Security for Ubiquitous Internet-Connected Smart Objects

Ubiquitous computing, also called the Internet of Things (IoT), is rapidly transforming our lives and our society. The vision of an interconnected world where physical devices are seamlessly integrated into the Internet is becoming a reality. The emergence of low-cost microcontrollers, energy-efficient wireless communications, and embedded sensors and actuators has transformed everyday devices into connected smart objects that can understand and react to their environment. These devices include both resource-constrained battery-operated devices, such as body sensors, and more powerful Internet-connected appliances, such as televisions and cameras. However, the security mechanisms for smart objects are still not ready for wide-scale deployment. There is additionally a concern that the existing solutions are not sufficiently usable for adoption in everyday devices, which often have very limited user interfaces. In this dissertation, we develop new secure deployment and communication methods for connected smart objects that are simple, user-friendly, and also energy efficient. We take into account the entire lifecycle of a smart object. We first build a secure and energy-efficient communication model that uses a proxy to serve data on behalf of sleeping resource-constrained smart objects, thereby allowing them to appear as always-online web servers. Next, we demonstrate how these smart objects can leverage the existing mobile network infrastructure to securely authenticate and communicate with Internet services. Thereafter, we study the deployment challenges of electronic displays. We found that deploying large numbers of ubiquitous displays is cumbersome as they need to be correctly configured to access both the Internet and online servers, despite their minimal input capabilities. In our secure bootstrapping solution, the displays show a bar code which, when scanned by the user, enables automatic configuration of the wireless network along with the online management service and content to be shown. For effortless deployment, we build our solution on standard protocols without requiring changes to the network infrastructure. Finally, we develop a solution for securely pairing mobile devices. Instead of relying on inconvenient user-entered codes, our solution uses an out-of-band (OOB) channel which is secret from anyone that is not physically present. The protocol development was motivated by the invention of a new human source for fuzzy secrets: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. We show the feasibility of each of our proposed solutions with prototype implementation. Where relevant, we also provide experimental results confirming that our solutions incur minimal memory and computational overhead, while also being energy efficient and easy to use. Lastly, we actively contribute the research results to relevant standards bodies

Security and Power Aware IPV6 Programming in Internet of Things Using CONTIKI and COOJA

The current era is surrounded with enormous devices and gadgets connected with each other using high performance technologies. Such type of technology loaded object communication is treated under the aegis of Internet of Things (IoT). A number of applications are using IoT based communication whether it is related to defense equipments, smart cities, smart offices, highway patrolling, smart toll collections, business communications, satellite televisions, traffic systems or interconnected web cams for social security. IoT is also known and associated with other terms including Ubiquitous Computing (UbiComp), Pervasive Computing or Ambient Computing in which number of devices and objects are virtually connected for remote monitoring and decision making. This manuscript underlines the security and power aware programming in IoT for higher performance in Cooja

A Mechanism for Securing IoT-enabled Applications at the Fog Layer

The Internet of Things (IoT) is an emerging paradigm branded by heterogeneous technologies composed of smart ubiquitous objects that are seamlessly connected to the Internet. These objects are deployed as Low power and Lossy Networks (LLN) to provide innovative services in various application domains, such as smart cities, smart health, smart communities. The LLN is a form of a network where the interconnected devices are highly resource-constrained (i.e., power, memory, and processing) and characterized by high loss rates, low data rates and instability in the communication links. Additionally, IoT devices produce a massive amount of confidential and security-sensitive data. Various cryptographic-based techniques exist that can effectively cope with security attacks, but are not suitable for IoT as they incur high consumption of resources (i.e., memory, storage and processing). One way to address this problem is by offloading the additional security-related operations to a more resourceful entity such as a fog-based node. Generally, fog computing enables security and analysis of latency-sensitive data directly at the network’s edge. This paper proposes a novel Fog Security Service (FSS) to provide end-to-end security at fog layer for IoT devices, using two well-established cryptographic schemes, identity-based encryption and identity-based signature. The FSS provides security services, such as authentication, confidentiality, and non-repudiation. The proposed architecture is implemented and evaluated in OPNET simulator using a single network topology with different traffic loads. The FSS performed better when compared with the APaaS and the legacy method

Middleware Technologies for Cloud of Things - a survey

The next wave of communication and applications rely on the new services provided by Internet of Things which is becoming an important aspect in human and machines future. The IoT services are a key solution for providing smart environments in homes, buildings and cities. In the era of a massive number of connected things and objects with a high grow rate, several challenges have been raised such as management, aggregation and storage for big produced data. In order to tackle some of these issues, cloud computing emerged to IoT as Cloud of Things (CoT) which provides virtually unlimited cloud services to enhance the large scale IoT platforms. There are several factors to be considered in design and implementation of a CoT platform. One of the most important and challenging problems is the heterogeneity of different objects. This problem can be addressed by deploying suitable "Middleware". Middleware sits between things and applications that make a reliable platform for communication among things with different interfaces, operating systems, and architectures. The main aim of this paper is to study the middleware technologies for CoT. Toward this end, we first present the main features and characteristics of middlewares. Next we study different architecture styles and service domains. Then we presents several middlewares that are suitable for CoT based platforms and lastly a list of current challenges and issues in design of CoT based middlewares is discussed.Comment: http://www.sciencedirect.com/science/article/pii/S2352864817301268, Digital Communications and Networks, Elsevier (2017

Middleware Technologies for Cloud of Things - a survey

The next wave of communication and applications rely on the new services provided by Internet of Things which is becoming an important aspect in human and machines future. The IoT services are a key solution for providing smart environments in homes, buildings and cities. In the era of a massive number of connected things and objects with a high grow rate, several challenges have been raised such as management, aggregation and storage for big produced data. In order to tackle some of these issues, cloud computing emerged to IoT as Cloud of Things (CoT) which provides virtually unlimited cloud services to enhance the large scale IoT platforms. There are several factors to be considered in design and implementation of a CoT platform. One of the most important and challenging problems is the heterogeneity of different objects. This problem can be addressed by deploying suitable "Middleware". Middleware sits between things and applications that make a reliable platform for communication among things with different interfaces, operating systems, and architectures. The main aim of this paper is to study the middleware technologies for CoT. Toward this end, we first present the main features and characteristics of middlewares. Next we study different architecture styles and service domains. Then we presents several middlewares that are suitable for CoT based platforms and lastly a list of current challenges and issues in design of CoT based middlewares is discussed.Comment: http://www.sciencedirect.com/science/article/pii/S2352864817301268, Digital Communications and Networks, Elsevier (2017

A survey on subjecting electronic product code and non-ID objects to IP identification

Over the last decade, both research on the Internet of Things (IoT) and real-world IoT applications have grown exponentially. The IoT provides us with smarter cities, intelligent homes, and generally more comfortable lives. However, the introduction of these devices has led to several new challenges that must be addressed. One of the critical challenges facing interacting with IoT devices is to address billions of devices (things) around the world, including computers, tablets, smartphones, wearable devices, sensors, and embedded computers, and so on. This article provides a survey on subjecting Electronic Product Code and non-ID objects to IP identification for IoT devices, including their advantages and disadvantages thereof. Different metrics are here proposed and used for evaluating these methods. In particular, the main methods are evaluated in terms of their: (i) computational overhead, (ii) scalability, (iii) adaptability, (iv) implementation cost, and (v) whether applicable to already ID-based objects and presented in tabular format. Finally, the article proves that this field of research will still be ongoing, but any new technique must favorably offer the mentioned five evaluative parameters.Comment: 112 references, 8 figures, 6 tables, Journal of Engineering Reports, Wiley, 2020 (Open Access

Context Aware Computing for The Internet of Things: A Survey

As we are moving towards the Internet of Things (IoT), the number of sensors deployed around the world is growing at a rapid pace. Market research has shown a significant growth of sensor deployments over the past decade and has predicted a significant increment of the growth rate in the future. These sensors continuously generate enormous amounts of data. However, in order to add value to raw sensor data we need to understand it. Collection, modelling, reasoning, and distribution of context in relation to sensor data plays critical role in this challenge. Context-aware computing has proven to be successful in understanding sensor data. In this paper, we survey context awareness from an IoT perspective. We present the necessary background by introducing the IoT paradigm and context-aware fundamentals at the beginning. Then we provide an in-depth analysis of context life cycle. We evaluate a subset of projects (50) which represent the majority of research and commercial solutions proposed in the field of context-aware computing conducted over the last decade (2001-2011) based on our own taxonomy. Finally, based on our evaluation, we highlight the lessons to be learnt from the past and some possible directions for future research. The survey addresses a broad range of techniques, methods, models, functionalities, systems, applications, and middleware solutions related to context awareness and IoT. Our goal is not only to analyse, compare and consolidate past research work but also to appreciate their findings and discuss their applicability towards the IoT.Comment: IEEE Communications Surveys & Tutorials Journal, 201