Security and privacy of information transmitted among the devices involved in an Internet of Things (IoT) network represent relevant issues in IoT contexts. Guaranteeing effective control and ...supervising access permissions to IoT applications is a complex task, mainly due to resources' heterogeneity and scalability requirements. The design and development of highly customizable access control policies, along with an efficient mechanism for ensuring that the rules applied by the IoT platform are not tampered with or violated, will undoubtedly have a significant impact on the diffusion of IoT‐based solutions. In such a direction, the article proposes the integration of a permissioned blockchain within an honest‐but‐curious (i.e., not trusted) IoT distributed middleware layer, which aims to guarantee the correct management of access to resources by the interested parties. The result is a robust and lightweight system, able to manage the data produced by IoT devices, support relevant security features, such as integrity and confidentiality, and resist different kinds of attacks. The use of blockchain will ensure the tamper‐resistance and synchronization of the distributed system, where various stakeholders own applications and IoT platforms. The methodology and the proposed architecture are validated employing a test‐bed.
Summary
The paper proposes the use of Node‐RED, a flow‐based programming tool targeted to Internet of Things (IoT), along with a series of case studies related to different IoT contexts, which ...demonstrate Node‐RED's potentialities and outcomings toward the realization of well‐structured IoT environments. The analyzed applications potentially include a wide range of domains, ranging from smart cities, smart buildings, smart homes/offices, smart retailing, to smart transportation, smart logistics, smart agriculture, smart health, military scenarios, and so on. The motivations behind the presented work are related to the fact that IoT application fields usually involve the same technologies and communication protocols, which are frequently adopted for totally different purposes. Issues such as systems' interoperabiliy, scalability, security and privacy naturally emerge, due to the huge amount of heterogeneous devices acting in the IoT environment itself and to the wireless nature of information transmissions. As a consequence, it is fundamental to dispose of adequate tools for supporting developers in design the network architecture and messages' exchange, in order to realize efficient and effective IoT network infrastructures.
A clever and efficient management of transport and logistics are fundamental in manufacturer companies, starting to adopt new methodologies, inspired to the emerging industry 4.0 principles. Such a ...behavior is influenced by the spreading of the Internet of Things (IoT) paradigm, helping to automate a lot of features, if not all, of products' management, from raw materials' purchase order to the final delivery to customers. Small and medium industries must face design issues and noncustomized solutions may not fit with their habitual data flow. Hence, the need of a tool, able to support designers and developers in defining the network architecture and messages' exchange, emerges. To this end, the use of Node‐RED, a flow‐based programming tool for the IoT, is proposed, by providing a comprehensive case study targeted to smart transport and logistics.
The Internet of Things (IoT) scenario places important challenges even for deep learning-based intrusion detection systems. IoTs are highly heterogeneous networks in which multiple types of nodes and ...connections between them proliferate at a fast pace. From a deep learning perspective, such complexity translates into dynamic feature spaces where the extraction of semantic patterns and correlations among features may require sophisticated inductive biases to be learnt by gradient-based techniques. The research community has recently suggested using Deep Reinforcement Learning (DRL) as a potent approach to effectively identify cyber-threat attempts in IoTs.
DRL consists of a Markov Decision Process-based meta-model that permits solving high-dimensional combinatorial optimization problems where differentiable supervisory signals may be absent. For this reason, multiple intelligent intrusion detection systems have been proposed for the IoT environment where high-level requirements are been pursued alongside the detection accuracy. These goals are related to optimizing the computational overhead, reducing power consumption at the edge, and preserving the privacy of sensitive information, among others.
This survey offers a clear bird’s eye view of the most recent design choices for DRL-based intrusion detection systems with a focus on the specific context of IoT. Our aim is not only to offer an exhaustive taxonomy of design alternatives made by DRL practitioners in the field of Intrusion detection, but also to discuss the advantages and the effective deployment of each setting concerning real IoT environments. We hope this work would guide the researchers interested in Intrusion Detection for IoTs to establish solid criteria for the most effective usage of Deep Reinforcement Learning in their future work.
Display omitted
•Literature review on design of Intrusion Detection Systems for IoT based on Deep Reinforcement Learning.•Best practices, lessons learnt, and open challenges in this DRL research trend.•Conditions are identified upon which DRL may potentially benefit IoT Intrusion Detection pipelines.
Regulating the access to the Internet of Things (IoT) network’s resources is a complex-prone task, which requires to pay a great attention on how policies are defined, shared, and enforced. The ...present paper considers the specific context of a smart home, which represents one of the main IoT application domains, and it focuses on two solutions proposed in the literature to cope with the aforementioned issues. On the one side, approaches based on attribute-based encryption (ABE) allow one to encrypt data for multiple recipients, in such a way that only those recipients whose attributes satisfy a given access policy can decrypt afterward. ABE guarantees a high level of customization due to the variety of attributes which can be defined, and it is also flexible enough to be adapted to different kinds of scenarios. On the other side, approaches based on sticky policies allow to attach an access policy directly to the data itself, and to employ a trusted authority to evaluate and enforce the policy itself. Sticky policies also guarantee a highly distributed and customizable enforcement of access control rules. In this paper, we compare the advantages and the drawbacks in terms of performance and robustness of such two techniques by means of their integration within the prototype of an IoT middleware, named networked smart object. Hence, the effectiveness of the presented solutions is validated by means of a real test-bed in the smart home scenario, in terms of storage occupancy, CPU load, and data retrieval delay. The final goal is to reveal the best approach to be used depending on the application’s requirements.
The growing diffusion of the technologies related to the Internet of Things (IoT) paradigm not only facilitates the connectivity among a huge amount of different devices, but also the variety of ...applications and services which can be provided to users. Everyday objects, equipped with the technologies involved in such a paradigm, become smart and are able to guarantee users who own them to be connected “always, in any place, at any time and with any object”. Consequently, the opportunity of communicating in real time enables the design and development of novel customizable functionalities, which are even closer to the needs of the users. Different application domains can benefit from this innovation, including the ophthalmology and eyewear sector. In such a context, the lenses and the eyeglasses frames become smart, thanks to the adoption of IoT paradigm. A relevant application in such an area concerns the definition of a system able to guarantee the originality of the product (and, so, verify the certification), as well as preventing the spread of imitations and counterfeit products, recognizing them in real time. In this paper, a preliminary approach for solving such emerged issues is proposed. More in detail, the main requirements and involved functionalities are pointed out and represented in a coherent flow, through Node‐RED, which is a flow‐based programming tool targeted to support the design and development of IoT applications.
Securing the smart home: A real case study Sicari, Sabrina; Rizzardi, Alessandra; Miorandi, Daniele ...
Internet technology letters,
May/June 2018, Volume:
1, Issue:
3
Journal Article
Peer reviewed
Open access
Both people and organizations are widely accepting and adopting of the functionalities offered by the smart home or smart building applications. This is due to the many advantages, in easing users' ...everyday life and work, provided by the emerging Internet of Things (IoT) technologies and devices—equipped with sensors, cameras, or actuators—and the ability to either to acquire information from the environment or to perform proper tasks. The main features of smart homes/buildings include real‐time monitoring, remote control, safety from intruders, gas/fire alarm, and so on. Because sensitive and private information is managed within smart homes/buildings, security and privacy solutions must be put in place in order to protect users/businesses' data against violation attempts as well as to guarantee the provision of reliable services. To this end, rules—in the form of policies—associated with the smart home/building resources must be defined and correctly enforced by means of a robust framework for handling the huge amount of IoT data managed. In this paper, the effectiveness and potentialities of a strategy based on sticky policies, integrated into a security and privacy‐aware IoT middleware, are demonstrated within a smart home scenario. A test bed is developed using real datasets in order to conduct analysis on the execution times, response times to detected attacks, and memory occupancy of the proposed approach.
Now reaching 2020, the world is witnessing the initial diffusion of 5G networks, which promise to revolutionize the mobile wireless communications, providing faster services, very low delays, and a ...very pervasive connectivity via mobile devices. It is worth to remark that the main paradigm which will take advantage from 5G is really the Internet of Things (IoT). However, the spreading of 5G technology also generates important concerns in terms of security and privacy, due to the continuous and wireless connection to the network, which hinders the reliability of the involved devices. This paper deeply analyzed the current state of the art about the existing security and privacy solutions tailored to 5G. More in detail, the following requirements are discussed: data integrity, confidentiality, authentication, access control, non-repudiation, trust, privacy, identity management, key management, policy enforcement, and intrusion detection. Furthermore, the paper aims to shed the light on future research directions towards the realization of secure and privacy aware 5G systems. To this end, the role of emerging paradigms, such as IoT, fog computing, and blockchain is investigated.
The incremental diffusion of the Internet of Things (IoT) technologies and applications represents the outcome of a world ever more connected by means of heterogeneous and mobile devices. IoT ...scenarios imply the presence of multiple data producers (e.g., sensors, actuators, RFID, NFC) and consumers (e.g., end-user devices, such as smartphones, tablets, and PCs). A variety of standards and protocols must cooperate to efficiently gather, process, and share the information. The fog computing paradigm, due to its distributed nature, represents a viable solution to cope with interoperability, scalability, security, and privacy issues, which naturally emerge, since it operates as an intermediate layer between data consumers/producers and traditional cloud systems. This paper analyzes the evolution in the modeling of new methodologies, related to fog computing and IoT, showing how moving security and privacy tasks toward the edge of the network provide both advantages and new challenges to be faced in this research field. The proposed discussion provides an overview of requirements for the realization of secure and privacy-aware IoT-based fog computing infrastructures.
The Internet of Things (IoT) paradigm is characterized by the adoption of different protocols and standards to enable communications among heterogeneous and, often, resource-constrained devices. The ...risk of violation is high due to the wireless nature of the communication protocols usually involved in the IoT environments (e.g., e-health, smart agriculture, industry 4.0, military scenarios). For such a reason, proper security countermeasures must be undertaken, in order to prevent and react to malicious attacks, which could hinder the data reliability. In particular, the following requirements should be addressed: authentication, confidentiality, integrity, and authorization. This paper aims at investigating such security features, which are often combined with native functionalities, in the most known IoT-related protocols: MQTT, CoAP, LoRaWAN, AMQP, RFID, ZigBee, and Sigfox. The advantages and weaknesses of each one will be revealed, in order to point out open issues and best practices in the design of efficient and robust IoT network infrastructure.