Security and privacy represent critical issues for a wide adoption of IoT technologies both by industries and people in their every-day life. Besides, the complexity of an IoT system’s management resides in the presence of heterogeneous devices, which communicate by means of different protocols and provide information belonging to various application domains. Hence, adequate policies must be correctly distributed and applied to the information made available by the IoT network to secure the data themselves and to regulate the access to the managed resources over the whole IoT system. Policies mainly involve the access to resources and are usually established by system administrators in accordance with the rules of each specific domain. Since IoT concerns multiple application fields and often wide areas, a centralized solution which manages all the required policies would not be neither efficient nor scalable. Therefore, in this paper, a distributed middleware overlying the IoT network is proposed and integrated with a synchronization system for guaranteeing the correct distribution, update, and application of the policies across the entire IoT environment in real-time. Such a distribution and synchronization system has been developed within a policy enforcement framework. The presented solution has been validated by means of a simple yet real prototype; the analyzed metrics regard delay, overhead and robustness of the proposed enforcement and synchronization framework.

Dynamic Policies in Internet of Things: Enforcement and Synchronization

SICARI, SABRINA SOPHY
;
RIZZARDI, ALESSANDRA;COEN PORISINI, ALBERTO
2017-01-01

Abstract

Security and privacy represent critical issues for a wide adoption of IoT technologies both by industries and people in their every-day life. Besides, the complexity of an IoT system’s management resides in the presence of heterogeneous devices, which communicate by means of different protocols and provide information belonging to various application domains. Hence, adequate policies must be correctly distributed and applied to the information made available by the IoT network to secure the data themselves and to regulate the access to the managed resources over the whole IoT system. Policies mainly involve the access to resources and are usually established by system administrators in accordance with the rules of each specific domain. Since IoT concerns multiple application fields and often wide areas, a centralized solution which manages all the required policies would not be neither efficient nor scalable. Therefore, in this paper, a distributed middleware overlying the IoT network is proposed and integrated with a synchronization system for guaranteeing the correct distribution, update, and application of the policies across the entire IoT environment in real-time. Such a distribution and synchronization system has been developed within a policy enforcement framework. The presented solution has been validated by means of a simple yet real prototype; the analyzed metrics regard delay, overhead and robustness of the proposed enforcement and synchronization framework.
2017
http://ieeexplore.ieee.org/document/8027013/
Access control;Distributed databases;Internet of Things;Middleware;Real-time systems;Synchronization;Internet of Things;Middleware.;Policy;Prototype;Security;
Sicari, SABRINA SOPHY; Rizzardi, Alessandra; Miorandi, Daniele; COEN PORISINI, Alberto
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11383/2065619
 Attenzione

L'Ateneo sottopone a validazione solo i file PDF allegati

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 19
  • ???jsp.display-item.citation.isi??? 15
social impact