Corpus ID: 46944645

Droplet: Decentralized Authorization for IoT Data Streams

  title={Droplet: Decentralized Authorization for IoT Data Streams},
  author={Hossein Shafagh and Lukas Burkhalter and S. Duquennoy and Anwar Hithnawi and S. Ratnasamy},
This paper presents Droplet, a decentralized data access control service, which operates without intermediate trust entities. Droplet enables data owners to securely and selectively share their dat ... 
Personal Data Access Control Through Distributed Authorization
This paper presents an architecture of a Personal Information Management System, in which individuals can define the access to their personal data by means of smart contracts, running on the Ethereum blockchain, and two possible alternatives are described: a Secret Sharing scheme and Threshold Proxy Re-Encryption scheme. Expand
WAVE: A Decentralized Authorization Framework with Transitive Delegation
WAVE is an authorization framework offering decentralized trust: no central services can modify or see permissions and any participant can delegate a portion of their permissions autonomously, and stores them in an untrusted scalable storage solution. Expand
Decentralized patient-centric data management for sharing IoT data streams
The contribution of the work lies in coupling the IOTA Tangle technology as auditable and distributed data storage of the patients encrypted time-series IoT data streams with an efficient key management scheme in to define fine-grained stream-specific access policies. Expand
Retaining Data Ownership in the Internet of Things
This dissertation investigates building secure IoT systems that protect data confidentiality and retain data ownership and builds secure systems that allow reducing the trust end-users are required to put into third parties within the IoT ecosystem, specifically towards the cloud storage and service providers. Expand
Methodology for massive configuration of OAuth 2.0 tokens in large IoT scenarios
This work is focused on designing architecture elements and the accompanying methodology needed to use the OAuth 2.0 authorization framework in large Internet of Things scenarios and proposes using a Resource Service able to manage requests from devices and an encryption scheme based on public-key cryptography that would allow the massive secure distribution of OAuth access tokens. Expand
JEDI: Many-to-Many End-to-End Encryption and Key Delegation for IoT
JEDI encrypts and signs messages end-to-end, while conforming to the decoupled communication model typical of IoT systems, and allows principals to delegate their keys, restricted in expiry or scope, to other principals, thereby granting access to data and managing access control in a scalable, distributed way. Expand
Tailoring Onion Routing to the Internet of Things: Security and Privacy in Untrusted Environments
This work tailor onion routing to the IoT by bridging protocol incompatibilities and offloading expensive cryptographic processing to a router or web server of the IoT device owner, and realizes resource-conserving access control and end-toend security for IoT devices. Expand
Broadcast Encryption with Fine-grained Delegation and its Application to IoT
Broadcast encryption schemes allow senders to distribute data to selected receivers securely. Broadcast encryption schemes have been widely used in designing revocation protocols in publish-subscribeExpand
Realizing an Implementation Platform for Closed Loop Cyber-Physical Systems Using Blockchain
Critical issues of centralized database security in CPS are addressed via a distributed blockchain based solution and the potential of blockchain in securing and offering a distributed network for the CPS in a closed loop manner is explored. Expand
TimeCrypt: A Scalable Private Time Series Data Store
We present TimeCrypt, an efficient and scalable system that augments time series data stores with encrypted data processing capabilities and features a new encryption-based access control scheme thatExpand


Towards Blockchain-based Auditable Storage and Sharing of IoT Data
A blockchain-based design for the IoT that brings a distributed access control and data management that empower the users with data ownership and facilitates the storage of time-series IoT data at the edge of the network via a locality-aware decentralized storage system that is managed with the blockchain technology. Expand
Cloud-Based Commissioning of Constrained Devices using Permissioned Blockchains
The ChainAnchor architecture is introduced that provides device commissioning in a privacy-preserving fashion and is designed to support anonymous deviceCommissioning, to support device-owners being remunerated for selling their device sensor-data to service providers, and to incentivize device- owners and service providers to share sensor- data in a Privacy-preserve manner. Expand
Decentralizing Privacy: Using Blockchain to Protect Personal Data
A decentralized personal data management system that ensures users own and control their data is described, and a protocol that turns a block chain into an automated access-control manager that does not require trust in a third party is implemented. Expand
Enigma: Decentralized Computation Platform with Guaranteed Privacy
Enigma removes the need for a trusted third party, enabling autonomous control of personal data, and for the first time, users are able to share their data with cryptographic guarantees regarding their privacy. Expand
Secure Sharing of Partially Homomorphic Encrypted IoT Data
Pilatus is a data protection platform where the cloud stores only encrypted data, yet is still able to process certain queries, and features a novel encrypted data sharing scheme based on re-encryption, with revocation capabilities and in situ key-update. Expand
Performance evaluation of Attribute-Based Encryption: Toward data privacy in the IoT
This paper presents an in-depth performance evaluation of Attribute-Based Encryption, a public key encryption scheme that enables fine-grained access control, scalable key management and flexible data distribution, on different classes of mobile devices including a laptop and a smartphone. Expand
Storj A Peer-to-Peer Cloud Storage Network
A peer-to-peer cloud storage network implementing end-to-end encryption would allow users to transfer and share data without reliance on a third party data provider. The removal of central controlsExpand
Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing
This paper addresses the problem of simultaneously achieving fine-grainedness, scalability, and data confidentiality of access control by exploiting and uniquely combining techniques of attribute-based encryption (ABE), proxy re-encryption, and lazy re- Encryption. Expand
MedRec: Using Blockchain for Medical Data Access and Permission Management
This paper proposes MedRec: a novel, decentralized record management system to handle EMRs, using blockchain technology, and incentivizes medical stakeholders to participate in the network as blockchain “miners”, enabling the emergence of data economics. Expand
C ALYPSO : Auditable Sharing of Private Data over Blockchains
Securely sharing confidential data over a distributed ledger with a fully decentralized and efficient access-control mechanism is a non-trivial challenge to solve. Current blockchain systems eitherExpand