A Framework for Handling Internet of Things Data with Confidentiality and Blockchain Support

The Internet of Things (IoT) has emerged as a disruptive technology in recent time. Due to a sharp rise in the deployment of IoT devices across the globe, the total amount of generated data reaching record highs every day. There is no denying that IoT devices with the data that they produce enhancing our day to day lives by bringing in innovative solutions. However, there is a darker side of this technology as it enables device manufacturers and service providers to retain this data that they can later use for several purposes, including targeted marketing. Unfortunately, not many people are aware of this data misuse by service providers. To address this issue, we propose a framework for the confidential handling of IoT data with Blockchain-based verification. We used a combination of Solid and Blockchain to accomplish this goal. Our experimental results show that the proposed approach is promising and has the potential to bring a considerable change in the IoT industry

On Lightweight Privacy-Preserving Collaborative Learning for IoT Objects

The Internet of Things (IoT) will be a main data generation infrastructure for achieving better system intelligence. This paper considers the design and implementation of a practical privacy-preserving collaborative learning scheme, in which a curious learning coordinator trains a better machine learning model based on the data samples contributed by a number of IoT objects, while the confidentiality of the raw forms of the training data is protected against the coordinator. Existing distributed machine learning and data encryption approaches incur significant computation and communication overhead, rendering them ill-suited for resource-constrained IoT objects. We study an approach that applies independent Gaussian random projection at each IoT object to obfuscate data and trains a deep neural network at the coordinator based on the projected data from the IoT objects. This approach introduces light computation overhead to the IoT objects and moves most workload to the coordinator that can have sufficient computing resources. Although the independent projections performed by the IoT objects address the potential collusion between the curious coordinator and some compromised IoT objects, they significantly increase the complexity of the projected data. In this paper, we leverage the superior learning capability of deep learning in capturing sophisticated patterns to maintain good learning performance. Extensive comparative evaluation shows that this approach outperforms other lightweight approaches that apply additive noisification for differential privacy and/or support vector machines for learning in the applications with light data pattern complexities.Comment: 12 pages,IOTDI 201

Study of Security Issues in Pervasive Environment of Next Generation Internet of Things

Internet of Things is a novel concept that semantically implies a world-wide network of uniquely addressable interconnected smart objects. It is aimed at establishing any paradigm in computing. This environment is one where the boundary between virtual and physical world is eliminated. As the network gets loaded with hitherto unknown applications, security threats also become rampant. Current security solutions fail as new threats appear to de-struct the reliability of information. The network has to be transformed to IPv6 enabled network to address huge number of smart objects. Thus new addressing schemes come up with new attacks. Real time analysis of information from the heterogeneous smart objects needs use of cloud services. This can fall prey to cloud specific security threats. Therefore need arises for a review of security threats for a new area having huge demand. Here a study of security issues in this domain is briefly presented.Comment: 12 pages, CISIM 201

Contributions to Context-Aware Smart Healthcare: A Security and Privacy Perspective

Les tecnologies de la informació i la comunicació han canviat les nostres vides de manera irreversible. La indústria sanitària, una de les indústries més grans i de major creixement, està dedicant molts esforços per adoptar les últimes tecnologies en la pràctica mèdica diària. Per tant, no és sorprenent que els paradigmes sanitaris estiguin en constant evolució cercant serveis més eficients, eficaços i sostenibles. En aquest context, el potencial de la computació ubiqua mitjançant telèfons intel·ligents, rellotges intel·ligents i altres dispositius IoT ha esdevingut fonamental per recopilar grans volums de dades, especialment relacionats amb l'estat de salut i la ubicació de les persones. Les millores en les capacitats de detecció juntament amb l'aparició de xarxes de telecomunicacions d'alta velocitat han facilitat la implementació d'entorns sensibles al context, com les cases i les ciutats intel·ligents, capaços d'adaptar-se a les necessitats dels ciutadans. La interacció entre la computació ubiqua i els entorns sensibles al context va obrir la porta al paradigma de la salut intel·ligent, centrat en la prestació de serveis de salut personalitzats i de valor afegit mitjançant l'explotació de grans quantitats de dades sanitàries, de mobilitat i contextuals. No obstant, la gestió de dades sanitàries, des de la seva recollida fins a la seva anàlisi, planteja una sèrie de problemes desafiants a causa del seu caràcter altament confidencial. Aquesta tesi té per objectiu abordar diversos reptes de seguretat i privadesa dins del paradigma de la salut intel·ligent. Els resultats d'aquesta tesi pretenen ajudar a la comunitat científica a millorar la seguretat dels entorns intel·ligents del futur, així com la privadesa dels ciutadans respecte a les seves dades personals i sanitàries.Las tecnologías de la información y la comunicación han cambiado nuestras vidas de forma irreversible. La industria sanitaria, una de las industrias más grandes y de mayor crecimiento, está dedicando muchos esfuerzos por adoptar las últimas tecnologías en la práctica médica diaria. Por tanto, no es sorprendente que los paradigmas sanitarios estén en constante evolución en busca de servicios más eficientes, eficaces y sostenibles. En este contexto, el potencial de la computación ubicua mediante teléfonos inteligentes, relojes inteligentes, dispositivos wearables y otros dispositivos IoT ha sido fundamental para recopilar grandes volúmenes de datos, especialmente relacionados con el estado de salud y la localización de las personas. Las mejoras en las capacidades de detección junto con la aparición de redes de telecomunicaciones de alta velocidad han facilitado la implementación de entornos sensibles al contexto, como las casas y las ciudades inteligentes, capaces de adaptarse a las necesidades de los ciudadanos. La interacción entre la computación ubicua y los entornos sensibles al contexto abrió la puerta al paradigma de la salud inteligente, centrado en la prestación de servicios de salud personalizados y de valor añadido mediante la explotación significativa de grandes cantidades de datos sanitarios, de movilidad y contextuales. No obstante, la gestión de datos sanitarios, desde su recogida hasta su análisis, plantea una serie de cuestiones desafiantes debido a su naturaleza altamente confidencial. Esta tesis tiene por objetivo abordar varios retos de seguridad y privacidad dentro del paradigma de la salud inteligente. Los resultados de esta tesis pretenden ayudar a la comunidad científica a mejorar la seguridad de los entornos inteligentes del futuro, así como la privacidad de los ciudadanos con respecto a sus datos personales y sanitarios.Information and communication technologies have irreversibly changed our lives. The healthcare industry, one of the world’s largest and fastest-growing industries, is dedicating many efforts in adopting the latest technologies into daily medical practice. It is not therefore surprising that healthcare paradigms are constantly evolving seeking for more efficient, effective and sustainable services. In this context, the potential of ubiquitous computing through smartphones, smartwatches, wearables and IoT devices has become fundamental to collect large volumes of data, including people's health status and people’s location. The enhanced sensing capabilities together with the emergence of high-speed telecommunication networks have facilitated the implementation of context-aware environments, such as smart homes and smart cities, able to adapt themselves to the citizens needs. The interplay between ubiquitous computing and context-aware environments opened the door to the so-called smart health paradigm, focused on the provision of added-value personalised health services by meaningfully exploiting vast amounts of health, mobility and contextual data. However, the management of health data, from their gathering to their analysis, arises a number of challenging issues due to their highly confidential nature. In particular, this dissertation addresses several security and privacy challenges within the smart health paradigm. The results of this dissertation are intended to help the research community to enhance the security of the intelligent environments of the future as well as the privacy of the citizens regarding their personal and health data

Adaptive Security Framework in Internet of Things (IoT) for Providing Mobile Cloud Computing

Internet of Things (IoT) has immense potential to change many of our daily activities, routines and behaviors. The pervasive nature of the information sources means that a great amount of data pertaining to possibly every aspect of human activity, both public and private, will be produced, transmitted, collected, stored and processed. Consequently, integrity and confidentiality of transmitted data as well as the authentication of (and trust in) the services that offer the data is crucial. Hence, security is a critical functionality for the IoT. Enormous growth of mobile devices capability, critical automation of industry fields and the widespread of wireless communication cast need for seamless provision of mobile web services in the Internet of Things (IoT) environment. These are enriched by mobile cloud computing. However, it poses a challenge for its reliability, data authentication, power consumption and security issues. There is also a need for auto self-operated sensors for geo-sensing, agriculture, automatic cars, factories, roads, medicals application and more. IoT is still highly not reliable in points of integration between how its devices are connected, that is, there is poor utilization of the existing IP security protocols. In this chapter, we propose a deep penetration method for the IoT connected set of devices, along with the mobile cloud. An architecture and testing framework for providing mobile cloud computing in the IoT that is based on the object security, power utilization, latency measures and packet loss rate is explained. Our solution is based on the use of existing security protocols between clients and the mobile hosts as well as a key management protocol between the individual mobile hosts implementing an out-of-band key exchange that is simple in practice, flexible and secure. We study the performance of this approach by evaluating a prototype implementation of our security framework. This chapter, in a preliminary manner, discusses the threats, hacks, misguided packets and over read sensor message. These packets are then translated by hardware and pushed through the web for later-on action or support. Our testing of a set of sensor-triggered scenario and setup clearly indicates the security threats from wireless connected small LAN environments and the overestimated sensor messages resulting from the initial set of the sensor readings, while we emphasize more on the security level of the web services serving the IoT-connected device. Also, we add a remark on how mobile web services and their enabling devices are by far vulnerable to a 4G hack over the utilization of power pack and a serious battery use power draining issues