Towards Trusted Seamless Reconfiguration of IoT Nodes

IoT networks are growing rapidly with the addition of new sensors, nodes and devices to existing IoT networks. Due to the ever-increasing demand for IoT nodes to adapt to changing environment conditions and application requirements, the need for reconfiguring these already existing IoT nodes is increasing rapidly. A reconfiguration of an IoT network includes alterations to the devices connected, changing the behavioural patterns of the devices and modifying the software modules that control the IoT network and devices. Reconfiguring an already existing IoT network is a challenge due to the amount of data loss and network downtime faced when carrying out a reconfiguration procedure in a limited power supply environment. This paper proposes an architecture for trusted dynamic reconfiguration of IoT nodes with the least amount of data loss and downtime. The proposed approach uses multiple IoT nodes to facilitate dynamic reconfiguration

A REVIEW ON INTERNET OF THINGS ARCHITECTURE FOR BIG DATA PROCESSING

The importance of big data implementations is increased due to large amount of gathered data via the online gates. The businesses and organizations would benefit from the big data analysis i.e. analyze the political, market, and social interests of the people. The Internet of Things (IoT) presents many facilities that support the big data transfer between various Internet objects. The integration between the big data and IoT offer a lot of implementations in the daily life like GPS, Satellites, and airplanes tracking. There are many challenges face the integration between big data transfer and IoT technology. The main challenges are the transfer architecture, transfer protocols, and the transfer security. The main aim of this paper is to review the useful architecture of IoT for the purpose of big data processing with the consideration of the various requirements such as the transfer protocol. This paper also reviews other important issues such as the security requirements and the multiple IoT applications. In addition, the future directions of the IoT-Big data are explained in this paper

A Novel Zero-Trust Framework to Secure IoT Communications

The phenomenal growth of the Internet of Things (IoT) has highlighted the security and privacy concerns associated with these devices. The research literature on the security architectures of IoT makes evident that we need to define and formalize a framework to secure the communications among these devices. To do so, it is important to focus on a zero-trust framework that will work on the principle premise of ``trust no one, verify everyone'' for every request and response. In this thesis, we emphasize the need for such a framework and propose a zero-trust communication model that addresses security and privacy concerns of devices with no operating system or with a real-time operating system. The framework provides an end-to-end security framework for users and devices to communicate with each other privately. A common concern is how to implement high-end encryption algorithm within the limited resources of an IoT device. We demonstrated that by offloading the data and process heavy operation like audit management to the gateway we were able to overcome this limitation. We built a temperature and humidity sensor and were able to implement the framework and successfully evaluate and document its efficient operations. We defined four areas for evaluation and validation, namely, security of communications, memory utilization of the device, response time of operations, and cost of its implementation, and for each, we defined a threshold to evaluate and validate our findings. The results are satisfactory and are documented

An Approach to Guide Users Towards Less Revealing Internet Browsers

When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Previous research has shown that there are numerous privacy and security risks result from exposing sensitive information in the User-Agent string. For example, it enables device and browser fingerprinting and user tracking and identification. Our large analysis of thousands of User-Agent strings shows that browsers differ tremendously in the amount of information they include in their User-Agent strings. As such, our work aims at guiding users towards using less exposing browsers. In doing so, we propose to assign an exposure score to browsers based on the information they expose and vulnerability records. Thus, our contribution in this work is as follows: first, provide a full implementation that is ready to be deployed and used by users. Second, conduct a user study to identify the effectiveness and limitations of our proposed approach. Our implementation is based on using more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available and the solution has been deployed

Transparent, trustworthy and privacy-preserving supply chains

Over the years, supply chains have evolved from a few regional traders to globally complex chains of trade. Consequently, supply chain management systems have become heavily dependent on digitization for the purpose of data storage and traceability of goods. However, these traceability systems suffer from issues such as scattering of information across multiple silos and susceptibility of erroneous or modified data and thus are often unable to provide reliable information about a product. Due to propriety reasons, often end-to-end traceability is not available to the general consumer. The second issue is ensuring the credibility of the collated information about a product. The digital data may not be the true representation of the physical events which raises the issues of trusting the available information. If the source of digital data is not trustworthy, the provenance or traceability of a product becomes questionable. The third issue in supply chain management is a trade-off between the provenance information and protection of this data. The information is often associated with the identity of the contributing entity to ensure trust. However, the identity association makes it difficult to protect trade secrets such as shipments, pricing, and trade frequency of traders while simultaneously ensuring the provenance/traceability to the consumers. Our work aims to address above mentioned challenges related to traceability, trustworthiness and privacy. To support traceability and provenance, a consortium blockchain based framework, ProductChain, is proposed which provides an immutable audit trail of the supply chain events pertaining to the product and its origin. The framework also presents a sharded network model to meet the scalability needs of complex supply chains. Simulation results for our Proof of Concept (PoC) implementation show that query time for retrieving end-to-end traceability is of the order of a few milliseconds even when the information is collated from multiple regional blockchains. Next, to ensure the credibility of data from the supply chain entities, it is important to have an accountability mechanism which can penalise or reward the entities for their dishonest or honest contributions, respectively. We propose the TrustChain framework, which calculates a trust score for data contributing entities to the blockchain using multiple observations. These observations include feedback from interactions among supply chain entities, inputs from third party regulators and readings from IoT sensors. The integrated reputation system with blockchain, dynamically assigns trust and reputation scores to commodities and traders using smart contracts. A PoC implementation over Hyperledger Fabric shows that TrustChain incurs minimal overheads over a baseline. For protecting trade secrets while simultaneously ensuring traceability, PrivChain is proposed. PrivChain's framework allows traders to share computation or proofs in support of provenance and traceability claims rather than sharing the data itself. The framework also proposes an integrated incentive mechanism for traders providing such proofs. A PoC implementation on Hyperledger Fabric reveals a minimal overhead of using PrivChain as the data related computations are carried off-chain. Finally, we propose TradeChain which addresses the issue of preserving the privacy of identity related information with the blockchain data and gives greater access control to the data owners, i.e. traders. This framework decouples the identities of traders by managing two ledgers: one for managing decentralised identities and another for recording supply chain events. The information from both ledgers is then collated using access tokens provided by the data owners. In this way, they can dynamically control access to the blockchain data at a granular level. A PoC implementation is developed both on Hyperledger Indy and Fabric and we demonstrate minimal overheads for the different components of TradeChain

ConnectOpen - automatic integration of IoT devices

There exists, today, a wide consensus that Internet of Things (IoT) is creating a wide range of business opportunities for various industries and sectors like Manufacturing, Healthcare, Public infrastructure management, Telecommunications and many others. On the other hand, the technological evolution of IoT facing serious challenges. The fragmentation in terms of communication protocols and data formats at device level is one of these challenges. Vendor specific application architectures, proprietary communication protocols and lack of IoT standards are some reasons behind the IoT fragmentation. In this paper we propose a software enabled framework to address the fragmentation challenge. The framework is based on flexible communication agents that are deployed on a gateway and can be adapted to various devices communicating different data formats using different communication protocol. The communication agent is automatically generated based on specifications and automatically deployed on the Gateway in order to connect the devices to a central platform where data are consolidated and exposed via REST APIs to third party services. Security and scalability aspects are also addressed in this work