Security and privacy represent critical issues for a wide adoption of IoT technologies both by industries and people in their every-day life. Besides, the complexity of an IoT system’s management resides in the presence of heterogeneous devices, which communicate by means of different protocols and provide information belonging to various application domains. Hence, adequate policies must be correctly distributed and applied to the information made available by the IoT network to secure the data themselves and to regulate the access to the managed resources over the whole IoT system. Policies mainly involve the access to resources and are usually established by system administrators in accordance with the rules of each specific domain. Since IoT concerns multiple application fields and often wide areas, a centralized solution which manages all the required policies would not be neither efficient nor scalable. Therefore, in this paper, a distributed middleware overlying the IoT network is proposed and integrated with a synchronization system for guaranteeing the correct distribution, update, and application of the policies across the entire IoT environment in real-time. Such a distribution and synchronization system has been developed within a policy enforcement framework. The presented solution has been validated by means of a simple yet real prototype; the analyzed metrics regard delay, overhead and robustness of the proposed enforcement and synchronization framework.
Dynamic Policies in Internet of Things: Enforcement and Synchronization
SICARI, SABRINA SOPHY
;RIZZARDI, ALESSANDRA;COEN PORISINI, ALBERTO
2017-01-01
Abstract
Security and privacy represent critical issues for a wide adoption of IoT technologies both by industries and people in their every-day life. Besides, the complexity of an IoT system’s management resides in the presence of heterogeneous devices, which communicate by means of different protocols and provide information belonging to various application domains. Hence, adequate policies must be correctly distributed and applied to the information made available by the IoT network to secure the data themselves and to regulate the access to the managed resources over the whole IoT system. Policies mainly involve the access to resources and are usually established by system administrators in accordance with the rules of each specific domain. Since IoT concerns multiple application fields and often wide areas, a centralized solution which manages all the required policies would not be neither efficient nor scalable. Therefore, in this paper, a distributed middleware overlying the IoT network is proposed and integrated with a synchronization system for guaranteeing the correct distribution, update, and application of the policies across the entire IoT environment in real-time. Such a distribution and synchronization system has been developed within a policy enforcement framework. The presented solution has been validated by means of a simple yet real prototype; the analyzed metrics regard delay, overhead and robustness of the proposed enforcement and synchronization framework.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
