ENABLING ATTRIBUTE BASED ACCESS CONTROL WITHIN THE INTERNET OF THINGS (IOT)

With the wide-scale development of the Internet of Things (IoT) and the usage of low-powered devices (sensors) together with smart devices, numerous people are using IoT systems in their homes and businesses to have more control over their technology. Unfortunately, some users of IoT systems that are controlled by a mobile application do not have a high level of data protection to respond in case the device is lost, stolen, or used by one of the owner’s friends or family members. The problem studied in this research is how to apply one of access control methods an IoT system whether they are stored locally on a sensor or on a cloud. To solve the problem, an attribute-based access control (ABAC) mechanism is applied to give the system the ability to apply policies to detect any unauthorized entry by evaluating some of the users’ attributes: the accessed time, the device media access control address (MAC address), the username, and password. Finally, a prototype was built to test the proposed solution in two ways; one is locally on a low-powered device, the second using cloud platform for the data storage. To evaluate both the prototype implementation, this research had an evaluation plan to mimic the real-world interactions by obtaining the response times when different numbers of requests sent from diverse numbers of users in different delays. The evaluation results showed that the first implementation was noticeably faster than the second implementation

Blockchain Application on the Internet of Vehicles (IoV)

With the rapid development of the Internet of Things (IoT) and its potential integration with the traditional Vehicular Ad-Hoc Networks (VANETs), we have witnessed the emergence of the Internet of Vehicles (IoV), which promises to seamlessly integrate into smart transportation systems. However, the key characteristics of IoV, such as high-speed mobility and frequent disconnections make it difficult to manage its security and privacy. The Blockchain, as a distributed tamper-resistant ledge, has been proposed as an innovative solution that guarantees privacy-preserving yet secure schemes. In this paper, we review recent literature on the application of blockchain to IoV, in particular, and intelligent transportation systems in general

Blockchain-based Trust and Reputation Management for Securing IoT

The Internet of Things (IoT) brings connectivity to a large number of heterogeneous devices, many of which may not be trustworthy. Classical authorisation schemes can protect the network from adversaries. However, these schemes could not ascertain in situ reliability and trustworthiness of authorised nodes, as these schemes do not monitor nodes’ behaviour over the operational period. IoT nodes can be compromised post-authentication, which could impede the resiliency of the network. Trust and Reputation Managements (TRM) have the potential to overcome these issues. However, conventional centralised TRM have poor transparency and suffer from sin gle point of failures. In recent years, blockchains show promise in addressing these issues, due to the salient features, such as decentralisation, auditability and transparency. This thesis presents decentralised TRM frameworks to address specific trust issues and challenges in three core IoT functionalities. First, a TRM framework for IoT access control is proposed to address issues in conventional authorisation schemes, in which static predefined access policies are continuously enforced. The enforcements of static access policies assume that the access requestors always exhibit benign behaviour. However, in practice some requestors may actually be malicious and attempt to deceive the access policies, which raises an urgency in building an adaptive access control. In this framework, the nodes’ behaviour are progressively evaluated based on their adherence to the access control policies, and quantified into trust and reputation scores, which are then incorporated in the access control to achieve dynamic access control policies. The framework is implemented on a public Ethereum test-network interconnected with a private lab-scale network of Raspberry Pi computers. The experimental results show that the framework achieves consistent processing latencies and is feasible for implementing effective access control in decentralised IoT networks. Second, a TRM framework for blockchain-based Collaborative Intrusion Detection Systems (CIDS) is presented with an emphasis on the importance of building end-to-end trust between CIDS nodes. In a CIDS, each node contributes detection rules aiming to build collective knowledge of new attacks. Here, the TRM framework assigns trust scores to each contribution from various nodes, using which the trust- worthiness of each node is determined. These scores help protect the CIDS network from invalid detection rules, which may degrade the accuracy of attack detection. A proof-of-concept implementation of the framework is developed on a private labscale Ethereum network. The experimental results show that the solution is feasible and performs within the expected benchmarks of the Ethereum platform. Third, a TRM framework for decentralised resource sharing in 6G-enabled IoT networks is proposed, aiming to remove the inherent risks of sharing scarce resources, especially when most nodes in the network are unknown or untrusted. The proposed TRM framework helps manage the matching of resource supply and demand; and evaluates the trustworthiness of each node after the completion of the resource sharing task. The experimental results on a lab-scale proof-of-concept implementation demonstrate the feasibility of the framework as it only incurs insignificant overheads with regards to gas consumption and overall latency

The Internet-of-Things : review and research directions

This paper presents a review of the Internet-of-Things (IoT) through four conceptualizations: IoT as liquification and density of information of resources; IoT as digital materiality; IoT as assemblage or service system; and IoT as modules, transactions, and service. From the conceptualizations, we provide a definition of IoT and present its implications and impact on future research in Marketing that interfaces with information systems, design and innovation, data science and cybersecurity, as well as organizational studies and economics. By integrating the implications of IoT with extant literature, we then propose a set of priorities for future research in this area. Highlights ● Consumer experiences with physical products will be highly visible in an era of IoT. ● Physical products are evolving into connected and dynamically reconfigurable service platforms that are socio-cyber-physical. ● Information is leaking out and liquifying everywhere and data is ubiquitous. ● Consumers personal data allow for personalization of the offering but could result in consumer vulnerabilities. ● Shifting boundaries due to information flows in an era of IoT will transform markets and exchanges

A Multi-Criteria Framework to Assist on the Design of Internet-of-Things Systems

The Internet-of-Things (IoT), considered as Internet first real evolution, has become immensely important to society due to revolutionary business models with the potential to radically improve Human life. Manufacturers are engaged in developing embedded systems (IoT Systems) for different purposes to address this new variety of application domains and services. With the capability to agilely respond to a very dynamic market offer of IoT Systems, the design phase of IoT ecosystems can be enhanced. However, select the more suitable IoT System for a certain task is currently based on stakeholder’s knowledge, normally from lived experience or intuition, although it does not mean that a proper decision is being made. Furthermore, the lack of methods to formally describe IoT Systems characteristics, capable of being automatically used by methods is also an issue, reinforced by the growth of available information directly connected to Internet spread. Contributing to improve IoT Ecosystems design phase, this PhD work proposes a framework capable of fully characterise an IoT System and assist stakeholder’s on the decision of which is the proper IoT System for a specific task. This enables decision-makers to perform a better reasoning and more aware analysis of diverse and very often contradicting criteria. It is also intended to provide methods to integrate energy consumptionsimulation tools and address interoperability with standards, methods or systems within the IoT scope. This is addressed using a model-driven based framework supporting a high openness level to use different software languages and decision methods, but also for interoperability with other systems, tools and methods

SFTSDH: Applying Spring Security Framework with TSD-Based OAuth2 to Protect Microservice Architecture APIs

The Internet of Medical Things (IoMT) combines medical devices and applications that use network technologies to connect healthcare information systems (HIS). IoMT is reforming the medical industry by adopting information and communication technologies (ICTs). Identity verification, secure collection, and exchange of medical data are essential in health applications. In this study, we implemented a hybrid security solution to secure the collection and management of personal health data using Spring Framework (SF), Services for Sensitive Data (TSD) as a service platform, and Hyper-Text-Transfer-Protocol (HTTP (H)) security methods. The adopted solution (SFTSDH = SF + TSD + H) instigated the following security features: identity brokering, OAuth2, multifactor authentication, and access control to protect the Microservices Architecture Application Programming Interfaces (APIs), following the General Data Protection Regulation (GDPR). Moreover, we extended the adopted security solution to develop a digital infrastructure to facilitate the research and innovation work in the electronic health (eHealth) section, focusing on solution validation with theoretical evaluation and experimental testing. We used a web engineering security methodology to achieve and explain the adopted security solution. As a case study, we designed and implemented electronic coaching (eCoaching) prototype system and deployed the same in the developed infrastructure to securely record and share personal health data. Furthermore, we compared the test results with related studies qualitatively for the efficient evaluation of the implemented security solution. The SFTSDH implementation and configuration in the prototype system have effectively secured the eCoach APIs from an attack in all the considered scenarios. The eCoach prototype with the SFTSDH solution effectively sustained a load of (≈) 1000 concurrent users in the developed digital health infrastructure. In addition, we performed a qualitative comparison among the following security solutions: SF security, third-party security, and SFTSDH, where SFTSDH showed a promising outcome.publishedVersio

Blockchain for IoT: A Critical Analysis Concerning Performance and Scalability

The world has been experiencing a mind-blowing expansion of blockchain technology since it was first introduced as an emerging means of cryptocurrency called bitcoin. Currently, it has been regarded as a pervasive frame of reference across almost all research domains, ranging from virtual cash to agriculture or even supply-chain to the Internet of Things. The ability to have a self-administering register with legitimate immutability makes blockchain appealing for the Internet of Things (IoT). As billions of IoT devices are now online in distributed fashion, the huge challenges and questions require to addressed in pursuit of urgently needed solutions. The present paper has been motivated by the aim of facilitating such efforts. The contribution of this work is to figure out those trade-offs the IoT ecosystem usually encounters because of the wrong choice of blockchain technology. Unlike a survey or review, the critical findings of this paper target sorting out specific security challenges of blockchain-IoT Infrastructure. The contribution includes how to direct developers and researchers in this domain to pick out the unblemished combinations of Blockchain enabled IoT applications. In addition, the paper promises to bring a deep insight on Ethereum, Hyperledger blockchain and IOTA technology to show their limitations and prospects in terms of performance and scalability

Smart object-oriented access control: Distributed access control for the Internet of Things

Ensuring that data and devices are secure is of critical importance to information technology. While access control has held a key role in traditional computer security, its role in the evolving Internet of Things is less clear. In particular, the access control literature has suggested that new challenges, such as multi-user controls, fine-grained controls, and dynamic controls, prompt a foundational re-thinking of access control. We analyse these challenges, finding instead that the main foundational challenge posed by the Internet of Things involves decentralization: accurately describing access control in Internet of Things environments (e.g., the Smart Home) requires a new model of multiple, independent access control systems. To address this challenge, we propose a meta-model (i.e., a model of models): Smart Object-Oriented Access Control (SOOAC). This model is an extension of the XACML framework, built from principles relating to modularity adapted from object-oriented programming and design. SOOAC draws attention to a new class of problem involving the resolution of policy conflicts that emerge from the interaction of smart devices in the home. Contrary to traditional (local) policy conflicts, these global policy conflicts emerge when contradictory policies exist across multiple access control systems. We give a running example of a global policy conflict involving transitive access. To automatically avoid global policy conflicts before they arise, we extend SOOAC with a recursive algorithm through which devices communicate access requests before allowing or denying access themselves. This algorithm ensures that both individual devices and the collective smart home are secure. We implement SOOAC within a prototype smart home and assess its validity in terms of effectiveness and efficiency. Our analysis shows that SOOAC is successful at avoiding policy conflicts before they emerge, in real time. Finally, we explore improvements that can be made to SOOAC and suggest directions for future work

Privacy-Preserving Mechanism in Smart Home Using Blockchain

The IoT, or Internet of Things has been a major talking point amongst technology enthusiasts in recent years. The internet of thing (IoT) has been emerged and evolved rapidly, making the world's fabric around us smarter and more responsive. The smart home uses one such transformation of IoT, which seems to be the wave of the future. However, with the increasing wide adoption of IoT, data security, and privacy concerns about how our data is collected and shared with others, has also risen. To solve these challenges, an approach to data privacy and security in a smart home using blockchain technology is proposed in this paper. We propose authentication scheme that combines attribute-based access control with smart contracts and edge computing to create a secure framework for IoT devices in smart home systems. The edge server adds scalability to the system by offloading heavy processing activities and using a differential privacy method to aggregate data to the cloud securely and privately. We present several aspects of testing and implementing smart contracts, the differential private stochastic gradient descent algorithm, and system architecture and design. We demonstrate the efficacy of our proposed system by fully examining its security and privacy goals in terms of confidentiality, integrity, and availability. Our framework achieves desired security and privacy goals and is resilient against modification, DoS attacks, data mining and linkage attacks. Finally, we undertake a performance evaluation to demonstrate the proposed scheme's feasibility and efficiency