Service Virtualisation of Internet-of-Things Devices: Techniques and Challenges

Service virtualization is an approach that uses virtualized environments to automatically test enterprise services in production-like conditions. Many techniques have been proposed to provide such a realistic environment for enterprise services. The Internet-of-Things (IoT) is an emerging field which connects a diverse set of devices over different transport layers, using a variety of protocols. Provisioning a virtual testbed of IoT devices can accelerate IoT application development by enabling automated testing without requiring a continuous connection to the physical devices. One solution is to expand existing enterprise service virtualization to IoT environments. There are various structural differences between the two environments that should be considered to implement appropriate service virtualization for IoT. This paper examines the structural differences between various IoT protocols and enterprise protocols and identifies key technical challenges that need to be addressed to implement service virtualization in IoT environments.Comment: 4 page

Conceptual Model for Communication

A variety of idealized models of communication systems exist, and all may have something in common. Starting with Shannons communication model and ending with the OSI model, this paper presents progressively more advanced forms of modeling of communication systems by tying communication models together based on the notion of flow. The basic communication process is divided into different spheres (sources, channels, and destinations), each with its own five interior stages, receiving, processing, creating, releasing, and transferring of information. The flow of information is ontologically distinguished from the flow of physical signals, accordingly, Shannons model, network based OSI models, and TCP IP are redesigned.Comment: 13 pages IEEE format, International Journal of Computer Science and Information Security, IJCSIS November 2009, ISSN 1947 5500, http://sites.google.com/site/ijcsis

Evaluating the Stream Control Transmission Protocol Using Uppaal

The Stream Control Transmission Protocol (SCTP) is a Transport Layer protocol that has been proposed as an alternative to the Transmission Control Protocol (TCP) for the Internet of Things (IoT). SCTP, with its four-way handshake mechanism, claims to protect the Server from a Denial-of-Service (DoS) attack by ensuring the legitimacy of the Client, which has been a known issue pertaining to the three-way handshake of TCP. This paper compares the handshakes of TCP and SCTP to discuss its shortcomings and strengths. We present an Uppaal model of the TCP three-way handshake and SCTP four-way handshake and show that SCTP is able to cope with the presence of an Illegitimate Client, while TCP fails. The results confirm that SCTP is better equipped to deal with this type of attack.Comment: In Proceedings MARS 2017, arXiv:1703.0581

Reconfigurable Security: Edge Computing-based Framework for IoT

In various scenarios, achieving security between IoT devices is challenging since the devices may have different dedicated communication standards, resource constraints as well as various applications. In this article, we first provide requirements and existing solutions for IoT security. We then introduce a new reconfigurable security framework based on edge computing, which utilizes a near-user edge device, i.e., security agent, to simplify key management and offload the computational costs of security algorithms at IoT devices. This framework is designed to overcome the challenges including high computation costs, low flexibility in key management, and low compatibility in deploying new security algorithms in IoT, especially when adopting advanced cryptographic primitives. We also provide the design principles of the reconfigurable security framework, the exemplary security protocols for anonymous authentication and secure data access control, and the performance analysis in terms of feasibility and usability. The reconfigurable security framework paves a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication

Just-in-Time Memoryless Trust for Crowdsourced IoT Services

We propose just-in-time memoryless trust for crowdsourced IoT services. We leverage the characteristics of the IoT service environment to evaluate their trustworthiness. A novel framework is devised to assess a service's trust without relying on previous knowledge, i.e., memoryless trust. The framework exploits service-session-related data to offer a trust value valid only during the current session, i.e., just-in-time trust. Several experiments are conducted to assess the efficiency of the proposed framework.Comment: 8 pages, Accepted and to appear in 2020 IEEE International Conference on Web Services (ICWS). Content may change prior to final publicatio

Responsibility and non-repudiation in resource-constrained Internet of Things scenarios

The proliferation and popularity of smart autonomous systems necessitates the development of methods and models for ensuring the effective identification of their owners and controllers. The aim of this paper is to critically discuss the responsibility of Things and their impact on human affairs. This starts with an in-depth analysis of IoT Characteristics such as Autonomy, Ubiquity and Pervasiveness. We argue that Things governed by a controller should have an identifiable relationship between the two parties and that authentication and non-repudiation are essential characteristics in all IoT scenarios which require trustworthy communications. However, resources can be a problem, for instance, many Things are designed to perform in low-powered hardware. Hence, we also propose a protocol to demonstrate how we can achieve the authenticity of participating Things in a connectionless and resource-constrained environment

IPv6 Network Mobility

Network Authentication, Authorization, and Accounting has been used since before the days of the Internet as we know it today. Authentication asks the question, “Who or what are you?” Authorization asks, “What are you allowed to do?” And fi nally, accounting wants to know, “What did you do?” These fundamental security building blocks are being used in expanded ways today. The fi rst part of this two-part series focused on the overall concepts of AAA, the elements involved in AAA communications, and highlevel approaches to achieving specifi c AAA goals. It was published in IPJ Volume 10, No. 1[0]. This second part of the series discusses the protocols involved, specifi c applications of AAA, and considerations for the future of AAA