Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Designing a Secure IoT System Architecture from a Virtual Premise for a Collaborative AI Lab
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.ORCID-id: 0000-0002-0128-4127
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.ORCID-id: 0000-0001-8453-447X
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.ORCID-id: 0000-0003-4814-4428
2019 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

IoT systems are increasingly composed out of flexible, programmable, virtualised, and arbitrarily chained IoT elements and services using portable code. Moreover, they might be sliced, i.e. allowing multiple logical IoT systems (network + application) to run on top of a shared physical network and compute infrastructure. However, implementing and designing particularly security mechanisms for such IoT systems is challenging since a) promising technologies are still maturing, and b) the relationships among the many requirements, technologies and components are difficult to model a-priori.

The aim of the paper is to define design cues for the security architecture and mechanisms of future, virtualised, arbitrarily chained, and eventually sliced IoT systems. Hereby, our focus is laid on the authorisation and authentication of user, host, and code integrity in these virtualised systems. The design cues are derived from the design and implementation of a secure virtual environment for distributed and collaborative AI system engineering using so called AI pipelines. The pipelines apply chained virtual elements and services and facilitate the slicing of the system. The virtual environment is denoted for short as the virtual premise (VP). The use-case of the VP for AI design provides insight into the complex interactions in the architecture, leading us to believe that the VP concept can be generalised to the IoT systems mentioned above. In addition, the use-case permits to derive, implement, and test solutions. This paper describes the flexible architecture of the VP and the design and implementation of access and execution control in virtual and containerised environments. 

sted, utgiver, år, opplag, sider
2019.
Emneord [en]
IoT, AI, Security, Authentication, Collaboration
HSV kategori
Identifikatorer
URN: urn:nbn:se:bth-17550DOI: 10.14722/diss.2019.23006ISBN: 1-891562-56-8 (tryckt)OAI: oai:DiVA.org:bth-17550DiVA, id: diva2:1284028
Konferanse
Workshop on Decentralized IoT Systems and Security (DISS) 24 February 2019, San Diego, CA,
Forskningsfinansiär
EU, Horizon 2020, 732204Tilgjengelig fra: 2019-01-30 Laget: 2019-01-30 Sist oppdatert: 2019-08-09bibliografisk kontrollert
Inngår i avhandling
1. Towards Secure Collaborative AI Service Chains
Åpne denne publikasjonen i ny fane eller vindu >>Towards Secure Collaborative AI Service Chains
2019 (engelsk)Licentiatavhandling, med artikler (Annet vitenskapelig)
Abstract [en]

At present, Artificial Intelligence (AI) systems have been adopted in many different domains such as healthcare, robotics, automotive, telecommunication systems, security, and finance for integrating intelligence in their services and applications. The intelligent personal assistant such as Siri and Alexa are examples of AI systems making an impact on our daily lives. Since many AI systems are data-driven systems, they require large volumes of data for training and validation, advanced algorithms, computing power and storage in their development process. Collaboration in the AI development process (AI engineering process) will reduce cost and time for the AI applications in the market. However, collaboration introduces the concern of privacy and piracy of intellectual properties, which can be caused by the actors who collaborate in the engineering process.  This work investigates the non-functional requirements, such as privacy and security, for enabling collaboration in AI service chains. It proposes an architectural design approach for collaborative AI engineering and explores the concept of the pipeline (service chain) for chaining AI functions. In order to enable controlled collaboration between AI artefacts in a pipeline, this work makes use of virtualisation technology to define and implement Virtual Premises (VPs), which act as protection wrappers for AI pipelines. A VP is a virtual policy enforcement point for a pipeline and requires access permission and authenticity for each element in a pipeline before the pipeline can be used.  Furthermore, the proposed architecture is evaluated in use-case approach that enables quick detection of design flaw during the initial stage of implementation. To evaluate the security level and compliance with security requirements, threat modeling was used to identify potential threats and vulnerabilities of the system and analyses their possible effects. The output of threat modeling was used to define countermeasure to threats related to unauthorised access and execution of AI artefacts.

sted, utgiver, år, opplag, sider
Karlskrona: Blekinge Tekniska Högskola, 2019. s. 146
Serie
Blekinge Institute of Technology Licentiate Dissertation Series, ISSN 1650-2140 ; 11
HSV kategori
Identifikatorer
urn:nbn:se:bth-18531 (URN)978-91-7295-381-9 (ISBN)
Presentation
2019-09-10, J1620, Campus Gräsvik, Karlskrona, 12:30 (engelsk)
Opponent
Veileder
Tilgjengelig fra: 2019-08-09 Laget: 2019-08-09 Sist oppdatert: 2019-09-03bibliografisk kontrollert

Open Access i DiVA

fulltext(707 kB)32 nedlastinger
Filinformasjon
Fil FULLTEXT02.pdfFilstørrelse 707 kBChecksum SHA-512
2c8aada7c09e78a2c207c7486d60e359130c0ff0d2e8e056ec049fb873787790d972e1ea93009e96b60a5897309a0ffaa5f0ce60bd7964c72c1681800727b81c
Type fulltextMimetype application/pdf

Andre lenker

Forlagets fulltekst

Personposter BETA

Mehri, Vida. A.Ilie, DragosTutschku, Kurt

Søk i DiVA

Av forfatter/redaktør
Mehri, Vida. A.Ilie, DragosTutschku, Kurt
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 102 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

doi
isbn
urn-nbn

Altmetric

doi
isbn
urn-nbn
Totalt: 2055 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf