223 research outputs found
Proactive architecture for Internet of Things (IoTs) management in smart homes
Smart homes are driven by heterogeneity in nature and consist of diverse components that promote user comfort and security. In recent times, tremendous growth of Internet of Things (IoTs) applications is seen in smart homes. The huge diversity of various IoTs applications generally leads to interoperability requirements that need to be fulfilled. Current IoTs management is achieved using physical platforms that lack intelligence on decision making. A proactive architecture that deploys Event-Condition-Action (ECA) method is proposed to resolve the management of heterogeneous IoTs in smart homes. The proactive architecture, developed with a core repository stores persistent data of IoTs schema, proved to be an ideal solution in solving interoperability in smart homes
Lightweight Pairwise Key Distribution Scheme for IoTs
Embedding a pairwise key distribution approach in IoT systems is challenging as IoT devices have limited resources, such as memory, processing power, and battery life. This paper presents a secure and lightweight approach that is applied to IoT devices that are divided into Voronoi clusters. This proposed algorithm comprises XOR and concatenation operations for interactive authentication between the server and the IoT devices. Predominantly, the authentication is carried out by the server. It is observed that the algorithm is resilient against man-in-the-middle attacks, forward secrecy, Denial of Service (DoS) attacks, and offers mutual authentication. It is also observed that the given scheme has low communication and computing overheads compared to some existing methods
Verifying and Monitoring IoTs Network Behavior using MUD Profiles
IoT devices are increasingly being implicated in cyber-attacks, raising
community concern about the risks they pose to critical infrastructure,
corporations, and citizens. In order to reduce this risk, the IETF is pushing
IoT vendors to develop formal specifications of the intended purpose of their
IoT devices, in the form of a Manufacturer Usage Description (MUD), so that
their network behavior in any operating environment can be locked down and
verified rigorously. This paper aims to assist IoT manufacturers in developing
and verifying MUD profiles, while also helping adopters of these devices to
ensure they are compatible with their organizational policies and track devices
network behavior based on their MUD profile. Our first contribution is to
develop a tool that takes the traffic trace of an arbitrary IoT device as input
and automatically generates the MUD profile for it. We contribute our tool as
open source, apply it to 28 consumer IoT devices, and highlight insights and
challenges encountered in the process. Our second contribution is to apply a
formal semantic framework that not only validates a given MUD profile for
consistency, but also checks its compatibility with a given organizational
policy. We apply our framework to representative organizations and selected
devices, to demonstrate how MUD can reduce the effort needed for IoT acceptance
testing. Finally, we show how operators can dynamically identify IoT devices
using known MUD profiles and monitor their behavioral changes on their network.Comment: 17 pages, 17 figures. arXiv admin note: text overlap with
arXiv:1804.0435
Clear as MUD: Generating, Validating and Applying IoT Behaviorial Profiles (Technical Report)
IoT devices are increasingly being implicated in cyber-attacks, driving
community concern about the risks they pose to critical infrastructure,
corporations, and citizens. In order to reduce this risk, the IETF is pushing
IoT vendors to develop formal specifications of the intended purpose of their
IoT devices, in the form of a Manufacturer Usage Description (MUD), so that
their network behavior in any operating environment can be locked down and
verified rigorously.
This paper aims to assist IoT manufacturers in developing and verifying MUD
profiles, while also helping adopters of these devices to ensure they are
compatible with their organizational policies. Our first contribution is to
develop a tool that takes the traffic trace of an arbitrary IoT device as input
and automatically generates a MUD profile for it. We contribute our tool as
open source, apply it to 28 consumer IoT devices, and highlight insights and
challenges encountered in the process. Our second contribution is to apply a
formal semantic framework that not only validates a given MUD profile for
consistency, but also checks its compatibility with a given organizational
policy. Finally, we apply our framework to representative organizations and
selected devices, to demonstrate how MUD can reduce the effort needed for IoT
acceptance testing
Access Management in Lightweight IoT: A Comprehensive review of ACE-OAuth framework
With the expansion of Internet of Things (IoT), the need for secure and scalable authentication and
authorization mechanism for resource-constrained devices is becoming increasingly important. This
thesis reviews the authentication and authorization mechanisms in resource-constrained Internet of
Things (IoT) environments. The thesis focuses on the ACE-OAuth framework, which is a lightweight
and scalable solution for access management in IoT. Traditional access management protocols are not
well-suited for the resource-constrained environment of IoT devices. This makes the lightweight
devices vulnerable to cyber-attacks and unauthorized access. This thesis explores the security
mechanisms and standards, the protocol flow and comparison of ACE-OAuth profiles. It underlines
their potential risks involved with the implementation. The thesis delves into the existing and
emerging trends technologies of resource-constrained IoT and identifies limitations and potential
threats in existing authentication and authorization methods.
Furthermore, comparative analysis of ACE profiles demonstrated that the DTLS profile enables
constrained servers to effectively handle client authentication and authorization. The OSCORE
provides enhanced security and non-repudiation due to the Proof-of-Possession (PoP) mechanism,
requiring client to prove the possession of cryptographic key to generate the access token.
The key findings in this thesis, including security implications, strengths, and weaknesses for ACE
OAuth profiles are covered in-depth. It shows that the ACE-OAuth framework’s strengths lie in its
customization capabilities and scalability. This thesis demonstrates the practical applications and
benefits of ACE-OAuth framework in diverse IoT deployments through implementation in smart
home and factory use cases. Through these discussions, the research advances the application of
authentication and authorization mechanisms and provides practical insights into overcoming the
challenges in constrained IoT settings
Big Data and the Internet of Things
Advances in sensing and computing capabilities are making it possible to
embed increasing computing power in small devices. This has enabled the sensing
devices not just to passively capture data at very high resolution but also to
take sophisticated actions in response. Combined with advances in
communication, this is resulting in an ecosystem of highly interconnected
devices referred to as the Internet of Things - IoT. In conjunction, the
advances in machine learning have allowed building models on this ever
increasing amounts of data. Consequently, devices all the way from heavy assets
such as aircraft engines to wearables such as health monitors can all now not
only generate massive amounts of data but can draw back on aggregate analytics
to "improve" their performance over time. Big data analytics has been
identified as a key enabler for the IoT. In this chapter, we discuss various
avenues of the IoT where big data analytics either is already making a
significant impact or is on the cusp of doing so. We also discuss social
implications and areas of concern.Comment: 33 pages. draft of upcoming book chapter in Japkowicz and Stefanowski
(eds.) Big Data Analysis: New algorithms for a new society, Springer Series
on Studies in Big Data, to appea
Recent advances in information-centric networking based internet of things (ICN-IoT)
Information-Centric Networking (ICN) is being realized as a promising approach to accomplish the shortcomings of current IP-address based networking. ICN models are based on naming the content to get rid of address-space scarcity, accessing the content via name-based-routing, caching the content at intermediate nodes to provide reliable, efficient data delivery and self-certifying contents to ensure better security. Obvious benefits of ICN in terms of fast and efficient data delivery and improved reliability raises ICN as highly promising networking model for Internet of Things (IoTs) like environments. IoT aims to connect anyone and/or anything at any time by any path on any place. From last decade, IoTs attracts both industry and research communities. IoTs is an emerging research field and still in its infancy. Thus, this paper presents the potential of ICN for IoTs by providing state-of-the-art literature survey. We discuss briefly the feasibility of ICN features and their models (and architectures) in the context of IoT. Subsequently, we present a comprehensive survey on ICN based caching, naming, security and mobility approaches for IoTs with appropriate classification. Furthermore, we present operating systems (OS) and simulation tools for ICN-IoT. Finally, we provide important research challenges and issues faced by ICN for IoTs
Smart Home Systems Based on Internet of Things
Smart home systems achieved great popularity in the last decades as they increase the comfort and quality of life. Most smart home systems are controlled by smartphones and microcontrollers. A smartphone application is used to control and monitor home functions using wireless communication techniques. We explore the concept of smart home with the integration of IoT services and cloud computing to it, by embedding intelligence into sensors and actuators, networking of smart things using the corresponding technology, facilitating interactions with smart things using cloud computing for easy access in different locations, increasing computation power, storage space and improving data exchange efficiency. In this chapter we present a composition of three components to build a robust approach of an advanced smart home concept and implementation
Exploring IoT in Smart Cities: Practices, Challenges and Way Forward
The rise of Internet of things (IoT) technology has revolutionized urban
living, offering immense potential for smart cities in which smart home, smart
infrastructure, and smart industry are essential aspects that contribute to the
development of intelligent urban ecosystems. The integration of smart home
technology raises concerns regarding data privacy and security, while smart
infrastructure implementation demands robust networking and interoperability
solutions. Simultaneously, deploying IoT in industrial settings faces
challenges related to scalability, standardization, and data management. This
research paper offers a systematic literature review of published research in
the field of IoT in smart cities including 55 relevant primary studies that
have been published in reputable journals and conferences. This extensive
literature review explores and evaluates various aspects of smart home, smart
infrastructure, and smart industry and the challenges like security and
privacy, smart sensors, interoperability and standardization. We provide a
unified perspective, as we seek to enhance the efficiency and effectiveness of
smart cities while overcoming security concerns. It then explores their
potential for collective integration and impact on the development of smart
cities. Furthermore, this study addresses the challenges associated with each
component individually and explores their combined impact on enhancing urban
efficiency and sustainability. Through a comprehensive analysis of security
concerns, this research successfully integrates these IoT components in a
unified approach, presenting a holistic framework for building smart cities of
the future. Integrating smart home, smart infrastructure, and smart industry,
this research highlights the significance of an integrated approach in
developing smart cities
- …