Professional Documents
Culture Documents
AbstractIoT heterogeneity and diversity have single vendors side by acquiring prepackaged kits that
promoted the creation of different and isolated IoT interconnects the vendors devices with its cloud service.
systems. The EU has funded several research projects in For the sake of interoperability in IoT, the European
order to promote interoperability and quality aspects for Union (EU) has invested efforts on several FP7-programme-
IoT platforms. More significantly, the IoT-ARM was funded projects in the last few years [3]. Notably, in 2010 the
conceived as a reference architecture to derive concrete IoT-Architecture (IoT-A) project started with the aim of
IoT platforms and establish a common understanding on developing a reference architecture which was finally
quality requirements between different platforms. This released in 2012 with the name IoT Architectural Reference
paper describes SMARTIE, an IoT platform that is Model (IoT-ARM) [3]. Nevertheless, works that show the
compliant with the IoT-ARM and promotes the most application of the IoT-ARM are almost non-existent. To the
important quality aspects for the Smart Home, that is, best of our knowledge, only the authors of [5] show to a
security and interoperability. limited extent their ARM-compliant architecture.
Components (FCs), as shown in Figure 1. The rightmost homeowners authorization through the PDP, it replies the
column is the Security FG, which contains different security- visitor with a capability token (CT) that contains the access
related components such as XACML for security policies, control rules set by the homeowner.
DCapBAC [8] for decentralized, self-contained authorization
tokens, and CP-ABE for encryption-based authorization [9]. When the visitor goes to the host house, he uses his
mobile application to sign the CT with his private key and
Thus, the resulting SMARTIE platform is compliant with
many of the ARM requirements on security and privacy. present it to the houses smart lock. The lock validated the
token by verifying both the CMs and the visitors signatures
on the token. Thus, the smart lock can locally guarantee that
the CM has authorized the client that is trying to use the
token. If both authentication and authorization are right, the
visitor will be able to enter the house enjoying his authorized
areas during that specific period of time.
Different members of the homeowners family have
subscribed to the smart lock through the IoT broker. Thus,
they have obtained the attributes that are necessary to
decrypt notifications from the smart lock. When the visitor
presents its token to the smart lock, the latter notifies the IoT
which will automatically notify all the subscribers.
Authorization is implicit by the capability of the subscribers
to decrypt the content of notifications through CP-ABE
based on their attributes.