The Community for Technology Leaders
2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob) (2014)
Larnaca, Cyprus
Oct. 8, 2014 to Oct. 10, 2014
ISBN: 978-1-4799-5041-6
pp: 165-172
Ricardo Neisse , European Commission Joint Research Centre, Ispra, Italy
Gary Steri , European Commission Joint Research Centre, Ispra, Italy
Gianmarco Baldini , European Commission Joint Research Centre, Ispra, Italy
ABSTRACT
According to the European Union data protection legislation, privacy is a fundamental right that should be protected in the interaction of the citizen with the digital world. In the evolution of Internet towards new paradigms like Internet of Things (IoT), protection of privacy can be a challenging task because IoT connected objects can generate an enormous amount of data, some of which actually constitute personal data. In addition, it is difficult to control the flow of data when there is no user interface or adequate tools for the user. In this paper we describe an efficient solution to enforcement security policy rules that addresses this challenge, and takes a more general enterprise architecture approach for security and privacy engineering in IoT. This enforcement solution is based on a Model-based Security Toolkit named SecKit, and its integration with the MQ Telemetry Transport (MQTT) protocol layer, which is a widely adopted technology to enable the communication between IoT devices. In this paper, we describe the motivation and design of our enforcement solution, demonstrating its feasibility and the performance results in a case study.
INDEX TERMS
Context, Authentication, Internet of Things, Data privacy, Authorization
CITATION

R. Neisse, G. Steri and G. Baldini, "Enforcement of security policy rules for the Internet of Things," 2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob)(WIMOB), Larnaca, Cyprus, 2014, pp. 165-172.
doi:10.1109/WiMOB.2014.6962166
91 ms
(Ver 3.3 (11022016))