Jatinder Singh
Thomas Pasquier
ABSTRACT
Internet of Things (IoT) applications, systems and services are subject to law. We argue that for the IoT to develop lawfully, there must be technical mechanisms that allow the enforcement of specified policy, such that systems align with legal realities. The audit of policy enforcement must assist the apportionment of liability, demonstrate compliance with regulation, and indicate whether policy correctly captures legal responsibilities. As both systems and obligations evolve dynamically, this cycle must be continuously maintained.
This poses a huge challenge given the global scale of the IoT vision. The IoT entails dynamically creating new services through managed and flexible data exchange. Data management is complex in this dynamic environment, given the need to both control and share information, often across federated domains of administration.
We see middleware playing a key role in managing the IoT. Our vision is for a middleware-enforced, unified policy model that applies end-to-end, throughout the IoT. This is because policy cannot be bound to things, applications, or administrative domains, since functionality is the result of composition, with dynamically formed chains of data flows.
We have investigated the use of Information Flow Control (IFC) to manage and audit data flows in cloud computing; a domain where trust can be well-founded, regulations are more mature and associated responsibilities clearer. We feel that IFC has great potential in the broader IoT context. However, the sheer scale and the dynamic, federated nature of the IoT pose a number of significant research challenges.
- Combining heterogeneous service technologies for building an Internet of Things middleware. Computer Communications, 35(4):405--417, 2012. Google Scholar
Digital Library
- Overview of the Internet of Things. Technical Report Y.2060, ITU Telecommunication Standardization Sector, June 2012.Google Scholar
- Software Guard Extensions Programming Reference. (Intel, Technical Report 329298-001 US), 2013.Google Scholar
- Internet of Things (Preliminary Report 2014). (Technical Report, ISO/IEC JTC 1), 2015.Google Scholar
- N. Aaraj, A. Raghunathan, and N. K. Jha. Analysis and Design of a Hardware/Software Trusted Platform Module for Embedded Systems. Transactions on Embedded Computing Systems (TECS), 8(1):8, 2008. Google ScholarDigital Library
- R. Accorsi. BBox: A distributed secure log architecture. In Public Key Infrastructures, Services and Applications, pages 109--124. Springer, 2011. Google ScholarDigital Library
- G. Ateniese, K. Fu, M. Green, and S. Hohenberger. Improved Proxy re-Encryption Schemes with Applications to Secure Distributed Storage. ACM Transactions on Information and System Security (TISSEC), 9(1):1--30, 2006. Google ScholarDigital Library
- L. Atzori, A. Iera, and G. Morabito. The Internet of Things: A survey. Computer networks, 54(15):2787--2805, 2010. Google ScholarDigital Library
- J. Bacon, D. Eyers, T. Pasquier, J. Singh, I. Papagiannis, and P. Pietzuch. Information Flow Control for Secure Cloud Computing. Transactions on Network and System Management SI Cloud Service Management, 11(1):76--89, 2014.Google Scholar
- J. Bacon, K. Moody, and W. Yao. A Model of OASIS Role-based Access Control and its Support for Active Security. ACM Transactions on Information and System Security (TISSEC), 5(4):492--540, 2002. Google ScholarDigital Library
- S. Bajikar. Trusted Platform Module (TPM) based Security on Notebook PCs-White Paper. Mobile Platforms Group, Intel Corporation, pages 1--20, 2002.Google Scholar
- M. Baldauf, S. Dustdar, and F. Rosenberg. A survey on context-aware systems. International Journal of Ad Hoc and Ubiquitous Computing, 2(4):263--277, June 2007. Google ScholarDigital Library
- S. Bandyopadhyay, M. Sengupta, S. Maiti, and S. Dutta. Role of middleware for Internet of Things: A study. International Journal of Computer Science and Engineering Survey, 2:94--105, Aug 2011.Google ScholarCross Ref
- S. Bauer and D. Schreckling. Data Provenance in the Internet of Things. In EU Project COMPOSE, Conference 2013.Google Scholar
- D. E. Bell and L. J. LaPadula. Secure Computer Systems: Mathematical Foundations and Model. Technical Report M74-244, The MITRE Corp., Bedford MA, 1973.Google Scholar
- T. Bench-Capon, M. Araszkiewicz, K. Ashley, et al. A History of AI and Law in 50 Papers: 25 Years of the International Conference on AI and Law. Artif. Intell. Law, 20(3):215--319, Sept. 2012. Google ScholarDigital Library
- S. Berger, K. Goldman, D. Pendarakis, D. Safford, E. Valdez, and M. Zohar. Scalable Attestation: A Step Toward Secure and Trusted Clouds. In International Conference on Cloud Engineering (IC2E). IEEE, 2015. Google ScholarDigital Library
- C. Bettini, O. Brdiczka, K. Henricksen, J. Indulska, D. Nicklas, A. Ranganathan, and D. Riboni. A survey of context modelling and reasoning techniques. Pervasive and Mobile Computing, 6(2):161--180, 2010. Google ScholarDigital Library
- K. J. Biba. Integrity Considerations for Secure Computer Systems. Technical Report ESD-TR 76-372, MITRE Corp., 1977.Google Scholar
- G. S. Blair, A. Bennaceur, N. Georgantas, P. Grace, V. Issarny, V. Nundloll, and M. Paolucci. The role of ontologies in emergent middleware: Supporting interoperability in complex distributed systems. In ACM/IFIP/USENIX Middleware 2011, Springer LNCS 7049, pages 410--430, 2011. Google ScholarDigital Library
- D. W. Chadwick and S. F. Lievens. Enforcing sticky security policies throughout a distributed application. In Workshop on Middleware Security, pages 1--6. ACM, 2008. Google ScholarDigital Library
- D. W. Chadwick, A. Otenko, and E. Ball. Role-based Access Control with X. 509 Attribute Certificates. Internet Computing, IEEE, 7(2):62--69, 2003. Google ScholarDigital Library
- A. Chapman, M. D. Allen, and B. T. Blaustein. It's About the Data: Provenance as a Tool for Assessing Data Fitness. In Workshop on the Theory and Practice of Provenance. USENIX, 2012. Google ScholarDigital Library
- W. Cheng, D. R. K. Ports, D. Schultz, V. Popic, A. Blankstein, J. Cowling, D. Curtis, L. Shrira, and B. Liskov. Abstractions for Usable Information Flow Control in Aeolus. In USENIX Annual Technical Conference, Boston, 2012. Google ScholarDigital Library
- A. Cherkaoui, L. Bossuet, L. Seitz, G. Selander, and R. Borgaonkar. New Paradigms for Access Control in Constrained Environments. In 9th International Symposium on Reconfigurable and Communication-Centric Systems-on-Chip (ReCoSoC), pages 1--4. IEEE, 2014.Google Scholar
- J. Crowcroft, A. Madhavapeddy, M. Schwarzkopf, T. Hong, and R. Mortier. Unclouded Vision. In Distributed Computing and Networking, pages 29--40. Springer, 2011. Google ScholarDigital Library
- P. De Leusse, P. Periorellis, T. Dimitrakos, and S. K. Nair. Self Managed Security Cell, a Security Model for the Internet of Things and Services. In 1st International Conference on Advances in Future Internet, pages 47--52. IEEE, 2009. Google ScholarDigital Library
- D. E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236--243, 1976. Google ScholarDigital Library
- C. Dwork. Differential privacy. In Automata, Languages and Programming, pages 1--12. Springer, 2006. Google ScholarDigital Library
- S. Farrell and R. Housley. An Internet Attribute Certificate Profile for Authorization. (IETF Technical Report), 2002. Google ScholarDigital Library
- O. Garcia-Morchon, S. Kumar, R. Struik, S. Keoh, and R. Hummen. Security Considerations in the IP-based Internet of Things. IETF, 2013.Google Scholar
- A. Gehani and D. Tariq. SPADE: Support for Provenance Auditing in Distributed Environments. In ACM/IFIP/USENIX Middleware, pages 101--120. Springer, 2012. Google ScholarDigital Library
- P. Grace, Y.-D. Bromberg, L. Réveillère, and G. Blair. Overstar: An open approach to end-to-end middleware services in systems of systems. In ACM/IFIP/USENIX Middleware, pages 229--248. Springer, 2012. Google ScholarDigital Library
- J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami. Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7):1645--1660, 2013. Google ScholarDigital Library
- W. Hartzog and E. Selinger. The Internet of Heirlooms and Disposable Things. North Carolina Journal of Law & Technology, 581, June 2016.Google Scholar
- S. Hasan and E. Curry. Thingsonomy: Tackling Variety in Internet of Things Events. Internet Computing, 19(2):10--18, Mar 2015.Google ScholarCross Ref
- T. Heer, O. Garcia-Morchon, R. Hummen, S. L. Keoh, S. S. Kumar, and K. Wehrle. Security Challenges in the IP-based Internet of Things. Wireless Personal Communications, 61(3):527--542, 2011. Google ScholarDigital Library
- W. K. Hon, C. Millard, and J. Singh. Twenty Legal Considerations for Clouds of Things. (Queen Mary University of London, School of Law, Technical Report 216/2016), 2016.Google Scholar
- W. K. Hon, C. Millard, J. Singh, I. Walden, and J. Crowcroft. Policy, legal and regulatory implications of a Europe-only cloud. International Journal of Law and Information Technology, 2016.Google ScholarCross Ref
- D. Hrestak and S. Picek. Homomorphic Encryption in the Cloud. In Proc. 37th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pages 1400--1404. IEEE, 2014.Google ScholarCross Ref
- R. Hummen, J. H. Ziegeldorf, H. Shafagh, S. Raza, and K. Wehrle. Towards Viable Certificate-based Authentication for the Internet of Things. In 2nd Workshop on Hot Topics in Wireless Network Security and Privacy, pages 37--42. ACM, 2013. Google ScholarDigital Library
- N. Ibrahim and F. Le Mouël. A survey on service composition middleware in pervasive environments. International Journal of Computer Science Issues, 1:1--12, Aug 2009.Google Scholar
- V. Issarny and G. Blair. Guest editorial: Special issue on the future of middleware (FOME'11). Journal of Internet Services and Applications, (1):1--4, May.Google Scholar
- K. R. Jayaram, D. Safford, U. Sharma, V. Naik, D. Pendarakis, and S. Tao. Trustworthy Geographically Fenced Hybrid Clouds. In ACM/IFIP/USENIX Middleware. ACM, 2014. Google ScholarDigital Library
- S. Kalasapur, M. Kumar, and B. Shirazi. Dynamic service composition in pervasive computing. IEEE Transactions on Parallel and Distributed Systems, 18(7):907--918, 2007. Google ScholarDigital Library
- S. L. Keoh, S. Kumar, and H. Tschofenig. Securing the Internet of Things: A Standardization Perspective. Internet of Things Journal, 1(3):265--275, 2014.Google ScholarCross Ref
- C. Kil, E. C. Sezer, A. M. Azab, P. Ning, and X. Zhang. Remote Attestation to Dynamic System Properties: Towards Providing Complete System Integrity Evidence. In Dependable Systems & Networks (DSN'09), pages 115--124. IEEE, 2009.Google Scholar
- F. Kon, F. Costa, G. Blair, and R. H. Campbell. The case for reflective middleware. Communications of the ACM, 45(6):33--38, Jun 2002. Google ScholarDigital Library
- J.-Y. Lee, W.-C. Lin, and Y.-H. Huang. A Lightweight Authentication Protocol for Internet of Things. In International Symposium on Next-Generation Electronics (ISNE), pages 1--2. IEEE, 2014.Google Scholar
- N. Love and M. Genesereth. Computational law. In 10th International Conference on Artificial Intelligence and Law, pages 205--209. ACM, 2005. Google ScholarDigital Library
- R. Lu, X. Lin, X. Liang, and X. S. Shen. Secure Provenance: the Essential of Bread and Butter of Data Forensics in Cloud Computing. In Symposium on Information, Computer and Communications Security (ASIACCS), pages 282--292. ACM, 2010. Google ScholarDigital Library
- P. Macko, M. Chiarini, and M. Seltzer. Collecting Provenance via the Xen Hypervisor. In TaPP. USENIX, 2011.Google Scholar
- N. Matthys, C. Huygens, D. Hughes, J. Ueyama, S. Michiels, and W. Joosen. Policy-driven tailoring of sensor networks. In Springer, Sensor Systems and Software, S-CUBE'10, pages 20--35, 2010.Google Scholar
- C. J. Millard, editor. Cloud Computing Law. Oxford University Press, 2013.Google Scholar
- J. Mineraud, O. Mazhelis, X. Su, and S. Tarkoma. A gap analysis of Internet-of-Things platforms. Computer Communications, 2016. Google ScholarDigital Library
- N. H. Minsky and V. Ungureanu. Law-governed interaction. ACM Transactions on Software Engineering Methodologies, 9(3):273--305, 2000. Google ScholarDigital Library
- G. Mulligan. The 6LoWPAN architecture. In Proceedings of the 4th workshop on Embedded networked sensors, pages 78--82. ACM, 2007. Google ScholarDigital Library
- K.-K. Muniswamy-Reddy, D. A. Holland, U. Braun, and M. I. Seltzer. Provenance-aware storage systems. In USENIX Annual Technical Conference, pages 43--56, 2006. Google ScholarDigital Library
- A. C. Myers. JFlow: Practical Mostly-static Information Flow Control. In 26th SIGPLAN SIGACT POPL'99, pages 228--241. ACM, 1999. Google ScholarDigital Library
- A. C. Myers and B. Liskov. A Decentralized Model for Information Flow Control. In Symposium on Operating Systems Principles (SOSP), pages 129--142. ACM, 1997. Google ScholarDigital Library
- M. Nauman, S. Khan, X. Zhang, and J.-P. Seifert. Beyond Kernel-level Integrity Measurement: Enabling Remote Attestation for the Android Platform. In Trust and Trustworthy Computing, pages 1--15. Springer, 2010. Google ScholarDigital Library
- Nuffield Council on Bioethics. The collection, linking and use of data in biomedical research and health care: ethical issues. 2014.Google Scholar
- S. W. Oh and H. S. Kim. Decentralized Access Permission Control Using Resource-oriented Architecture for the Web of Things. In Conference on Advanced Communication Technology (ICACT), pages 749--753. IEEE, 2014.Google Scholar
- M. Paolucci and B. Souville. Data interoperability in the future of middleware. Journal of Internet Services and Applications, 3(1):127--131, May 2012.Google ScholarCross Ref
- N. Park, M. Kim, and H.-C. Bang. Symmetric Key-Based Authentication and the Session Key Agreement Scheme in IoT Environment. In Computer Science and its Applications, pages 379--384. Springer, 2015.Google Scholar
- T. Pasquier, J. Bacon, J. Singh, and D. Eyers. Data-Centric Access Control for Cloud Computing. In Symposium on Access Control Models and Technologies (SACMAT). ACM, 2016. Google ScholarDigital Library
- T. Pasquier, J. Singh, and J. Bacon. Clouds of Things need Information Flow Control with Hardware Roots of Trust. In International Conference on Cloud Computing Technology and Science (CloudCom'15). IEEE, 2015. Google ScholarDigital Library
- T. Pasquier, J. Singh, J. Bacon, and D. Eyers. Information Flow Audit for PaaS clouds. In International Conference on Cloud Engineering (IC2E), pages 42--51. IEEE, 2016.Google ScholarCross Ref
- T. Pasquier, J. Singh, D. Eyers, and J. Bacon. CamFlow: Managed Data-Sharing for Cloud Services. IEEE Transactions on Cloud Computing, 2015.Google Scholar
- S. Pearson. Trusted Computing Platforms, the Next Security Solution. HP Labs, 2002. Google ScholarDigital Library
- S. Pearson and M. Casassa-Mont. Sticky Policies: An Approach for Managing Privacy across Multiple Parties. Computer, 44, July 2011. Google ScholarDigital Library
- C. Perera, A. Zaslavsky, P. Christen, and D. Georgakopoulos. Context aware computing for the Internet of Things: A survey. Communications Surveys Tutorials, IEEE, 16(1):414--454, First 2014.Google ScholarCross Ref
- D. J. Pohly, S. McLaughlin, P. McDaniel, and K. Butler. Hi-Fi: Collecting High-Fidelity whole-system provenance. In Proceedings of the 28th Annual Computer Security Applications Conference, pages 259--268. ACM, 2012. Google ScholarDigital Library
- P. Porambage, C. Schmitt, P. Kumar, A. Gurtov, and M. Ylianttila. Two-phase Authentication Protocol for Wireless Sensor Networks in Distributed IoT Applications. In 14th Int. Conf. on Wireless Communications and Networking (WCNC), pages 2770--2775. IEEE, 2014.Google Scholar
- R. Roman, P. Najera, and J. Lopez. Securing the Internet of Things. Computer, 44(9):51--58, 2011. Google ScholarDigital Library
- S. M. Sadjadi and P. K. McKinley. A survey of adaptive middleware. Michigan State University Report MSU-CSE-03-35, 2003.Google Scholar
- N. Santos, H. Raj, S. Saroiu, and W. A. Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications. In Proc. Architectural Support for Programming Languages and Operating Systems (ASPLOS), pages 67--80. ACM, 2014. Google ScholarDigital Library
- M. Satyanarayanan, P. Bahl, R. Caceres, and N. Davies. The Case for VM-based Cloudlets in Mobile Computing. Pervasive Computing, IEEE, 8(4):14--23, 2009. Google ScholarDigital Library
- L. Sfaxi, T. Abdellatif, R. Robbana, and Y. Lakhnech. Information Flow Control of Component-based Distributed Systems. Concurrency and Computation: Practice and Experience, 25(2):161--179, 2013. Google ScholarDigital Library
- Z. Shelby, K. Hartke, and C. Bormann. The Constrained Application Protocol (CoAP). IETF Standards Track, 2014.Google ScholarCross Ref
- J. Singh and J. Bacon. On Middleware for Emerging Health Services. Journal of Internet Services and Applications, 5(6):1--34, 2014.Google Scholar
- J. Singh, D. Eyers, and J. Bacon. Policy Enforcement within Emerging Distributed, Event-Based Systems. In Distributed Event-Based Systems (DEBS'14), pages 246--255. ACM, 2014. Google ScholarDigital Library
- J. Singh, D. M. Eyers, and J. Bacon. Disclosure Control in Multi-Domain Publish/Subscribe Systems. In Distributed Event-Based Systems (DEBS'11), pages 159--170. ACM, 2011. Google ScholarDigital Library
- J. Singh, T. Pasquier, J. Bacon, and D. Eyers. Integrating Middleware and Information Flow Control. In International Conference on Cloud Engineering (IC2E), pages 54--59. IEEE, 2015. Google ScholarDigital Library
- J. Singh, T. Pasquier, J. Bacon, H. Ko, and D. Eyers. Twenty security considerations for cloud-supported Internet of Things. IEEE IoT Journal, 3(3):269--284, June 2016.Google Scholar
- J. Singh, J. Powles, T. Pasquier, and J. Bacon. Data flow management and compliance in cloud computing. IEEE Cloud Computing Magazine, Special Issue on Legal Clouds, 2(4):24--32, July 2015.Google Scholar
- J. Singh, L. Vargas, J. Bacon, and K. Moody. Policy-based Information Sharing in Publish/Subscribe Middleware. In Policy. IEEE, 2008. Google ScholarDigital Library
- M. Sloman. Policy Driven Management For Distributed Systems. Journal of Network and Systems Management, 2:333--360, 1994.Google ScholarCross Ref
- J. Stankovic. Research Directions for the Internet of Things. Internet of Things Journal, 1(1):3--9, 2014.Google ScholarCross Ref
- S. Subashini and V. Kavitha. A Survey on Security Issues in Service Delivery Models of Cloud Computing. Journal of Network and Computer Applications, 34(1):1--11, 2011. Google ScholarDigital Library
- T. Teixeira, S. Hachem, V. Issarny, and N. Georgantas. Service oriented middleware for the Internet of Things: A perspective. In ServiceWave'11, pages 220--229, 2011. Google ScholarDigital Library
- C. Wright, C. Cowan, S. Smalley, J. Morris, and G. Kroah-Hartman. Linux Security Modules: General security support for the Linux kernel. In Foundations of Intrusion Tolerant Systems, pages 213--213. IEEE, 2003.Google ScholarCross Ref
- A. Wun and H.-A. Jacobsen. A policy management framework for content-based publish/subscribe. In ACM/IFIP/USENIX Middleware, pages 368--388. Springer, 2007. Google ScholarDigital Library
- A. Zavou, V. Pappas, V. P. Kemerlis, M. Polychronakis, G. Portokalidis, and A. D. Keromytis. Cloudopsy: An autopsy of data flows in the cloud. In Human Aspects of Information Security, Privacy, and Trust, pages 366--375. Springer, 2013.Google Scholar
- N. Zeldovich, S. Boyd-Wickizer, and D. Mazières. Securing Distributed Systems with Information Flow Control. In 5th Symposium on Networked System Design and Implementation (NSDI 08), pages 293--308. USENIX, 2008. Google ScholarDigital Library
- Big ideas paper: Policy-driven middleware for a legally-compliant Internet of Things
Recommendations
Zero-Tolerance Policies: Do They Inhibit or Stimulate Illicit Drug Consumption?
Some have suggested fighting the drug problem with so-called "zero-tolerance" policies that impose stiff sanctions for possession of even trace amounts of illicit drugs. Such policies can swamp the criminal justice system and violate the principle that ...
Contracting over the quality aspect of security in software product markets
QoP '06: Proceedings of the 2nd ACM workshop on Quality of protectionSecure software development has gained momentum during the past couple of years and improvements have been made. Buyers have started to demand secure software and contractual practices for taking security into consideration in the software purchasing ...
Formal methods as a link between software code and legal rules
SEFM'11: Proceedings of the 9th international conference on Software engineering and formal methodsThe rapid evolution of the technological landscape and the impact of information technologies on our everyday life raise new challenges which cannot be tackled by a purely technological approach. Generally speaking, legal and technical means should ...
Comments