P4SINC – An Execution Policy Framework for IoT Services in the Edge

Internet of Things (IoT) services are increasingly deployed at the edge to access and control Things. The execution of such services needs to be monitored to provide information for security, service contract, and system operation management. Although different techniques have been proposed for deploying and executing IoT services in IoT gateways and edge servers, there is a lack of generic policy frameworks for instrumentation and assurance of various types of execution policies for IoT services. In this paper, we present P4SINC as an execution policy framework that covers various functionalities for IoT services deployed in software-defined machines in IoT infrastructures. P4SINC supports the instrumentation and enforcement of IoT services during their deployment and execution, thus being leveraged for other purposes such as security and service contract management. We illustrate our prototype with realistic examples

Fine-grained access control framework for Igor, a unified access solution to the Internet of Things

With the growing popularity of the Internet of Things (IoT), devices in households and offices are becoming information sharing "smart" devices controlled via network connections. The growth of collection, handling and distribution of data generated by IoT devices presents ethical and privacy issues. Users have no control over what information is kept or revealed, the interpretation of data collected, data ownership and who can access specific information generated by their IoT devices. This paper describes an approach to data ethical/privacy issues related to IoT using a fine-grained access-control framework on Igor, a centralized home and office automation solution. We designed a capability-based access control framework on top of Igor that allows agents, either human or machine, to access and change only the data to which they are authorised. The applicability of this to the European General Data Protection Regulation (GDPR) should be obvious. The implementation, expert evaluation and performance measurement results demonstrate that this is a promising solution for securing access to data generated by IoT devices

A new privacy framework for the management of chronic diseases via mHealth in a post Covid-19 world

Aim New challenges are being faced by global healthcare systems such as an increase in the elderly population, budget cuts as well as the ongoing COVID-19 pandemic. As pressures mount on healthcare systems to provide treatment to patients, mHealth is seen as one of the possible solutions to addressing these challenges. Given the sensitivity of health data, the rapid development of the mHealth sector raises privacy concerns. The aims of this research were to investigate privacy threats/concerns in the context of mHealth and the management of chronic diseases and to propose a novel privacy framework to address these concerns. Subject and Method The study adopted a modified version of the engineering design process. After defining the problem, information was gathered through literature reviews, and analyses of existing regulatory (privacy) frameworks and past research on privacy threats/concerns. Requirements for a new framework were then specified leading to its development and comparison with existing frameworks. Results A novel future-proof privacy framework was developed and illustrated. Using existing regulatory frameworks for privacy and privacy threats/concerns from research studies, privacy principles and their resulting requirements were identified. Further, mechanisms and associated technologies needed to implement the privacy principles/requirements into a functional prototype were also identified. A comparison of the proposed framework with existing frameworks, should that it addressed privacy threats/concerns in a more comprehensive manner. Conclusion This research makes a valuable contribution to protecting privacy in mHealth. The novel framework developed is an improvement on existing frameworks. It is also future-proof since its foundations are built on regulatory frameworks and privacy threats/concerns existing at the time of its deployment/revision

Digital Twins and Blockchain for IoT Management

Security and privacy are primary concerns in IoT management. Security breaches in IoT resources, such as smart sensors, can leak sensitive data and compromise the privacy of individuals. Effective IoT management requires a comprehensive approach to prioritize access security and data privacy protection. Digital twins create virtual representations of IoT resources. Blockchain adds decentralization, transparency, and reliability to IoT systems. This research integrates digital twins and blockchain to manage access to IoT data streaming. Digital twins are used to encapsulate data access and view configurations. Access is enabled on digital twins, not on IoT resources directly. Trust structures programmed as smart contracts are the ones that manage access to digital twins. Consequently, IoT resources are not exposed to third parties, and access security breaches can be prevented. Blockchain has been used to validate digital twins and store their configuration. The research presented in this paper enables multitenant access and customization of data streaming views and abstracts the complexity of data access management. This approach provides access and configuration security and data privacy protection.Comment: Reference: Mayra, Samaniego and Ralph, Deters. 2023. Digital Twins and Blockchain for IoT Management. In The 5th ACM International Symposium on Blockchain and Secure Critical Infrastructure (BSCI '23), July 10-14, 2023, Melbourne, VIC, Australia. ACM, New York, NY, USA, 11 pages. https://doi.org/10.1145/3594556.359461

Impact assessment of policy expressivenessof an optimised access control model forsmart sensors

In the incoming internet of things (IoT) applications, smart sensors expose services to interact with them, to be parameterised, managed and maintained. Therefore, fine-grained end-to-end access control enforcement is mandatory to tackle the derived security requirements. However, it is still not feasible in very constrained devices. There is an innovative access control model that conveys an expressive policy language and an optimised codification for tight and flexible access control enforcement in very constrained devices. Such tightness enabled by the expressiveness of the policy language leads to detailed policy instances that might impact on the performance and therefore, in the feasibility and further applicability. In this context, this study assesses how the policy length impacts the performance of the establishment of a security association through the protocol named Hidra proposed by such an adapted access control model. Consequently, the notable results of the performance evaluation prove the feasibility and adequacy of this access control model for the new smart IoT scenarios.Part of this work is funded by the Department of Economic Development and Competitiveness of the Basque Government through the SEKUrtasun TEKnologiak SEKUTEK KK-2017/00044 collaborative research project and by the Spanish Ministry of Economy, Industry and Competitiveness through the State Secretariat for Research, Development and Innovation under the 'Adaptive Management of 5G Services to Support Critical Events in Cities (5G-City)' project TEC2016-76795-C6-5-R

Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.Ministerio de Economía y CompetitividadUniversidad de Alcal

A Vision of the Internet of Things: A Review of Critical Challenges

Today, Information Communication Technology has brought many benefits to have a better life. Meanwhile, the concept of the Internet of Things (IoT), which has transformed the traditional lifestyle into a modern lifestyle and is growing rapidly, is of great importance. This research deals with the critical challenges of IoT. Although not much time has passed since the advent of the concept of the IoT, today the Internet of Things has faced a great deal of complexity in the industry, which requires in-depth studies to realise its potential and challenges. This study introduces and examines IoT challenges including security and privacy, scalability, interoperability, mobility, protocol & standardisation, and energy consumption. In this study, the relationship between these challenges has been clearly defined. Finally, based on the research, some main challenges or sub-challenges considered for these challenges