skip to main content

Title: GOLDIE: Harmonization and Orchestration Towards a Global Directory for IoT
To scale the Internet of Things (IoT) beyond a single home or enterprise, we need an effective mechanism to manage the growth of data, facilitate resource discovery and name resolution, encourage data sharing, and foster cross-domain services. To address these needs, we propose a GlObaL Directory for Internet of Everything (GOLDIE). GOLDIE is a hierarchical location-based IoT directory architecture featuring diverse user-oriented modules and federated identity management. IoT-specific features include discoverability, aggregation and geospatial queries, and support for global access. We implement and evaluate the prototype on a Raspberry Pi and Intel mini servers. We show that a global implementation of GOLDIE could decrease service access latency by 87% compared to a centralized-server solution.  more » « less
Award ID(s):
Author(s) / Creator(s):
Date Published:
Journal Name:
IEEE Annual Joint Conference: INFOCOM, IEEE Computer and Communications Societies
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. We propose and implement Directory-Based Access Control (DBAC), a flexible and systematic access control approach for geographically distributed multi-administration IoT systems. DBAC designs and relies on a particular module, IoT directory, to store device metadata, manage federated identities, and assist with cross-domain authorization. The directory service decouples IoT access into two phases: discover device information from directories and operate devices through discovered interfaces. DBAC extends attribute-based authorization and retrieves diverse attributes of users, devices, and environments from multi-faceted sources via standard methods, while user privacy is protected. To support resource-constrained devices, DBAC assigns a capability token to each authorized user, and devices only validate tokens to process a request. 
    more » « less
  2. Many have predicted the future of the Web to be the integration of Web content with the real-world through technologies such as Augmented Reality (AR). This has led to the rise of Extended Reality (XR) Web Browsers used to shorten the long AR application development and deployment cycle of native applications especially across different platforms. As XR Browsers mature, we face new challenges related to collaborative and multi-user applications that span users, devices, and machines. These collaborative XR applications require: (1) networking support for scaling to many users, (2) mechanisms for content access control and application isolation, and (3) the ability to host application logic near clients or data sources to reduce application latency. In this paper, we present the design and evaluation of the AR Edge Networking Architecture (ARENA) which is a platform that simplifies building and hosting collaborative XR applications on WebXR capable browsers. ARENA provides a number of critical components including: a hierarchical geospatial directory service that connects users to nearby servers and content, a token-based authentication system for controlling user access to content, and an application/service runtime supervisor that can dispatch programs across any network connected device. All of the content within ARENA exists as endpoints in a PubSub scene graph model that is synchronized across all users. We evaluate ARENA in terms of client performance as well as benchmark end-to-end response-time as load on the system scales. We show the ability to horizontally scale the system to Internet-scale with scenes containing hundreds of users and latencies on the order of tens of milliseconds. Finally, we highlight projects built using ARENA and showcase how our approach dramatically simplifies collaborative multi-user XR development compared to monolithic approaches. 
    more » « less
  3. Internet of Things has become a predominant phenomenon in every sphere of smart life. Connected Cars and Vehicular Internet of Things, which involves communication and data exchange between vehicles, traffic infrastructure or other entities are pivotal to realize the vision of smart city and intelligent transportation. Vehicular Cloud offers a promising architecture wherein storage and processing capabilities of smart objects are utilized to provide on-the-fly fog platform. Researchers have demonstrated vulnerabilities in this emerging vehicular IoT ecosystem, where data has been stolen from critical sensors and smart vehicles controlled remotely. Security and privacy is important in Internet of Vehicles (IoV) where access to electronic control units, applications and data in connected cars should only be authorized to legitimate users, sensors or vehicles. In this paper, we propose an authorization framework to secure this dynamic system where interactions among entities is not pre-defined. We provide an extended access control oriented (E-ACO) architecture relevant to IoV and discuss the need of vehicular clouds in this time and location sensitive environment. We outline approaches to different access control models which can be enforced at various layers of E-ACO architecture and in the authorization framework. Finally, we discuss use cases to illustrate access control requirements in our vision of cloud assisted connected cars and vehicular IoT, and discuss possible research directions. 
    more » « less
  4. Wildlife trafficking is a global phenomenon posing many negative impacts on socio-environmental systems. Scientific exploration of wildlife trafficking trends and the impact of interventions is signifi-cantly encumbered by a suite of data reuse challenges. We describe a novel, open-access data directory on wildlife trafficking and a corresponding visualization tool that can be used to identify data for multiple purposes, such as exploring wildlife trafficking hotspots and convergence points with other crime, discovering key drivers or deterrents of wildlife trafficking, and uncovering structural patterns. Keyword searches, expert elicitation, and peer- reviewed publications were used to search for extant sources used by industry and non-profit organizations, as well as those leveraged to publish academic research articles. The open-access data direc-tory is designed to be a living document and searchable according to multiple measures. The directory can be instrumental in the data- driven analysis of unsustainable illegal wildlife trade, supply chain structure via link prediction models, the value of demand and supply reduction initiatives via multi-item knapsack problems, or trafficking behavior and transportation choices via network inter-diction problems. 
    more » « less
  5. null (Ed.)
    The number of Internet-of-Things (IoT) devices actively communicating across the Internet is continually increasing, as these devices are deployed across a variety of sectors, constantly transferring private data across the Internet. Due to the extensive deployment of such devices, the continuous discovery and persistence of IoT-centric vulnerabilities in protocols, applications, hardware, and the improper management of such IoT devices has resulted in the rampant, uncontrolled spread of malware threatening consumer IoT devices. To this end, this work adopts a novel, macroscopic methodology for fingerprinting Internet-scale compromised IoT devices, revealing crucial cyber threat intelligence on the insecurity of consumer IoT devices. By developing data-driven techniques rooted in machine learning methods and analyzing 3.6 TB of network traffic data, we discover 855,916 compromised IP addresses, with 310,164 fingerprinted as IoT. Further analysis reveals China and Brazil to be hosting the most significant population of compromised IoT devices (100,000 and 55,000, respectively). Additionally, we provide a longitudinal analysis on data from one year ago against this work, revealing the evolving trends of IoT exploitation, such as the increased number of vendors targeted by malware, rising from 50 to 131. Moreover, countries such as China (420% increased infected IoT count) and Indonesia (177% increased infected IoT count) have seen notably high increases in infection rates. Last, we compare our geographic results against Global Cybersecurity Index (GCI) ratings, verifying that countries with high GCI ratings, such as the Netherlands and Germany, had relatively low infection rates. However, upon further inspection, we find that the GCI rate does not accurately represent the consumer IoT market, with countries such as China and Russia being rated with “high” CGI scores, yet hosting a large population of infected consumer IoT devices. 
    more » « less