Advanced Context-Sensitive Access Management for Edge-Driven IoT Data Sharing as a Service

The Internet of Things (IoT) is becoming increasingly ubiquitous, acting as an important source of real-time data for various applications. By allowing data exchange between various parties along the IoT devices-Edge-Cloud computing continuum, the larger societal benefits of the IoT can be achieved. Assuring security and fostering confidence for IoT data sharing, however, is one of the biggest obstacles. Sharing real-time data originating from connected devices is crucial to real-world intelligent IoT applications, i.e., based on artificial intelligence/machine learning. Such IoT data sharing involves multiple parties for different purposes and is usually based on data contracts that might depend on the dynamic change of IoT data variety and velocity.We aim to support multiple parties (aka tenants) with dynamic contracts based on the data value for their specific contextual purposes. This work addresses these challenges by introducing a novel dynamic context-based policy enforcement framework to support IoT data sharing (on-Edge) based on dynamic contracts. Our enforcement framework allows IoT Data Hub owners to define extensible rules and metrics to govern the tenants accessing the shared data on the Edge based on policies defined with static and dynamic contexts. We have created an edge-centered architecture that enables multi-tenant use cases with tenant-specific application deployment and IoT-context-based data sharing on edge servers.Our proof-of-concept prototype for sharing sensitive data such as surveillance camera videos has illustrated our proposed framework. The experimental results demonstrated that our framework could soundly and timely enforce context-based policies at runtime with moderate overhead. Moreover, the context and policy changes are correctly reflected in the system in nearly real-time. We have addressed the need to enable multi-parties IoT (data) resources to be shared based on contracts, especially with dynamic IoT contexts, for tenant applications on the edge to allow their closer access to data.