Security and Privacy for Green IoT-based Agriculture: Review, Blockchain solutions, and Challenges

open access articleThis paper presents research challenges on security and privacy issues in the field of green IoT-based agriculture. We start by describing a four-tier green IoT-based agriculture architecture and summarizing the existing surveys that deal with smart agriculture. Then, we provide a classification of threat models against green IoT-based agriculture into five categories, including, attacks against privacy, authentication, confidentiality, availability, and integrity properties. Moreover, we provide a taxonomy and a side-by-side comparison of the state-of-the-art methods toward secure and privacy-preserving technologies for IoT applications and how they will be adapted for green IoT-based agriculture. In addition, we analyze the privacy-oriented blockchain-based solutions as well as consensus algorithms for IoT applications and how they will be adapted for green IoT-based agriculture. Based on the current survey, we highlight open research challenges and discuss possible future research directions in the security and privacy of green IoT-based agriculture

Trust and Privacy Permissions for an Ambient World

Ambient intelligence (AmI) and ubiquitous computing allow us to consider a future where computation is embedded into our daily social lives. This vision raises its own important questions and augments the need to understand how people will trust such systems and at the same time achieve and maintain privacy. As a result, we have recently conducted a wide reaching study of people’s attitudes to potential AmI scenarios with a view to eliciting their privacy concerns. This chapter describes recent research related to privacy and trust with regard to ambient technology. The method used in the study is described and findings discussed

Cyber-Physical Systems: A Model-Based Approach

In this concise yet comprehensive Open Access textbook, future inventors are introduced to the key concepts of Cyber-Physical Systems (CPS). Using modeling as a way to develop deeper understanding of the computational and physical components of these systems, one can express new designs in a way that facilitates their simulation, visualization, and analysis. Concepts are introduced in a cross-disciplinary way. Leveraging hybrid (continuous/discrete) systems as a unifying framework and Acumen as a modeling environment, the book bridges the conceptual gap in modeling skills needed for physical systems on the one hand and computational systems on the other. In doing so, the book gives the reader the modeling and design skills they need to build smart, IT-enabled products. Starting with a look at various examples and characteristics of Cyber-Physical Systems, the book progresses to explain how the area brings together several previously distinct ones such as Embedded Systems, Control Theory, and Mechatronics. Featuring a simulation-based project that focuses on a robotics problem (how to design a robot that can play ping-pong) as a useful example of a CPS domain, Cyber-Physical Systems: A Model-Based Approach demonstrates the intimate coupling between cyber and physical components, and how designing robots reveals several non-trivial control problems, significant embedded and real-time computation requirements, and a need to consider issues of communication and preconceptions

Measuring Cybersecurity Competency: An Exploratory Investigation of the Cybersecurity Knowledge, Skills, and Abilities Necessary for Organizational Network Access Privileges

Organizational information system users (OISU) that are victimized by cyber threats are contributing to major financial and information losses for individuals, businesses, and governments. Moreover, it has been argued that cybersecurity competency is critical for advancing economic prosperity and maintaining national security. The fact remains that technical cybersecurity controls may be rendered useless due to a lack of cybersecurity competency of OISUs. All OISUs, from accountants to cybersecurity forensics experts, can place organizational assets at risk. However, that risk is increased when OISUs do not have the cybersecurity competency necessary for operating an information system (IS). The main goal of this research study was to propose and validate, using subject matter experts (SME), a reliable hands-on prototype assessment tool for measuring the cybersecurity competency of an OISU. To perform this assessment, SMEs validated the critical knowledge, skills, and abilities (KSA) that comprise the cybersecurity competency of OISUs. Primarily using the Delphi approach, this study implemented four phases of data collection using cybersecurity SMEs for proposing and validating OISU: KSAs, KSA measures, KSA measure weights, and cybersecurity competency threshold. A fifth phase of data collection occurred measuring the cybersecurity competency of 54 participants. Phase 1 of this study performed five semi-structured SME interviews before using the Delphi method and anonymous online surveys of 30 cybersecurity SMEs to validate OISU cybersecurity KSAs found in literature and United States government (USG) documents. The results of Phase 1 proposed and validated three OISU cybersecurity abilities, 23 OISU cybersecurity knowledge units (KU), and 22 OISU cybersecurity skill areas (SA). In Phase 2, two rounds of the Delphi method with anonymous online surveys of 15 SMEs were used to propose and validate OISU cybersecurity KSA measures. The results of Phase 2 proposed and validated 90 KSA measures for 47 knowledge topics (KT) and 43 skill tasks (ST). In Phase 3, using the Delphi method with anonymous online surveys, a group of 15 SMEs were used to propose and validate OISU cybersecurity KSA weights. The results of Phase 3 proposed and validated the weights for four knowledge categories (KC) and four skill categories (SC). When Phase 3 was completed, the MyCyberKSAsTM prototype assessment tool was developed using the results of Phases 1-3, and Phase 4 was initiated. In Phase 4, using the Delphi method with anonymous online surveys, a group of 15 SMEs were used to propose and validate an OISU cybersecurity competency threshold (index score) of 80%, which was then integrated into the MyCyberKSAsTM prototype tool. Before initiating Phase 5, the MyCyberKSAsTM prototype tool was fully tested by 10 independent testers to verify the accuracy of data recording by the tool. After testing of the MyCyberKSAsTM prototype tool was completed, Phase 5 of this study was initiated. Phase 5 of this study measured the cybersecurity competency of 54 OISUs using the MyCyberKSAsTM prototype tool. Upon completion of Phase 5, data analysis of the cybersecurity competency results of the 54 OISUs was conducted. Data analysis was conducted in Phase 5 by computing levels of dispersion and one-way analysis of variance (ANOVA). The results of the ANOVA data analysis from Phase 5 revealed that annual cybersecurity training and job function are significant, showing differences in OISU cybersecurity competency. Additionally, ANOVA data analysis from Phase 5 showed that age, cybersecurity certification, gender, and time with company were not significant thus showing no difference in OISU cybersecurity competency. The results of this research study were validated by SMEs as well as the MyCyberKSAsTM prototype tool; and proved that the tool is capable of assessing the cybersecurity competency of an OISU. The ability for organizations to measure the cybersecurity competency of OISUs is critical to lowering risks that could be exploited by cyber threats. Moreover, the ability for organizations to continually measure the cybersecurity competency of OISUs is critical for assessing workforce susceptibility to emerging cyber threats. Furthermore, the ability for organizations to measure the cybersecurity competency of OISUs allows organizations to identify specific weaknesses of OISUs that may require additional training or supervision, thus lowering risks of being exploited by cyber threats

The Effect of Mobile Gamification on Brand Loyalty

[[notice]]補正完

Privacy-Preserving Vehicle Assignment for Mobility-on-Demand Systems

Urban transportation is being transformed by mobility-on-demand (MoD) systems. One of the goals of MoD systems is to provide personalized transportation services to passengers. This process is facilitated by a centralized operator that coordinates the assignment of vehicles to individual passengers, based on location data. However, current approaches assume that accurate positioning information for passengers and vehicles is readily available. This assumption raises privacy concerns. In this work, we address this issue by proposing a method that protects passengers' drop-off locations (i.e., their travel destinations). Formally, we solve a batch assignment problem that routes vehicles at obfuscated origin locations to passenger locations (since origin locations correspond to previous drop-off locations), such that the mean waiting time is minimized. Our main contributions are two-fold. First, we formalize the notion of privacy for continuous vehicle-to-passenger assignment in MoD systems, and integrate a privacy mechanism that provides formal guarantees. Second, we present a scalable algorithm that takes advantage of superfluous (idle) vehicles in the system, combining multiple iterations of the Hungarian algorithm to allocate a redundant number of vehicles to a single passenger. As a result, we are able to reduce the performance deterioration induced by the privacy mechanism. We evaluate our methods on a real, large-scale data set consisting of over 11 million taxi rides (specifying vehicle availability and passenger requests), recorded over a month's duration, in the area of Manhattan, New York. Our work demonstrates that privacy can be integrated into MoD systems without incurring a significant loss of performance, and moreover, that this loss can be further minimized at the cost of deploying additional (redundant) vehicles into the fleet.Comment: 8 pages; Submitted to IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS), 201

Engage D2.6 Annual combined thematic workshops progress report (series 2)

The preparation, organisation and conclusions from the thematic challenge workshops, two ad hoc technical workshops, a technical session on data and a MET/ENV workshop held in 2019 and 2020 are described. Partly due to Covid-19, two of the 2020 thematic challenge workshops scheduled to take place at the end of 2020 were re-scheduled to January 2021. We also report on the preparation for these two workshops, while the conclusions will be included in the next corresponding deliverable