As IoT becomes omnipresent vast amounts of data are generated, which can be used for building innovative applications. However,interoperability issues and security concerns, prevent harvesting the full potentials of these data. In this paper we consider the use case of data generated by smart buildings. Buildings are becoming ever "smarter" by integrating IoT devices that improve comfort through sensing and automation. However, these devices and their data are usually siloed in specific applications or manufacturers, even though they can be valuable for various interested stakeholders who provide different types of "over the top" services, e.g., energy management. Most data sharing techniques follow an "all or nothing" approach, creating significant security and privacy threats, when even partially revealed, privacy-preserving, data subsets can fuel innovative applications. With these in mind we develop a platform that enables controlled, privacy-preserving sharing of data items. Our system innovates in two directions: Firstly, it provides a framework for allowing discovery and selective disclosure of IoT data without violating their integrity. Secondly, it provides a user-friendly, intuitive mechanisms allowing efficient, fine-grained access control over the shared data. Our solution leverages recent advances in the areas of Self-Sovereign Identities, Verifiable Credentials, and Zero-Knowledge Proofs, and it integrates them in a platform that combines the industry-standard authorization framework OAuth 2.0 and the Web of Things specifications.
翻译:随着IoT成为全球一流的数据产生,这些数据可以用来建设创新应用。然而,互操作性问题和安全关切防止了这些数据的全部潜力。在本文件中,我们考虑智能建筑产生的数据的使用案例。建筑物正在变得日益“智能化 ”,通过将IoT设备整合为通过遥感和自动化改善舒适的装置。然而,这些装置及其数据通常在特定的应用程序或制造商中展开,尽管它们对于提供不同类型“高于顶层”服务(例如能源管理)的各类相关利益方来说可能很有价值。大多数数据共享技术都遵循“万无一物”方法,从而无法充分挖掘这些数据的潜力。在部分披露、隐私保护、数据子集可以促进创新应用的情况下,我们考虑开发一个平台,使数据项目能够控制、隐私保护共享。我们的系统有两个创新方向:第一,它提供了一个框架,允许发现和有选择地披露IoT数据而不侵犯其完整性。第二,它提供了一个方便用户使用、直观机制,允许在共享数据领域实现高效、精确的网络访问控制,以及标准化数据领域的升级升级。