Soma Bandyopadhyay

A Survey of Middleware for Internet of Things

This paper provides a survey of middleware system for Internet of Things (IoT). IoT is considered as a part of future internet and ubiquitous computing, and it creates a true ubiquitous or smart environment. The middleware for IoT acts as a bond joining the heterogeneous domains of applications communicating over heterogeneous interfaces. Comprehensive review of the existing middleware systems for IoT is provided here to achieve the better understanding of the current gaps and future directions in this field. Fundamental functional blocks are proposed for this middleware system, and based on that a feature wise classification is performed on the existing IoT-middleware. Open issues are analyzed and our vision on the research scope in this area is presented.

IoT-Privacy: To be private or not to be private.

Privacy breaching attacks pose considerable challenges in the development and deployment of Internet of Things (IoT) applications. Though privacy preserving data mining (PPDM) minimizes sensitive data disclosure probability, sensitive content analysis, privacy measurement and users privacy awareness issues are yet to be addressed. In this paper, we propose a privacy management scheme that enables the user to estimate the risk of sharing private data like smart meter data. Our focus is to develop robust sensitivity detection, analysis and privacy content quantification scheme from statistical disclosure control aspect and information theoretic model. We depict performance results using real sensor data.

Lightweight security scheme for vehicle tracking system using CoAP

In this paper we present a lightweight security scheme for authentication and key management to establish a secure channel for Intelligent Transportation System (ITS) for an IoT (Internet of Things) application. We choose Constrained Application Protocol (CoAP) as lightweight application layer protocol. Low overhead security is still an open challenge for CoAP. We propose a payload embedded low cost symmetric-key based robust authentication and key management mechanism on CoAP. This minimizes the security overhead by eliminating expensive handshaking and ciphersuite agreement of standard TLS and DTLS. We propose some unique modification in the CoAP header to invoke its secure mode in an optimized manner. Further, we propose a secure channel with adaptive reliability which reduces the overall communication cost. Such a low overhead security scheme for CoAP is hitherto unexplored. The efficacy of our proposed scheme is demonstrated through laboratory experiments in an emulated environment.

Negotiation-based privacy preservation scheme in internet of things platform

Internet of things (IoT) brings forth a coupling among diverse sensors and diverse domains of applications and services. Sensors primarily provide the sensed observations, which are utilized by various applications and services. Applications are meant to serve personalized needs of the user, based on their various requirements. Therefore, in IoT, the challenge is to provide a platform to facilitate the interoperation among the diverse domains of applications, various heterogeneous devices such as sensors, actuators, gateways, and to preserve privacy while receiving and sharing the sensed observation from and with the multiple data sources and sinks. This paper discusses the characteristics and vision of the IoT system and presents a privacy preservation framework as a part of the IoT platform including a data masking tool for both privacy and utility preservation. The proposed framework provides negotiation--based architecture to find a solution for utility-privacy tradeoff in IoT data management. A case study on data privacy problem in e-health is presented along with a discussion for future research scope and conclusion.

Auth-Lite: Lightweight M2MAuthentication reinforcing DTLS for CoAP

The resource constrained characteristic of M2M systems has made secure channel establishment for sensor data communication a challenging task. While the proposed Constrained Application Protocol (CoAP) from Internet Engineering Task Force (IETF) enables lightweight application layer for sensor devices and gateways, lightweight security protocol on DTLS-secured CoAP (CoAPs) is still not optimally achieved. CoAPs proposes different modes of security starting from pre-shared key to certificate mode. This paper investigates the performance of the payload embedded novel authentication and key management mechanism proposed by the authors, which is robust in nature, compared to pre-shared key mode CoAPs, as well as lightweight. The proposed scheme can be integrated in future with pre-shared key mode of DTLS to reinforce DTLS for mutual authentication. We prove efficacy of our proposed scheme based on comparative analysis with pre-shared key mode of CoAPs.

Lightweight security scheme for IoT applications using CoAP

Purpose – The purpose of this paper is to study lightweight security scheme for Internet of Things (IoT) applications using Constrained Application Protocol (CoAP). Resource-constrained characteristics of IoT systems have ushered in compelling requirements for lightweight application protocol and security suites. CoAP has already been established as the candidate protocol for IoT systems. However, low overhead security scheme for CoAP is still an open problem. Existing security solutions like Datagram Transport Layer Security (DTLS) is not suitable, particularly due to its expensive handshaking, public key infrastructure (PKI)-based authentication and lengthy ciphersuite agreement process. Design/methodology/approach – This paper proposes a lightweight security scheme in CoAP using Advanced Encryption Standard (AES) 128 symmetric key algorithm. The paper presents an object security (payload embedded)-based robust authentication mechanism with integrated key management. The paper introduces few unique modifications to CoAP header to optimize security operation and minimize communication cost. Findings – It is resilient to number of security attacks like replay attack, meet-in-the-middle attack and secure under chosen plaintext attack. This scheme is generic in nature, applicable for gamut of IoT applications. The paper proves efficacy of our proposed scheme for vehicle tracking application in emulated laboratory setup. Specifically, it compares with DTLS-enabled CoAP to establish the lightweight feature of our proposed solution. Research limitations/implications – This paper mainly focuses on implementing in-vehicle tracking systems as an IoT application and used CoAP as the application protocol. Practical implications – Such a lightweight security scheme would provide immense benefit in IoT systems so that resource constraint-sensing devices and nodes can be made secure. This would impact IoT eco systems to a large extent. Originality/value – Such kind of security suite that provides both robustness and lightweight feature is hitherto not known to the authors, particularly in CoAP for IoT applications.

SensIPro: Smart sensor analytics for Internet of things

Sensors play a vital role for realizing the vision of connected smart universe. In this paper, we present a novel sensor agnostic model SensIPro to perform robust unsupervised analysis of sensor data to support scalable analytics, a prime need for Internet of things (IoT). In the context of sensor analytics, outliers contain most delicate information. Analysis of anomaly or outlier is mostly dependent on the application domain as well as signal characteristics. Our proposed sensor analytics model SensIPro automates analysis of outliers based on inferring signal characteristics of diverse sensors from different IoT applications like healthcare, smart energy, smart transport. We apply relevant time-series algorithms using statistical analysis, information theoretic measure for sensor data analytics. We measure similarity/dissimilarity of the time series sensor data and correlate with detected outliers. Our algorithm does not require any prior knowledge of sensor data type and metadata. We present results and analysis based on real life heterogeneous sensor data sets. Obtained results further prove efficacy of the proposed mechanism.

Demo: IAS: Information Analytics for Sensors

Sensors are one of the primary building blocks of IoT. Owing to close proximity of physical world, sensors often collect sensitive information. Invariably, sensor data has rich information content. Here we propose a novel solution IAS: Information Analytics for Sensors to unlock massive potential of sensor data through information analytics and demonstrate an alerting mechanism based on criticality of sensor information. ECG anomaly detection for healthcare, unusual appliance operation detection from smart energy meter data, bad road condition as well as activity detection from accelerometer data are typical use-case scenarios. We use robust statistical and information theoretic approaches. Our approach is unsupervised and is completely sensor agnostic. This abstract provides overview of design and implementation of our tool IAS along with obtained results tested on publicly available datasets. Last but not the least, IAS validates that outliers contain most delicate information.

An unsupervised learning for robust cardiac feature derivation from PPG signals

We propose here derivation algorithms for physiological parameters like beat start point, systolic peak, pulse duration, peak-to-peak distance related to heart rate, dicrotic minima, diastolic peak from Photoplethysmogram (PPG) signals robustly. Our methods are based on unsupervised learning mainly following morphology as well as discrete nature of the signal. Statistical learning has been used as a special aid to infer most probable feature values mainly to cope up with presence of noise, which is assumed to be insignificant compared to signal values at each investigation window. Performance of the proposed method is found to be better than other standard methods, yielding precision and sensitivity more than 97% obtained from three real life data sets.We propose here derivation algorithms for physiological parameters like beat start point, systolic peak, pulse duration, peak-to-peak distance related to heart rate, dicrotic minima, diastolic peak from Photoplethysmogram (PPG) signals robustly. Our methods are based on unsupervised learning mainly following morphology as well as discrete nature of the signal. Statistical learning has been used as a special aid to infer most probable feature values mainly to cope up with presence of noise, which is assumed to be insignificant compared to signal values at each investigation window. Performance of the proposed method is found to be better than other standard methods, yielding precision and sensitivity more than 97% obtained from three real life data sets.

Why not keep your personal data secure yet private in IoT?: Our lightweight approach

IoT (Internet of Things) systems are resource-constrained and primarily depend on sensors for contextual, physiological and behavioral information. Sensitive nature of sensor data incurs high probability of privacy breaching risk due to intended or malicious disclosure. Uncertainty about privacy cost while sharing sensitive sensor data through Internet would mostly result in overprovisioning of security mechanisms and it is detrimental for IoT scalability. In this paper, we propose a novel method of optimizing the need for IoT security enablement, which is based on the estimated privacy risk of shareable sensor data. Particularly, our scheme serves two objectives, viz. privacy risk assessment and optimizing the secure transmission based on that assessment. The challenges are, firstly, to determine the degree of privacy, and evaluate a privacy score from the fine-grained sensor data and, secondly, to preserve the privacy content through secure transfer of the data, adapted based on the measured privacy score. We further meet this objective by introducing and adapting a lightweight scheme for secure channel establishment between the sensing device and the data collection unit/ backend application embedded within CoAP (Constrained Application Protocol), a candidate IoT application protocol and using UDP as a transport. We consider smart energy management, a killer IoT application, as the use-case where smart energy meter data contains private information about the residents. Our results with real household smart meter data demonstrate the efficacy of our scheme.