Sabrina Sicari

Internet of things: Vision, applications and research challenges

The term ‘‘Internet-of-Things’’ is used as an umbrella keyword for covering various aspects related to the extension of the Internet and the Web into the physical realm, by means of the widespread deployment of spatially distributed devices with embedded identification, sensing and/or actuation capabilities. Internet-of-Things envisions a future in which digital and physical entities can be linked, by means of appropriate information and communication technologies, to enable a whole new class of applications and services. In this article, we present a survey of technologies, applications and research challenges for Internetof-Things.

Security, privacy and trust in Internet of Things

Internet of Things (IoT) is characterized by heterogeneous technologies, which concur to the provisioning of innovative services in various application domains. In this scenario, the satisfaction of security and privacy requirements plays a fundamental role. Such requirements include data confidentiality and authentication, access control within the IoT network, privacy and trust among users and things, and the enforcement of security and privacy policies. Traditional security countermeasures cannot be directly applied to IoT technologies due to the different standards and communication stacks involved. Moreover, the high number of interconnected devices arises scalability issues; therefore a flexible infrastructure is needed able to deal with security threats in such a dynamic environment. In this survey we present the main research challenges and the existing solutions in the field of IoT security, identifying open issues, and suggesting some hints for future research.

Survey PaperSecurity, privacy and trust in Internet of Things: The road ahead

Internet of Things (IoT) is characterized by heterogeneous technologies, which concur to the provisioning of innovative services in various application domains. In this scenario, the satisfaction of security and privacy requirements plays a fundamental role. Such requirements include data confidentiality and authentication, access control within the IoT network, privacy and trust among users and things, and the enforcement of security and privacy policies. Traditional security countermeasures cannot be directly applied to IoT technologies due to the different standards and communication stacks involved. Moreover, the high number of interconnected devices arises scalability issues; therefore a flexible infrastructure is needed able to deal with security threats in such a dynamic environment. In this survey we present the main research challenges and the existing solutions in the field of IoT security, identifying open issues, and suggesting some hints for future research.

Assessing the risk of using vulnerable components

This paper discusses how information about the architecture and the vulnerabilities affecting a distributed system can be used to quantitatively assess the risk to which the system is exposed. Our approach to risk evaluation can be used to assess how much one should believe in system trustworthiness and to compare different solutions, providing a tool for deciding if the additional cost of a more secure component is worth to be afforded.

DyDAP: A dynamic data aggregation scheme for privacy aware wireless sensor networks

End-to-end data aggregation, without degrading sensing accuracy, is a very relevant issue in wireless sensor networks (WSN) that can prevent network congestion to occur. Moreover, privacy management requires that anonymity and data integrity are preserved in such networks. Unfortunately, no integrated solutions have been proposed so far, able to tackle both issues in a unified and general environment. To bridge this gap, in this paper we present an approach for dynamic secure end-to-end data aggregation with privacy function, named DyDAP. It has been designed starting from a UML model that encompasses the most important building blocks of a privacy-aware WSN, including aggregation policies. Furthermore, it introduces an original aggregation algorithm that, using a discrete-time control loop, is able to dynamically handle in-network data fusion to reduce the communication load. The performance of the proposed scheme has been verified using computer simulations, showing that DyDAP avoids network congestion and therefore improves WSN estimation accuracy while, at the same time, guaranteeing anonymity and data integrity.

Secure Wireless Multimedia Sensor Networks: A Survey

Wireless Multimedia Sensor Networks (WMSNs) are used in many application domains, such as surveillance systems, telemedicine and so on. In order to ensure a broad deployment of such innovative services, strict requirements on security, privacy, and distributed processing of multimedia contents should be satisfied, taking also into account the limited technological resources (in term of energy, computation, bandwidth, and storage) of sensor nodes. Thus, with respect to classic Wireless Sensor Networks, the achievement of these goals is more challenging due to the presence of multimedia data, which usually requires complex compression and aggregation algorithms. In order to provide a unifying synthesis on the last achievements, this survey summarizes the main findings on secure WMSNs proposed in the literature and forecasts future perspectives of such a technology.

A secure and quality-aware prototypical architecture for the Internet of Things

Abstract The increasing diffusion of services enabled by Internet of Things (IoT) technologies raises several risks associated to security and data quality. Together with the high number of heterogeneous interconnected devices, this creates scalability issues, thereby calling for a flexible middleware platform able to deal with both security threats and data quality issues in a dynamic IoT environment. In this paper a lightweight and cross-domain prototype of a distributed architecture for IoT is presented, providing minimum data caching functionality and in-memory data processing. A number of supporting algorithms for the assessment of data quality and security are presented and discussed. In the presented system, users can request services on the basis of a publish/subscribe mechanism, data from IoT devices being filtered according to users requirements in terms of security and quality. The prototype is validated in an experimental setting characterized by the usage of real-time open data feeds presenting different levels of reliability, quality and security.

A security-and quality-aware system architecture for Internet of Things

Internet of Things (IoT) is characterized, at the system level, by high diversity with respect to enabling technologies and supported services. IoT also assumes to deal with a huge amount of heterogeneous data generated by devices, transmitted by the underpinning infrastructure and processed to support value-added services. In order to provide users with valuable output, the IoT architecture should guarantee the suitability and trustworthiness of the processed data. This is a major requirement of such systems in order to guarantee robustness and reliability at the service level. In this paper, we introduce a novel IoT architecture able to support security, privacy and data quality guarantees, thereby effectively boosting the diffusion of IoT services.

AUPS: An Open Source AUthenticated Publish/Subscribe system for the Internet of Things

Abstract The arising of the Internet of Things (IoT) is enabling new service provisioning paradigms, able to leverage heterogeneous devices and communication technologies. Efficient and secure communication mechanisms represent a key enabler for the wider adoption and diffusion of IoT systems. One of the most widely employed protocols in IoT and machine-to-machine communications is the Message Queue Telemetry Transport (MQTT), a lightweight publish/subscribe messaging protocol designed for working with constrained devices. In MQTT messages are assigned to a specific topic to which users can subscribe. MQTT presents limited security support. In this paper we present a secure publish/subscribe system extending MQTT by means of a key management framework and a policy enforcement one. In this way the flow of information in MQTT-powered IoT systems can be flexibly controlled by means of flexible policies. The solution presented is released as open source under Apache v.2 license.

Risk assessment in practice: A real case study

The aim of this work is to evaluate the risk of an external attack to the network of our Department in the University. Thus, this work wants to complement the results in [M. Benini, S. Sicari, A mathematical framework for risk assessment, in: H. Labiod, M. Badra (Eds.), New Technologies, Mobility and Security, Signals and Communication, Springer-Verlag, May 2007, pp. 459-469] where a mathematical framework justifying our risk assessment method has been presented. Hence, this article describes a detailed account of our experience where the instruments, the techniques and the results are described and evaluated.