Advanced

Authorization Aspects of the Distributed Dataflow-oriented IoT Framework Calvin

Nilsson, Tomas LU (2016) EITM01 20161
Department of Electrical and Information Technology
Abstract
The evolution into a networked society, where a wide variety of devices are connected to the Internet, opens up many new opportunities for creating smart products and applications that dynamically adapt to the current environment. A common scenario will be that applications require or benefit from using several devices at the same time for the execution. Such distributed applications may be complex to write for an application developer. The goal of the open-source framework Calvin, developed by Ericsson Research, is to make it possible for developers of distributed applications to focus on their ideas instead of the complex implementation details.

A user may specify some details about where the application is allowed to execute. Based... (More)
The evolution into a networked society, where a wide variety of devices are connected to the Internet, opens up many new opportunities for creating smart products and applications that dynamically adapt to the current environment. A common scenario will be that applications require or benefit from using several devices at the same time for the execution. Such distributed applications may be complex to write for an application developer. The goal of the open-source framework Calvin, developed by Ericsson Research, is to make it possible for developers of distributed applications to focus on their ideas instead of the complex implementation details.

A user may specify some details about where the application is allowed to execute. Based on this information and other parameters, Calvin will automatically decide where it is most beneficial for different parts of the application to execute. Calvin can also handle migration to other devices without interrupting the execution of the application.

This dynamic distributed execution model results in challenges when it comes to deciding what resources specific applications, running on behalf of different users, should be allowed to access on a specific device. In this thesis, an authorization framework, based on fine-grained attribute-based access control, is proposed as a solution for the access control in Calvin. Flexibility and compact message formats are some of the most important aspects of the design in order to support different devices with different constraints. The proposed authorization solution has been implemented and is now available as a part of the Calvin framework. (Less)
Please use this url to cite or link to this publication:
author
Nilsson, Tomas LU
supervisor
organization
course
EITM01 20161
year
type
H2 - Master's Degree (Two Years)
subject
keywords
Authorization, Attribute-Based Access Control, Calvin, Distributed Computing, Internet of Things
report number
LU/LTH-EIT 2016-511
language
English
id
8879081
date added to LUP
2016-06-14 10:01:06
date last changed
2016-06-14 10:01:06
@misc{8879081,
  abstract     = {The evolution into a networked society, where a wide variety of devices are connected to the Internet, opens up many new opportunities for creating smart products and applications that dynamically adapt to the current environment. A common scenario will be that applications require or benefit from using several devices at the same time for the execution. Such distributed applications may be complex to write for an application developer. The goal of the open-source framework Calvin, developed by Ericsson Research, is to make it possible for developers of distributed applications to focus on their ideas instead of the complex implementation details. 

A user may specify some details about where the application is allowed to execute. Based on this information and other parameters, Calvin will automatically decide where it is most beneficial for different parts of the application to execute. Calvin can also handle migration to other devices without interrupting the execution of the application.

This dynamic distributed execution model results in challenges when it comes to deciding what resources specific applications, running on behalf of different users, should be allowed to access on a specific device. In this thesis, an authorization framework, based on fine-grained attribute-based access control, is proposed as a solution for the access control in Calvin. Flexibility and compact message formats are some of the most important aspects of the design in order to support different devices with different constraints. The proposed authorization solution has been implemented and is now available as a part of the Calvin framework.},
  author       = {Nilsson, Tomas},
  keyword      = {Authorization,Attribute-Based Access Control,Calvin,Distributed Computing,Internet of Things},
  language     = {eng},
  note         = {Student Paper},
  title        = {Authorization Aspects of the Distributed Dataflow-oriented IoT Framework Calvin},
  year         = {2016},
}