The present disclosure relates generally to secure data management techniques. In particular, the disclosure relates to pairing devices and using the pairing information for granting or denying requests (e.g., data exchange requests) from the devices, for example, in a cloud environment, including Internet of Things (IoT) cloud.
With increasing proliferation of computing devices, the amount of data stored by such devices, accessed using these devices, and exchanged between such devices continues to increase at an astounding pace. Securing the ability of these devices to access data and to exchange data between such devices is a big concern. The problem has further exacerbated due to the rise of cloud environments where several devices could be communicatively coupled to the cloud and can access data from the cloud or use the cloud to exchange data with other devices.
For example, the Internet of Things (IoT) can be a network of devices. These IoT devices, for example, are programmed to collect and exchange data. IoT allows these devices to be sensed and controlled in a network infrastructure. An IoT cloud may need to properly identify devices so as to provide secure data management. For example, data that is uploaded by a first device should not be accessible by a second device unless, for example, authorized by a user of the first device. Further, particular data should only be accessible by certain devices.
Devices can be distinguished from each other according to their identification information ID. Such an ID can be unique to a device and can thus be used to uniquely identify the device from other devices. For example, an ID can be a string of characters. Some conventional secure data exchange schemes use device IDs to control access to data, but such schemes are limited and have inherent problems. For example, when a device is stolen, the stolen device can still send its ID to the IoT cloud and therefore can be granted access to data stored on the cloud. A similar issue may apply to a “copied” device or a “spoofed” device where the copied or fake device may access the data uploaded by a legitimate device if the fake device knows and can spoof the ID of the legitimate device. Therefore, unauthorized devices may be able to access data stored in a cloud, such as an IoT cloud.