Alessandra Rizzardi

Security, privacy and trust in Internet of Things

Internet of Things (IoT) is characterized by heterogeneous technologies, which concur to the provisioning of innovative services in various application domains. In this scenario, the satisfaction of security and privacy requirements plays a fundamental role. Such requirements include data confidentiality and authentication, access control within the IoT network, privacy and trust among users and things, and the enforcement of security and privacy policies. Traditional security countermeasures cannot be directly applied to IoT technologies due to the different standards and communication stacks involved. Moreover, the high number of interconnected devices arises scalability issues; therefore a flexible infrastructure is needed able to deal with security threats in such a dynamic environment. In this survey we present the main research challenges and the existing solutions in the field of IoT security, identifying open issues, and suggesting some hints for future research.

Survey PaperSecurity, privacy and trust in Internet of Things: The road ahead

Internet of Things (IoT) is characterized by heterogeneous technologies, which concur to the provisioning of innovative services in various application domains. In this scenario, the satisfaction of security and privacy requirements plays a fundamental role. Such requirements include data confidentiality and authentication, access control within the IoT network, privacy and trust among users and things, and the enforcement of security and privacy policies. Traditional security countermeasures cannot be directly applied to IoT technologies due to the different standards and communication stacks involved. Moreover, the high number of interconnected devices arises scalability issues; therefore a flexible infrastructure is needed able to deal with security threats in such a dynamic environment. In this survey we present the main research challenges and the existing solutions in the field of IoT security, identifying open issues, and suggesting some hints for future research.

A secure and quality-aware prototypical architecture for the Internet of Things

Abstract The increasing diffusion of services enabled by Internet of Things (IoT) technologies raises several risks associated to security and data quality. Together with the high number of heterogeneous interconnected devices, this creates scalability issues, thereby calling for a flexible middleware platform able to deal with both security threats and data quality issues in a dynamic IoT environment. In this paper a lightweight and cross-domain prototype of a distributed architecture for IoT is presented, providing minimum data caching functionality and in-memory data processing. A number of supporting algorithms for the assessment of data quality and security are presented and discussed. In the presented system, users can request services on the basis of a publish/subscribe mechanism, data from IoT devices being filtered according to users requirements in terms of security and quality. The prototype is validated in an experimental setting characterized by the usage of real-time open data feeds presenting different levels of reliability, quality and security.

AUPS: An Open Source AUthenticated Publish/Subscribe system for the Internet of Things

Abstract The arising of the Internet of Things (IoT) is enabling new service provisioning paradigms, able to leverage heterogeneous devices and communication technologies. Efficient and secure communication mechanisms represent a key enabler for the wider adoption and diffusion of IoT systems. One of the most widely employed protocols in IoT and machine-to-machine communications is the Message Queue Telemetry Transport (MQTT), a lightweight publish/subscribe messaging protocol designed for working with constrained devices. In MQTT messages are assigned to a specific topic to which users can subscribe. MQTT presents limited security support. In this paper we present a secure publish/subscribe system extending MQTT by means of a key management framework and a policy enforcement one. In this way the flow of information in MQTT-powered IoT systems can be flexibly controlled by means of flexible policies. The solution presented is released as open source under Apache v.2 license.

Security policy enforcement for networked smart objects

In the Internet of Things (IoT) heterogeneous technologies concur to the provisioning of customized services able to bridge the gap between the physical and digital realms. Security, privacy and data quality are acknowledged to represent key issues to be tackled in order to foster the large-scale adoption of IoT systems and technologies. One instrumental aspect concerns the ability of the system to preserve security in the presence of external attacks. In such a scenario, the integration of a flexible IoT middleware, able to handle a large number of data streams and of interconnected devices, with a flexible policy enforcement framework is needed and presented in this paper. The proposed solution aims to ease the management of interactions across different realms and policy conflicts. Its effectiveness is validated by means of a lightweight and cross-domain prototypical implementation.

Networked Smart Objects: Moving Data Processing Closer to the Source

The satisfaction of security and data quality requirements plays a fundamental role in the Internet of Things (IoT) scenario. Such a dynamic environment requires the adoption of heterogeneous technologies to provide customized services in various application domains and both security threats and data quality issues need to be addresses in order to guarantee an effective and efficient data management. In this paper, a lightweight and cross-domain prototype of distributed architecture for IoT is presented and evaluated by means of open data provided by different sources. We show how users can access different types of data by changing security and quality requirements.

A NFP Model for Internet of Things applications

Internet of Things (IoT) involves heterogeneous technologies (i.e., WSN, RFID, actuators) able to exchange data acquired from the environment in order to provide services to the requesting users. In such a scenario the privacy and the quality (i.e., in terms of accuracy, timeliness, completeness) of the handled information represent critical issues. In fact, the provided services must be customized according to the users preferences and habits and have to manage both users personal information and data from different sources, therefore it needs to guarantee privacy and data quality level. This work proposes a UML general conceptual model, which defines the entities involved in the IoT context, their relationships, facing privacy policies definition and data quality assessment. Such a model should represent a starting point for the development of IoT privacy-aware solutions, handling data with a well-defined quality.

Internet of Things: Security in the Keys

Security threats may hinder the large scale adoption of the emerging Internet of Things (IoT) technologies. Besides efforts have already been made in the direction of data integrity preservation, confidentiality and privacy, several issues are still open. The existing solutions are mainly based on encryption techniques, but no attention is actually paid to key management. A clever key distribution system, along with a key replacement mechanism, are essentials for assuring a secure approach. In this paper, two popular key management systems, conceived for wireless sensor networks, are integrated in a real IoT middleware and compared in order to evaluate their performance in terms of overhead, delay and robustness towards malicious attacks.

A Comparative Study of Recent Wireless Sensor Network Simulators

Over recent years, the continuous interest in wireless sensor networks (WSNs) has led to the appearance of new modeling methods and simulation environments for WSN applications. A broad variety of different simulation tools have been designed to explore and validate WSN systems before actual implementation and real-world deployment. These tools address different design aspects and offer various simulation abstractions to represent and model real-world behavior. In this article, we present a comprehensive comparative study of mainstream open-source simulation tools for WSNs. Two benchmark applications are designed to evaluate the frameworks with respect to the simulation runtime performance, network throughput, communication medium modeling, packet reception rate, network latency, and power consumption estimation accuracy. Such metrics are also evaluated against measurements on physical prototypes. Our experiments show that the tools produce equivalent results from a functional point of view and capacity to model communication phenomena, while the ability to model details of the execution platform significantly impacts the runtime simulation performance and the power estimation accuracy. The benchmark applications are also made available in the public domain for further studies.

REATO: REActing TO Denial of Service attacks in the Internet of Things

Abstract Denial of Service (DoS) attack represents until now a relevant problem in Internet-based contexts. In fact, it is both difficult to recognize and to counteract. Along with the adoption and diffusion of Internet of Things (IoT) applications, such an issue has become more urgent to solve, due to the presence of heterogeneous data sources and to the wireless nature of most communications. A DoS attack is even more serious if not only the data sources are under attack, but also the IoT platform itself, which is in charge of acquiring data from multiple data sources and, after data processing, provide useful services to the interested users. In this paper, we present a solution, named REATO, for actively and dynamically detecting and facing DoS attacks within a running IoT middleware. A real prototype has been realized in order to validate the proposed method, by assessing different relevant parameters.