CNSR@VT -- Complex Networks and Security Research at Virginia Tech

Skip Menu

Skip to Main Navigation
Skip to Main Content
Skip to Footer

Return to Skip Menu

Main Navigation

Return to Skip Menu

Main Content

SaTC: Medium: Toward Enforceable Data Usage Control in Cloud-based IoT Systems

This project is funded by the National Science Foundation. Awards #1916902 and #1916926

Virginia Tech: PI: Wenjing Lou, Co-PI: Thomas Hou

Washington University: PI: Ning Zhang

Project Duration: October 1, 2019 – September 30, 2023

Project Abstract

In the upcoming evolution of the Internet of Things (IoT), it is anticipated that billions of devices will be connected to the Internet. While IoT promises a more connected and smarter world, this pervasive large-scale data collection, storage, sharing, and analysis raise many privacy concerns. In the current IoT ecosystem, IoT service providers have full control of the collected user data. They use the data for smart IoT system and device control. They could also use the data for other purposes not consented to by the users. This project proposes a novel data usage control framework, PrivacyGuard, that aims to empower data owners with full control over how their sensitive data is used so as to protect the data from certain types of privacy breaches. PrivacyGuard ensures that user data can only be used only by user-approved programs and each use of data has a non-repudiable usage record. Students from underrepresented minority groups will be involved in the research activities.

The proposed PrivacyGuard framework aims to achieve this goal by seamlessly integrating two new technologies, smart contract over blockchain and attested trusted execution environment (TEE). There are four key research thrusts in this project. The first thrust focuses on the design of an IoT data protection framework that coexists with the existing architecture at different layers of communication. The second research thrust aims to develop novel techniques to enable the confidential execution of contract function off-chain, by exploiting hardware-assisted TEE and its associated attestation technologies. The third thrust focuses on smart contract designs to effectively embed user-defined privacy policies and trustworthy tracking of data usage using the blockchain. The last thrusts integrates the aforementioned components to develop an open-source framework prototype.

Publications

Y. Xiao, N. Zhang, W. Lou, Y.T. Hou, "Modeling the Impact of Network Connectivity on Consensus Security of Proof-of-Work Blockchain," IEEE INFOCOM 2020, April 2020, Beijing, China. (PDF)
Y. Xiao, N. Zhang, J. Li, W. Lou, and Y. T. Hou, "Distributed consensus protocols and algorithms," book chapter in Blockchain for Distributed Systems Security, Wiley & Sons, 2019. (PDF)
Y. Xiao, N. Zhang, W. Lou, and Y. T. Hou, "A survey of distributed consensus protocols for blockchain networks," to appear in IEEE Communications Surveys and Tutorials. (PDF)