Evaluation of Trust in the Internet Of Things: Models, Mechanisms And Applications

In the blooming era of the Internet of Things (IoT), trust has become a vital factor for provisioning reliable smart services without human intervention by reducing risk in autonomous decision making. However, the merging of physical objects, cyber components and humans in the IoT infrastructure has introduced new concerns for the evaluation of trust. Consequently, a large number of trust-related challenges have been unsolved yet due to the ambiguity of the concept of trust and the variety of divergent trust models and management mechanisms in different IoT scenarios. In this PhD thesis, my ultimate goal is to propose an efficient and practical trust evaluation mechanisms for any two entities in the IoT. To achieve this goal, the first important objective is to augment the generic trust concept and provide a conceptual model of trust in order to come up with a comprehensive understanding of trust, influencing factors and possible Trust Indicators (TI) in the context of IoT. Following the catalyst, as the second objective, a trust model called REK comprised of the triad Reputation, Experience and Knowledge TIs is proposed which covers multi-dimensional aspects of trust by incorporating heterogeneous information from direct observation, personal experiences to global opinions. The mathematical models and evaluation mechanisms for the three TIs in the REK trust model are proposed. Knowledge TI is as “direct trust” rendering a trustor’s understanding of a trustee in respective scenarios that can be obtained based on limited available information about characteristics of the trustee, environment and the trustor’s perspective using a variety of techniques. Experience and Reputation TIs are originated from social features and extracted based on previous interactions among entities in IoT. The mathematical models and calculation mechanisms for the Experience and Reputation TIs also proposed leveraging sociological behaviours of humans in the real-world; and being inspired by the Google PageRank in the web-ranking area, respectively. The REK Trust Model is also applied in variety of IoT scenarios such as Mobile Crowd-Sensing (MCS), Car Sharing service, Data Sharing and Exchange platform in Smart Cities and in Vehicular Networks; and for empowering Blockchain-based systems. The feasibility and effectiveness of the REK model and associated evaluation mechanisms are proved not only by the theoretical analysis but also by real-world applications deployed in our ongoing TII and Wise-IoT projects

Usage control for data handling in smart cities

International audienceData in smart cities is commonly generated by a large variety of participants including institutional actors, equipment manufacturers, network operators, infrastructure providers, service providers, and end users. This data potentially undergoes several transformations such as aggregation and/or composition before finally being consumed. In this context of sharing data between diverse consumers, it is essential to provide the data producers the means by which they can exercise control over how and by whom the data is used. To date, usage control has received attention in the domains of the web and social networks, in terms of confidentiality, privacy and access control aspects. However, it has not yet been fully applied in a rigorous manner in the context of smart cites. In this paper we study usage control with the goal to address the problem of providing stakeholders more control over their data and enforcing accountable management of such data. We first propose a new data usage policy, called DUPO, which captures the diversity of obligations and constraints resulting from the usage control requirements for smart cities. Next, we apply a defeasible logic based approach on DUPO to formally define rule language, solve rule conflicts, and elaborate reasoning. We then introduce the data handling mechanism, which provides useful functionality to process consumer's request, ensuring the accountability of the policy enforcement, and traceability of the data usage. To this end we benefit from SPINdle reasoner to implement the proposed usage control module covered main functionalities of the mechanis