Département Informatique

Computer Science Department of Telecom SudParis

New paper “Bringing privacy, security and performance to the Internet of Things using IOTA and usage control”

Bringing privacy, security and performance to the Internet of Things using IOTA and usage control
by Nathanaël Denis, Sophie Chabridon and Maryline Laurent

Annals of Telecoms, jan. 2024

hal.science link

The Internet of Things (IoT) is bringing new ways to collect and analyze data to develop applications answering or anticipating users’ needs. These data may be privacy-sensitive, requiring ecient privacypreserving mechanisms. The IoT is a distributed system of unprecedented scale, creating challenges for performance and security. Classic blockchains could be a solution by providing decentralization and strong security guarantees. However, they are not ecient and scalable enough for large scale IoT systems, and available tools designed for preserving privacy in blockchains, e.g. coin mixing, have a limited eect due to high transaction costs and insucient transaction rates. This article provides a framework based on several technologies to address the requirements of privacy, security and performance of the Internet of Things. The basis of the framework is the IOTA technology, a derivative of blockchains relying on a directed acyclic graph to create transactions instead of a linear chain. IOTA improves distributed ledger performance by increasing transaction throughput as more users join the network, making the network scalable. As IOTA is not designed for privacy protection, we complement it with privacy-preserving mechanisms: merge avoidance and decentralized mixing. Finally, privacy is reinforced by introducing usage control mechanisms for users to monitor the use and dissemination of their data. A Proof of Concept is proposed to demonstrate the feasibility of the proposed framework. Performance tests are conducted on this Proof of Concept, showing the framework can work on resource-constrained devices and within a reasonable time. The originality of this contribution is also to integrate an IOTA node within the usage control system, to support privacy as close as possible to the objects that need it.

PhD Defense of Nathanaël DENIS – For a Private and Secure Internet of Things with Usage Control and Distributed Ledger Technology

October 3 2023

Abstract: IoT devices represent one of the major targets for malicious activities. The grounds for this are manifold: first, to reduce the cost of security, manufacturers may sell vulnerable products, leaving users with security concerns. Second, many IoT devices have performance constraints and lack the processing power to execute security software. Third, the heterogeneity of applications, hardware, and software widens the attack surface. As a result, IoT networks are subject to a variety of cyber threats. To counter such a variety of attacks, the IoT calls for security and privacy-preserving technologies. For privacy concerns, usage control grants the users the power to specify how their data can be used and by whom. Usage control extends classic access control by introducing obligations, i.e., actions to be performed to be granted access, and conditions that are related to the system state, such as the network load or the time. This thesis aims at providing answers to the challenges in the Internet of Things in terms of performance, security and privacy. To this end, distributed ledger technologies (DLTs) are a promising solution to Internet of Things constraints, in particular for micro-transactions, due to the decentralization they provide. This leads to three related contributions: 1. a framework for zero-fee privacy-preserving transactions in the Internet of Things designed to be scalable; 2. an integration methodology of usage control and distributed ledgers to enable efficient protection of users’ data; 3. an extended model for data usage control in distributed systems, to incorporate decentralized information flow control and IoT aspects. A proof of concept of the integration (2) has been designed to demonstrate feasibility and conduct performance tests. It is based on IOTA, a distributed ledger using a directed acyclic graph for its transaction graph instead of a blockchain. The results of the tests on a private network show an approximate 90% decrease of the time needed to push transactions and make access decisions in the integrated setting.

New paper “Trustworthy Cross-Organizational Collaborations with Hybrid On/Off-Chain Declarative Choreographies” at ICSOC’2021

Authors: Tiphaine Henry, Amina Brahem, Nassim Laga, Julien Hatin, Walid Gaaloul and Boualem Benatallah


Business Process Management communities increasingly adopt the blockchain technology to support trustworthy decentralized execution of processes. In this context, the interest in business process choreographies rises as they offer a distributed way to compose and control cross-organizational processes. In choreographies, the process view is distributed between participants to limit privacy leakages. Hence, the process observability (i.e., who knows what) is challenging. On one side, partners have no insight into each other’s orchestration and communicate peer-to-peer via the public view. On the other side, they have to maintain their internal orchestrations’ states consistent with the choreography’s global state. The need to ensure a privacy-preserving method to enforce a blockchain-based execution thus rises. In the present work, we propose a unified solution for the hybrid on/off-chain generation and execution of business process choreographies. The public view, shared understanding of the cross-organizational process, is triggered by the on-chain smart contract. Participants generate their private views off-chain using this on-chain public view. They execute afterward the private views in their off-chain process execution engine. Our prototypical implementation demonstrates the feasibility of the approach .

PhD thesis defense of David Oudart on May 7 2020: “Model driven engineering applied to Smart Grids design: Cosimulation with FMI approach”

Model driven engineering applied to Smart Grids design: Cosimulation with FMI approach


Smart Grids are cyber-physical systems that interface power grids with information and communication technologies to monitor them, automate decision making and balance production with consumption. We want to use simulation to easily evaluate and compare several solutions before deployment in a real environment. The objective of this thesis is thus to propose tools and methods to model and simulate a Smart Grid in an industrial context. We have identified two main issues: How to combine heterogeneous models of a Smart Grid to simulate it? How to ensure consistency between the models produced by different stakeholders during the design of a Smart Grid? To address these issues, we propose a cosimulation approach, using the Functional Mockup Interface (FMI) standard. Our first two contributions are the proposal of a method to allow the exchange of discrete signals between several FMUs, and an extension of the OMNeT++ telecommunications simulation software implementing this method, called fmi4omnetpp. A third contribution is the development of the Smart Grid Simulation Framework tooled environment, which automates a number of repetitive tasks in order to ensure consistency between different simulation models. Finally, a fourth contribution is the formalization of an iterative design approach for the cosimulation of a Smart Grid, and how to integrate our Smart Grid Simulation Framework into it. To do so, we explain the different steps of the approach and the role of the actors involved in the design process, then we present its application to a real case study for which we use our Smart Grid Simulation Framework.