The term Internet of Things (IoT) refers to advanced connectivity of of the Internet with devices, systems and services that include both machine-to-machine communications (M2M) and a variety of protocols, domains and applications. Since the concept incorporates literally billions of devices, the security implications are huge. The articles presented here include some of the work presented at the World Forum on the internet of Things in March 2014. In the first six months of 2014, more than 300 articles have been published globally on IoT. This selection focuses on security and security research.
- Skarmeta, A.F.; Hernández-Ramos, J.L.; Moreno, M.V., "A Decentralized Approach For Security And Privacy Challenges In The Internet Of Things," Internet of Things (WF-IoT), 2014 IEEE World Forum on , vol., no., pp.67,72, 6-8 March 2014. (ID#:14-1568) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6803122&isnumber=6803102 The strong development of the Internet of Things (IoT) is dramatically changing traditional perceptions of the current Internet towards an integrated vision of smart objects interacting with each other. While in recent years many technological challenges have already been solved through the extension and adaptation of wireless technologies, security and privacy still remain as the main barriers for the IoT deployment on a broad scale. In this emerging paradigm, typical scenarios manage particularly sensitive data, and any leakage of information could severely damage the privacy of users. This paper provides a concise description of some of the major challenges related to these areas that still need to be overcome in the coming years for a full acceptance of all IoT stakeholders involved. In addition, we propose a distributed capability-based access control mechanism which is built on public key cryptography in order to cope with some of these challenges. Specifically, our solution is based on the design of a lightweight token used for access to CoAP Resources, and an optimized implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) inside the smart object. The results obtained from our experiments demonstrate the feasibility of the proposal and show promising in order to cover more complex scenarios in the future, as well as its application in specific IoT use cases. Keywords: Internet of Things; authorization; computer network security; data privacy; digital signatures; personal area networks; public key cryptography;6LoWPAN;CoAP resources; ECDSA; Internet of Things; IoT deployment; IoT stakeholders; distributed capability-based access control mechanism; elliptic curve digital signature algorithm; information leakage; lightweight token; public key cryptography; security challenges; sensitive data management; user privacy; wireless technologies; Authentication; Authorization; Cryptography;Internet;Privacy;6LoWPAN;Internet of Things; Privacy; Security; cryptographic primitives; distributed access control
- Singh, D.; Tripathi, G.; Jara, A.J., "A survey of Internet-of-Things: Future vision, Architecture, Challenges And Services," Internet of Things (WF-IoT), 2014 IEEE World Forum on, vol., no., pp.287,292, 6-8 March 2014. (ID#:14-1569) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6803174&isnumber=6803102 Internet-of-Things (IoT) is the convergence of Internet with RFID, Sensor and smart objects. IoT can be defined as “things belonging to the Internet” to supply and access all of real-world information. Billions of devices are expected to be associated into the system and that shall require huge distribution of networks as well as the process of transforming raw data into meaningful inferences. IoT is the biggest promise of the technology today, but still lacking a novel mechanism, which can be perceived through the lenses of Internet, things and semantic vision. This paper presents a novel architecture model for IoT with the help of Semantic Fusion Model (SFM). This architecture introduces the use of Smart Semantic framework to encapsulate the processed information from sensor networks. The smart embedded system is having semantic logic and semantic value based Information to make the system an intelligent system. This paper presents a discussion on Internet oriented applications, services, visual aspect and challenges for Internet of things using RFID, 6lowpan and sensor networks. Keywords: Internet of Things; radiofrequency identification; Internet oriented applications; Internet-of-Things; IoT; RFID; SFM; real-world information; semantic fusion model; semantic logic; semantic value based Information; smart embedded system; smart objects; smart semantic framework; Computer architecture; Internet; Logic gates; Monitoring; Radiofrequency identification; Semantics; Wireless sensor networks;6lowpan;Architecture;Internet Services; Internet-of-Things; Semantic Web; Sensor Networks
- Copigneaux, B., "Semi-autonomous, Context-Aware, Agent Using Behaviour Modelling And Reputation Systems To Authorize Data Operation In The Internet Of Things," Internet of Things (WF-IoT), 2014 IEEE World Forum on , vol., no., pp.411,416, 6-8 March 2014. (ID#:14-1570) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6803201&isnumber=6803102 In this paper we address the issue of gathering the “informed consent” of an end user in the Internet of Things. We start by evaluating the legal importance and some of the problems linked with this notion of informed consent in the specific context of the Internet of Things. From this assessment we propose an approach based on a semi-autonomous, rule based agent that centralize all authorization decisions on the personal data of a user and that is able to take decision on his behalf. We complete this initial agent by integrating context-awareness, behavior modeling and community based reputation system in the algorithm of the agent. The resulting system is a “smart” application, the “privacy butler” that can handle data operations on behalf of the end-user while keeping the user in control. We finally discuss some of the potential problems and improvements of the system. Keywords: Internet of Things; authorisation; ubiquitous computing; Internet of Things; authorization decisions; authorize data operation; behavior modeling; behaviour modelling; community based reputation system; context-awareness; personal data; privacy butler; specific context; Authorization; Communities; Context; Data privacy; Europe; Internet; Privacy; Informed consent; agent; authorization; behaviour modelling; context-aware; data operation; reputation systems
- Guo Xie-Chao, "The Research and Application of PCA Algorithm Based Recognition Technology in the Internet of Things," Measuring Technology and Mechatronics Automation (ICMTMA), 2014 Sixth International Conference on , vol., no., pp.737,740, 10-11 Jan. 2014. (ID#:14-1571) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6802799&isnumber=6802614 With the quick development of technology, the Internet of things is becoming one of the most important components in our society. The Internet of things can make everything connected with Internet, and it is convenient to recognize and manage. In the process of recognizing the things in the Internet of Things, it will appear irrelative and vague data, and we could not analyze and identify effectively. Focusing on the work of analyzing data, we propose PCA algorithm based technology in this paper, and apply it into works in the Internet of things. Through the theory and experimental results, we can prove that the technology we propose can select main information from prolix data, and complete the recognition works. Keywords: Internet of Things; data analysis; pattern recognition; principal component analysis ;Internet of Things; PCA algorithm based recognition technology; data analysis; data recognition; principal component analysis; prolix data; Automation; Mechatronics; PCA; The Internet of things; pattern recognition; recognition technology
- Cherrier, S.; Ghamri-Doudane, Y.M.; Lohier, S.; Roussel, G., "Fault-recovery and coherence in Internet of Things choreographies," Internet of Things (WF-IoT), 2014 IEEE World Forum on , vol., no., pp.532,537, 6-8 March 2014. (ID#:14-1572) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6803224&isnumber=6803102 Facilitating the creation of Internet of Things (IoT) applications is a major concern to increase its development. D-LITe, our previous work, is a framework for that purpose. In D-LITe, Objects are considered as part of a whole application. They offer a REST web service that describes Object capabilities, receives the logic to be executed, and interacts with other stakeholders. Then, the complete application is seen as a choreography dynamically deployed on various objects. But the main issue of choreographies is the loss of coherence. Because of their unreliability, some networks used in IoT may introduce de-synchronization between Objects, leading to errors and failures. In this paper, we propose a solution to re-introduce coherence in the application, in order to keep the advantages of choreography while dealing with this main issue. An overlay of logical check-points at the application layer defines links between the coherent states of a set of objects and triggers re-synchronization messages. Correcting statements are thus spread through the network, which enables fault recovery in Choreographies. This paper ends with a comparison between the checking cost and the reliability improvement. Keywords: Internet of Things; Web services; system recovery; Internet of Things choreographies; IoT applications; REST Web service; fault coherence; fault recovery; object capabilities; reliability improvement; resynchronization messages; Coherence; Error analysis; Hardware; Radiation detectors; Reliability; Web services; Choreography; Fault-recovery; Fault-tolerance; Internet of Things
- Nitti, M.; Girau, R.; Atzori, L., "Trustworthiness Management in the Social Internet of Things," Knowledge and Data Engineering, IEEE Transactions on , vol.26, no.5, pp.1253,1266, May 2014. (ID#:14-1573) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6547148&isnumber=6814899 The integration of social networking concepts into the Internet of things has led to the Social Internet of Things (SIoT) paradigm, according to which objects are capable of establishing social relationships in an autonomous way with respect to their owners with the benefits of improving the network scalability in information/service discovery. Within this scenario, we focus on the problem of understanding how the information provided by members of the social IoT has to be processed so as to build a reliable system on the basis of the behavior of the objects. We define two models for trustworthiness management starting from the solutions proposed for P2P and social networks. In the subjective model each node computes the trustworthiness of its friends on the basis of its own experience and on the opinion of the friends in common with the potential service providers. In the objective model, the information about each node is distributed and stored making use of a distributed hash table structure so that any node can make use of the same information. Simulations show how the proposed models can effectively isolate almost any malicious nodes in the network at the expenses of an increase in the network traffic for feedback exchange. Keywords: Communication/Networking and Information Technology; Computer Systems Organization; Distributed Systems; General; Internet of things; social networks; trustworthiness management
- Chen Jun; Chen Chi, "Design of Complex Event-Processing IDS in Internet of Things," Measuring Technology and Mechatronics Automation (ICMTMA), 2014 Sixth International Conference on , vol., no., pp.226,229, 10-11 Jan. 2014. (ID#:14-1574) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6802673&isnumber=6802614 With the development of Internet of Things (IoT), there have been more and more services and applications deployed in physical spaces and information systems. Massive number of situation-aware sensors and devices are embedded in IoT environments, which produce huge amounts of data continuously for the IoT systems and platforms. Processing these data stream generated by the IoT networks with different patterns has raised new challenges for the real-time performance of intrusion detection system (IDS) in IoT environments, which has to react quickly to the hacking attacks and malicious activities to IoT. In recent years, Complex Event Processing (CEP) technology provides new solutions in the field of complex pattern identifications and real-time data processing, which can be used to improve the performance of traditional IDS in IoT environments. IDS integrated with CEP can be used to deal with patterns among events and process large volumes of messages with low latency. In this paper we proposed an event-processing IDS architecture in IoT environments on the basis of security requirements analysis for IDS. Then the implementation details for real-time event processing are also proposed, which is developed by Esper, a CEP engine for complex event processing and event series analysis. Keywords: Internet; Internet of Things; security of data; CEP technology; Internet of Things; IoT networks; complex event-processing IDS design; data stream processing; event series analysis; information systems; intrusion detection system; physical spaces; real-time event processing; security requirements analysis; situation-aware sensors; Automation; Mechatronics
- Kai Kang; Zhibo Pang; Li Da Xu; Liya Ma; Cong Wang, "An Interactive Trust Model for Application Market of the Internet of Things," Industrial Informatics, IEEE Transactions on , vol.10, no.2, pp.1516,1526, May 2014. (ID#:14-1575) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6742593&isnumber=6809862 The Internet of Things (IoT) application market (IAM) is supposed to be an effective approach for service distribution in the era of IoT. To protect the privacy and security of users, a systematic mechanism to determine the trustworthiness of the applications in the IAM is demanded. In this paper, an interactive trust model (ITM) is proposed based on interaction between application market and end users. In this model, application trustworthiness (AT) is quantitatively evaluated by the similarity between the application's behavior and the behavior expected by the user. In particular, by using the evaluation vector and feedback vector feature of application in the marketplace and behavior of applications on end devices can be exchanged in mathematical form to establish the connection between market and users. Behavior-based detecting agent on a users' device gives strong evidence about what applications have done to your privacy and security issues. Indicators derived by this model are presented in the market along with the application, and it helps users to more efficiently select the most appropriate application from the market. Keywords: Internet; Internet of Things; IAM; ITM; Internet of Things; IoT application market; application trustworthiness; behavior-based detecting agent; feedback vector feature; interactive trust model; user privacy; user security; Ecosystems; Mathematical model; Mobile communication; Privacy; Security; Smart phones; Vectors; Evaluation vector; Internet of Things (IoT);IoT application market (IAM);feedback vector; interactive trust model (ITM)
- Antonio J. Jara, Socrates Varakliotis, Antonio F. Skarmeta, Peter Kirstein, “Extending the Internet of Things to the Future Internet through IPv6 Support,” Mobile Information Systems - Internet of Things, Volume 10 Issue 1, January 2014, ( Pages 3-17). (ID#:14-1576) Available at: http://dl.acm.org/citation.cfm?id=2590365.2590367&coll=DL&dl=GUIDE&CFID=474579018&CFTOKEN=48044888 This work takes a look at integrating the Internet of Things (IoT) into the Internet by extending, adapting, and bridging using IPv6, while still ensuring backwards compatibility with legacy networks. The authors of this paper explore an extended Internet stack with adaptation layers, enabling ubiquitous access for all applications and services. Keywords: Backwards Compatibility, Internet Of Things, Internetworking, Ipv6, Network Communications, System Architecture, Wireless Sensor Networks
- Jordi Mongay Batalla, Piotr Krawiec, “Conception Of ID Layer Performance At The Network Level For Internet Of Things,” Personal and Ubiquitous Computing , Volume 18 Issue 2, February 2014. (ID#:14-1577) Available at: http://dl.acm.org/author_page.cfm?id=87259682657&coll=DL&dl=GUIDE&CFID=474579018&CFTOKEN=48044888 The authors of this paper propose an original ID layer architecture for Internet of Things (IoT), expounding on human-readable, hierarchical ID-based unified addressing for connects devices and services. . Keywords: Future Internet, ID-based routing, Internet of Things, Name data networking, Networking Named Content
- Julien Montavont, Damien Roth, Thomas Noël, “Mobile IPv6 in Internet of Things: Analysis, Experimentations and Optimizations,” Ad Hoc Networks, Volume 14, March, 2014, (Pages 15-25). (ID#:14-1578) Available at: http://dl.acm.org/citation.cfm?id=2580129.2580640&coll=DL&dl=GUIDE&CFID=474579018&CFTOKEN=48044888 This work explores the projected impact of Internet of Things (IoT) on ubiquitous IP connectivity and the corresponding mobility management protocol used. The authors of this publication propose a study of Mobile IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN), a standard that facilitates connection to IPv6 networks for constrained devices. This paper also details a proposed mechanism for detecting movement, based on passive overhearings, as current standard procedures cannot be applied without modification. Keywords: 6LoWPAN, Internet of Things, Mobile IPv6, Mobility support, WSN
- Keoh, S.; Kumar, S.; Tschofenig, H., "Securing the Internet of Things: A Standardization Perspective," Internet of Things Journal, IEEE , vol.PP, no.99, pp.1,1, 16 May 2014. (ID#:14-1579) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6817545&isnumber=6702522 The Internet-of-Things (IoT) is the next wave of innovation that promises to improve and optimize our daily life based on intelligent sensors and smart objects working together. Through IP connectivity, devices can now be connected to the Internet, thus allowing them to be read, controlled and managed at any time and any place. Security is an important aspect for IoT deployments. However, proprietary security solutions do not help in formulating a coherent security vision to enable IoT devices to securely communicate with each other in an interoperable manner. This paper gives an overview of the efforts in the Internet Engineering Task Force (IETF) to standardize security solutions for the IoT ecosystem. We first provide an in-depth review of the communication security solutions for IoT, specifically the standard security protocols to be used in conjunction with the Constrained Application Protocol (CoAP), an application protocol specifically tailored to the needs of adapting to the constraints of IoT devices. Since Datagram Transport Layer Security (DTLS) has been chosen as the channel security underneath CoAP, this paper also discusses the latest standardization efforts to adapt and enhance the DTLS for IoT applications. This includes the use of (i) raw public key in DTLS, (ii) extending DTLS Record Layer to protect group (multicast) communication, and (iii) profiling of DTLS for reducing the size and complexity of implementations on embedded devices. We also provide an extensive review of compression schemes that are being proposed in IETF to mitigate message fragmentation issues in DTLS. Keywords: (not available)
- Gu, Lize; Wang, Jingpei; Sun, Bin, "Trust management mechanism for Internet of Things," Communications, China , vol.11, no.2, pp.148,156, Feb 2014. (ID#:14-1580) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6821746&isnumber=6821729 Trust management has been proven to be a useful technology for providing security service and as a consequence has been used in many applications such as P2P, Grid, ad hoc network and so on. However, few researches about trust mechanism for Internet of Things (IoT) could be found in the literature, though we argue that considerable necessity is held for applying trust mechanism to IoT. In this paper, we establish a formal trust management control mechanism based on architecture modeling of IoT. We decompose the IoT into three layers, which are sensor layer, core layer and application layer, from aspects of network composition of IoT. Each layer is controlled by trust management for special purpose: self-organized, affective routing and multi-service respectively. And the final decision-making is performed by service requester according to the collected trust information as well as requester' policy. Finally, we use a formal semantics-based and fuzzy set theory to realize all above trust mechanism, the result of which provides a general framework for the development of trust models of IoT. Keywords: Decision making; Internet; Legged locomotion; Multiplexing; Security; Internet of Things; formal semantics; trust decision making; trust management
- Stankovic, J.A., "Research Directions for the Internet of Things," Internet of Things Journal, IEEE , vol.1, no.1, pp.3,9, Feb. 2014. (ID#:14-1581) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6774858&isnumber=6810798 Many technical communities are vigorously pursuing research topics that contribute to the Internet of Things (IoT). Nowadays, as sensing, actuation, communication, and control become even more sophisticated and ubiquitous, there is a significant overlap in these communities, sometimes from slightly different perspectives. More cooperation between communities is encouraged. To provide a basis for discussing open research problems in IoT, a vision for how IoT could change the world in the distant future is first presented. Then, eight key research topics are enumerated and research problems within these topics are discussed. Keywords: Actuators; Internet; Medical services; Privacy; Real-time systems; Security; Sensors; Cyber physical systems; Internet of Things (IoT);mobile computing; pervasive computing; wireless sensor networks
- Gyrard, A.; Bonnet, C.; Boudaoud, K., "Enrich machine-to-machine data with semantic web technologies for cross-domain applications," Internet of Things (WF-IoT), 2014 IEEE World Forum on , vol., no., pp.559,564, 6-8 March 2014. (ID#:14-1582) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6803229&isnumber=6803102 The Internet of Things, more specifically, the Machine-to-Machine (M2M) standard enables machines and devices such as sensors to communicate with each other without human intervention. The M2M devices provide a great deal of M2M data, mainly used for specific M2M applications such as weather forecasting, healthcare or building automation. Existing applications are domain-specific and use their own descriptions of devices and measurements. A major challenge is to combine M2M data provided by these heterogeneous domains and by different projects. It is really a difficult task to understand the meaning of the M2M data to later reason about them. We propose a semantic-based approach to automatically combine, enrich and reason about M2M data to provide promising cross-domain M2M applications. A proof-of-concept to validate our approach is published online http://sensormeasurement.appspot.com/ . Keywords: Internet of Things; data analysis; semantic Web; Internet of Things;M2M devices;M2M standard; building automation; cross-domain applications; healthcare; human intervention; machine-to-machine data; machine-to-machine standard; semantic Web technology; weather forecasting; Diseases; Meteorology; Ontologies; Semantic Web; Semantics; Sensors; Temperature measurement; Cross-Domain Applications; Domain Ontologies; Internet of Things; Linked Open Data; Linked Open Rules; Linked Open Vocabularies; Machine-to-Machine (M2M); Naturopathy; Reasoning; Rules; SWRL; Semantic Web of Things; Semantic Web technologies
- Puliafito, A., "SensorCloud: An Integrated System for Advanced Multi-risk Management," Network Cloud Computing and Applications (NCCA), 2014 IEEE 3rd Symposium on , vol., no., pp.1,8, 5-7 Feb. 2014. (ID#:14-1583) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6786755&isnumber=6786745 This paper intends to contribute to the design of a pervasive infrastructure where new generation services interact with the surrounding environment, thus creating new opportunities for contextualization and geo-awareness. The architecture proposal is based on Sensor Web Enablement standard specifications and makes use of the Contiki Operating System for accomplishing the Internet of Things. We present both "data driven" and "device driven" solutions introducing the concept of Sensor and Actuator as a Service (SAaaS). Smart cities are assumed as the reference scenario. We present a data driven application specifically designed to monitor an industrial site with particular attention to power consumption. We also introduce an example of SAaaS service related to traffic monitoring. Keywords: Internet of Things; cloud computing; distributed sensors; power consumption; power engineering computing; risk management; traffic engineering computing; Contiki Operating System; Internet of Things; SAaaS; Sensor Web Enablement standard specifications; Sensor and Actuator as a Service; SensorCloud; advanced multirisk management; contextualization; data driven application; data driven solution; device driven solution; geo-awareness; industrial site monitoring; integrated system; new generation services; pervasive infrastructure design; power consumption; smart cities; traffic monitoring; Actuators; Cities and towns; Cloud computing; Computer architecture; Monitoring; Sensors; Internet of Things; cloud computing; sensor networks; smart cities
- Duan, J.; Gao, D.; Yang, D.; Foh, C.H.; Chen, H., "An Energy-Aware Trust Derivation Scheme With Game Theoretic Approach in Wireless Sensor Networks for IoT Applications," Internet of Things Journal, IEEE , vol.1, no.1, pp.58,69, Feb. 2014. (ID#:14-1584) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6779650&isnumber=6810798 Trust evaluation plays an important role in securing wireless sensor networks (WSNs), which is one of the most popular network technologies for the Internet of Things (IoT). The efficiency of the trust evaluation process is largely governed by the trust derivation, as it dominates the overhead in the process, and performance of WSNs is particularly sensitive to overhead due to the limited bandwidth and power. This paper proposes an energy-aware trust derivation scheme using game theoretic approach, which manages overhead while maintaining adequate security of WSNs. A risk strategy model is first presented to stimulate WSN nodes’ cooperation. Then, a game theoretic approach is applied to the trust derivation process to reduce the overhead of the process. We show with the help of simulations that our trust derivation scheme can achieve both intended security and high efficiency suitable for WSN-based IoT networks. Keywords: Computational modeling; Electronic mail; Energy consumption; Games; Internet; Security; Wireless sensor networks; Energy awareness; Internet of Things (IoT);game theory; security ;trust evaluation; wireless sensor network (WSN)
- Piro, G.; Boggia, G.; Grieco, L.A., "A Standard Compliant Security Framework for IEEE 802.15.4 Networks," Internet of Things (WF-IoT), 2014 IEEE World Forum on, vol., no., pp.27,30, 6-8 March 2014. (ID#:14-1585) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6803111&isnumber=6803102 The IEEE 802.15.4 standard is widely recognized as one of the most successful enabling technologies for short range low rate wireless communications. It covers all the details related to the MAC and PHY layers of the protocol stack. In addition, it supports the possibility to protect MAC packets by using symmetric-key cryptography techniques and it offers several security options. But, at the same time, the standard relies on upper layers to orchestrate the usage of the plethora of security profiles and configuration settings it makes available, as well as to handle the creation and the exchange of encryption keys. In support of this functionality, this work describes a standard compliant security framework aimed at proposing: (i) different kind of security architectures, (ii) an efficient mechanism for initializing a secure IEEE 802.15.4 domain, and (iii) a lightweight mechanism to negotiate link keys among devices. Keywords: Zigbee; cryptography ;IEEE 802.15.4 networks; MAC layers; PHY layers; encryption keys; lightweight mechanism; security architectures; short range low rate wireless communications; standard compliant security framework; symmetric-key cryptography techniques; Authentication; Cryptography; IEEE 802.15 Standards; Internet; Protocols; IEEE 802.15.4;key management protocol; security framework
- Riahi, A.; Natalizio, E.; Challal, Y.; Mitton, N.; Iera, A., "A systemic and cognitive approach for IoT security," Computing, Networking and Communications (ICNC), 2014 International Conference on , vol., no., pp.183,188, 3-6 Feb. 2014. (ID#:14-1586) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6785328&isnumber=6785290 The Internet of Things (IoT) will enable objects to become active participants of everyday activities. Introducing objects into the control processes of complex systems makes IoT security very difficult to address. Indeed, the Internet of Things is a complex paradigm in which people interact with the technological ecosystem based on smart objects through complex processes. The interactions of these four IoT components, person, intelligent object, technological ecosystem, and process, highlight a systemic and cognitive dimension within security of the IoT. The interaction of people with the technological ecosystem requires the protection of their privacy. Similarly, their interaction with control processes requires the guarantee of their safety. Processes must ensure their reliability and realize the objectives for which they are designed. We believe that the move towards a greater autonomy for objects will bring the security of technologies and processes and the privacy of individuals into sharper focus. Furthermore, in parallel with the increasing autonomy of objects to perceive and act on the environment, IoT security should move towards a greater autonomy in perceiving threats and reacting to attacks, based on a cognitive and systemic approach. In this work, we will analyze the role of each of the mentioned actors in IoT security and their relationships, in order to highlight the research challenges and present our approach to these issues based on a holistic vision of IoT security. Keywords: Internet of Things; data privacy; security of data; IoT security; cognitive dimension; control processes; internet of things; object autonomy; privacy protection; safety guarantee; smart objects; systemic dimension ;technological ecosystem; Context; Data privacy; Ecosystems; Privacy; Reliability; Safety; Security
- Israa Alqassem, “Privacy and Security Requirements Framework For The Internet Of Things (IoT),” ICSE Companion 2014 Companion Proceedings of the 36th International Conference on Software Engineering May 2014, (Pages 739-741). (ID#:14-1587)Available at: http://dl.acm.org/citation.cfm?id=2591062.2591201&coll=DL&dl=GUIDE&CFID=474579018&CFTOKEN=48044888 This article strives to address the earliest planning stages of Internet of Things (IoT), in terms of projected privacy and security requirements. In order to plan for a mission-critical IoT, the authors of this paper advise developing an engineering framework for privacy and security requirements. Keywords: Internet of Things, RFID, privacy, requirements elicitation, requirements engineering, security
- Jinshu Su, Dan Cao, Baokang Zhao, Xiaofeng Wang, Ilsun You, “ePASS: An Expressive Attribute-Based Signature Scheme With Privacy And An Unforgeability Guarantee for the Internet of Things,” Future Generation Computer Systems, Volume 33, April, 2014, (Pages 11-18). (ID#:14-1588) Available at: http://dl.acm.org/citation.cfm?id=2576237.2576308&coll=DL&dl=GUIDE&CFID=474579018&CFTOKEN=48044888 This article addresses vulnerabilities in user privacy, and distinct need for policy-focused authentication, for the emerging Internet of Things (IoT). The authors of this article present ePASS, an Attribute-Based Signature (ABS) alternative which effectively restricts users from forging signatures with non-existent or feigned attributes. Only a user, who will remain anonymous, with attributes satisfying the policy may affirm the message. This method sees decreased computational cost and signature size. Keywords: Attribute-based signature, Diffie-Hellman, Internet of Things, Policy, Privacy, Security, Unforgeability
- Lee W. Lerner, Zane R. Franklin, William T. Baumann, Cameron D. Patterson, “Using High-Level Synthesis And Formal Analysis To Predict And Preempt Attacks On Industrial Control Systems,” FPGA '14 Proceedings of the 2014 ACM/SIGDA International Symposium On Field-Programmable Gate Arrays, Feb 2014, (Pages 209-212). (ID#:14-1589) Available at: http://dl.acm.org/citation.cfm?id=2554688.2554759&coll=DL&dl=GUIDE&CFID=474579018&CFTOKEN=48044888 Industrial control systems (ICSes) have the conflicting requirements of security and network access. In the event of large-scale hostilities, factories and infrastructure would more likely be targeted by computer viruses than the bomber squadrons used in WWII. ICS zero-day exploits are now a commodity sold on brokerages to interested parties including nations. We mitigate these threats not by bolstering perimeter security, but rather by assuming that potentially all layers of ICS software have already been compromised and are capable of launching a latent attack while reporting normal system status to human operators. In our approach, application-specific configurable hardware is the final authority for scrutinizing controller commands and process sensors, and can monitor and override operations at the lowest (I/O pin) level of a configurable system-on-chip platform. The process specifications, stability-preserving backup controller, and switchover logic are specified and formally verified as C code, and synthesized into hardware to resist software reconfiguration attacks. To provide greater assurance that the backup controller can be invoked before the physical process becomes unstable; copies of the production controller task and plant model are accelerated to preview the controller's behavior in the near future. Keywords: formal analysis, high-level synthesis, industrial control systems, reconfigurable platform, security
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.