Skip to Content

Tenants’ top priority is the feeling of living safely and securely in their traditional as well as their smart homes. While walls, easily built by labourers, provided the right for privacy in traditional homes, providing privacy in smart homes need to be addressed on a stronger footing!

In this blog entry we present a socio-technical security solution, captured as security pattern, to provide tenants’ right for privacy in their smart homes. This solution has been applied to a telemedicine prototype as part of SAP’s contribution in the EU project SERENITY. This achievement have been presented at the Information Communication Technology (ICT) [2] and published in the International Journal on Smart Homes [1]. 

image

In today’s time-to-market-driven environments, to build quality software applications and to satisfy new security requirements in cost-effective manner requires the systematic reuse of successful software and security models, designs, and implementations that have been developed and tested.

The socio-technical security solution on top of several others is captured and deployed in the prototype as security patterns following the SERENITY methodology. A security pattern describes a particular recurring security problem that appears in specific contexts, and presents a well-proven generic solution for it. The SERENITY EU project reshapes and extends the traditional informal representation of security patterns in an attempt to bridge the gap between security experts and software developers. One of its essential proposals is to provide non security experts with the SERENITY Security & Dependability (S&D) pattern’s package, depicted in the figure below. This package couples expert-validated security solutions with tested plug-and-play deployable implementations.

image

Finished with the quick theoratical introduction, our discussion pursue on our security pattern presented at ICT exhibition. Initially this prototype is validated with a conventional apartment equipped with various types of sensors to monitor and assist the patient, Bob, in his activities of daily living. This apartment or so called smart home is physically located at the University of Sherbrooke, CANADA. Hence for the ICT 2008 event, located in Lyon, FRANCE, we made use of a Smart Kitchen (provided by University of Sherbrooke) equipped with sensitive rugs, electro-magnetic sensors, infra-red and flow meters as shown in first figure of this blog. We added RFID tag readers located at the kitchen’s front door to authenticate the medical staff, doctors and family members and to let them in. The smart home actions are coordinated with other participants through the Monitoring and Emergency Response Center systems (MERC). The MERC holds the patients’ medical data through Electronic Health Records (EHR). Moreover it handles information and emergency requests related to patients.

In the first part of the demo we illustrated the SERENITY methodology and showed how easy it is to deploy access control solutions by software developers considered layman in IT security. Starting from the developer’s functional specifications and confidentiality requirement, the SERENITY framework selected the XACML executable implementation and deployed it in the prototype as shown in the figure below.

image

In our case, the software developer had only to configure the interface of the security pattern to integrate it correctly into the telemedicine prototype.

In the second part of the demo, we illustrated how the smart home is able to enforce Bob’s right for privacy during his doctor’s examination; During the visit of Bob’s doctor, Rachel, Bob’s daughter, enters the smart home. The smart home detects Rachel’s entry, and the possibility of violating Bob’s rights for privacy. Hence it hides the presented medical record on the smart home’s screens until Bob provides his explicit consent to redisplay it. For this part we created our own solution that we called socio-technical security pattern based on WS Notification. The abstract model for this security pattern and its instanciation in the ICT demo are depicted in the figure below.

image

In a nutshell, based on the privacy policy, the MERC subscribes to the smart home’s door entrance for notifications, and asks it to send this type of notifications to the web service at the MERC server in charge of locking the smart home’s screens displaying sensitive information. When Rachel enters the smart home, the MERC is notified and the screens displaying sensitive information are locked. This procedure was accomplished in less than 25 ms, a duration much less than the period required by Rachel to get into Bob’s examination room.

The illustrations provided in this blog entry are the feedback of three days demonstration at the ICT 2008 Exhibition in Lyon, FRANCE. Another demonstration using the smart home provided by University of Trento in ITALY have been successfully conducted for the SERENITY final review February 2009.

This work results from the collaboration between SAP Research FRANCE and Domus Laboratory, University of Sherbrooke, CANADA under the EU Project SERENITY.

For further information please contact:
Paul El Khoury (paul.el.khoury@sap.com)
Dr Keqin Li (keqin.li@sap.com)
Azzedine Benameur (azzedine.benameur@sap.com)

[1] Khoury, P. E.; Busnel, P.; Giroux, S. & Li, K. Enforcing Security in Smart Homes using Security Patterns (to appear in) International Journal of Smart Home, Special Issue on Pervasive Technology and Applications in Smart Home Environment, 2009

[2] A detailed walkthrough and demonstration are presented at Information and Communication Technologies ICT 2008. Online description is available at http://ec.europa.eu/information_society/events/cf/item-display.cfm?id=171

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply