The Internet of Things (IoT) promises to tackle a range of environmental challenges and deliver large efficiency gains in industry by embedding computational intelligence, sensing and control in our physical environment. Multiple independent parties are increasingly seeking to leverage shared IoT infrastructure, using a similar model to the cloud, and thus require constrained IoT devices to become microservice-hosting platforms that can securely and concurrently execute their code and interoperate. This vision demands that heterogeneous services, peripherals and platforms are provided with an expanded set of security guarantees to prevent third-party services from hijacking the platform, resource-level access control and accounting, and strong isolation between running processes to prevent unauthorized access to third-party services and data. This paper introduces Polyglot CerberOS, a resource-secure operating system for multi-tenant IoT devices that is realised through a reconfigurable virtual machine which can simultaneously execute interoperable services, written in different languages. We evaluate Polyglot CerberOS on IETF Class-1 devices running both Java and C services. The results show that interoperability and strong security guarantees for multilingual services on multi-tenant commodity IoT devices are feasible, in terms of performance and memory overhead, and transparent for developers.

Polyglot cerberOS: Resource security, interoperability and multi-tenancy for IoT services on a multilingual platform / Akkermans, Sven; Crispo, Bruno; Joosen, Wouter; Hughes, Danny. - (2018), pp. 59-68. ((Intervento presentato al convegno 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, Mobiquitous 2018 tenutosi a New York, NY nel 5th-7th November 2018 [10.1145/3286978.3286997].

Polyglot cerberOS: Resource security, interoperability and multi-tenancy for IoT services on a multilingual platform

Crispo, Bruno;
2018

Abstract

The Internet of Things (IoT) promises to tackle a range of environmental challenges and deliver large efficiency gains in industry by embedding computational intelligence, sensing and control in our physical environment. Multiple independent parties are increasingly seeking to leverage shared IoT infrastructure, using a similar model to the cloud, and thus require constrained IoT devices to become microservice-hosting platforms that can securely and concurrently execute their code and interoperate. This vision demands that heterogeneous services, peripherals and platforms are provided with an expanded set of security guarantees to prevent third-party services from hijacking the platform, resource-level access control and accounting, and strong isolation between running processes to prevent unauthorized access to third-party services and data. This paper introduces Polyglot CerberOS, a resource-secure operating system for multi-tenant IoT devices that is realised through a reconfigurable virtual machine which can simultaneously execute interoperable services, written in different languages. We evaluate Polyglot CerberOS on IETF Class-1 devices running both Java and C services. The results show that interoperability and strong security guarantees for multilingual services on multi-tenant commodity IoT devices are feasible, in terms of performance and memory overhead, and transparent for developers.
Proceedings of the 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services
New York, NY
Association for Computing Machinery
9781450360937
Akkermans, Sven; Crispo, Bruno; Joosen, Wouter; Hughes, Danny
Polyglot cerberOS: Resource security, interoperability and multi-tenancy for IoT services on a multilingual platform / Akkermans, Sven; Crispo, Bruno; Joosen, Wouter; Hughes, Danny. - (2018), pp. 59-68. ((Intervento presentato al convegno 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, Mobiquitous 2018 tenutosi a New York, NY nel 5th-7th November 2018 [10.1145/3286978.3286997].
File in questo prodotto:
File Dimensione Formato  
p59-Akkermans.pdf

accesso aperto

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 921.73 kB
Formato Adobe PDF
921.73 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11572/228509
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 2
social impact