A survey of secure middleware for the Internet of Things

The rapid growth of small Internet connected devices, known as the Internet of Things (IoT), is creating a new set of challenges to create secure, private infrastructures. This paper reviews the current literature on the challenges and approaches to security and privacy in the Internet of Things, with a strong focus on how these aspects are handled in IoT middleware. We focus on IoT middleware because many systems are built from existing middleware and these inherit the underlying security properties of the middleware framework. The paper is composed of three main sections. Firstly, we propose a matrix of security and privacy threats for IoT. This matrix is used as the basis of a widespread literature review aimed at identifying requirements on IoT platforms and middleware. Secondly, we present a structured literature review of the available middleware and how security is handled in these middleware approaches. We utilise the requirements from the first phase to evaluate. Finally, we draw a set of conclusions and identify further work in this area

FLaMAS: Federated Learning Based on a SPADE MAS

[EN] In recent years federated learning has emerged as a new paradigm for training machine learning models oriented to distributed systems. The main idea is that each node of a distributed system independently trains a model and shares only model parameters, such as weights, and does not share the training data set, which favors aspects such as security and privacy. Subsequently, and in a centralized way, a collective model is built that gathers all the information provided by all of the participating nodes. Several federated learning framework proposals have been developed that seek to optimize any aspect of the learning process. However, a lack of flexibility and dynamism is evident in many cases. In this regard, this study aims to provide flexibility and dynamism to the federated learning process. The methodology used consists of designing a multi-agent system that can form a federated learning framework where the agents act as nodes that can be easily added to the system dynamically. The proposal has been evaluated with different experiments on the SPADE platform; the results obtained demonstrate the benefits of the federated system while facilitating flexibility and scalability.This research was partially supported by the MINECO/FEDER RTI2018-095390-B-C31 project of the Spanish government.Rincón-Arango, JA.; Julian, V.; Carrascosa Casamayor, C. (2022). FLaMAS: Federated Learning Based on a SPADE MAS. Applied Sciences. 12(7):1-14. https://doi.org/10.3390/app1207370111412

A survey of communication protocols for internet of things and related challenges of fog and cloud computing integration

The fast increment in the number of IoT (Internet of Things) devices is accelerating the research on new solutions to make cloud services scalable. In this context, the novel concept of fog computing as well as the combined fog-to-cloud computing paradigm is becoming essential to decentralize the cloud, while bringing the services closer to the end-system. This article surveys e application layer communication protocols to fulfill the IoT communication requirements, and their potential for implementation in fog- and cloud-based IoT systems. To this end, the article first briefly presents potential protocol candidates, including request-reply and publish-subscribe protocols. After that, the article surveys these protocols based on their main characteristics, as well as the main performance issues, including latency, energy consumption, and network throughput. These findings are thereafter used to place the protocols in each segment of the system (IoT, fog, cloud), and thus opens up the discussion on their choice, interoperability, and wider system integration. The survey is expected to be useful to system architects and protocol designers when choosing the communication protocols in an integrated IoT-to-fog-to-cloud system architecture.Peer ReviewedPostprint (author's final draft

Contributions to presence-based systems for deploying ubiquitous communication services

Next-Generation Networks (NGNs) will converge the existing fixed and wireless networks. These networks rely on the IMS (IP Multimedia Subsystem), introduced by the 3GPP. The presence service came into being in instant messaging applications. A user¿s presence information consists in any context that is necessary for applications to handle and adapt the user's communications. The presence service is crucial in the IMS to deploy ubiquitous services. SIMPLE is the standard protocol for handling presence and instant messages. This protocol disseminates users' presence information through subscriptions, notifications and publications. SIMPLE generates much signaling traffic for constantly disseminating presence information and maintaining subscriptions, which may overload network servers. This issue is even more harmful to the IMS due to its centralized servers. A key factor in the success of NGNs is to provide users with always-on services that are seamlessly part of their daily life. Personalizing these services according to the users' needs is necessary for the success of these services. To this end, presence information is considered as a crucial tool for user-based personalization. This thesis can be briefly summarized through the following contributions: We propose filtering and controlling the rate of presence publications so as to reduce the information sent over access links. We probabilistically model presence information through Markov chains, and analyzed the efficiency of controlling the rate of publications that are modeled by a particular Markov chain. The reported results show that this technique certainly reduces presence overload. We mathematically study the amount of presence traffic exchanged between domains, and analyze the efficiency of several strategies for reducing this traffic. We propose an strategy, which we call Common Subscribe (CS), for reducing the presence traffic exchanged between federated domains. We compare this strategy traffic with that generated by other optimizations. The reported results show that CS is the most efficient at reducing presence traffic. We analyze the load in the number of messages that several inter-domain traffic optimizations cause to the IMS centralized servers. Our proposed strategy, CS, combined with an RLS (i.e., a SIMPLE optimization) is the only optimization that reduces the IMS load; the others increase this load. We estimate the efficiency of the RLS, thereby concluding that the RLS is not efficient under certain circumstances, and hence this optimization is discouraged. We propose a queuing system for optimizing presence traffic on both the network core and access link, which is capable to adapt the publication and notification rate based on some quality conditions (e.g, maximum delay). We probabilistically model this system, and validate it in different scenarios. We propose, and implement a prototype of, a fully-distributed platform for handling user presence information. This approach allows integrating Internet Services, such as HTTP or VoIP, and optimizing these services in an easy, user-personalized way. We have developed SECE (Sense Everything, Control Everything), a platform for users to create rules that handle their communications and Internet Services proactively. SECE interacts with multiple third-party services for obtaining as much user context as possible. We have developed a natural-English-like formal language for SECE rules. We have enhanced SECE for discovering web services automatically through the Web Ontology Language (OWL). SECE allows composing web services automatically based on real-world events, which is a significant contribution to the Semantic Web. The research presented in this thesis has been published through 3 book chapters, 4 international journals (3 of them are indexed in JCR), 10 international conference papers, 1 demonstration at an international conference, and 1 national conferenceNext-Generation Networks (NGNs) son las redes de próxima generación que soportaran la convergencia de redes de telecomunicación inalámbricas y fijas. La base de NGNs es el IMS (IP Multimedia Subsystem), introducido por el 3GPP. El servicio de presencia nació de aplicaciones de mesajería instantánea. La información de presencia de un usuario consiste en cualquier tipo de información que es de utilidad para manejar las comunicaciones con el usuario. El servicio de presencia es una parte esencial del IMS para el despliegue de servicios ubicuos. SIMPLE es el protocolo estándar para manejar presencia y mensajes instantáneos en el IMS. Este protocolo distribuye la información de presencia de los usuarios a través de suscripciones, notificaciones y publicaciones. SIMPLE genera mucho tráfico por la diseminación constante de información de presencia y el mantenimiento de las suscripciones, lo cual puede saturar los servidores de red. Este problema es todavía más perjudicial en el IMS, debido al carácter centralizado de sus servidores. Un factor clave en el éxito de NGNs es proporcionar a los usuarios servicios ubicuos que esten integrados en su vida diaria y asi interactúen con los usuarios constantemente. La personalización de estos servicios basado en los usuarios es imprescindible para el éxito de los mismos. Para este fin, la información de presencia es considerada como una herramienta base. La tesis realizada se puede resumir brevemente en los siguientes contribuciones: Proponemos filtrar y controlar el ratio de las publicaciones de presencia para reducir la cantidad de información enviada en la red de acceso. Modelamos la información de presencia probabilísticamente mediante cadenas de Markov, y analizamos la eficiencia de controlar el ratio de publicaciones con una cadena de Markov. Los resultados muestran que este mecanismo puede efectivamente reducir el tráfico de presencia. Estudiamos matemáticamente la cantidad de tráfico de presencia generada entre dominios y analizamos el rendimiento de tres estrategias para reducir este tráfico. Proponemos una estrategia, la cual llamamos Common Subscribe (CS), para reducir el tráfico de presencia entre dominios federados. Comparamos el tráfico generado por CS frente a otras estrategias de optimización. Los resultados de este análisis muestran que CS es la estrategia más efectiva. Analizamos la carga en numero de mensajes introducida por diferentes optimizaciones de tráfico de presencia en los servidores centralizados del IMS. Nuestra propuesta, CS, combinada con un RLS (i.e, una optimización de SIMPLE), es la unica optimización que reduce la carga en el IMS. Estimamos la eficiencia del RLS, deduciendo que un RLS no es eficiente en ciertas circunstancias, en las que es preferible no usar esta optimización. Proponemos un sistema de colas para optimizar el tráfico de presencia tanto en el núcleo de red como en la red de acceso, y que puede adaptar el ratio de publicación y notificación en base a varios parametros de calidad (e.g., maximo retraso). Modelamos y analizamos este sistema de colas probabilísticamente en diferentes escenarios. Proponemos una arquitectura totalmente distribuida para manejar las información de presencia del usuario, de la cual hemos implementado un prototipo. Esta propuesta permite la integracion sencilla y personalizada al usuario de servicios de Internet, como HTTP o VoIP, asi como la optimizacón de estos servicios. Hemos desarrollado SECE (Sense Everything, Control Everything), una plataforma donde los usuarios pueden crear reglas para manejar todas sus comunicaciones y servicios de Internet de forma proactiva. SECE interactúa con una multitud de servicios para conseguir todo el contexto possible del usuario. Hemos desarollado un lenguaje formal que parace como Ingles natural para que los usuarios puedan crear sus reglas. Hemos mejorado SECE para descubrir servicios web automaticamente a través del lenguaje OWL (Web Ontology Language)

European (energy) data exchange reference architecture 3.0

This is the third version of Data Exchange Reference Architecture – DERA 3.0. BRIDGE report on energy data exchange reference architecture aims at contributing to the discussion and practical steps towards truly interoperable and business process agnostic data exchange arrangements on European scale both inside energy domain and across different domains.DERA 3.0Recommendations related to the implementation of DERA:A. Leverage Smart Grid Architecture Model (SGAM) usage by completing it with data governance requirements, specifically from end-customer perspective, and map it to the reference architectures of other sectors (similar to the RAMI4.0 for industry – Reference Architecture Model Industrie 4.0; and CREATE-IoT 3D RAM for health – Reference Architecture Model of CREATE-IoT project), incl. for basic interoperability vocabulary with non-energy sectors.B. Facilitate European strategy, regulation (harmonisation of national regulations) and practical tools for cross-sector exchange of any type of both private data and public data, e.g. through reference models for data space, common data governance and data interoperability implementing acts.C. Ensure cooperation between appropriate associations, countries and sector representatives to work on cross-sector and cross-border data management by establishing European data cooperation agency. This involves ongoing empowering/restructuring of the Data Management WG of the BRIDGE Initiative to engage other sectors and extend cooperation with projects that are not EU-funded and with European Standardisation Organisations (CEN-CENELEC-ETSI).D. Harmonise the development, content and accessibility of data exchange business use cases for cross-sector domain through BRIDGE use case repository. Track tools that identify common features on use cases, e.g. interfaces between sectors, and enable the alignment with any potential peer repositories for other domains. Also, the use case repository must rely on the HEMRM with additional roles created by some projects or roles coming from other associations (related to another sector than the electricity/energy sector).E. Use BRIDGE use case repository for aligning the role selection. Harmonise data roles across electricity and other energy domains by developing HERM – Harmonised Energy Role Model and ensure access to model files. Look for consistency with other domains outside energy based on this HERM – cross-sectoral roles. Harmonised EnergyData EndpointsData SpaceConnectorData ProcessingStandard CommunicationProtocols& FormatsData HarmonizationData PersistanceVocabularyProviderCredentialManagerIdentityManagerMonitoring& OrchestrationData DiscoveryData IndexerLocal AI/ML ServicesDigital TwinsMarketplace BackendStandard CommunicationProtocols& FormatsMarketplace FrontendFederatedUse Cases and Business needsLocal Use Cases and Business needsEnergy RegulationEU Re-gulationActorsBusinessFunctionInformationComp.CommsNon-personal dataSecurity/ResilienceUserAcceptanceSovereigntyOpen SourceInteroperabilityLocalFederatedInteroperabilityTrustData valueGovernance9DATA MANAGEMENT WORKING GROUPEuropean (energy) data exchange reference architecture 3.0Role Model shall have clear implications and connections with data (space) roles such as data provider/consumer, service provider etc.F. Define and harmonise functional data processes for cross-sector domain, using common vocabulary, template and repository for respective use cases’ descriptions. Harmonisation of functional data processes for cross-sector data ecosystems including Vocabulary provider, Federated catalogue, Data quality, Data accounting processes, Clearing process (audit, logging, etc.) and Data tracking and provenance.G. Define and maintain a common reference semantic data model, and ensure access to its model files facilitating cross-sector data exchange, by leveraging existing data models like Common Information Model (CIM) of International Electrotechnical Commission (IEC) and ontologies like Smart Appliances Reference Ontology (SAREF).H. Develop cross-sector data models and profiles, with specific focus on private data exchange. Enable open access to model files whenever possible.I. Ensure protocol agnostic approach to cross-sector data exchange by selecting standardised and open ones.J. Ensure data format agnostic approach to cross-sector data exchange. The work done by projects like TDX-ASSIST and EU-SysFlex (using IEC CIM), and PLATOON (using SAREF) must be shared and made known to consolidate the approach in order to reach semantic interoperability. Metadata must also be taken into account.K. Promote business process agnostic DEPs (Data Exchange Platforms) and make these interoperable by developing APIs (Application Programming Interfaces) which enable for data providers and data users easy connection to any European DEP but also create the possibility whereby connecting to one DEP ensures data exchange with any other stakeholder in Europe. DEPs shall explore the integration of data space connectors towards their connectivity with other DEPs including cross-sector ones.L. Develop universal data applications which can serve any domain. Develop open data driven services that promote also cross-sector integration collectively available in application repositories.Possible next steps (“sub-actions”) for 2023/2024:➢ Release BRIDGE Federated Service Catalogue tool and associated process.➢ Release DERA interactive visualisation tool.➢ Follow up the implementation of DERA 3.0 in BRIDGE projects (mapping to DERA)➢ Update recommendations to comply with DERA 3.0.➢ Develop / enhance the “data role model”

Towards consolidated presence

hauswirth2010aInternational audiencePresence management, i.e., the ability to automatically identify the status and availability of communication partners, is becoming an invaluable tool for collaboration in enterprise contexts. In this paper, we argue for efficient presence management by means of a holistic view of both physical context and virtual presence in online communication channels. We sketch the components for enabling presence as a service integrating both online information as well as physical sensors, discussing benefits, possible applications on top, and challenges of establishing such a service

Internet of Things Applications - From Research and Innovation to Market Deployment

The book aims to provide a broad overview of various topics of Internet of Things from the research, innovation and development priorities to enabling technologies, nanoelectronics, cyber physical systems, architecture, interoperability and industrial applications. It is intended to be a standalone book in a series that covers the Internet of Things activities of the IERC – Internet of Things European Research Cluster from technology to international cooperation and the global "state of play".The book builds on the ideas put forward by the European research Cluster on the Internet of Things Strategic Research Agenda and presents global views and state of the art results on the challenges facing the research, development and deployment of IoT at the global level. Internet of Things is creating a revolutionary new paradigm, with opportunities in every industry from Health Care, Pharmaceuticals, Food and Beverage, Agriculture, Computer, Electronics Telecommunications, Automotive, Aeronautics, Transportation Energy and Retail to apply the massive potential of the IoT to achieving real-world solutions. The beneficiaries will include as well semiconductor companies, device and product companies, infrastructure software companies, application software companies, consulting companies, telecommunication and cloud service providers. IoT will create new revenues annually for these stakeholders, and potentially create substantial market share shakeups due to increased technology competition. The IoT will fuel technology innovation by creating the means for machines to communicate many different types of information with one another while contributing in the increased value of information created by the number of interconnections among things and the transformation of the processed information into knowledge shared into the Internet of Everything. The success of IoT depends strongly on enabling technology development, market acceptance and standardization, which provides interoperability, compatibility, reliability, and effective operations on a global scale. The connected devices are part of ecosystems connecting people, processes, data, and things which are communicating in the cloud using the increased storage and computing power and pushing for standardization of communication and metadata. In this context security, privacy, safety, trust have to be address by the product manufacturers through the life cycle of their products from design to the support processes. The IoT developments address the whole IoT spectrum - from devices at the edge to cloud and datacentres on the backend and everything in between, through ecosystems are created by industry, research and application stakeholders that enable real-world use cases to accelerate the Internet of Things and establish open interoperability standards and common architectures for IoT solutions. Enabling technologies such as nanoelectronics, sensors/actuators, cyber-physical systems, intelligent device management, smart gateways, telematics, smart network infrastructure, cloud computing and software technologies will create new products, new services, new interfaces by creating smart environments and smart spaces with applications ranging from Smart Cities, smart transport, buildings, energy, grid, to smart health and life. Technical topics discussed in the book include: • Introduction• Internet of Things Strategic Research and Innovation Agenda• Internet of Things in the industrial context: Time for deployment.• Integration of heterogeneous smart objects, applications and services• Evolution from device to semantic and business interoperability• Software define and virtualization of network resources• Innovation through interoperability and standardisation when everything is connected anytime at anyplace• Dynamic context-aware scalable and trust-based IoT Security, Privacy framework• Federated Cloud service management and the Internet of Things• Internet of Things Application