Fog Mediated Security in the Internet of Things
Extending cloud computing applications to fog computers provides a rich hybrid cloud computing platform for liberating mobile and embedded devices from severe resource constraints. However, the security techniques that are well-suited to the traditional cloud computing model do not adequately protect against the increased cyber-physical and privacy risk element of the Internet of Things (IoT). Off-premise code execution in the hybrid cloud computing
model must be resilient against both malicious software and an adversary with physical access. Moreover, in the absence of user-controlled and remotely verifiable data protection
mechanisms, individuals must implicitly rely upon application service providers — including the full software stack responsible for the deployment, management, and monitoring of cloud workloads — for the handling of personal data. This work develops the concept of fog mediation — a fog computing systems design pattern, derived exclusively from the physical microstructure of commodity CPUs, for generating user-controlled cryptographic key material and, thereupon, mediating the usability, security, and privacy requirements of security-sensitive Internet of Things applications.
The tamper-evident key generation properties of an isolated execution environment enable security-sensitive application logic and data to move freely between on-premise and offpremise computing resources. Fog mediation maps the variegated device capabilities of the IoT to a manageable set of mandatory protections and discretionary controls that accord with the application requirements and the data handling preferences of individuals. How we regulate the use of data in the context of IoT has significant implications for
individual rights with regards to personal data and notions of privacy and cybersecurity in an increasingly connected society. The policy analysis focuses on laws, standards, and regulations relevant to the use of IoT in the United States. In particular, this work investigates policy measures that could be adopted through the joint efforts of U.S. federal and state regulation, private sector self-regulation, transnational technical standards organizations, and consumer-oriented non-governmental organizations.
model must be resilient against both malicious software and an adversary with physical access. Moreover, in the absence of user-controlled and remotely verifiable data protection
mechanisms, individuals must implicitly rely upon application service providers — including the full software stack responsible for the deployment, management, and monitoring of cloud workloads — for the handling of personal data. This work develops the concept of fog mediation — a fog computing systems design pattern, derived exclusively from the physical microstructure of commodity CPUs, for generating user-controlled cryptographic key material and, thereupon, mediating the usability, security, and privacy requirements of security-sensitive Internet of Things applications.
The tamper-evident key generation properties of an isolated execution environment enable security-sensitive application logic and data to move freely between on-premise and offpremise computing resources. Fog mediation maps the variegated device capabilities of the IoT to a manageable set of mandatory protections and discretionary controls that accord with the application requirements and the data handling preferences of individuals. How we regulate the use of data in the context of IoT has significant implications for
individual rights with regards to personal data and notions of privacy and cybersecurity in an increasingly connected society. The policy analysis focuses on laws, standards, and regulations relevant to the use of IoT in the United States. In particular, this work investigates policy measures that could be adopted through the joint efforts of U.S. federal and state regulation, private sector self-regulation, transnational technical standards organizations, and consumer-oriented non-governmental organizations.
History
Date
2019-12-02Degree Type
- Dissertation
Department
- Engineering and Public Policy
Degree Name
- Doctor of Philosophy (PhD)