Advertisement

Migrating Monitors + ABE: A Suitable Combination for Secure IoT?

  • Gordon J. Pace
  • Pablo Picazo-Sanchez
  • Gerardo SchneiderEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11247)

Abstract

The rise of the Internet of Things brings about various challenges concerning safety, reliability and dependability as well as security and privacy. Reliability and safety issues could be addressed by using different verification techniques, both statically and at runtime. In particular, migrating monitors could effectively be used not only for verification purposes, but also as a way to gather information and to enforce certain policies. The addition of monitors, however, might introduce additional security and privacy threats. In this extended abstract we briefly sketch ideas on how to combine migrating monitors with a public cryptographic scheme named Attribute-Based Encryption as a way to ensure monitors are run by the right devices in a secure and private manner.

Notes

Acknowledgements

This research has been partially supported by the Swedish Research Council (Vetenskapsrådet) under grant Nr. 2015-04154 (PolUser: Rich User-Controlled Privacy Policies).

References

  1. 1.
    AbuKhousa, E., Mohamed, N., Al-Jaroodi, J.: e-Health cloud: opportunities and challenges. Futur. Internet 4(3), 621 (2012)CrossRefGoogle Scholar
  2. 2.
    Atzori, L., Iera, A., Morabito, G., Nitti, M.: The social Internet of Things (SIoT) – when social networks meet the Internet of Things: concept, architecture and network characterization. Comput. Netw. 56(16), 3594–3608 (2012)CrossRefGoogle Scholar
  3. 3.
    Azzopardi, S., Colombo, C., Ebejer, J.P., Mallia, E., Pace, G.J.: Runtime verification using VALOUR. In: RV-CuBES, Kalpa Publications in Computing, vol. 3, pp. 10–18. EasyChair (2017)Google Scholar
  4. 4.
    Bauer, A., Falcone, Y.: Decentralised LTL monitoring. Form. Methods Syst. Des. 48(1–2), 46–93 (2016)CrossRefGoogle Scholar
  5. 5.
    Bauer, A., Leucker, M., Schallhart, C.: Model-based runtime analysis of distributed reactive systems. In: 17th Australian Software Engineering Conference, ASWEC 2006, 18–21 April 2006, Sydney, Australia, pp. 243–252 (2006)Google Scholar
  6. 6.
    Bonakdarpour, B., Fraigniaud, P., Rajsbaum, S., Travers, C.: Challenges in fault-tolerant distributed runtime verification. In: Proceedings of Part II Leveraging Applications of Formal Methods, Verification and Validation: Discussion, Dissemination, Applications - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, 10–14 October 2016, pp. 363–370 (2016)CrossRefGoogle Scholar
  7. 7.
    Colombo, C., Falcone, Y.: Organising LTL monitors over distributed systems with a global clock. In: Bonakdarpour, B., Smolka, S.A. (eds.) RV 2014. LNCS, vol. 8734, pp. 140–155. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11164-3_12CrossRefGoogle Scholar
  8. 8.
    Colombo, C., Pace, G.J., Schneider, G.: Dynamic event-based runtime monitoring of real-time and contextual properties. In: Cofer, D., Fantechi, A. (eds.) FMICS 2008. LNCS, vol. 5596, pp. 135–149. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03240-0_13CrossRefGoogle Scholar
  9. 9.
    Colombo, C., Pace, G.J., Schneider, G.: LARVA – safer monitoring of real-time Java programs (tool paper). In: 7th IEEE International Conference on Software Engineering and Formal Methods, SEFM 2009, pp. 33–37. IEEE Computer Society (2009)Google Scholar
  10. 10.
    Falcone, Y., Mariani, L., Rollet, A., Saha, S.: Runtime failure prevention and reaction. In: Bartocci, E., Falcone, Y. (eds.) Lectures on Runtime Verification. LNCS, vol. 10457, pp. 103–134. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-75632-5_4CrossRefGoogle Scholar
  11. 11.
    Francalanza, A., Gauci, A., Pace, G.J.: Distributed system contract monitoring. J. Log. Algebr. Program. 82(5–7), 186–215 (2013)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Francalanza, A., Pérez, J.A., Sánchez, C.: Runtime verification for decentralised and distributed systems. In: Bartocci, E., Falcone, Y. (eds.) Lectures on Runtime Verification. LNCS, vol. 10457, pp. 176–210. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-75632-5_6CrossRefGoogle Scholar
  13. 13.
    Guo, L., Zhang, C., Sun, J., Fang, Y.: A privacy-preserving attribute-based authentication system for mobile health networks. IEEE Trans. Mobile Comput. 13(9), 1927–1941 (2014)CrossRefGoogle Scholar
  14. 14.
    Havelund, R., Roşu, G.: Runtime verification. In: Computer Aided Verification, CAV 2001 Satellite Workshop, Volume 55 of ENTCS (2001)Google Scholar
  15. 15.
    Medaglia, C.M., Serbanati, A.: An overview of privacy and security issues in the Internet of Things. In: Giusto, D., Iera, A., Morabito, G., Atzori, L. (eds.) The Internet of Things, pp. 389–395. Springer, New York (2010).  https://doi.org/10.1007/978-1-4419-1674-7_38CrossRefGoogle Scholar
  16. 16.
    Picazo-Sanchez, P., Tapiador, J.E., Peris-Lopez, P., Suarez-Tangil, G.: Secure publish-subscribe protocols for heterogeneous medical wireless body area networks. Sensors 14(12), 22619 (2014)CrossRefGoogle Scholar
  17. 17.
    Qiao, Z., Liang, S., Davis, S., Jiang, H.: Survey of attribute based encryption. In: 2014 15th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), pp. 1–6, June 2014Google Scholar
  18. 18.
    Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed Internet of Things. Comput. Netw. 57(10), 2266–2279 (2013)CrossRefGoogle Scholar
  19. 19.
    Rouselakis, Y., Waters, B.: Efficient statically-secure large-universe multi-authority attribute-based encryption. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 315–332. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-47854-7_19CrossRefGoogle Scholar
  20. 20.
    Sen, K., Vardhan, A., Agha, G., Rosu, G.: Efficient decentralized monitoring of safety in distributed systems. In: 26th International Conference on Software Engineering, ICSE 2004, 23–28 May 2004, Edinburgh, United Kingdom, pp. 418–427 (2004)Google Scholar
  21. 21.
    Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A.: Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146–164 (2015)CrossRefGoogle Scholar
  22. 22.
    Wang, X., Zhang, J., Schooler, E.M., Ion, M.: Performance evaluation of attribute-based encryption: toward data privacy in the IoT. In: 2014 IEEE International Conference on Communications (ICC), pp. 725–730, June 2014Google Scholar
  23. 23.
    Wu, D.J., Taly, A., Shankar, A., Boneh, D.: Privacy, discovery, and authentication for the Internet of Things. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 301–319. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-45741-3_16CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Gordon J. Pace
    • 1
  • Pablo Picazo-Sanchez
    • 2
  • Gerardo Schneider
    • 2
    Email author
  1. 1.University of MaltaMsidaMalta
  2. 2.University of GothenburgGothenburgSweden

Personalised recommendations