Day 2 – IoT

Managing, sharing and storing decentralised IoT data safely and securely

Day 2 – IoT

Session host: Petri Liuha – EIT Digital

The session is addressing the management and sharing sensor data in a safe and secure in various applications using IoT solutions. IoT solutions apply different deployment models where data can be located in the cloud or distributed in the sensor networks. The presentations address different platform approaches, and ways to share data, provide access for each person while preserving privacy. The session will be complete with a discussion on the practical privacy challenges of IoT solutions.

Future ‘Tense’ of Privacy (Sachin Lodha)

In the imminent hyperconnected world. as billions of IoT entities collect, aggregate and process data fragments pertinent to their service, privacy risks are expected to skyrocket to an unprecedented level. No wonder ensuring respect for individual privacy has become a paramount concern world wide. However there are several challenges that we need to address. For example, data evolves and passes through multiple administrative domains involving multiple stakeholders, thus making the control of data flow and usage nearly impossible. Given that juxtaposition of multiple, and seemingly unrelated, points of data can become personal information as events are reviewed in the spatio-temporal context, the definition of what is to be considered as Personally Identifiable Information (PII), the cornerstone of almost all privacy regulations worldwide, itself starts getting trickier. Therefore privacy schemes need to take a holistic approach involving not only advanced cryptography, protocols but also the behavior and contexts of the entities involved. In this session, we will discuss the challenges and technological progress on these fronts.

Thing2Data (Risto Linturi)

Original meaning of IoT did not require connecting everything to the Internet. If things could be individually identified, they could have an agent representing them in the cloud. Thing2Data implements this idea. It follows MyData ideology; each Thing in the cloud can define roles and yield access to different Thing-related attributes based on these roles. Thus a repairman, renter and owner can each access the Thing-related data but only that data, which they are entitled to. Thing2Data also includes service transaction concepts. It supports open interface to different identifier schemas, it allows transferring Things from one cloud service to another. The identity schema is based on Blockchain to allow server independent and open architecture. The presentation gives an overview on Thing2Data and concentrates on the MyData perspective.

AGILE (Charalampos Doukas)

We are a group of organizations developing an open source (hardware and software) modular gateway (we call it AGILE) for the Internet of Things. The main concept is to bring functionality from the Cloud (storage, processing, applications) on the gateway, allowing users to have direct access on data collected from IoT (Internet of Things) Devices (home automation devices, self-tracking wearables, etc.), run applications locally (process, visualise data, create logic for controlling things) without relying on third-party apps and vendors proprietary Clouds. In addition, we are exploring ways for sharing IoT data with trusted entities/users by preserving ownership through the exploit of technologies like the blockchain. We are looking for potential beta users and developers to help with integration/testing and entrepreneurs who might be interesting in building IoT solutions on top of the AGILE gateway (we will be providing seed funds to SMEs/Startups).

Connectivity for accomplishing the MyData concept

ControlThings (Kristian Bäckström)

The current mainstream approach is to collect, store and analyse private data on the service provider side. In Finland, register maintainers are obligated to provide the individuals with extractions of all data regarding them, on request. This regulation has not driven to good insight, as the extractions can be provided with significant delay, and in cumbersome (paper) format. The individual can currently neither control the access of his data, nor execute cross-database queries.

By using a common domain agnostic connectivity (including a common authentication and authorisation solution), the setup can be turned upside down. A modern IoT connectivity which extensively uses cryptography can enable scenarios, where the individual can get complete control of information regarding themselves. Simultaneously it can provide significantly better environment for automatic reasoning and decisions.