AMISEC: Leveraging Redundancy and Adaptability to Secure AmI Applications

Security in Ambient Intelligence (AmI) poses too many challenges due to the inherently insecure nature of wireless sensor nodes. However, there are two characteristics of these environments that can be used effectively to prevent, detect, and confine attacks: redundancy and continuous adaptation. In this article we propose a global strategy and a system architecture to cope with security issues in AmI applications at different levels. Unlike in previous approaches, we assume an individual wireless node is vulnerable. We present an agent-based architecture with supporting services that is proven to be adequate to detect and confine common attacks. Decisions at different levels are supported by a trust-based framework with good and bad reputation feedback while maintaining resistance to bad-mouthing attacks. We also propose a set of services that can be used to handle identification, authentication, and authorization in intelligent ambients. The resulting approach takes into account practical issues, such as resource limitation, bandwidth optimization, and scalability

Markov Decision Processes with Applications in Wireless Sensor Networks: A Survey

Wireless sensor networks (WSNs) consist of autonomous and resource-limited devices. The devices cooperate to monitor one or more physical phenomena within an area of interest. WSNs operate as stochastic systems because of randomness in the monitored environments. For long service time and low maintenance cost, WSNs require adaptive and robust methods to address data exchange, topology formulation, resource and power optimization, sensing coverage and object detection, and security challenges. In these problems, sensor nodes are to make optimized decisions from a set of accessible strategies to achieve design goals. This survey reviews numerous applications of the Markov decision process (MDP) framework, a powerful decision-making tool to develop adaptive algorithms and protocols for WSNs. Furthermore, various solution methods are discussed and compared to serve as a guide for using MDPs in WSNs

Incentive-compatible route coordination of crowdsourced resources

Technical ReportWith the recent trend in crowdsourcing, i.e., using the power of crowds to assist in satisfying demand, the pool of resources suitable for GeoPresen-ce-capable systems has expanded to include already roaming devices, such as mobile phones, and moving vehicles. We envision an environment, in which the motion of these crowdsourced mobile resources is coordinated, according to their preexisting schedules to satisfy geo-temporal demand on a mobility field. In this paper, we propose an incentive compatible route coordination mechanism for crowdsourced resources, in which participating mobile agents satisfy geo-temporal requests in return for monetary rewards. We define the Flexible Route Coordination (FRC) problem, in which an agent’s flexibility is exploited to maximize the coverage of a mobility field, with an objective to maximize the revenue collected from satisfied paying requests. Given that the FRC problem is NP-hard, we define an optimal algorithm to plan the route of a single agent on a graph with evolving labels, then we use that algorithm to define a 1-approximation algorithm to solve the 2 problem in its general model, with multiple agents. Moreover, we define an incentive compatible, rational, and cash-positive payment mechanism, which guarantees that an agent’s truthfulness about its flexibility is an ex-post Nash equilibrium strategy. Finally, we analyze the proposed mechanisms theoretically, and evaluate their performance experimentally using real mobility traces from urban environments

What’s in it for me? Incentive-compatible route coordination of crowdsourced resources

With the recent trend in crowdsourcing, i.e., using the power of crowds to assist in satisfying demand, the pool of resources suitable for GeoPresence-capable systems has expanded to include already roaming devices, such as mobile phones, and moving vehicles. We envision an environment, in which the motion of these crowdsourced mobile resources is coordinated, according to their preexisting schedules to satisfy geo-temporal demand on a mobility field. In this paper, we propose an incentive compatible route coordination mechanism for crowdsourced resources, in which participating mobile agents satisfy geo-temporal requests in return for monetary rewards. We define the Flexible Route Coordination (FRC) problem, in which an agent’s flexibility is exploited to maximize the coverage of a mobility field, with an objective to maximize the revenue collected from satisfied paying requests. Given that the FRC problem is NP-hard, we define an optimal algorithm to plan the route of a single agent on a graph with evolving labels, then we use that algorithm to define a 1/2-approximation algorithm to solve the problem in its general model, with multiple agents. Moreover, we define an incentive compatible, rational, and cash-positive payment mechanism, which guarantees that an agent’s truthfulness about its flexibility is an ex-post Nash equilibrium strategy. Finally, we analyze the proposed mechanisms theoretically, and evaluate their performance experimentally using real mobility traces from urban environments.Supported in part by NSF Grants, #1430145, #1414119, #1347522, #1239021, and #1012798

Peer-to-Peer Secure Updates for Heterogeneous Edge Devices

We consider the problem of securely distributing software updates to large scale clusters of heterogeneous edge compute nodes. Such nodes are needed to support the Internet of Things and low-latency edge compute scenarios, but are difficult to manage and update because they exist at the edge of the network behind NATs and firewalls that limit connectivity, or because they are mobile and have intermittent network access. We present a prototype secure update architecture for these devices that uses the combination of peer-to-peer protocols and automated NAT traversal techniques. This demonstrates that edge devices can be managed in an environment subject to partial or intermittent network connectivity, where there is not necessarily direct access from a management node to the devices being updated