Proactive architecture for Internet of Things (IoTs) management in smart homes

Smart homes are driven by heterogeneity in nature and consist of diverse components that promote user comfort and security. In recent times, tremendous growth of Internet of Things (IoTs) applications is seen in smart homes. The huge diversity of various IoTs applications generally leads to interoperability requirements that need to be fulfilled. Current IoTs management is achieved using physical platforms that lack intelligence on decision making. A proactive architecture that deploys Event-Condition-Action (ECA) method is proposed to resolve the management of heterogeneous IoTs in smart homes. The proactive architecture, developed with a core repository stores persistent data of IoTs schema, proved to be an ideal solution in solving interoperability in smart homes

Lightweight Pairwise Key Distribution Scheme for IoTs

Embedding a pairwise key distribution approach in IoT systems is challenging as IoT devices have limited resources, such as memory, processing power, and battery life. This paper presents a secure and lightweight approach that is applied to IoT devices that are divided into Voronoi clusters. This proposed algorithm comprises XOR and concatenation operations for interactive authentication between the server and the IoT devices. Predominantly, the authentication is carried out by the server. It is observed that the algorithm is resilient against man-in-the-middle attacks, forward secrecy, Denial of Service (DoS) attacks, and offers mutual authentication. It is also observed that the given scheme has low communication and computing overheads compared to some existing methods

Verifying and Monitoring IoTs Network Behavior using MUD Profiles

IoT devices are increasingly being implicated in cyber-attacks, raising community concern about the risks they pose to critical infrastructure, corporations, and citizens. In order to reduce this risk, the IETF is pushing IoT vendors to develop formal specifications of the intended purpose of their IoT devices, in the form of a Manufacturer Usage Description (MUD), so that their network behavior in any operating environment can be locked down and verified rigorously. This paper aims to assist IoT manufacturers in developing and verifying MUD profiles, while also helping adopters of these devices to ensure they are compatible with their organizational policies and track devices network behavior based on their MUD profile. Our first contribution is to develop a tool that takes the traffic trace of an arbitrary IoT device as input and automatically generates the MUD profile for it. We contribute our tool as open source, apply it to 28 consumer IoT devices, and highlight insights and challenges encountered in the process. Our second contribution is to apply a formal semantic framework that not only validates a given MUD profile for consistency, but also checks its compatibility with a given organizational policy. We apply our framework to representative organizations and selected devices, to demonstrate how MUD can reduce the effort needed for IoT acceptance testing. Finally, we show how operators can dynamically identify IoT devices using known MUD profiles and monitor their behavioral changes on their network.Comment: 17 pages, 17 figures. arXiv admin note: text overlap with arXiv:1804.0435

Clear as MUD: Generating, Validating and Applying IoT Behaviorial Profiles (Technical Report)

IoT devices are increasingly being implicated in cyber-attacks, driving community concern about the risks they pose to critical infrastructure, corporations, and citizens. In order to reduce this risk, the IETF is pushing IoT vendors to develop formal specifications of the intended purpose of their IoT devices, in the form of a Manufacturer Usage Description (MUD), so that their network behavior in any operating environment can be locked down and verified rigorously. This paper aims to assist IoT manufacturers in developing and verifying MUD profiles, while also helping adopters of these devices to ensure they are compatible with their organizational policies. Our first contribution is to develop a tool that takes the traffic trace of an arbitrary IoT device as input and automatically generates a MUD profile for it. We contribute our tool as open source, apply it to 28 consumer IoT devices, and highlight insights and challenges encountered in the process. Our second contribution is to apply a formal semantic framework that not only validates a given MUD profile for consistency, but also checks its compatibility with a given organizational policy. Finally, we apply our framework to representative organizations and selected devices, to demonstrate how MUD can reduce the effort needed for IoT acceptance testing

Access Management in Lightweight IoT: A Comprehensive review of ACE-OAuth framework

With the expansion of Internet of Things (IoT), the need for secure and scalable authentication and authorization mechanism for resource-constrained devices is becoming increasingly important. This thesis reviews the authentication and authorization mechanisms in resource-constrained Internet of Things (IoT) environments. The thesis focuses on the ACE-OAuth framework, which is a lightweight and scalable solution for access management in IoT. Traditional access management protocols are not well-suited for the resource-constrained environment of IoT devices. This makes the lightweight devices vulnerable to cyber-attacks and unauthorized access. This thesis explores the security mechanisms and standards, the protocol flow and comparison of ACE-OAuth profiles. It underlines their potential risks involved with the implementation. The thesis delves into the existing and emerging trends technologies of resource-constrained IoT and identifies limitations and potential threats in existing authentication and authorization methods. Furthermore, comparative analysis of ACE profiles demonstrated that the DTLS profile enables constrained servers to effectively handle client authentication and authorization. The OSCORE provides enhanced security and non-repudiation due to the Proof-of-Possession (PoP) mechanism, requiring client to prove the possession of cryptographic key to generate the access token. The key findings in this thesis, including security implications, strengths, and weaknesses for ACE OAuth profiles are covered in-depth. It shows that the ACE-OAuth framework’s strengths lie in its customization capabilities and scalability. This thesis demonstrates the practical applications and benefits of ACE-OAuth framework in diverse IoT deployments through implementation in smart home and factory use cases. Through these discussions, the research advances the application of authentication and authorization mechanisms and provides practical insights into overcoming the challenges in constrained IoT settings

Big Data and the Internet of Things

Advances in sensing and computing capabilities are making it possible to embed increasing computing power in small devices. This has enabled the sensing devices not just to passively capture data at very high resolution but also to take sophisticated actions in response. Combined with advances in communication, this is resulting in an ecosystem of highly interconnected devices referred to as the Internet of Things - IoT. In conjunction, the advances in machine learning have allowed building models on this ever increasing amounts of data. Consequently, devices all the way from heavy assets such as aircraft engines to wearables such as health monitors can all now not only generate massive amounts of data but can draw back on aggregate analytics to "improve" their performance over time. Big data analytics has been identified as a key enabler for the IoT. In this chapter, we discuss various avenues of the IoT where big data analytics either is already making a significant impact or is on the cusp of doing so. We also discuss social implications and areas of concern.Comment: 33 pages. draft of upcoming book chapter in Japkowicz and Stefanowski (eds.) Big Data Analysis: New algorithms for a new society, Springer Series on Studies in Big Data, to appea

Recent advances in information-centric networking based internet of things (ICN-IoT)

Information-Centric Networking (ICN) is being realized as a promising approach to accomplish the shortcomings of current IP-address based networking. ICN models are based on naming the content to get rid of address-space scarcity, accessing the content via name-based-routing, caching the content at intermediate nodes to provide reliable, efficient data delivery and self-certifying contents to ensure better security. Obvious benefits of ICN in terms of fast and efficient data delivery and improved reliability raises ICN as highly promising networking model for Internet of Things (IoTs) like environments. IoT aims to connect anyone and/or anything at any time by any path on any place. From last decade, IoTs attracts both industry and research communities. IoTs is an emerging research field and still in its infancy. Thus, this paper presents the potential of ICN for IoTs by providing state-of-the-art literature survey. We discuss briefly the feasibility of ICN features and their models (and architectures) in the context of IoT. Subsequently, we present a comprehensive survey on ICN based caching, naming, security and mobility approaches for IoTs with appropriate classification. Furthermore, we present operating systems (OS) and simulation tools for ICN-IoT. Finally, we provide important research challenges and issues faced by ICN for IoTs

Smart Home Systems Based on Internet of Things

Smart home systems achieved great popularity in the last decades as they increase the comfort and quality of life. Most smart home systems are controlled by smartphones and microcontrollers. A smartphone application is used to control and monitor home functions using wireless communication techniques. We explore the concept of smart home with the integration of IoT services and cloud computing to it, by embedding intelligence into sensors and actuators, networking of smart things using the corresponding technology, facilitating interactions with smart things using cloud computing for easy access in different locations, increasing computation power, storage space and improving data exchange efficiency. In this chapter we present a composition of three components to build a robust approach of an advanced smart home concept and implementation

Exploring IoT in Smart Cities: Practices, Challenges and Way Forward

The rise of Internet of things (IoT) technology has revolutionized urban living, offering immense potential for smart cities in which smart home, smart infrastructure, and smart industry are essential aspects that contribute to the development of intelligent urban ecosystems. The integration of smart home technology raises concerns regarding data privacy and security, while smart infrastructure implementation demands robust networking and interoperability solutions. Simultaneously, deploying IoT in industrial settings faces challenges related to scalability, standardization, and data management. This research paper offers a systematic literature review of published research in the field of IoT in smart cities including 55 relevant primary studies that have been published in reputable journals and conferences. This extensive literature review explores and evaluates various aspects of smart home, smart infrastructure, and smart industry and the challenges like security and privacy, smart sensors, interoperability and standardization. We provide a unified perspective, as we seek to enhance the efficiency and effectiveness of smart cities while overcoming security concerns. It then explores their potential for collective integration and impact on the development of smart cities. Furthermore, this study addresses the challenges associated with each component individually and explores their combined impact on enhancing urban efficiency and sustainability. Through a comprehensive analysis of security concerns, this research successfully integrates these IoT components in a unified approach, presenting a holistic framework for building smart cities of the future. Integrating smart home, smart infrastructure, and smart industry, this research highlights the significance of an integrated approach in developing smart cities