Privacy-Integrated design and Validation in the constrained IoT – PIVOT
The emerging Internet of Things (IoT) is expected to host billions of devices that regularly report sensor readings by using long or short-range radio channels. Generated content items and also collateral metadata are not well protected today because (i) channel encryption is commonly intercepted at gateways, (ii) identifiers reveal communication partners and contexts, and (iii) cryptographic protection embedded in the low-end transmission infrastructure remains too weak to resist attacks. In the current IoT, sensing sources lose control over their data often even before it reaches its destinations.
In PIVOT, we start from two fundamental observations. First, a privacy-friendly IoT requires to protect content objects by themselves, in addition to commonly deployed channel encryption. Content disclosure can thus be attributed to designated receivers. Second, names can serve as the principle interface to access IoT data, eliding source identities. Hence, individual endpoint identifiers will disappear from public Internet metadata. The innovation in PIVOT is to address the prevalent privacy and security issues in IoT by proposing content object security principles that build on privacy-friendly names, while remaining globally and seamlessly interoperable between IoT devices regardless of networks to which they may connect.
PIVOT will focus on four core goals:
1. A crypto framework for privacy-friendly service primitives on ultra-constrained IoT devices.
2. Minimal trust anchor provisioning on IoT devices to enable object security.
3. Protocols that integrate decentralized object security.
4. Multi-stakeholder name management that preserves privacy requirements and generates, allocates and resolves names globally regardless of the IoT applications or networks.
A demonstrator based on RIOT will verify our solutions in Ultra-Constrained IoT networks such as LoRaWAN. PIVOT follows the perspective of “immediate action is required”. This implies that we will extend existing architectures and protocol standards conjoined with standardization bodies while introducing new first-hand primitive where necessary. Our ambitious roadmap will allow for incremental deployment of the PIVOT solutions, which is the most promising path to quick adoption.
The consortium reflects the entire innovation chain and is centred around three established strong German-French collaborations. First, the popular RIOT IoT operating system (OS) was co-founded and is jointly managed by Freie Universität Berlin, INRIA, and HAW Hamburg. Over the past seven years, this team has successfully established a global community for an open IoT. As of today, RIOT has a 5% global IoT OS market share. Second, a strong binational LoRa development community has been established. Afnic, Lobaro, HAW Hamburg, and FU Berlin are part of it. Particular contributions to IoT privacy come from INSA/INRIA in this context. Third, international Internet standardisation is in focus of FU Berlin, HAW Hamburg, and Afnic—they jointly work in the IETF for more than 10 years. In addition to common technical interests, all partners of the German-French team are united in their dedication to an open IoT with the full freedom of data and rights of privacy.
Weak IoT security and privacy established their roots in economic factors caused by the tension between costs of security measures and gain from data capitalization. The integration of the four PIVOT goals—based on existing protocols, open software, and open standards—will disengage from economic tensions, reduce cost, promote business compliant to European privacy standards, and regain data sovereignty to the public in the long term.
With its open sustainable perspective PIVOT will contribute to changing the trend of Internet consolidation by allowing faster adoption of security and privacy solutions to the IoT, thereby fostering open, trustworthy digitization of our societies.
Monsieur Sandoche Balakrichenan (Association française pour le nommage Internet en coopération)
The author of this summary is the project coordinator, who is responsible for the content of this summary. The ANR declines any responsibility as for its contents.
Afnic Association française pour le nommage Internet en coopération
INSA-Lyon CITI Lab EA3720 CENTRE D'INNOVATION EN TELECOMMUNICATIONS ET INTEGRATION DE SERVICES
Help of the ANR 327,746 euros
Beginning and duration of the scientific project: March 2021 - 36 Months