Threat modeling for communication security of IoT-enabled digital logistics

The modernization of logistics through the use of Wireless Sensor Network (WSN) Internet of Things (IoT) devices promises great efficiencies. Sensor devices can provide real-time or near real-time condition monitoring and location tracking of assets during the shipping process, helping to detect delays, prevent loss, and stop fraud. However, the integration of low-cost WSN/IoT systems into a pre-existing industry should first consider security within the context of the application environment. In the case of logistics, the sensors are mobile, unreachable during the deployment, and accessible in potentially uncontrolled environments. The risks to the sensors include physical damage, either malicious/intentional or unintentional due to accident or the environment, or physical attack on a sensor, or remote communication attack. The easiest attack against any sensor is against its communication. The use of IoT sensors for logistics involves the deployment conditions of mobility, inaccesibility, and uncontrolled environments. Any threat analysis needs to take these factors into consideration. This paper presents a threat model focused on an IoT-enabled asset tracking/monitoring system for smart logistics. A review of the current literature shows that no current IoT threat model highlights logistics-specific IoT security threats for the shipping of critical assets. A general tracking/monitoring system architecture is presented that describes the roles of the components. A logistics-specific threat model that considers the operational challenges of sensors used in logistics, both malicious and non-malicious threats, is then given. The threat model categorizes each threat and suggests a potential countermeasure

Survey: An overview of lightweight RFID authentication protocols suitable for the maritime internet of things

The maritime sector employs the Internet of Things (IoT) to exploit many of its benefits to maintain a competitive advantage and keep up with the growing demands of the global economy. The maritime IoT (MIoT) not only inherits similar security threats as the general IoT, it also faces cyber threats that do not exist in the traditional IoT due to factors such as the support for long-distance communication and low-bandwidth connectivity. Therefore, the MIoT presents a significant concern for the sustainability and security of the maritime industry, as a successful cyber attack can be detrimental to national security and have a flow-on effect on the global economy. A common component of maritime IoT systems is Radio Frequency Identification (RFID) technology. It has been revealed in previous studies that current RFID authentication protocols are insecure against a number of attacks. This paper provides an overview of vulnerabilities relating to maritime RFID systems and systematically reviews lightweight RFID authentication protocols and their impacts if they were to be used in the maritime sector. Specifically, this paper investigates the capabilities of lightweight RFID authentication protocols that could be used in a maritime environment by evaluating those authentication protocols in terms of the encryption system, authentication method, and resistance to various wireless attacks

Internet of Things Strategic Research Roadmap

Internet of Things (IoT) is an integrated part of Future Internet including existing and evolving Internet and network developments and could be conceptually defined as a dynamic global network infrastructure with self configuring capabilities based on standard and interoperable communication protocols where physical and virtual “things” have identities, physical attributes, and virtual personalities, use intelligent interfaces, and are seamlessly integrated into the information network

Role of RFID Technology in Engineering Applications

This paper provides an extensive overview of Radio Frequency Identification technology (RFID) and its applications across different industries, rather than focusing on recent developments alone. Due to the multidisciplinary nature of RFID, proficiency in various engineering fields is necessary to fully comprehend this technology. As the use of RFID continues to expand in various industries, it is imperative to educate engineers and professionals to better understand this technology. An RFID system typically consists of tags, readers, antennae, and software, and various factors such as reading range, frequency range, and environmental considerations must be taken into account when designing such a system. Security must also be a key consideration in the development of an RFID system. To incorporate RFID technology into traditional engineering curricula, this study proposes emphasizing its connection to traditional fields such as electrical, computer, and artificial engineering

Federated Sensor Network architectural design for the Internet of Things (IoT)

An information technology that can combine the physical world and virtual world is desired. The Internet of Things (IoT) is a concept system that uses Radio Frequency Identification (RFID), WSN and barcode scanners to sense and to detect physical objects and events. This information is shared with people on the Internet. With the announcement of the Smarter Planet concept by IBM, the problem of how to share this data was raised. However, the original design of WSN aims to provide environment monitoring and control within a small scale local network. It cannot meet the demands of the IoT because there is a lack of multi-connection functionality with other WSNs and upper level applications. As various standards of WSNs provide information for different purposes, a hybrid system that gives a complete answer by combining all of them could be promising for future IoT applications. This thesis is on the subject of `Federated Sensor Network' design and architectural development for the Internet of Things. A Federated Sensor Network (FSN) is a system that integrates WSNs and the Internet. Currently, methods of integrating WSNs and the Internet can follow one of three main directions: a Front-End Proxy solution, a Gateway solution or a TCP/IP Overlay solution. Architectures based on the ideas from all three directions are presented in this thesis; this forms a comprehensive body of research on possible Federated Sensor Network architecture designs. In addition, a fully compatible technology for the sensor network application, namely the Sensor Model Language (SensorML), has been reviewed and embedded into our FSN systems. The IoT as a new concept is also comprehensively described and the major technical issues discussed. Finally, a case study of the IoT in logistic management for emergency response is given. Proposed FSN architectures based on the Gateway solution are demonstrated through hardware implementation and lab tests. A demonstration of the 6LoWPAN enabled federated sensor network based on the TCP/IP Overlay solution presents a good result for the iNET localization and tracking project. All the tests of the designs have verified feasibility and achieve the target of the IoT concept

Security and Privacy for Green IoT-based Agriculture: Review, Blockchain solutions, and Challenges

open access articleThis paper presents research challenges on security and privacy issues in the field of green IoT-based agriculture. We start by describing a four-tier green IoT-based agriculture architecture and summarizing the existing surveys that deal with smart agriculture. Then, we provide a classification of threat models against green IoT-based agriculture into five categories, including, attacks against privacy, authentication, confidentiality, availability, and integrity properties. Moreover, we provide a taxonomy and a side-by-side comparison of the state-of-the-art methods toward secure and privacy-preserving technologies for IoT applications and how they will be adapted for green IoT-based agriculture. In addition, we analyze the privacy-oriented blockchain-based solutions as well as consensus algorithms for IoT applications and how they will be adapted for green IoT-based agriculture. Based on the current survey, we highlight open research challenges and discuss possible future research directions in the security and privacy of green IoT-based agriculture

An end-to-end bidirectional authentication system for pallet pooling management through blockchain internet of things (BIoT)

Pallet pooling is regarded as a sustainable and cost-effective measure for the industry, but it is challenging to advocate due to weak data and pallet authentication. In order to establish trust between end-users and pallet pooling services, the authors propose an end-to-end, bidirectional authentication system for transmitted data and pallets based on blockchain and internet-of-things (IoT) technologies. In addition, secure data authentication fosters the pallet authenticity in the whole supply chain network, which is achieved by considering the tag, location, and object-specific features. To evaluate the object-specific features, the scale invariant feature transform (SIFT) approach is adopted to match key-points and descriptors between two pallet images. According to the case study, it is found that the proposed system provides a low bandwidth blocking rate and a high probability of restoring complete data payloads. Consequently, positive influences on end-user satisfaction, quality of service, operational errors, and pallet traceability are achieved through the deployment of the proposed system

A survey of IoT security based on a layered architecture of sensing and data analysis

The Internet of Things (IoT) is leading today’s digital transformation. Relying on a combination of technologies, protocols, and devices such as wireless sensors and newly developed wearable and implanted sensors, IoT is changing every aspect of daily life, especially recent applications in digital healthcare. IoT incorporates various kinds of hardware, communication protocols, and services. This IoT diversity can be viewed as a double-edged sword that provides comfort to users but can lead also to a large number of security threats and attacks. In this survey paper, a new compacted and optimized architecture for IoT is proposed based on five layers. Likewise, we propose a new classification of security threats and attacks based on new IoT architecture. The IoT architecture involves a physical perception layer, a network and protocol layer, a transport layer, an application layer, and a data and cloud services layer. First, the physical sensing layer incorporates the basic hardware used by IoT. Second, we highlight the various network and protocol technologies employed by IoT, and review the security threats and solutions. Transport protocols are exhibited and the security threats against them are discussed while providing common solutions. Then, the application layer involves application protocols and lightweight encryption algorithms for IoT. Finally, in the data and cloud services layer, the main important security features of IoT cloud platforms are addressed, involving confidentiality, integrity, authorization, authentication, and encryption protocols. The paper is concluded by presenting the open research issues and future directions towards securing IoT, including the lack of standardized lightweight encryption algorithms, the use of machine-learning algorithms to enhance security and the related challenges, the use of Blockchain to address security challenges in IoT, and the implications of IoT deployment in 5G and beyond