Projet de recherche doctoral numero :3115

Description

Date depot: 1 janvier 1900
Titre: Policy-based Usage Control for Trustworthy Data Sharing in Smart Cities
Directeur de thèse: Noël CRESPI (SAMOVAR)
Domaine scientifique: Sciences et technologies de l'information et de la communication
Thématique CNRS : Non defini

Resumé: Contexte In the context of Smart Cities, currently deployed M2M services function in a vertical manner with no sharing of resources between different applications. These resources include the devices and the networks that are deployed but also the data/information generated by these devices. The landscape involves a diversity of actors, both public and private, who participate to provide a large variety of services. These services include energy management for public buildings, waste management, public lighting. With the development of IoT, the range of actors involved has enlarged to include micro companies and end users. The need to for a horizontal platform to federate information from these disparate sources has taken a particular importance. A shared platform for actors with differing and sometimes contradictory requirements brings its own set of challenges. For this horizontal approach to succeed, the intermediation mediation platform needs to ensure that the business interests of the different participants are fully honored. The platform has to provide negotiation and arbitration mechanisms between the producers and consumers based on the policies defined by the actors. Usage control is concerned with how data is used after access to it has been granted. Data in IoT environments is potentially generated by a large variety of participants including end users. This data potentially undergoes several transformations such as aggregation and/or composition before finally being consumed. Usage control deals with policies and mechanisms to ensure that consumers fulfill the obligations and conditions that the producer of the data desires to impose on its utilization. Orange Labs has been active in researching the domain of a framework providing an abstraction [1] to Home, Building and City applications. This work will build on the work done by this body of research in particular to provide the abstraction and composition services needed for intermediation. Objectifs de la thèse The thesis aims to model and implement the usage control policies of data producers and the mechanisms to enforce these policies during the process of intermediation. Policies have traditionally been treated from the security point of view primarily concentrating on access control. The growth of social media on the one hand and cloud based services on the other has brought a lot of attention to privacy aspects. This problem has not received much attention in the context of IoT services. In particular the policies need to take into account the constraints and conditions of use such as: • spatiotemporal granularity • abstraction/hiding of certain information • conditions by class of actors (user groups, public authorities, social networks, private businesses, ….) • mediation between service provider oriented license conditions (requested access) and user’s policies The usage control policy will be built on deontic logic based on obligations, permissions and prohibitions as in regular defeasible logic rules. This research will be an extension of the work done in the area of defeasible logic (DL) by G. Governatori, A.Rotolo and F.Gandon[2] . The advantage of DL is its efficiency – possibility to compute the set of consequences in linear time. The challenge is to extend the logic to be more expressive in order to include information hiding and spatiotemporal abstractions. The other major challenge is to ensure the accountability and traceability of the policy enforcement rules [3]. Actors need to have an easily interpretable tool to demonstrate in a clear fashion the reasoning behind the rules. Such a visualization tool [5] helps the actor understand the implications of the different choices that are made while defining the policies as well as understanding at runtime how conflicts have been resolved. The latter aspect is critical for accountability.

Doctorant.e: Chen Yuanfang