Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Privacy for IoT with XMPP

324 views

Published on

The General Data Protection Regulation (GDPR) is very important and particularly important for the Internet of Things, where sensors often collect sensitive personal data. This talk presents the XMPP protocol, and how it helps ensuring privacy, through its built in support for authentication, encryption and consent-based authorization. Using IEEE interoperability interfaces based on XMPP, distribution and processing on the edge, it is possible to create open, interoperable and yet secure IoT applications, protecting the privacy and integrity of its users.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Privacy for IoT with XMPP

  1. 1. © Waher Data AB, 2018. IoT-Day 2018 Privacy for IoT with XMPP
  2. 2. © Waher Data AB, 2018. 1. Privacy
  3. 3. © Waher Data AB, 2018. What is privacy? A fundamental human right:  The right to have confidential conversations.  The ability to select with whom we communicate.  Protection against unwarranted monitoring or searches.  Protection against attacks on honor and reputation.
  4. 4. © Waher Data AB, 2018. Universal Declaration of Human Rights Article 12: No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. https://www.un.org/en/universal-declaration-human-rights/
  5. 5. © Waher Data AB, 2018. Does privacy extend to the IoT? Who can communicate with devices around you, and about what? Do you want uninvited to know:  When you’re home?  If you’re in the shower?  What places you visit?  Your health status? Or be able to:  Control your vehicle?  Turn off your pacemaker?
  6. 6. © Waher Data AB, 2018. E.U. privacy legislation (GDPR) EU Regulation:  Comes into full effect May 2018  Automatic law in all member states  Applicable to  Anyone, if system in E.U.  Any European citizen, in any system in the world  Heavy sanctions  Suddenly, corporations become interested in privacy.
  7. 7. © Waher Data AB, 2018. Proportionality GDPR balances:  Rights to privacy for individuals  Interests of corporations  Legal requirements Maximum requirement:  Proportional to the rights of all participants Minimum requirement:  State of the art  People “skilled in the art” (professionals)  Lack of knowledge not valid reason
  8. 8. © Waher Data AB, 2018. Personal Data Any information that relates directly or indirectly to an identified or identifiable natural person. Notice:  Indirect means, you have to think before you say there is no relation.  Identifiable means, the individual might not have been identified by your system. But if anyone, perhaps smarter than you, can identify the person from your data, perhaps with the use of other external data, it’s personal data. Easier to just assume data is personal, if there’s doubt.
  9. 9. © Waher Data AB, 2018. Personality is contagious Data relating to personal data, automatically becomes personal data. (Personality acts like a virus, or disease, at least for the data hoarder, or Big Brother.)
  10. 10. © Waher Data AB, 2018. Removing personality Removing personality is difficult. Methods:  Data aggregation  Data masking or obfuscation  Anonymization  Anonymization ≠ Pseudonymization
  11. 11. © Waher Data AB, 2018. Processing Any operation (or set of operations) which is performed on personal data (or on sets of personal data) Notice:  The word “automatic” is not present in definition  Manual processing is included (if sorted).
  12. 12. © Waher Data AB, 2018. Minimalistic definition A minimalistic definition of GDPR is: Minimalism You’re allowed to:  Do as little as possible  For as short a time as possible  Share it with as few as possible  For as few purposes as possible  As correctly as possible  Always transparently informing subjects about it  With proportional data protection mechanisms
  13. 13. © Waher Data AB, 2018. Transparency Information you provide must be:  Short  Concise  Clear  Easy to understand  Explicit Transparency is measured on how your information is received and understood.
  14. 14. © Waher Data AB, 2018. Openness Openness ≠ Transparency Providing too much information hides relevant information. Transparency means you provide the subjects with the information that is relevant to them, not to you.
  15. 15. © Waher Data AB, 2018. Woods and aquariums “Can’t see the wood for all the trees” If you can’t find the fish in the aquarium:  The water might be muddy  Or the aquarium too big Transparency is about the correct amount of easily understood, relevant information.
  16. 16. © Waher Data AB, 2018. No retroactive processing If you invent a new process, you must:  Inform subjects before you process  Not process historical data You are only allowed to process the data collected for that purpose, from the time you inform the data subjects.
  17. 17. © Waher Data AB, 2018. Paradigm shift No longer true: “The more data you collect (or process), the more potential future value you have.” New true: “The more data you collect (or process), the more risk you have.” New paradigm: You should only collect and process data, to which you can assign value.
  18. 18. © Waher Data AB, 2018. Individual rights GDPR gives subjects following rights:  Get information  Access to data  Export data (provided by subject)  Correct (erroneous) data  Erase data (under certain conditions)  Object to processing  Restrict processing of data  Consent & withdrawal of consent (if applicable)  Avoid being subject of automatic profiling that can lead to automatic decisions having negative consequences in a legal sense.
  19. 19. © Waher Data AB, 2018. Sharing of personal data When sharing data with others:  Subjects must be informed  Responsibilities must be delegated  Requests from subjects must be forwarded  Includes links, copies and reproductions
  20. 20. © Waher Data AB, 2018. 2. Ownership
  21. 21. © Waher Data AB, 2018. Who owns the data? Who is the owner of data?  The person/entity generating (inventing) the data?  The person/entity storing (controlling) the data?  The person about whom the data relates to? Is it important?
  22. 22. © Waher Data AB, 2018. Legislation Which law is applicable?  Copyright?  Trade secrets?  Intellectual Property?  Privacy? Enforcing ownership through legal means is difficult.
  23. 23. © Waher Data AB, 2018. Ownership of things How is normal ownership enforced?  Protection behind lock & key.  Access only to trusted parties.  Monitoring.  Demonstration of ownership.
  24. 24. © Waher Data AB, 2018. Ownership of data Why treat data differently? Local storage (decentralization) allows:  Protection behind lock & key.  Limiting access to trusted parties.  Monitoring access.  Demonstrating ownership.  Enforcing ownership of data. Added benefits:  Intrinsic value of data through access.  Easier to maintain integrity.
  25. 25. © Waher Data AB, 2018. 3. Security
  26. 26. © Waher Data AB, 2018. Security GDPR references as benchmark:  “State of the art”.  “Data protection by design and by default”.
  27. 27. © Waher Data AB, 2018. Data Protection by design  Cannot be superficial:  Not sufficient with log-in  Or apparent security  Must permeate architecture:  APIs  Databases  Communication (Protocols)  Code  Hosting  Runtime
  28. 28. © Waher Data AB, 2018. Examples Examples of Data Protection by design:  Decentralization  Ubiquitous encryption  Authentication  Authorization  Hashing  Signatures  Anonymization  Pseudonymization  Obfuscation  Data masking  Data aggregation  Security logging  Monitoring  …
  29. 29. © Waher Data AB, 2018. Data Protection by default You don’t add protection  It’s all on by default You remove protection  Permissions are granted Compare difference between:  White-list (by default)  Black-list (not by default)
  30. 30. © Waher Data AB, 2018. Decentralization & security Decentralization has security implications:  More attack surfaces.  But value of each node is small.  Value/Effort ratio small.  Easier to protect.  Massive data breaches difficult.  You don’t put all your eggs into the same basket.  More resilient.  End-to-end encryption. Bonuses:  Permits enforcing ownership of data  Owner can authorize access, restrict processing or delete data
  31. 31. © Waher Data AB, 2018. Anonymization vs. Strong Identities Anonymization:  Protects whistle blower or dissident (or criminal or terrorist)  Makes security decisions difficult. Strong identities (pseudonyms):  Protect information owners.  Allows selective responses. Both protect privacy, in different ways.
  32. 32. © Waher Data AB, 2018. 4. XMPP
  33. 33. © Waher Data AB, 2018. XMPP  eXtensible Messaging and Presence Protocol  Standardized (IETF)  RFC 6120-6122  Originally developed in the late 1990-ies.  “Jabber”  Based on XML  Open  Free  Free interfaces, libraries & software
  34. 34. © Waher Data AB, 2018. Basic features Some basic features of XMPP include:  Global scalability (federation)  Global federated identities  Extensibility (namespaces)  Robustness (close to 20 years of operation)  Open (public & free)  Standardized  Secure  Interoperable
  35. 35. © Waher Data AB, 2018. Extensibility  XML Namespaces  Avoid collisions  Owner of domain can extend it freely  Extensions standardized by XSF  XMPP Standards Foundation  XMPP Extension Protocol (XEP)  Types  Client-side extensions  Component-extensions  Server-side extensions
  36. 36. © Waher Data AB, 2018. Communication Patterns Async. Msg. Req/Resp Pub/Sub Federation Broker P2P7 MQTT ✓ ✓ HTTP ✓ ✓ CoAP ✓ ✓ ✓ XMPP ✓ ✓ ✓✓ ✓ ✓* ✓ * Note: XMPP supports server-less communication as well.
  37. 37. © Waher Data AB, 2018. Stanzas Three types of stanzas:  message  Asynchronous messages  iq  Information Query  Request/Response  Requires resource part  presence  Publish/subscribe  Transmitted to contacts with approved subscription  Forwards resource part Note: A 2nd publish/subscribe mechanism exists, defined in XEP-0060. It’s node-based.
  38. 38. © Waher Data AB, 2018. Federated Brokers  Authenticate clients  SASL  Cooperate (federation)  Forward identities  Authorization  Roster  Presence  Subscription  Solve  Topology problem.  Latency problem.  Scalability problem.
  39. 39. © Waher Data AB, 2018. Security  Encryption  TLS  End-to-end encryption optional  Authentication  SASL  Distributed authentication model  Identities always forwarded in stanzas  Authorization  Presence subscription  Trust-based  Provisioning (IoT)  Decision support for things  Control details  Blocking  Spam reporting
  40. 40. © Waher Data AB, 2018. Data Protection by Design XMPP supports data protection by design:  Decentralization  Ubiquitous encryption  Even end-to-end encryption  Global identities  Authenticated  Forwarded
  41. 41. © Waher Data AB, 2018. Data Protection by Default XMPP supports data protection by default:  Presence negotiation  Consent-based  Required to be able to communicate using iq and presence.  Consent can be withdrawn.
  42. 42. © Waher Data AB, 2018. IEEE IoT Harmonization Interoperability interfaces for IoT  Sensor Data (former XEP-0323)  Provisioning (former XEP-0324)  Control (former XEP-0325)  Concentrator/Bridge (former XEP-0326)  Thing Registries & Discovery (XEP-0347)  Secure Account Creation (XEP-0348) https://gitlab.com/IEEE-SA/XMPPI/IoT https://prezi.com/esosntqhewhs/iot-xmpp/ https://www.slideshare.net/peterwaher/iot-harmonization-using-xmpp
  43. 43. © Waher Data AB, 2018.  Raspberry Pi & Arduino  Sensors, Actuators, Controllers, Concentrators, Bridges  Protocols: MQTT, HTTP, CoAP, LWM2M, XMPP  Interoperability  Social Interaction  Decision Support  Product Lifecycle  IoT Service Platforms  IoT Harmonization  Security  Privacy Amazon Packt Bokus Bokus (e-book version) Contact: https://waher.se/ Mastering Internet of Things

×