CACIC-DevKit: Construção de Sistemas IoT com Políticas de Acesso Customizáveis e Segurança por Hardware
Abstract
Memory enclaves secure data in clouds in the presence of attackers with privileged access to servers. The diversity of applications in the Internet of Things (IoT) makes it difficult to develop enclave systems. This work proposes CACIC-DevKit: a tool for developing IoT systems using the CACIC architecture, proposed in our previous work. The differential of the tool is the flexibility in choosing the appropriate data sources, processing tasks, and database for your use case. To demonstrate the usability, a system for smart-grids is developed with real devices, graphical user interfaces, and commercial databases.References
Anciaux, N., Bonnet, P., Bouganim, L., Nguyen, B., Pucheral, P., Popa, I. S., and Scerri, G. (2019). Personal data management systems: The security and functionality standpoint. Information Systems, 80:13–35.
Araujo, V., Mitra, K., Saguna, S., and Åhlund, C. (2019). Performance evaluation of fiware: A cloud-based iot platform for smart cities. In Journal of Parallel and Distributed Computing, volume 132, pages 250–261. Elsevier.
Camilo, G. F. et al. (2020). AutAvailChain: Disponibilização segura, controlada e automática de dados IoT usando corrente de blocos. SBRC.
Carpentier, R., Thiant, F., Popa, I. S., Anciaux, N., and Bouganim, L. (2022). An extensive and secure personal data management system using sgx. In 25th International Conference on Extending Database Technology.
Costan, V. and Devadas, S. (2016). Intel sgx explained. Cryptology ePrint Archive, Paper 2016/086. https://eprint.iacr.org/2016/086.
Eibl, G. and Engel, D. (2014). Influence of data granularity on nonintrusive appliance load monitoring. In Proceedings of the 2nd ACM workshop on Information hiding and multimedia security, pages 147–151.
Karjoth, G., Schunter, M., and Waidner, M. (2002). Privacy-enabled services for enterprises. In Proceedings. 13th International Workshop on Database and Expert Systems Applications, pages 483–487. IEEE.
Ngabonziza, B., Martin, D., Bailey, A., Cho, H., and Martin, S. (2016). Trustzone explained: Architectural features and use cases. In 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC), pages 445–451. IEEE.
Thomaz, G. A., Guerra, M. B., Detyniecki, M., Sammarco, M., and Campista, M. E. M. (2022a). Tamper-proof access control for IoT clouds using enclaves. Technical report, Universidade Federal do Rio de Janeiro (UFRJ).
Thomaz, G. A., Guerra, M. B., Sammarco, M., and Campista, M. E. M. (2022b). Cacic: Controle de acesso confiável usando enclaves a dados em nuvem da internet das coisas. In Anais do XL Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 573–586. SBC.
Xiao, Y., Zhang, N., Li, J., Lou, W., and Hou, Y. T. (2020). Privacyguard: Enforcing private data usage control with blockchain and attested off-chain contract execution. In Computer Security–ESORICS 2020: 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14–18, 2020, Proceedings, Part II 25, pages 610–629. Springer.
Zegzhda, D. P., Usov, E., Nikol’skii, A., and Pavlenko, E. Y. (2017). Use of intel sgx to ensure the confidentiality of data of cloud users.
Araujo, V., Mitra, K., Saguna, S., and Åhlund, C. (2019). Performance evaluation of fiware: A cloud-based iot platform for smart cities. In Journal of Parallel and Distributed Computing, volume 132, pages 250–261. Elsevier.
Camilo, G. F. et al. (2020). AutAvailChain: Disponibilização segura, controlada e automática de dados IoT usando corrente de blocos. SBRC.
Carpentier, R., Thiant, F., Popa, I. S., Anciaux, N., and Bouganim, L. (2022). An extensive and secure personal data management system using sgx. In 25th International Conference on Extending Database Technology.
Costan, V. and Devadas, S. (2016). Intel sgx explained. Cryptology ePrint Archive, Paper 2016/086. https://eprint.iacr.org/2016/086.
Eibl, G. and Engel, D. (2014). Influence of data granularity on nonintrusive appliance load monitoring. In Proceedings of the 2nd ACM workshop on Information hiding and multimedia security, pages 147–151.
Karjoth, G., Schunter, M., and Waidner, M. (2002). Privacy-enabled services for enterprises. In Proceedings. 13th International Workshop on Database and Expert Systems Applications, pages 483–487. IEEE.
Ngabonziza, B., Martin, D., Bailey, A., Cho, H., and Martin, S. (2016). Trustzone explained: Architectural features and use cases. In 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC), pages 445–451. IEEE.
Thomaz, G. A., Guerra, M. B., Detyniecki, M., Sammarco, M., and Campista, M. E. M. (2022a). Tamper-proof access control for IoT clouds using enclaves. Technical report, Universidade Federal do Rio de Janeiro (UFRJ).
Thomaz, G. A., Guerra, M. B., Sammarco, M., and Campista, M. E. M. (2022b). Cacic: Controle de acesso confiável usando enclaves a dados em nuvem da internet das coisas. In Anais do XL Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 573–586. SBC.
Xiao, Y., Zhang, N., Li, J., Lou, W., and Hou, Y. T. (2020). Privacyguard: Enforcing private data usage control with blockchain and attested off-chain contract execution. In Computer Security–ESORICS 2020: 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14–18, 2020, Proceedings, Part II 25, pages 610–629. Springer.
Zegzhda, D. P., Usov, E., Nikol’skii, A., and Pavlenko, E. Y. (2017). Use of intel sgx to ensure the confidentiality of data of cloud users.
Published
2023-05-22
How to Cite
THOMAZ, Guilherme A.; GUERRA, Matheus B.; SAMMARCO, Matteo; CAMPISTA, Miguel Elias M..
CACIC-DevKit: Construção de Sistemas IoT com Políticas de Acesso Customizáveis e Segurança por Hardware. In: DEMO SESSION - BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 41. , 2023, Brasília/DF.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2023
.
p. 1-8.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc_estendido.2023.711.
