Josef Noll

SenaaS: An event-driven sensor virtualization approach for Internet of Things cloud

In this paper, we propose an Internet of Things (IoT) virtualization framework to support connected objects sensor event processing and reasoning by providing a semantic overlay of underlying IoT cloud. The framework uses the sensor-as-aservice notion to expose IoT clouds connected objects functional aspects in the form of web services. The framework uses an adapter oriented approach to address the issue of connectivity with various types of sensor nodes. We employ semantic enhanced access polices to ensure that only authorized parties can access the IoT framework services, which result in enhancing overall security of the proposed framework. Furthermore, the use of event-driven service oriented architecture (e-SOA) paradigm assists the framework to leverage the monitoring process by dynamically sensing and responding to different connected objects sensor events. We present our design principles, implementations, and demonstrate the development of IoT application with reasoning capability by using a green school motorcycle (GSMC) case study. Our exploration shows that amalgamation of e-SOA, semantic web technologies and virtualization paves the way to address the connectivity, security and monitoring issues of IoT domain.

Semantic Access Control in Web Based Communities

Web based social communities are one of the most widely used applications nowadays. Ubiquitous computing and access capabilities leverage the evolution of highly dynamic social communities. Recently, security and privacy concerns within these communities have increased significantly. This paper addresses these challenges by controlling access to community resources exploiting semantic Web technologies. In this regard, a conceptual community framework and its access control mechanisms are formalised using the Web ontology language. Access to the resources is controlled by defining differential access rights based on the relationships between the individuals and the communities. Instead of an explicit definition, some additional facts of the mechanisms are inferred by executing semantic Web rules using the Jess rule engine over the designed ontology. These information are then passed back into the ontology to enrich the existing ontology.

Interoperability of Security-Enabled Internet of Things

The future Internet will embrace the intelligence of Web 3.0 and the omnipresence of every day connected objects. The later was envisioned as the Internet of Things. Security and interoperability concerns are hindering the service innovations using the Internet of Things. This paper addresses secure access provision to Internet of Things-enabled services and interoperability of security attributes between different administrative domains. In this paper we proposed a layered architecture of Internet of Things framework where a semantically enhanced overlay interlink the other layers and facilitate secure access provision to Internet of Things-enabled services. The main element of semantic overlay is security reasoning through ontologies and semantic rules. Finally the interoperability of security aspect is addressed through ontology and a machine-to-machine platform. This paper provides implementation details of security reasoning and the interoperability aspects and discusses crucial challenges in these areas.

SIM as Secure Key Storage in Communication Networks

With the exponentially growing number of users, who are accessing online services, easy authentication became a key factor. A trusted and secure platform can enable seamless authentication in most of the applications. This paper extends the possible use of the subscriber identity module (SIM) as authenticator in the online world. The paper proposes near field communication (NFC) technology as a transfer technology between the mobile handset and other devices. A possible architecture is shown, future SIM requirements and secure key transfer are addressed. Scenarios for different security or user needs are shown and appropriate key policies are suggested. Solutions are focused on ease of use, security and the needs of different usage areas.

Admittance Services through Mobile Phone Short Messages

A critical issue in the acceptance of wireless services is the authentication to these services. Wireless networks are available, including the home/office network, public hot-spots and the mobile networks. They will extend, including new access technologies such as 4G, and WiMax. Service take-up in these networks will be limited, unless seamless service access is guaranteed. The success of GSM, and especially of premium services (e.g. SMS, iMode) are based on seamless user authentication to the network and to the services, provided with adequate security. This paper focuses on the current developments in Mobile phone/SIM card based authentication. The mobile phone can be used for physical access (admittance) and service access using near field communication (NFC). It may act as the security device in wireless network access, using EAP/SIM and Bluetooth, or using the SIM credentials for VPN and Mobile Commerce applications. In combining these authentication mechanisms, the Mobile phone has the potential being the identity provider in the virtual/electronic world.

A Semantic Enhanced Service Proxy Framework for Internet of Things

This paper proposes a semantic enhanced service proxy framework for internet-of-things cloud. The framework exposes IoT clouds smart objects as services by virtue of service orientation and virtualization. The framework uses an adapter oriented approach to address the issue of connectivity with different types of smart objects. We employ a query based service re-route mechanism to decouple service provider and service consumer. We propose micro-formats based service description template for associating smart object location with its service end-point. As a step toward enhancing smart objects service publication and discovery, we adopt a service advertisement approach within the IoT cloud perimeter that automates service publication and discovery process. Our proof-of-concept prototype implementation shows that the existing technology enablers are capable of realizing the service oriented IoT vision, which does not only plug smart objects into the internet but also link the information resided in smart objects into the fabric of the web.

Integrating Mobile Devices into Semantic Services Environments

This paper addresses mobile service provisioning in a mobile supported sensor network. The challenges of secure service provisioning in such a network is tackled through a two-layer approach, using the encryption on the radio layer and policies for device capabilities and service access. This paper suggests the mobile phone acting as control centre for the sensors. The implementation is based on a distributed semantic service repository, allowing the mobile services to become part of a semantic service composition. The semantic policy server connects the device capabilities, the user preferences and the service functionality. The papers provides the functional architecture and implementations of key elements of this architecture.

Multi-Metrics Approach for Security, Privacy and Dependability in Embedded Systems

AbstractEmbedded Systems have become highly interconnected devices, being the key elements of the Internet of Things. Their main function is to capture, store, manipulate and access data of a sensitive nature. Moreover, being connected to Internet, expose them to all kind of attacks, which could cause serious consequences. Traditionally, during the design process, security, privacy and dependability (SPD) have been set aside, including them as an add-on feature. This paper provides a methodology together with a Multi-Metrics approach to evaluate the system SPD level during both the design and running processes. The simplicity, based on a single process during the whole system evaluation, and scalability, simple and complex systems are evaluated equally, are the main advantages. The applicability of the presented methodology is demonstrated by the evaluation of a smart vehicle use case.

Distributed Identity for Secure Service Interaction

People rely on physical identities and computers to access todays numerous services. It requires having various identity cards and typing of a good number of usernames and passwords daily to prove ones identity to the remote services. These create inconvenience in use and significant security vulnerability. In this paper, we present a concept of digital identity and thereby accessing services to solve this problem. It uses the mobile phone as identifier to ones digital identity. An individual is expected to exercise the similar real world roles in digital world through the proposed identity mechanism. Our goal is to develop a system that is both secure and usable.

5G: Service Continuity in Heterogeneous Environments

This paper introduces service continuity as the main driver for 5G systems. It addresses user- and service-aspects in recently opened LTE networks, and identifies the system challenges. The main challenges are related to radio coverage, especially for the provision of high data rates for indoor users. The paper covers also network-, user- and service-authentication as well as user and society requirements. 5G is addressed as a system of systems in order to provide service continuity. It addresses both technology challenges, user related issues and operator revenue. Collaborative radio and a system availability beacon are discussed to cope with heterogeneity in 5G. As the SIM card has evolved towards a third-party offering for storage, authentication and payment, functionality of this future SIM is elaborated providing SIM-based service examples. The paper finally addresses service optimization based on light-weight semantic reasoning.