Keynote presentation - MDS4IoT: Access Control for Edge-based Data Sharing and towards Security Orchestration

There are still enormous potential values of the IoT that can be unlocked by enabling data sharing between different stakeholders. Sharing real-time data at the Edge layer close to the connected devices is crucial to real-world smart IoT applications, especially cross-domain applications. Such IoT data sharing involves multiple parties for different purposes and is usually based on data contracts that might depend on the dynamic change of IoT data variety, velocity, and context. However, one of the biggest challenges is ensuring security and data management and governance for Edge-based IoT data sharing.

Model-Driven Security (MDS) could help to engineer security policies having dynamic context from the specification to the enforcement of multi-tenancy Edge-based data sharing models. In this talk, I will present a pathway of MDS for IoT. Let us start with a “typical” MDS approach that allows execution policies to be specified at the model level and then transformed into the code that can be deployed for policy enforcement at runtime. Then, we continue with a dynamic context-based policy enforcement framework to support IoT data sharing (on-Edge) based on dynamic contracts. Finally, we explore the possibility of MDS as part of security orchestration and automatic response (SOAR) solutions for IoT/CPS systems.