1,721,003 research outputs found
Security in Internet of Things: networked smart objects.
Full text linkInternet of Things (IoT) is an innovative paradigm approaching both industries and humans every-day life. It refers to the networked interconnection of every-day objects, which are equipped with ubiquitous intelligence. It not only aims at increasing the ubiquity of the Internet, but also at leading towards a highly distributed network of devices communicating with human beings as well as with other devices. Thanks to rapid advances in underlying technologies, IoT is opening valuable opportunities for a large number of novel applications, that promise to improve the quality of humans lives, facilitating the exchange of services.
In this scenario, security represents a crucial aspect to be addressed, due to the high level of heterogeneity of the involved devices and to the sensibility of the managed information. Moreover, a system architecture should be established, before the IoT is fully operable in an efficient, scalable and interoperable manner.
The main goal of this PhD thesis concerns the design and the implementation of a secure and distributed middleware platform tailored to IoT application domains. The effectiveness of the proposed solution is evaluated by means of a prototype and real case studies
Insights into security and privacy towards fog computing evolution
No full textThe incremental diffusion of the Internet of Things (IoT) technologies and applications represents the outcome of a world ever more connected by means of heterogeneous and mobile devices. IoT scenarios imply the presence of multiple data producers (e.g., sensors, actuators, RFID, NFC) and consumers (e.g., end-user devices, such as smartphones, tablets, and PCs). A variety of standards and protocols must cooperate to efficiently gather, process, and share the information. The fog computing paradigm, due to its distributed nature, represents a viable solution to cope with interoperability, scalability, security, and privacy issues, which naturally emerge, since it operates as an intermediate layer between data consumers/producers and traditional cloud systems. This paper analyzes the evolution in the modeling of new methodologies, related to fog computing and IoT, showing how moving security and privacy tasks toward the edge of the network provide both advantages and new challenges to be faced in this research field. The proposed discussion provides an overview of requirements for the realization of secure and privacy-aware IoT-based fog computing infrastructures
From design to prototyping in the Internet of Things: A domotics case study
No full textNowadays, the capability of rapidly designing and prototyping, simple, yet real domotics systems (e.g., smart homes and smart buildings applications) is even more compelling, due to the availability and increasing spread of Internet of Things (IoT) devices. Home automation services enable the remote monitoring of indoor environments and facilities. The main advantages include saving energy consumption and improving the overall management (and users' experience) in certain application domains. The pervasive adoption and diffusion of such remote monitoring solutions is hampered by the timing required for design, prototyping and further developing applications and underlying architecture, which must be often customized on the basis of specific domains' needs and involved entities. To cope with this issue, the paper proposes the analysis and prototyping of a domotics case study, in order to demonstrate the effectiveness of proper IoT?related tools in speeding up the testing phase
Security&privacy issues and challenges in NoSQL databases
No full textOrganizing the storing of information and data retrieval from databases is a crucial issue, which has become more critical with the spreading of cloud and Internet of Things (IoT) based applications. In fact, not only the network's traffic has increased, but also the amount of memory and the mechanisms needed to manage the so-called Big Data efficiently. Relational databases, based on SQL, are giving way to the NoSQL ones due to their efficiency in managing the heterogeneous information gathered from IoT environments. Such data can be stored, in a distributed manner, within the IoT network's devices or in the cloud. Hence, security and privacy concerns naturally emerge regarding access control, authentication, and authorization requirements. This paper analyses the current state of the art of security and privacy solutions tailored to NoSQL databases, particularly Redis, Cassandra, MongoDB, and Neo4j stores. The paper also aims to shed light on current challenges and future research directions in the field databases' security in the IoT scenario
Analysis on functionalities and security features of Internet of Things related protocols
Full text linkThe Internet of Things (IoT) paradigm is characterized by the adoption of different protocols and standards to enable communications among heterogeneous and, often, resource-constrained devices. The risk of violation is high due to the wireless nature of the communication protocols usually involved in the IoT environments (e.g., e-health, smart agriculture, industry 4.0, military scenarios). For such a reason, proper security countermeasures must be undertaken, in order to prevent and react to malicious attacks, which could hinder the data reliability. In particular, the following requirements should be addressed: authentication, confidentiality, integrity, and authorization. This paper aims at investigating such security features, which are often combined with native functionalities, in the most known IoT-related protocols: MQTT, CoAP, LoRaWAN, AMQP, RFID, ZigBee, and Sigfox. The advantages and weaknesses of each one will be revealed, in order to point out open issues and best practices in the design of efficient and robust IoT network infrastructure
Smart Transport and Logistic: a Node-RED implementation
No full textA clever and efficient management of transport and logistics are fundamental in manufacturer companies, starting to adopt new methodologies, inspired to the emerging industry 4.0 principles. Such a behavior is influenced by the spreading of the Internet of Things (IoT) paradigm, helping to automate a lot of features, if not all, of products' management, from raw materials' purchase order to the final delivery to customers. Small and medium industries (SMEs) must face design issues and non-customized solutions may not fit with their habitual data flow. Hence, the need of a tool, able to support designers and developers in defining the network architecture and messages' exchange, emerges. To this end, the use of Node-RED, a flow-based programming tool for the IoT, is proposed, by providing a comprehensive case study targeted to smart transport and logistics
Towards rapid modeling and prototyping of indoor and outdoor monitoring applications
Full text linkNowadays, the capability to remotely monitor indoor and outdoor environments would allow to reduce energy consumption and improve the overall management and users’ experience of network application systems. The most known solutions adopting remote control are related to domotics (e.g., smart homes and industry 4.0 applications). An important stimulus for the development of such smart approaches is the growth of the Internet of Things (IoT) technologies and the increasing investment in the development of green houses, buildings, and, in general, heterogeneous environments. While the benefits for the humans and the environment are evident, a pervasive adoption and distribution of remote monitoring solutions are hindered by the following issue: modeling, designing, prototyping, and further developing the remote applications and underlying architecture require a certain amount of time. Moreover, such systems must be often customized on the basis of the need of the specific domain and involved entities. For such reasons, in this paper, we provide the experience made in addressing some relevant indoor and outdoor case studies through IoT-targeted tools, technologies and protocols, highlighting the advantages and disadvantages of the considered solutions as well as insights that can be useful for future practitioners
Securing the access control policies to the Internet of Things resources through permissioned blockchain
Full text linkSecurity and privacy of information transmitted among the devices involved in an Internet of Things (IoT) network represent relevant issues in IoT contexts. Guaranteeing effective control and supervising access permissions to IoT applications is a complex task, mainly due to resources’ heterogeneity and scalability requirements. The design and development of highly customizable access control policies, along with an efficient mechanism for ensuring that the rules applied by the IoT platform are not tampered with or violated, will undoubtedly have a significant impact on the diffusion of IoT-based solutions. In such a direction, the paper proposes the integration of a permissioned blockchain within an honest-but-curious (i.e., not trusted) IoT distributed middleware layer, which aims to guarantee the correct management of access to resources by the interested parties. The result is a robust and lightweight system, able to manage the data produced by IoT devices, support relevant security features, such as integrity and confidentiality, and resist different kinds of attacks. The use of blockchain will ensure the tamper-resistance and synchronization of the distributed system, where various stakeholders own applications and IoT platforms. The methodology and the proposed architecture are validated employing a test-bed
Sticky Policies: A Survey
No full textIn the digital age, where the Internet connects things across the globe and individuals are constantly online, data security and privacy are becoming key drivers (and barriers) of change for adoption of innovative solutions. Traditional approaches, whereby communication links are secured by means of encryption, and access control is run in a static way by a centralised authority, are showing their limits when applied to massive-scale, interconnected and distributed systems. Regulations, while still fragmented, are moving to adapt to changes in technology and society, with the aim to protect confidential information by governments, businesses, and individual citizens. In this landscape, proper mechanisms should be defined to allow a strict control over the data life-cycle and to guarantee the privacy and the application of specific regulations on personal information's disclosure, usage and access. Sticky policies represent one approach to improve owners' control over their data. In such an approach, machine-readable policies are attached to data. They are called 'sticky' in that they travel together with data, as data travels across multiple administrative domains. In this article we survey the state-of-the-art in sticky policies, discussing limitations, open issues, applications and research challenges, with a specific focus on their applicability to Internet of Things, cloud computing and Content Centric Networking
A Comparative Study of Recent Wireless Sensor Network Simulators
No full textOver recent years, the continuous interest in wireless sensor networks (WSNs) has led to the appearance of new modeling methods and simulation environments for WSN applications. A broad variety of different simulation tools have been designed to explore and validate WSN systems before actual implementation and real-world deployment. These tools address different design aspects and offer various simulation abstractions to represent and model real-world behavior. In this article, we present a comprehensive comparative study of mainstream open-source simulation tools for WSNs. Two benchmark applications are designed to evaluate the frameworks with respect to the simulation runtime performance, network throughput, communication medium modeling, packet reception rate, network latency, and power consumption estimation accuracy. Such metrics are also evaluated against measurements on physical prototypes. Our experiments show that the tools produce equivalent results from a functional point of view and capacity to model communication phenomena, while the ability to model details of the execution platform significantly impacts the runtime simulation performance and the power estimation accuracy. The benchmark applications are also made available in the public domain for further studies
- …
