Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Trends on Data Graphs & Security for the Internet of Things

185 Aufrufe

Veröffentlicht am

Slides used during the keynote at WF-IoT 2019, in Limerick at https://sites.google.com/view/iot-cps-2019/program?authuser=0

Veröffentlicht in: Daten & Analysen
  • Login to see the comments

  • Gehören Sie zu den Ersten, denen das gefällt!

Trends on Data Graphs & Security for the Internet of Things

  1. 1. Trends on Data Graphs & Security for the Internet of Things Mondeca Ghislain Atemezing Director, Research and Innovation @gatemezing The Fourth IEEE International Workshop on IoT/CPS-Security 2019 April 15th 2019, Limerick, Ireland
  2. 2. AGENDA  Motivation  Large Scale Graph of Things  STAC (Security Toolbox: Attack & Countermeasure)  An Ontology Catalog for (IoT) Security  Applications for IoT Developers  Conclusions - Challenges
  3. 3. MONDECA – 20 years delivering Semantic Applications
  4. 4. Motivation
  5. 5. https://www.ahajournals.org/doi/full/10.1161/CIRCULATIONAHA.118.037331
  6. 6. Classsification of Cybersecurity from Europol ● Class of incident ● Type of incident for each class ● Description of the incident
  7. 7. OWASP - top 10 IoT Vulnerabilities ● I1 Weak Guessable, or Hardcoded Passwords ● I2 Insecure Network Services ● I3 Insecure Ecosystem Interfaces ● I4 Lack of Secure Update Mechanism ● I5 Use of Insecure or Outdated Components ● I6 Insufficient Privacy Protection ● I7 Insecure Data Transfer and Storage ● I8 Lack of Device Management ● I9 Insecure Default Settings ● I10 Lack of Physical Hardening https://www.owasp.org/images/1/1c/OWASP-IoT-Top-10-2018-final.pdf
  8. 8. Access Control Models in IoT/WoT Environment (1) ● ACS authenticates the user and grants her the appropriate access token, allowing her to access the Thing’s resources for a certain period of time or permanently depending on the deployed policy, ● Better scalability and privacy in the system. ● Complicated to implement in constrained environment since the Things themselves needs to check the received access token De-centralized Architecture
  9. 9. Access Control Models in IoT/WoT Environment (2) ● User’s requests go through an access control server that authorizes and relays them to the right destination. ● This model is interesting in the WoT since all the complexity can be carried out by the server. ● Single point of failure, impersonation and privacy problems since all the requests and eventually responses are monitored by the server Centralized Architecture
  10. 10. Large Scale Graph of Things
  11. 11. Quizz Slide What is a Knowledge Graph?
  12. 12. “a graph of data with the intention to encode knowledge” “Link things that were never connected before using graph paradigm to transform business..” “knowledge that is represented in machine readable format for data interoperability and discovery”
  13. 13. Graph of Things ● Temperature ● Wind ● Traffic Camera ● Airport ● Flight ● Ship ● Harbour ● Travel Camera ● Twitter ● Bike Station Water Level ● Metro Station http://graphofthings.org/ Paper: The Graph of Things: A step towards the Live Knowledge Graph of connected things [Le-Phuoc et al. 2016] Real-time -> temporal and spatial aspects Big Data Challenges: Big volume, fast real- time update and messy data sources
  14. 14. Schema.org: Structured data on the Web by Google
  15. 15. iot.schema.org http://iotschema.org/Capability Extension for IoT domain. How to align with W3C SSN/SOSA ontology?
  16. 16. iot.schema.org - Ongoing Extension Ongoing Extension
  17. 17. iot.schema.org - Ongoing Extension How to decide which concepts to include? http://iotschema.org/AirConditionerhttp://iotschema.org/Capability
  18. 18. Semantic Web Approaches to Security
  19. 19. Quizz Slide Who already heard about:
  20. 20. We are using those technologies everyday …. Technologies used in the background of search engines
  21. 21. STAC (Security Toolbox: Attack & Countermeasure)
  22. 22. ● Creating a Knowledge Graph for better interoperability and reuse ● Based on existing works in the field ● Collecting data from papers from 2005 to 2013 ● Initial version during Gyrard’s PhD thesis in 2013 STAC Security Knowledge Graph
  23. 23. STAC Security Knowledge Graph referenced by LOV
  24. 24. STAC Ontology Ontology namespace: http://securitytoolbox.appspot.com/stac#
  25. 25. Technology concept and sub-classes
  26. 26. WebAttack sub-classes and Axioms
  27. 27. Obviously the ontology to describe the security domain must evolved! Security Mechanisms sub-classes
  28. 28. Classification of attacks and security mechanisms specific to sensor networks according to the OSI model
  29. 29. Security properties for sensor security mechanisms
  30. 30. Describing LLSP security mechanism in RDF/XML
  31. 31. An ontology catalog for (IoT)- security
  32. 32. LOV4IoT-Security Demo: http://lov4iot.appspot.com/?p=ontologies 33 ontologies for security referenced
  33. 33. Demo: http://lov4iot.appspot.com/?p=lov4iot-security
  34. 34. A Potential Solution to Help Developers Secure IoT Applications
  35. 35. Motivation for IoT Developers
  36. 36. Assisting developers in securing IoT Apps with STAC
  37. 37. S4AC / Fine-grained access control policies ● Lightweight vocabulary to create fine-grained access control policies for Linked Data. ● Share security information specifying the access control conditions under which the data is accessible.
  38. 38. Shi3ld: Context-Aware Authorization for Graph Stores ● Works on Named Graphs ● Step 0. The user defines the Access Policy ● Step 1. Query Contextualization ● Step 2. Access Policy Evaluation ● Step 3. Query Execution http://wimmics.inria.fr/projects/shi3ld/
  39. 39. Take Away Message
  40. 40. ● We can’t stop the IoT/WoT revolution ● Users are worried about their personal data that they will share with the smart objects and more importantly who can access them ● Need to implement strong security mechanisms to protect their data inside and outside the infrastructure ● Semantic technologies offer standards (ontologies, rules, RDF model) to leverage existing security issues in IoT for better interoperability mostly in identification, or to data control/access Take Away Message!
  41. 41. Challenges for SemWeb Technologies!! ● Semantic Web technologies to support both data producers and consumers in understanding, combining and interpreting policies in a meaningful and valuable way. ● Semantic Web technologies address issues such as appropriation, distortion, or challenges associated with invasion.
  42. 42. Credits: Dr. Amelie Gyrard, Knoesis.org (USA)
  43. 43. Thank you! Questions?
  44. 44. Bibliography ● An ontology-based approach for helping to secure the ETSI Machine-to-Machine Architecture. IEEE International Conference on Internet of Things 2014 (iThings), September 1-3, Taipei, Taiwan, 2014 PDF, Paper via IEEE, Slides ● The STAC (Security Toolbox: Attacks & Countermeasures) ontology WWW 2013, 22nd International World Wide Web Conference, Poster, May 13-17, 2013, Rio de Janeiro, Brazil (Paper, Poster) ● Chapter 5 Security Toolbox: Attacks & Countermeasures (STAC) PhD: Designing Cross-Domain Semantic Web of Things Applications (2015) Thesis's defense, Eurecom, Sophia Antipolis, 24 April 2015 PhD thesis (has been selected as one of the 10 nominees for Best PhD Thesis Price - Telecom ParisTech 2015 - France) Slides, Demo, Abstract (English and French)
  45. 45. Bibliography ● Semantic Web Methodologies, Best Practices and Ontology Engineering Applied to Internet of Things IEEE World Forum on Internet of Things (WF-IoT), Milan, Italy, December 14-16, 2015 PDF, Paper via IEEE, Slides ● A survey and analysis of ontology-based software tools for semantic interoperability in IoT and WoT landscapes. IEEE 4th World Forum on Internet of Things (WF-IoT), 2018 PDF ● Privacy, Security and Policies: A review of Problems and Solutions with Semantic Web Technologies , SWJ (2018)