Ensuring Confidentiality in the Cloud of Things

Abstract

Leveraging low-cost public clouds for gathering and processing data from large numbers of devices is an appealing approach to unleash the potential of the Internet of Things (IoT). This combination of clouds with the IoT-dubbed Cloud of Things (CoT)-is, however, built on insecure foundations. Public clouds exhibit inherent security vulnerabilities due to multitenancy, and adding resource-constrained IoT devices deployed in the wild further complicates cyber trust. A promising avenue consists in intelligently utilizing partially homomorphic encryption to compute on data in an encrypted form in an untrusted cloud. We summarize experiences gathered while transitioning this vision for confidentiality-preserving CoT to practice for processing continuous queries on streams of sensitive data generated by IoT devices.