ABSTRACT
In this paper, we present a scalable and adaptive model which efficiently and quickly enforces control schemas for the Internet of Things (IoT) via a novel command messaging service. This is achieved by utilizing the n-tier scalability of the cloud to generate vast networks of virtual machines. Within each of these virtual machines exists a cluster of "compute pages". Each cluster of compute pages contains an instance of our policy enforcement algorithm. This algorithm processes device-level telemetry into device-level policies. Our proposed model is built with a particular focus on the efficiency and scalability of the service. We demonstrate the performance of the service with a small-scale real world experiment and provide some analysis of the results.
- D. Puccinelli and M. Haenggi. 2005. Wireless sensor networks: applications and challenges of ubiquitous sensing. Circuits and Systems Magazine 5, 3, 19--31. DOI: 10.1109/MCAS.2005.1507522 Google ScholarCross Ref
- I. Stojmenovic and S. Wen. 2014. The Fog computing paradigm: Scenarios and security issues. In Proceeding of the Federated Conference on Computer Science and Information Systems. Warsaw, 1--8. DOI: 10.15439/2014F503 Google ScholarCross Ref
- Y. Li and D. Schuurmans. 2011. MapReduce for parallel reinforcement learning. In Proceeding of the 9th European conference on Recent Advances in Reinforcement Learning (EWRL'11). Springer-Verlag, Berlin, Heidelberg, 309--320. DOI: 10.1007/978-3-642-29946-9_30 Google ScholarDigital Library
- E. Baccelli, C. Mehlis, O. Hahm, T. C. Schmidt, and M. Wählisch. 2014. Information centric networking in the IoT: experiments with NDN in the wild. In Proceeding of the 1st ACM Conference on Information-Centric Networking (ACM-ICN '14). ACM, New York, NY, USA, 77--86. DOI: 10.1145/2660129.2660144 Google ScholarDigital Library
- A. Ghodsi, S. Shenker, T. Koponen, A. Singla, B. Raghavan, and J. Wilcox. 2011. Information-centric networking: seeing the forest for the trees. In Proceeding of the 10th ACM Workshop on Hot Topics in Networks (HotNets-X). ACM, New York, NY, USA, Article 1, 6 pages. DOI:10.1145/2070562.2070563 Google ScholarDigital Library
- A. Lindgren, F. B. Abdesslem, B. Ahlgren, O. Schelén and A. M. Malik. 2016. Design choices for the IoT in Information-Centric Networks. In Proceeding of the 13th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, 882--888. DOI: 10.1109/CCNC.2016.7444905 Google ScholarDigital Library
- L. Sugang, Y. Zhang, D. Raychaudhuri, R. Ravindran, Q. Zheng, L. Dong, and G. Wang. 2015. IoT Middleware Architecture over Information-Centric Network. In Proceeding of the Globecom Workshops (GC Wkshps). IEEE, 1--7.Google Scholar
- P. Mark, and M. Bauer. 2004. Policies, rules and their engines: what do they mean for SLAs?. In Proceeding of the International Conference on Knowledge-Based and Intelligent Information and Engineering Systems. Springer Berlin Heidelberg, 1164--1170.Google Scholar
- ISO/IEC. 2014. ISO/IEC 19464:2014 - Information Technology -- Advanced Message Queuing Protocol (AMQP) V1.0 Specification. https://www.iso.org/standard/64955.htmlGoogle Scholar
Recommendations
A posteriori compliance control
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologiesWhile preventative policy enforcement mechanisms can provide theoretical guarantees that policy is correctly enforced, they have limitations in practice. They are inflexible when unanticipated circumstances arise, and most are either inflexible with ...
Managing Data Access on Clouds: A Generic Framework for Enforcing Security Policies
AINA '11: Proceedings of the 2011 IEEE International Conference on Advanced Information Networking and ApplicationsProviding an adequate security level in Cloud Environments is currently an extremely active research area. More specifically, malicious behaviors targeting large-scale Cloud data repositories (e.g. Denial of Service attacks) may drastically degrade the ...
Composing expressive runtime security policies
Program monitors enforce security policies by interposing themselves into the control flow of untrusted software whenever that software attempts to execute security-relevant actions. At the point of interposition, a monitor has authority to permit or ...
Comments