Resumen de Contribution to the advancement of data engineering for smart spaces through data usage control and context aware systems
Currently, one of the most promising application fields of context-aware systems is that of IoT-based (Internet of Things) smart spaces. A smart space is a physical space that relies on technology to connect "things" to the virtual world, increasing the level of awareness of what is occurring in physical environments. Besides IoT devices, IoT-based smart spaces include software platforms and services, artificial intelligence (AI), machine learning (ML), big data, cloud computing, heterogeneous connectivity, virtual/mixed realities, and a huge range of technologies to improve people’s quality of life, to decrease environmental impact, and to optimize the use of physical resources. Most previous works provide a generic high-level structure of how a context-aware system can be operationalized, but do not offer clues on how to implement it. On the other hand, there are many implementations of context-aware systems applied to specific IoT-based smart environments that are context-specific: it is not clear how they can be extended to other use cases.
Additionally, in recent years, a new business paradigm has emerged which revolves around effectively extracting value from data. In this scope, providing a secure ecosystem for data sharing that ensures data governance and traceability is of paramount importance as it holds the potential to create new applications and services. Protecting data goes beyond restricting who can access what resource (covered by identity and Access Control): it becomes necessary to control how data are treated once accessed, which is known as data usage control. Data usage control provides a common and trustful security framework to guarantee the compliance with data governance rules and responsible use of organizations’ data by third-party entities, easing and ensuring secure data sharing in ecosystems such as Smart Cities and Industry 4.0.
This thesis encompasses the design, implementation, and validation of two architectures for enabling context-aware data analytics and data usage control in smart spaces. Both architectures have been implemented relying on the building blocks of the FIWARE ecosystem, presenting agnostic end-to-end solutions that take into consideration the complete data lifecycle, filling the existing gap in the literature.
On the one hand, on the topic of context-aware systems, I provide an architecture and a reference implementation that can be readily operationalized in any IoT-based smart environment regardless of its field of application, providing a context-aware data analytics solution that is not context-specific. I provide two sample application scenarios that showcase how the reference implementation can be used in a variety of fields, covering from data acquisition and modeling, to data reasoning and dissemination.
On the other hand, regarding data usage control, I present an architecture proposal and its subsequent implementation that achieves access and usage control in shared data ecosystems among multiple organizations. The proposed architecture is based on the UCON (Usage Control) model and an extended XACML (eXtensible Access Control Markup Language) Reference Architecture, relying on key aspects of the IDS (International Data Spaces) Reference Architecture Model. The implementation presented has been validated with a use case in the food industry, presenting a series of metrics of the response time of policy compliance verification and punishment enforcement.
Finally, the results reported in this thesis contributes to the advancement of data engineering not only by enabling data analytics capabilities in context-aware systems but also by providing a trustworthy mechanism to ensure that the data generated by those systems can be continuously controlled and monitored using the proposed data usage control framework.
