Authorization Aspects of the Distributed Dataflow-oriented IoT Framework Calvin

Nilsson, Tomas

Authorization Aspects of the Distributed Dataflow-oriented IoT Framework Calvin

Mark

Nilsson, Tomas ^LU (2016) EITM01 20161
Department of Electrical and Information Technology

Abstract: The evolution into a networked society, where a wide variety of devices are connected to the Internet, opens up many new opportunities for creating smart products and applications that dynamically adapt to the current environment. A common scenario will be that applications require or benefit from using several devices at the same time for the execution. Such distributed applications may be complex to write for an application developer. The goal of the open-source framework Calvin, developed by Ericsson Research, is to make it possible for developers of distributed applications to focus on their ideas instead of the complex implementation details.

A user may specify some details about where the application is allowed to execute. Based... (More); The evolution into a networked society, where a wide variety of devices are connected to the Internet, opens up many new opportunities for creating smart products and applications that dynamically adapt to the current environment. A common scenario will be that applications require or benefit from using several devices at the same time for the execution. Such distributed applications may be complex to write for an application developer. The goal of the open-source framework Calvin, developed by Ericsson Research, is to make it possible for developers of distributed applications to focus on their ideas instead of the complex implementation details.

A user may specify some details about where the application is allowed to execute. Based on this information and other parameters, Calvin will automatically decide where it is most beneficial for different parts of the application to execute. Calvin can also handle migration to other devices without interrupting the execution of the application.

This dynamic distributed execution model results in challenges when it comes to deciding what resources specific applications, running on behalf of different users, should be allowed to access on a specific device. In this thesis, an authorization framework, based on fine-grained attribute-based access control, is proposed as a solution for the access control in Calvin. Flexibility and compact message formats are some of the most important aspects of the design in order to support different devices with different constraints. The proposed authorization solution has been implemented and is now available as a part of the Calvin framework. (Less)

Please use this url to cite or link to this publication: http://lup.lub.lu.se/student-papers/record/8879081

author

Nilsson, Tomas ^LU

supervisor

Martin Hell ^LU
Håkan Englund

organization

Department of Electrical and Information Technology

course

EITM01 20161

year

2016

type

H2 - Master's Degree (Two Years)

subject

Technology and Engineering

keywords

Authorization, Attribute-Based Access Control, Calvin, Distributed Computing, Internet of Things

report number

LU/LTH-EIT 2016-511

language

English

id

8879081

date added to LUP

2016-06-14 10:01:06

date last changed

2016-06-14 10:01:06

@misc{8879081,
  abstract     = {{The evolution into a networked society, where a wide variety of devices are connected to the Internet, opens up many new opportunities for creating smart products and applications that dynamically adapt to the current environment. A common scenario will be that applications require or benefit from using several devices at the same time for the execution. Such distributed applications may be complex to write for an application developer. The goal of the open-source framework Calvin, developed by Ericsson Research, is to make it possible for developers of distributed applications to focus on their ideas instead of the complex implementation details. 

A user may specify some details about where the application is allowed to execute. Based on this information and other parameters, Calvin will automatically decide where it is most beneficial for different parts of the application to execute. Calvin can also handle migration to other devices without interrupting the execution of the application.

This dynamic distributed execution model results in challenges when it comes to deciding what resources specific applications, running on behalf of different users, should be allowed to access on a specific device. In this thesis, an authorization framework, based on fine-grained attribute-based access control, is proposed as a solution for the access control in Calvin. Flexibility and compact message formats are some of the most important aspects of the design in order to support different devices with different constraints. The proposed authorization solution has been implemented and is now available as a part of the Calvin framework.}},
  author       = {{Nilsson, Tomas}},
  language     = {{eng}},
  note         = {{Student Paper}},
  title        = {{Authorization Aspects of the Distributed Dataflow-oriented IoT Framework Calvin}},
  year         = {{2016}},
}

LUP Student Papers

LUND UNIVERSITY LIBRARIES

Authorization Aspects of the Distributed Dataflow-oriented IoT Framework Calvin