28,790 research outputs found
Service Virtualisation of Internet-of-Things Devices: Techniques and Challenges
Service virtualization is an approach that uses virtualized environments to
automatically test enterprise services in production-like conditions. Many
techniques have been proposed to provide such a realistic environment for
enterprise services. The Internet-of-Things (IoT) is an emerging field which
connects a diverse set of devices over different transport layers, using a
variety of protocols. Provisioning a virtual testbed of IoT devices can
accelerate IoT application development by enabling automated testing without
requiring a continuous connection to the physical devices. One solution is to
expand existing enterprise service virtualization to IoT environments. There
are various structural differences between the two environments that should be
considered to implement appropriate service virtualization for IoT. This paper
examines the structural differences between various IoT protocols and
enterprise protocols and identifies key technical challenges that need to be
addressed to implement service virtualization in IoT environments.Comment: 4 page
Conceptual Model for Communication
A variety of idealized models of communication systems exist, and all may
have something in common. Starting with Shannons communication model and ending
with the OSI model, this paper presents progressively more advanced forms of
modeling of communication systems by tying communication models together based
on the notion of flow. The basic communication process is divided into
different spheres (sources, channels, and destinations), each with its own five
interior stages, receiving, processing, creating, releasing, and transferring
of information. The flow of information is ontologically distinguished from the
flow of physical signals, accordingly, Shannons model, network based OSI
models, and TCP IP are redesigned.Comment: 13 pages IEEE format, International Journal of Computer Science and
Information Security, IJCSIS November 2009, ISSN 1947 5500,
http://sites.google.com/site/ijcsis
Evaluating the Stream Control Transmission Protocol Using Uppaal
The Stream Control Transmission Protocol (SCTP) is a Transport Layer protocol
that has been proposed as an alternative to the Transmission Control Protocol
(TCP) for the Internet of Things (IoT). SCTP, with its four-way handshake
mechanism, claims to protect the Server from a Denial-of-Service (DoS) attack
by ensuring the legitimacy of the Client, which has been a known issue
pertaining to the three-way handshake of TCP. This paper compares the
handshakes of TCP and SCTP to discuss its shortcomings and strengths. We
present an Uppaal model of the TCP three-way handshake and SCTP four-way
handshake and show that SCTP is able to cope with the presence of an
Illegitimate Client, while TCP fails. The results confirm that SCTP is better
equipped to deal with this type of attack.Comment: In Proceedings MARS 2017, arXiv:1703.0581
Reconfigurable Security: Edge Computing-based Framework for IoT
In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
Just-in-Time Memoryless Trust for Crowdsourced IoT Services
We propose just-in-time memoryless trust for crowdsourced IoT services. We
leverage the characteristics of the IoT service environment to evaluate their
trustworthiness. A novel framework is devised to assess a service's trust
without relying on previous knowledge, i.e., memoryless trust. The framework
exploits service-session-related data to offer a trust value valid only during
the current session, i.e., just-in-time trust. Several experiments are
conducted to assess the efficiency of the proposed framework.Comment: 8 pages, Accepted and to appear in 2020 IEEE International Conference
on Web Services (ICWS). Content may change prior to final publicatio
Responsibility and non-repudiation in resource-constrained Internet of Things scenarios
The proliferation and popularity of smart
autonomous systems necessitates the development
of methods and models for ensuring the effective
identification of their owners and controllers. The aim
of this paper is to critically discuss the responsibility of
Things and their impact on human affairs. This starts
with an in-depth analysis of IoT Characteristics such
as Autonomy, Ubiquity and Pervasiveness. We argue
that Things governed by a controller should have an
identifiable relationship between the two parties and
that authentication and non-repudiation are essential
characteristics in all IoT scenarios which require
trustworthy communications. However, resources can
be a problem, for instance, many Things are designed
to perform in low-powered hardware. Hence, we also
propose a protocol to demonstrate how we can achieve the
authenticity of participating Things in a connectionless
and resource-constrained environment
IPv6 Network Mobility
Network Authentication, Authorization, and Accounting has
been used since before the days of the Internet as we know it
today. Authentication asks the question, âWho or what are
you?â Authorization asks, âWhat are you allowed to do?â And fi nally,
accounting wants to know, âWhat did you do?â These fundamental
security building blocks are being used in expanded ways today. The
fi rst part of this two-part series focused on the overall concepts of
AAA, the elements involved in AAA communications, and highlevel
approaches to achieving specifi c AAA goals. It was published in
IPJ Volume 10, No. 1[0]. This second part of the series discusses the
protocols involved, specifi c applications of AAA, and considerations
for the future of AAA
- âŠ