Security and Privacy for Green IoT-based Agriculture: Review, Blockchain solutions, and Challenges

open access articleThis paper presents research challenges on security and privacy issues in the field of green IoT-based agriculture. We start by describing a four-tier green IoT-based agriculture architecture and summarizing the existing surveys that deal with smart agriculture. Then, we provide a classification of threat models against green IoT-based agriculture into five categories, including, attacks against privacy, authentication, confidentiality, availability, and integrity properties. Moreover, we provide a taxonomy and a side-by-side comparison of the state-of-the-art methods toward secure and privacy-preserving technologies for IoT applications and how they will be adapted for green IoT-based agriculture. In addition, we analyze the privacy-oriented blockchain-based solutions as well as consensus algorithms for IoT applications and how they will be adapted for green IoT-based agriculture. Based on the current survey, we highlight open research challenges and discuss possible future research directions in the security and privacy of green IoT-based agriculture

Coordination Models for Internet of Things

In constrained environments, there is a variety of devices like sensors and actuators with limited computation power or energy that form an Internet of Things (IoT) system. When processing complex tasks is required, those devices send the data to the cloud and obtain the result later. However, the IoT system could process complex task if more devices work together, sharing computational resources and cooperating. This cooperation can be achieved using a coordination model that distributes the load among the different devices based on a set of parameters, laws and defined entities. This research implements and evaluates a data-oriented coordination model with three variations for Internet of Things (IoT). It also presents, implements and evaluates a new process-oriented coordination model that can make constrained environments much more effective and allow the processing of more complex tasks closer to the network. The development of all the coordination models was focused on using the system’s computational resources effectively. As IoT is a heterogeneous field, devices with more power can process more complex tasks, creating an uneven but adequate load distribution. Various experiments were conducted to evaluate the performance of each model using one and two workers. The results showed that every coordination model works effectively when distributing the load among more workers. For the process-oriented model, implementing some CoAP features allowed the system to perform better when repetitive tasks are required

How to see through the Fog? Using Peer to Peer (P2P) for the Internet of Things

The Internet of Things (IoT) faces the challenge of scaling to handle tens of billions of connected devices. This challenge is made more difficult by the range of constituent IoT parts from Cloud-based applications to constrained nodes in Wireless Sensor Networks (WSNs). Achieving the desired scale and interoperability requires an architecture for IoT that is scalable and allows seamless operation across networks and devices. This paper considers the requirements for IoT and considers a number of existing architectural approaches and the emergence of Fog computing. It proposes that Fog computing architectures must cater for the flow of data from constrained sensor nodes to powerful applications. It considers the suitability of a Peer to Peer (P2P) approach for Fog computing. Using a prototype implementation, it demonstrates how a Holistic Peer to Peer (HPP) architecture and application layer protocol meet the requirements set for IoT

AN INTENT-BASED CACHING SYSTEM FOR CONSTRAINED INTERNET-OF-THINGS ENVIRONMENTS

Internet-of-Things (IoT) environments often have very constrained edge devices, with limited memory, storage, and compute power. Additionally, these environments can be highly distributed. In many cases, edge devices/applications need to access content repeatedly from a cloud service or higher-tiered application. Because device and network connections can become constrained, it is desirable to cache objects, files, etc. local to the edge devices. However, caching systems and cache replacement algorithms may not consider the criticality or requirements of one application over another. Techniques presented herein provide for adapting well-known caching mechanisms for utilization within environments involving constrained networks. Further, intent-based classification techniques presented herein can facilitate preserving and caching critical data at network edges

Equivalence classes for named function networking

Named Function Networking (NFN) is a generalization of Content-Centric Networking (CCN) and Named Data Networking (NDN). Beyond mere content retrieval, NFN enables to ask for results of computations. Names are not just content identifiers but λ-expressions that allow an arbitrary composition of function calls and data accesses. λ-expressions are pure and deterministic. In other words, they do not have side effects and they always yield the same result. Both properties together are known to as referential transparency. Referentially transparent functions can be evaluated individually no matter where and in what order, e.g. geographically distributed and concurrently. This simplifies the distribution of computations in a network, an attractive feature in times of rising needs for edge computing. However, NFN is affected by a lacking awareness for referentially opaque expressions that are characterized by having changing results or side effects, i.e. expressions that depend on outer conditions or modify outer states. The fundamental motivation of this thesis is to retrofit NFN with a clearer notion of referentially opaque expressions. They are indispensable not only to many common use cases such as e-mail and database applications, but also to network technologies such as software defined networking. We observed that many protocol decisions are based on expression matching, i.e. the search for equivalent expressions. Driven by this observation, this thesis explores possibilities to adapt the determination of equivalences in dependence of crucial expression properties such as their ability for aggregation, concurrent evaluation or permanently cacheable results. This exploration results in a comprehensive set of equivalence classes that is used for explicit attribution of expressions, leading to a system that is aware of the true nature of handled expressions. Moreover, we deliver a solution to support referentially opaque expressions and mutable states in an architecture that bases upon uniquely named and immutable data packets. Altogether, the findings condense to an extended execution model. It summarizes how the attribution of expressions with equivalence classes influences specific protocol decisions in order to support referentially transparent as well as referentially opaque expressions. We believe that our approach captivates due to its generality and extensibility. Equivalence classes depend upon universal properties. Therefore, our approach is not bound to a specific elaboration like NFN. We evaluate the applicability of our approach in a few application scenarios. Overall, the proposed solutions and concepts are an important contribution towards name-based distributed computations in information-centric networks

IoT DEVICE MANAGEMENT AND CONFIGURATION

As the number of IoT devices grows, the management and configuration of IoT devices becomes crucial in resource constraint networks. It is hard to manage and configure a large amount of heterogeneous resource constraint IoT devices because people need to know how they connect to each other, what internet-enabled services are available to provide, and how people interact with things through the internet. The thing-centric approach focuses on user experience when engaging things, but the cloud- centric approach switch the focus to IoT services that can process data streams collected from things and applications that help get people joined in the IoT world. To manage IoT populations effectively in a centralized manner, not only does it mean that moving computational power closer to the edge is a way to reduce bandwidth and latency, but it also implies that it is necessary to build an architecture which can scale and manage tons of connected devices by a uniform interface. In particular, RESTful Web services can provide a uniform interface that operates resources by HTTP methods. For example, users can read and write data by a uniform interface, and a flowerpot can write data and be triggered to water plants by a uniform interface. Thus, in the scope of IoT, embedded middleware can implement uniform interface by REST model. Virtualizing physical things has emerged as a design pattern to build IoT systems. Resource less constraint devices are capable of being virtualized with enough CPU power, memory, networking, but they are more expensive and power consuming. However, resource highly constraint devices take advantage of low energy consumption and cheaper price, but they cannot be virtualized because they do not have ability to even run a single multi-threaded program. Therefore, it is very important to select the right platforms for the right roles. In our case, we use Raspberry Pi 3 as a middleware and Nordic nRF52832 as a BLE endpoint. In this thesis, a REST-based IoT management system based on Service-Oriented Architecture is built, and the performance of the system has been tested, including the response time of HTTP GET and POST requests of the centralized server in a Fog domain and a script engine onto a BLE-enabled endpoint

Understanding Interdependencies among Fog System Characteristics

Fog computing adds decentralized computing, storage, and networking capabilities with dedicated nodes as an intermediate layer between cloud data centers and edge devices to solve latency, bandwidth, and resilience issues. However, in-troducing a fog layer imposes new system design challenges. Fog systems not only exhibit a multitude of key system characteristics (e.g., security, resilience, interoperability) but are also beset with various interdependencies among their key characteristics that require developers\u27 attention. Such interdependencies can either be trade-offs with improving the fog system on one characteristic impairing it on another, or synergies with improving the system on one characteristic also improving it on another. As system developers face a multifaceted and complex set of potential system design measures, it is challenging for them to oversee all potentially resulting interdependencies, mitigate trade-offs, and foster synergies. Until now, existing literature on fog system architecture has only analyzed such interdependencies in isolation for specific characteristics, thereby limiting the applicability and generalizability of their proposed system designs if other than the considered characteristics are critical. We aim to fill this gap by conducting a literature review to (1) synthesize the most relevant characteristics of fog systems and design measures to achieve them, and (2) derive interdependences among all key characteristics. From reviewing 147 articles on fog system architectures, we reveal 11 key characteristics and 39 interdependencies. We supplement the key characteristics with a description, reason for their relevance, and related design measures derived from literature to deepen the understanding of a fog system\u27s potential and clarify semantic ambiguities. For the interdependencies, we explain and differentiate each one as positive (synergies) or negative (trade-offs), guiding practitioners and researchers in future design choices to avoid pitfalls and unleash the full potential of fog computing

Proactive content caching in future generation communication networks: Energy and security considerations

The proliferation of hand-held devices and Internet of Things (IoT) applications has heightened demand for popular content download. A high volume of content streaming/downloading services during peak hours can cause network congestion. Proactive content caching has emerged as a prospective solution to tackle this congestion problem. In proactive content caching, data storage units are used to store popular content in helper nodes at the network edge. This contributes to a reduction of peak traffic load and network congestion. However, data storage units require additional energy, which offers a challenge to researchers that intend to reduce energy consumption up to 90% in next generation networks. This thesis presents proactive content caching techniques to reduce grid energy consumption by utilizing renewable energy sources to power-up data storage units in helper nodes. The integration of renewable energy sources with proactive caching is a significant challenge due to the intermittent nature of renewable energy sources and investment costs. In this thesis, this challenge is tackled by introducing strategies to determine the optimal time of the day for content caching and optimal scheduling of caching nodes. The proposed strategies consider not only the availability of renewable energy but also temporal changes in network trac to reduce associated energy costs. While proactive caching can facilitate the reduction of peak trac load and the integration of renewable energy, cached content objects at helper nodes are often more vulnerable to malicious attacks due to less stringent security at edge nodes. Potential content leakage can lead to catastrophic consequences, particularly for cache-equipped Industrial Internet of Things (IIoT) applications. In this thesis, the concept of \trusted caching nodes (TCNs) is introduced. TCNs cache popular content objects and provide security services to connected links. The proposed study optimally allocates TCNs and selects the most suitable content forwarding paths. Furthermore, a caching strategy is designed for mobile edge computing systems to support IoT task offloading. The strategy optimally assigns security resources to offloaded tasks while satisfying their individual requirements. However, security measures often contribute to overheads in terms of both energy consumption and delay. Consequently, in this thesis, caching techniques have been designed to investigate the trade-off between energy consumption and probable security breaches. Overall, this thesis contributes to the current literature by simultaneously investigating energy and security aspects of caching systems whilst introducing solutions to relevant research problems