Cited By
View all- Hannousse AYahiouche S(2021)Securing microservices and microservice architecturesComputer Science Review10.1016/j.cosrev.2021.10041541:COnline publication date: 1-Aug-2021
Polyglot CerberOS: Resource Security, Interoperability and Multi-Tenancy for IoT Services on a Multilingual Platform
Pages 59 - 68
Abstract
The Internet of Things (IoT) promises to tackle a range of environmental challenges and deliver large efficiency gains in industry by embedding computational intelligence, sensing and control in our physical environment. Multiple independent parties are increasingly seeking to leverage shared IoT infrastructure, using a similar model to the cloud, and thus require constrained IoT devices to become microservice-hosting platforms that can securely and concurrently execute their code and interoperate. This vision demands that heterogeneous services, peripherals and platforms are provided with an expanded set of security guarantees to prevent third-party services from hijacking the platform, resource-level access control and accounting, and strong isolation between running processes to prevent unauthorized access to third-party services and data. This paper introduces Polyglot CerberOS, a resource-secure operating system for multi-tenant IoT devices that is realised through a reconfigurable virtual machine which can simultaneously execute interoperable services, written in different languages. We evaluate Polyglot CerberOS on IETF Class-1 devices running both Java and C services. The results show that interoperability and strong security guarantees for multilingual services on multi-tenant commodity IoT devices are feasible, in terms of performance and memory overhead, and transparent for developers.
References
[1]
Anthony A. Aaby. 1996. Introduction to Programming Languages. (1996), 1495.
[2]
Sven Akkermans, Wilfried Daniels, Gowri Sankar R., Bruno Crispo, and Danny Hughes. 2017. CerberOS: A Resource-Secure OS for Sharing IoT Devices. In Proceedings of the 2017 International Conference on Embedded Wireless Systems and Networks (EWSN '17). Junction Publishing, USA, 96--107. http://dl.acm.org/citation.cfm?id=3108009.3108023
[3]
Ala Al-Fuqaha, Mohsen Guizani, Mehdi Mohammadi, Mohammed Aledhari, and Moussa Ayyash. 2015. Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications. IEEE Communications Surveys & Tutorials 17, 4 (2015), 2347--2376.
[4]
Emmanuel Baccelli, Oliver Hahm, Mesut Gunes, Matthias Wahlisch, and Thomas Schmidt. 2013. RIOT OS: Towards an OS for the Internet of Things. IEEE, 79--80.
[5]
Thomas W. Barr, Rebecca Smith, and Scott Rixner. 2012. Design and Implementation of an Embedded Python Run-time System. In Proceedings of the 2012 USENIX Conference on Annual Technical Conference (USENIX ATC'12). USENIX Association, Berkeley, CA, USA, 27--27. http://dl.acm.org/citation.cfm?id=2342821.2342848
[6]
Philip A. Bernstein. 1996. Middleware: a model for distributed system services. Commun. ACM 39, 2 (Feb. 1996), 86--98.
[7]
C. Bormann, M. Ersue, and A. Keranen. 2014. Terminology for Constrained-Node Networks. RFC 7228. RFC Editor. http://www.rfc-editor.org/rfc/rfc7228.txt
[8]
C. Bormann and P. Hoffman. 2013. Concise Binary Object Representation (CBOR). Technical Report RFC7049. RFC Editor.
[9]
Thorsten Brunklaus and Leif Kornstaedt. 2002. A Virtual Machine for Multi-Language Execution. Technical Report. Programming Systems Lab, Universitat des Saarlandes, Saarbrucken, Germany. 10 pages.
[10]
A. Caracas, T. Kramp, M. Baentsch, M. Oestreicher, T. Eirich, and I. Romanov. 2009. Mote Runner: A Multi-language Virtual Machine for Small Embedded Devices. IEEE, 117--125.
[11]
Henry Chesbrough. 2017. The Future of Open Innovation: The future of open innovation is more extensive, more collaborative, and more engaged with a wider variety of participants. Research-Technology Management 60, 1 (Jan. 2017), 35--38.
[12]
Wilfried Daniels, Danny Hughes, Mahmoud Ammar, Bruno Crispo, Nelson Matthys, and Wouter Joosen. 2017. SμV - the security microvisor: a virtualisation-based security middleware for the internet of things. ACM Press, 36--42.
[13]
A. Dunkels, B. Gronvall, and T. Voigt. 2004. Contiki - a lightweight and flexible operating system for tiny networked sensors. IEEE (Comput. Soc.), 455--462.
[14]
Matthias Grimmer, Chris Seaton, Roland Schatz, Thomas Wurthinger, and Hanspeter Mossenbock. 2015. High-performance cross-language interoperability in a multi-language runtime. ACM Press, 78--90.
[15]
Jayavardhana Gubbi, Rajkumar Buyya, Slaven Marusic, and Marimuthu Palaniswami. 2013. Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems 29, 7 (Sept. 2013), 1645--1660.
[16]
Danny Hughes, Klaas Thoelen, Wouter Horr'e, Nelson Matthys, Javier Del Cid, Sam Michiels, Christophe Huygens, and Wouter Joosen. 2009. LooCI: a loosely-coupled component infrastructure for networked embedded systems. ACM Press, 195.
[17]
Pavel Kalvoda. 2014. Implementation and evaluation of the CBOR protocol., 116 pages.
[18]
Niklas Kolbe, Jérémy Robert, Sylvain Kubler, and Yves Le Traon. 2017. PROFICIENT: Productivity Tool for Semantic Interoperability in an Open IoT Ecosystem. In Proceedings of the 14th International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services. 10.
[19]
In Lee and Kyoochun Lee. 2015. The Internet of Things (IoT): Applications, investments, and challenges for enterprises. Business Horizons 58, 4 (July 2015), 431--440.
[20]
P. Levis, S. Madden, J. Polastre, R. Szewczyk, K. Whitehouse, A. Woo, D. Gay, J. Hill, M. Welsh, E. Brewer, and D. Culler. 2005. TinyOS: An Operating System for Sensor Networks. In Ambient Intelligence, Werner Weber, Jan M. Rabaey, and Emile Aarts (Eds.). Springer-Verlag, Berlin/Heidelberg, 115--148.
[21]
Anne H. H. Ngu, Mario Gutierrez, Vangelis Metsis, Surya Nepal, and Michael Z. Sheng. 2016. IoT Middleware: A Survey on Issues and Enabling technologies. IEEE Internet of Things Journal (2016), 1--1.
[22]
Brian Oki, Manfred Pfluegl, Alex Siegel, and Dale Skeen. 1994. The Information Bus: an architecture for extensible distributed systems. In ACM SIGOPS Operating Systems Review, Vol. 27. ACM, 58--68.
[23]
Krassimira Antonova Paskaleva. 2011. The smart city: A nexus for open innovation? Intelligent Buildings International 3, 3 (July 2011), 153--171.
[24]
Manuel Rigger, Roland Schatz, Matthias Grimmer, and Hanspeter Mossenbock. 2017. Lenient Execution of C on a Java Virtual Machine: or: How I Learned to Stop Worrying and Run the Code. ACM Press, 35--47.
[25]
Z. Shelby, K. Hartke, and C. Bormann. 2014. The Constrained Application Protocol (CoAP). Technical Report RFC7252. RFC Editor.
[26]
M. U.Farooq, Muhammad Waseem, Anjum Khairi, and Sadia Mazhar. 2015. A Critical Analysis on the Security Concerns of Internet of Things (IoT). International Journal of Computer Applications 111, 7 (Feb. 2015), 1--6.
[27]
Fan Yang, Nelson Matthys, Rafael Bachiller, Sam Michiels, Wouter Joosen, and Danny Hughes. 2015. μPnP: plug and play peripherals for the internet of things. ACM Press, 1--14.
[28]
Ibrar Yaqoob, Ejaz Ahmed, Ibrahim Abaker Targio Hashem, Abdelmuttlib Ibrahim Abdalla Ahmed, Abdullah Gani, Muhammad Imran, and Mohsen Guizani. 2017. Internet of Things Architecture: Recent Advances, Taxonomy, Requirements, and Open Challenges. IEEE Wireless Communications 24, 3 (June 2017), 10--16.
Index Terms
- Polyglot CerberOS: Resource Security, Interoperability and Multi-Tenancy for IoT Services on a Multilingual Platform
Recommendations
An architecture for enabling IoT interoperability between cross-platforms
The internet of things (IoT) continues to evolve and more and more IoT platforms provide access to things. However, IoT's ability lies in the development of cross-domain IoT ecosystems in these platforms, offering new, unexpected applications and value-...
Security interoperability in heterogeneous IoT platforms: threat model of the interoperable OAuth 2.0 framework
SAC '22: Proceedings of the 37th ACM/SIGAPP Symposium on Applied ComputingThe Internet of Things (IoT) has strong potential to improve the accessibility and usability of our daily lives and industries, and various related technologies are being developed. In particular, IoT platforms are the role of middleware in IoT ...
Service Security Revisited
SCC '14: Proceedings of the 2014 IEEE International Conference on Services ComputingDeveloping contemporary software architectures requires the consideration and adoption of the Service-oriented Architecture (SOA) principles. Distributed applications are a very common domain in which SOA guides design decisions in particular. For a ...
Comments
Information & Contributors
Information
Published In
November 2018
490 pages
Copyright © 2018 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
In-Cooperation
- EAI: The European Alliance for Innovation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 05 November 2018
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- FWO D3-CPS project
- Research Fund KU Leuven
Conference
MobiQuitous '18
Acceptance Rates
Overall Acceptance Rate 26 of 87 submissions, 30%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 164Total Downloads
- Downloads (Last 12 months)10
- Downloads (Last 6 weeks)0
Reflects downloads up to 09 Feb 2025
Other Metrics
Citations
Cited By
View all- Hannousse AYahiouche S(2021)Securing microservices and microservice architecturesComputer Science Review10.1016/j.cosrev.2021.10041541:COnline publication date: 1-Aug-2021
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in