Annals of Telecommunications

, Volume 71, Issue 3–4, pp 121–132 | Cite as

Enhancing context data distribution for the internet of things using qoc-awareness and attribute-based access control

  • Léon Lim
  • Pierrick Marie
  • Denis Conan
  • Sophie Chabridon
  • Thierry Desprats
  • Atif Manzoor


The Internet of Things (IoT) enables producers of context data like sensors to interact with remote consumers of context data like smart pervasive applications in an entirely decoupled way. However, two important issues are faced by context data distribution, namely providing context information with a sufficient level of quality—i.e. quality of context (QoC)—while preserving the privacy of context owners. This article presents the solutions provided by the INCOME middleware framework for addressing these two potentially contradictory issues while hiding the complexity of context data distribution in heterogeneous and large-scale environments. Context producers and consumers not only express their needs in context contracts but also the guarantees they are ready to fulfil. These contracts are then translated into advertisement and subscription filters to determine how to distribute context data. Our experiments on a first open source prototype show that QoC-based filtering and privacy protection using attributed-based access control can be performed at a reasonable cost.


IoT Middleware Distributed event-based systems Quality of context Privacy Access control policy Attribute-based access control 



This work is part of the French National Research Agency (ANR) project INCOME6 (ANR-11-INFR-009, 2012-2015). The authors thank all the members of the project who contributed directly or indirectly to this article. We also want to thank the referees for their useful suggestions.


  1. 1.
    Barazzutti R, Felber P, Mercier H, Onica E, Rivière E (2012) Thrifty privacy: efficient support for privacy-preserving publish/subscribe. In: 6th ACM International Conference on Distributed Event-Based Systems. ACM, NY, USA, pp 225–236Google Scholar
  2. 2.
    Barnaghi P, Wei W, Cory H, Taylor K (2012) Semantics for the internet of things: early progress and back to the future, vol 8Google Scholar
  3. 3.
    Bellavista P, Corradi A, Fanelli M, Foschini L (2012) A survey of context data distribution for mobile ubiquitous systems. ACM Comput Surv 44(4):24:1–24:45CrossRefGoogle Scholar
  4. 4.
    Belokosztolszki A, Eyers DM, Pietzuch PR, Bacon J, Moody K (2003) Role-based access control for publish/subscribe middleware architectures. In: 2nd International Workshop on Distributed Event-based Systems, pp 1–8Google Scholar
  5. 5.
    Bouzeghoub A, Taconet C, Jarraya A, Do NK, Conan D (2010) Complementarity of process-oriented and ontology-based context managers to identify situations. In: Proceedings 5th International Conference on Digital Information Management, Thunder Bay, CanadaGoogle Scholar
  6. 6.
    Buchholz T, Kupper A, Schiffers M (2003) Quality of context information: what it is and why we need it. In: 10th International Workshop of HPOVUA, GenevaGoogle Scholar
  7. 7.
    Chabridon S, Laborde R, Desprats T, Oglaza A, Marie P, Machara Marquez S (2014) A Survey on addressing privacy together with quality of context for context management in the internet of things. Ann Telecommun 69(1):47–62CrossRefGoogle Scholar
  8. 8.
    Covington MJ, Sastry MR (2006) A contextual attribute-based access control model. In: Proceedings of the 2006 International Conference on On the Move to Meaningful Internet Systems. Springer-Verlag, Berlin, Heidelberg, pp 1996–2006Google Scholar
  9. 9.
    Dey AK Understanding and using context. Pers Ubiquit Comput 5(1):4–7Google Scholar
  10. 10.
    Esposito C, Ciampi M (2015) On security in publish/subscribe services: a Survey. IEEE Communications Surveys & Tutorials, (on-line)Google Scholar
  11. 11.
    Eugster PT, Felber P, Guerraoui R, Kermarrec A-M (2003) The many faces of publish/subscribe. ACM Comput Surv 35(2)Google Scholar
  12. 12.
    Fanelli M, Foschini L, Corradi A, Boukerche A (2011) QoC-based context data caching for disaster area scenarios. In: IEEE International Conference on Communications, Kyoto, Japan, 5-9, pp 1–5Google Scholar
  13. 13.
    Garg V, Camp L, Lorenzen-Huber L, Shankar K, Connelly K (2014) Privacy concerns in assisted living technologies. Ann Telecommun 69(1-2):75–88CrossRefGoogle Scholar
  14. 14.
    Henricksen K, Indulska J (2004) Modelling and using imperfect context information. In: 1st IEEE PerCom Workshop CoMoRea, pp 33–37Google Scholar
  15. 15.
    Kermarrec A-M, Triantafillou P (2013) XL peer-to-peer pub/sub systems. ACM Comput Surv 46 (2):16:1–16:45CrossRefGoogle Scholar
  16. 16.
    Kuka C, Nicklas D (2014) Quality matters: supporting quality-aware pervasive applications by probabilistic data stream management. In: The 8th ACM International Conference on Distributed Event-Based Systems, pp 1–12Google Scholar
  17. 17.
    Machara Marquez S, Chabridon S, Taconet C (2013) Trust-based context contract models for the internet of things. In: 10th IEEE UIC/ATC ConferenceGoogle Scholar
  18. 18.
    Marie P, Desprats T, Chabridon S, Sibilla M QoCIM: a meta-model for quality of context. In: 8th International Interdisciplinary Conference on Modeling and Using Context, volume 8175 of LNCS. Springer, p 2013Google Scholar
  19. 19.
    Marie P, Lim L, Manzoor A, Chabridon S, Conan D, Desprats T (2014) QoC-aware context data distribution in the internet of things. In: 1st Workshop on Middleware for Context-Aware Applications in the IoT, 15th Middleware Conference. ACM, Bordeaux, France, pp 8–12Google Scholar
  20. 20.
    Mühl G, Fiege L, Pietzuch PR (2006) Distributed event-based systems. SpringerGoogle Scholar
  21. 21.
    Nabeel M, Appel S, Bertino E, Buchmann AP (2013) Privacy preserving context aware publish subscribe systems in springer, editor, 7th International Conference on Network and System SecurityGoogle Scholar
  22. 22.
    Ngai E, Gunningberg P (2014) Quality-of-information-aware data collection for mobile sensor networks. Pervasive Mob Comput 11:203–215CrossRefGoogle Scholar
  23. 23.
    PCAST (President’s Council of Advisors on Science and Technology) (2014) Big Data and privacy: a technological perspective,
  24. 24.
    Oglaza A, Laborde R, Zaraté P (2013) Authorization policies: using decision support system for context-aware protection of user’s private data. In: 5th IEEE UbiSafe Sympoisum, TrustCom, pp 1639–1644Google Scholar
  25. 25.
    Shelby Z, Hartke K, Bormann C (2014) Constrained application protocol (CoAP). IETF, Request for Comments,
  26. 26.
    Sweeney L, Abu A, Winn J (2013) Identifying participants in the personal genome project by name. Social science research network, doi: 10.2139/ssrn.2257732
  27. 27.
    Weixiong R, Lei C, Sasu T (2013) Toward efficient filter privacy-aware content-based pub/sub systems. IEEE Trans Knowl Data Eng 25(11):2644–2657CrossRefGoogle Scholar
  28. 28.
    eXtensible Access Control Markup Language (XACML) Version 3.0. (2013)Google Scholar

Copyright information

© Institut Mines-Télécom and Springer-Verlag France 2015

Authors and Affiliations

  • Léon Lim
    • 1
  • Pierrick Marie
    • 2
  • Denis Conan
    • 1
  • Sophie Chabridon
    • 1
  • Thierry Desprats
    • 2
  • Atif Manzoor
    • 1
  1. 1.Institut Mines-Télécom/Télécom SudParisÉvryFrance
  2. 2.Université de ToulouseToulouseFrance

Personalised recommendations