Smart Home EnvironmentSustainability10.3390/su90710999:7(1099)Online publication date: 23-Jun-2017
https://doi.org/10.3390/su9071099

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Recommendations