SETUCOM: Secure and Trustworthy Context Management for Context-Aware Security and Privacy in the Internet of Things

IoT technologies facilitate the development and the improvement of pervasive computing by enabling effective context-awareness features. These features enable the IoT applications to detect the user’s situation and adapt their behavior. They also enable context-aware security and privacy, which consist in adapting security and privacy mechanisms’ deployment to the user’s situation. Research studies on context-aware security and privacy focus on security and privacy mechanisms’ implementation but do not consider the secure and trustworthy context management. In this paper, we introduce a new secure and trustworthy context management system for context-aware security and privacy in the smart city: “SETUCOM.” SETUCOM is the implementation of the DTM (Device Trust Management) module of the CASPaaS (Context-Aware Security and Privacy as a Service) architecture. It secures context information exchange by using a lightweight hybrid encryption system adapted to IoT devices and manages trust through artificial intelligence techniques such as Bayesian networks and fuzzy logic. A detailed description of the proposed system is provided, and its main performances are evaluated. The results prove SETUCOM feasibility in context-aware security and privacy for the smart city.

Download Full-text

TRUST MANAGEMENT OF COMMUNICATION ARCHITECTURES OF INTERNET OF THINGS

Journal of Trends in Computer Science and Smart Technology - September 2019 ◽

10.36548/jtcsst.2019.2.005 ◽

2019 ◽

Vol 2019 (02) ◽

pp. 121-130 ◽

Cited By ~ 10

Author(s):

Dr. Wang Haoxiang

Keyword(s):

Internet Of Things ◽

Information Exchange ◽

Trust Management ◽

The Internet ◽

Trust System ◽

Proposed Model ◽

Communication Architectures ◽

Block Chain ◽

Seamless Connection ◽

The Internet Of Things

The Internet of things is the basic paradigm with the cluster of techniques that ensure innovations in the service rendered in various applications. It aims to develop a seamless connection between the tangible objects around and the information network in turn to provide a well-structured servicing to its users. Though the IOT service seems to be promising, the risks still prevail in the form of privacy and the security in user acceptance in utilizing the internet of things services, and its application. This makes the trust management very important for the internet of things. So the paper puts forth the distributed block chain involved trust system to manage the conveyance infrastructures of the internet of things paradigm. The evaluation of the proposed model evinces the enhanced security provided for the nodes of the IOT as well as its information exchange.

Download Full-text

A Survey of Authentication Schemes in the Internet of Things

International Journal of Smart Security Technologies ◽

10.4018/ijsst.2019010102 ◽

2019 ◽

Vol 6 (1) ◽

pp. 15-30 ◽

Cited By ~ 1

Author(s):

Yasmine Labiod ◽

Abdelaziz Amara Korba ◽

Nacira Ghoualmi-Zine

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Privacy And Security ◽

Depth Study ◽

Authentication Schemes ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

Download Full-text

A WSN-Oriented Key Agreement Protocol in Internet of Things

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.401-403.1792 ◽

2013 ◽

Vol 401-403 ◽

pp. 1792-1795 ◽

Cited By ~ 5

Author(s):

Tao Liu ◽

Ya Wen Guan ◽

Yi Qun Yan ◽

Li Liu ◽

Qi Chao Deng

Keyword(s):

Internet Of Things ◽

Trust Management ◽

Key Agreement ◽

Bilinear Pairing ◽

Negotiation Process ◽

Third Party ◽

Security And Privacy ◽

The Internet ◽

Key Agreement Protocol ◽

The Internet Of Things

Aimed to the security and privacy issues which restrict the construction and development of the Internet of Things, a WSN-oriented key agreement protocol in the Internet of Things ( IOT) has been proposed . Trust management was introduced the security mechanism of IOT, the use of bilinear pairing technology, the identity-based key agreement was realized. Using the protocol not only can effectively prevent attacks from outside the network and can recognize the abnormal nodes which were captured or lapsed efficacy. Thus it can reduce communication with abnormal nodes to improve network security, extending the lifetime of the network. The distributed self-organizing key negotiation process without credible third-party management can enhance the survivability of IOT, and the network has a good scalability.

Download Full-text

Privacy Dangers of Wearables and the Internet of Things

Identity Theft ◽

10.4018/978-1-5225-0808-3.ch018 ◽

2016 ◽

pp. 379-402 ◽

Cited By ~ 1

Author(s):

Scott Amyx

Keyword(s):

Data Protection ◽

Data Privacy ◽

Security And Privacy ◽

Employee Privacy ◽

Privacy Concerns ◽

Business Operations ◽

Managerial Implications ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

This chapter identifies concerns about, and the managerial implications of, data privacy issues related to wearables and the IoT; it also offers some enterprise solutions to the complex concerns arising from the aggregation of the massive amounts of data derived from wearables and IoT devices. Consumer and employee privacy concerns are elucidated, as are the problems facing managers as data management and security become an important part of business operations. The author provides insight into how companies are currently managing data as well as some issues related to data security and privacy. A number of suggestions for improving the approach to data protection and addressing concerns about privacy are included. This chapter also examines trending issues in the areas of data protection and the IoT, and contains thought-provoking discussion questions pertaining to business, wearables/IoT data, and privacy issues.

Download Full-text

XAC Project

Designing Solutions-Based Ubiquitous and Pervasive Computing ◽

10.4018/978-1-61520-843-2.ch011 ◽

2010 ◽

pp. 214-231

Author(s):

Kenji Tei ◽

Shunichiro Suenaga ◽

Yoshiyuki Nakamura ◽

Yuichi Sei ◽

Hikotoshi Nakazato ◽

...

Keyword(s):

Wireless Sensor Network ◽

Pervasive Computing ◽

Management System ◽

Wireless Sensor ◽

Context Aware ◽

Task Management ◽

Development Cost ◽

Description Language ◽

Context Management ◽

Research Issues

In pervasive computing environment (Satyanarayanan, 2001), common context management system, that make context of the real world be shared among the context-aware applications, is required to reduce development cost of each context-aware applications. A wireless sensor network (WSN) will be a key infrastructure for the context management system. Towards pervasive computing, a WSN integrated into context management system should be open infrastructure. In an open WSN should (1)handle various kinds of tasks, (2)manage tasks at runtime, (3)save resource consumption, and (4)adapt to changes of environments. To develop such an open WSN, middleware supports are needed, and our XAC project tries to develop a middleware for the open WSN. The XAC project is a research project to develop a middleware for open WSN. In this chapter, the auhors show research issues related to open WSN from the viewpoints of task description language, runtime task management, self-adaptability, and security.

Download Full-text

Smart Internet of Things (IoT) Applications

Handbook of Research on Implementation and Deployment of IoT Projects in Smart Cities - Advances in Civil and Industrial Engineering ◽

10.4018/978-1-5225-9199-3.ch003 ◽

2019 ◽

pp. 33-42

Author(s):

Rahul Verma

Keyword(s):

Internet Of Things ◽

Cyber Physical Systems ◽

Security And Privacy ◽

Smart Device ◽

The Internet ◽

Iot Applications ◽

Individual Concepts ◽

The World ◽

Iot Devices ◽

The Internet Of Things

The internet of things (IoT) is the new buzzword in technological corridors with most technology companies announcing a smart device of sorts that runs on internet of things (IoT). Cities around the world are getting “smarter” every day through the implementation of internet of things (IoT) devices. Cities around the world are implementing individual concepts on their way to becoming smart. The services are automated and integrated end to end using internet of things (IoT) devices. The chapter presents an array of internet of things (IoT) applications. Also, cyber physical systems are becoming more vulnerable since the internet of things (IoT) attacks are common and threatening the security and privacy of such systems. The main aim of this chapter is to bring more research in the application aspects of smart internet of things (IoT).

Download Full-text

Intelligent Botnet Detection Approach in Modern Applications

International Journal of Interactive Mobile Technologies (iJIM) ◽

10.3991/ijim.v15i16.24199 ◽

2021 ◽

Vol 15 (16) ◽

pp. 113

Author(s):

Khattab M. Ali Alheeti ◽

Ibrahim Alsukayti ◽

Mohammed Alreshoodi

Keyword(s):

Detection System ◽

Security And Privacy ◽

Sensitive Information ◽

Learning Networks ◽

Detection Systems ◽

Testing Dataset ◽

Detection Approach ◽

Secure Environment ◽

Iot Devices ◽

The Internet Of Things

<p class="0abstract">Innovative applications are employed to enhance human-style life. The Internet of Things (IoT) is recently utilized in designing these environments. Therefore, security and privacy are considered essential parts to deploy and successful intelligent environments. In addition, most of the protection systems of IoT are vulnerable to various types of attacks. Hence, intrusion detection systems (IDS) have become crucial requirements for any modern design. In this paper, a new detection system is proposed to secure sensitive information of IoT devices. However, it is heavily based on deep learning networks. The protection system can provide a secure environment for IoT. To prove the efficiency of the proposed approach, the system was tested by using two datasets; normal and fuzzification datasets. The accuracy rate in the case of the normal testing dataset was 99.30%, while was 99.42% for the fuzzification testing dataset. The experimental results of the proposed system reflect its robustness, reliability, and efficiency.</p>

Download Full-text

Provisioning, Authentication and Secure Communications for IoT Devices on FIWARE

Sensors ◽

10.3390/s21175898 ◽

2021 ◽

Vol 21 (17) ◽

pp. 5898

Author(s):

Patrícia R. Sousa ◽

Luís Magalhães ◽

João S. Resende ◽

Rolando Martins ◽

Luís Antunes

Keyword(s):

Identity Management ◽

Security And Privacy ◽

Steady Increase ◽

Secure Communications ◽

Secure Systems ◽

Arduous Task ◽

Digital Certificates ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

The increasing pervasiveness of the Internet of Things is resulting in a steady increase of cyberattacks in all of its facets. One of the most predominant attack vectors is related to its identity management, as it grants the ability to impersonate and circumvent current trust mechanisms. Given that identity is paramount to every security mechanism, such as authentication and access control, any vulnerable identity management mechanism undermines any attempt to build secure systems. While digital certificates are one of the most prevalent ways to establish identity and perform authentication, their provision at scale remains open. This provisioning process is usually an arduous task that encompasses device configuration, including identity and key provisioning. Human configuration errors are often the source of many security and privacy issues, so this task should be semi-autonomous to minimize erroneous configurations during this process. In this paper, we propose an identity management (IdM) and authentication method called YubiAuthIoT. The overall provisioning has an average runtime of 1137.8 ms ±65.11+δ. We integrate this method with the FIWARE platform, as a way to provision and authenticate IoT devices.

Download Full-text

Targeted Context based Attacks on Trust Models in IoT Systems

10.36227/techrxiv.14863461.v1 ◽

2021 ◽

Author(s):

Cody Lewis ◽

Nan Li ◽

Vijay Varadharajan

Keyword(s):

Internet Of Things ◽

Context Awareness ◽

Management System ◽

Trust Management ◽

Context Aware ◽

Dynamic Changes ◽

Trust Management System ◽

New Type ◽

Trust Models ◽

Iot Devices

Trust models play an important role in Internet of Things (IoT) as it provides a means of finding whether a given device can provide a service to a satisfactory level as well as a means for identifying potentially malicious devices in the network. Context awareness in trust models allows a trustor to filter and aggregate evidence by their relevance to the current situation. Context awareness is important in the formulation of trust in IoT networks due to their heterogeneity and due to the dynamic changes in the capabilities of IoT devices. In this paper,we have proposed a new type of context-based attack on context aware trust models for IoT systems. An adversary is able to manipulate the context and impact a target group of IoT devices, while other devices in non-targeted groups are not even aware of the attack. We have demonstrated the effectiveness of this new type of attack on six previously proposed trust models. Through practical simulations and theoretical proofs, we show that the adversaries can launch such context-based attacks against a targeted group of IoT devices in the network. The paper also proposes a new trust management system that can mitigate such context-based attacks.

Download Full-text

Compare encryption performance across devices to ensure the security of the IOT

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v20.i2.pp894-902 ◽

2020 ◽

Vol 20 (2) ◽

pp. 894

Author(s):

A.YU. Pyrkova ◽

ZH.E. Temirbekova

Keyword(s):

Homomorphic Encryption ◽

Security And Privacy ◽

Symmetric Cryptography ◽

Fully Homomorphic Encryption ◽

Cryptographic Primitives ◽

Development Platform ◽

Encryption And Decryption ◽

Detailed Assessment ◽

Iot Devices ◽

The Internet Of Things

The Internet of Things (IoT) combines many devices with various platforms, computing capabilities and functions. The heterogeneity of the network and the ubiquity of IoT devices place increased demands on security and privacy protection. Therefore, cryptographic mechanisms must be strong enough to meet these increased requirements, but at the same time they must be effective enough to be implemented on devices with disabilities. One of the limited devices are microcontrollers and smart cards. This paper presents the performance and memory limitations of modern cryptographic primitives and schemes on various types of devices that can be used in IoT. In this article, we provide a detailed assessment of the performance of the most commonly used cryptographic algorithms on devices with disabilities that often appear on IoT networks. We relied on the most popular open source microcontroller development platform, on the mbed platform. To provide a data protection function, we use cryptography asymmetric fully homomorphic encryption in the binary ring and symmetric cryptography AES 128 bit. In addition, we compared run-time encryption and decryption on a personal computer (PC) with Windows 7, the Bluetooth Low Energy (BLE) Nano Kit microcontroller, the BLE Nano 1.5, and the smartcard ML3-36k-R1.

Download Full-text