Wednesday, November 26, 2014

Protecting Personal Data in an IoT Network with UMA

Digital technologies are changing the game of customer interactions, with new rules and possibilities that ware unimaginable only a view years back.
Networked devices and sensors make up the fabric of the Internet of Things (IoT). Leveraging mobile devices, sensors, and wearables is the future of identity and personal data.
The risk about the use of personal data is the lose of trust between individual and organization.
"Fully 78% of consumers think it is hard to trust companies when it comes to use of their personal data.” 
Orange, The Future of Digital Trust, 2014

For balancing between individuals privacy and unlock innovation through the new digital technologies is needed a new approach to protect personal data.
The Word Economic Forum has provided an interesting report about "Rethinking Personal Data: A New Lens for Strengthening Trust" to address this requirement.

IoT complexity

The nature and the complexity of IoT environment is opening interesting discussion about how the authorization and access control mechanisms can be applied to this context. 
In respect of the classic definition of authorization process, which is a process for granting approval to a system entity to access a system resource, in IoT environment we have to consider different aspects and complexities (not exhaustive): limited resources, decentralized and distributed network,  relationship between objects and ownership. 
In order to proof how UMA (User-Managed Access) can be suitable to address specific IoT requirements we propose a healthcare scenario, which is, for his nature, well known for strong presence of Internet of Things (medical devices), and it combines interesting security and privacy aspects related to patient’s data.

Patient-Centric Use Case

The following diagram represents a healthcare scenario related to a patient-centric use case.
The doctor (Bob) is a user of Patient Monitor (Resource Server). The patient (Alice) uses is bedside remote as a Client to access to the Patient Monitor. Bob’s electronic stethoscope is a intelligence thing owned by Bob that can be temporarily paired with the patient monitor with Alice’s authorization. For safety, Bob’s stethoscope also has an RFID chip as a proximity sensor (Dump Thing).

Security and Privacy Goals

The following diagrams describes the security domains across the whole authorization process and  the actors involved in each domain, including IoT.

In the scenario, UMA provides the fundamental capabilities to prevent unauthorized things connection to the Resource Server (Patient Monitor), and allow to the patient to control and get visibility for authorising and share healthcare data.

For more details about the use case and UMA approach, please see the slideshare presentation (below), shown at Kantara Initiative Workshop at Dublin the 3rd of November 2014.