It acts as a proxy between applications and AAMs. It is in charge
of forwarding authentication requests from applications to the proper AAM
(either Core or Platform) and returning the issued tokens. It also handles
8 [S.Sciancalepore et. al]
the authorization procedure by validating tokens against access policies and
resources metadata.
Attributes Mapping Function (AMF): With reference to Scenario #3, it
manages the translation between attributes stored in tokens issued by dif-
ferent AAMs. This allows applications to access resources in domains where
they are not directly registered to.
Resource Manager (RM): It stores metadata describing resources exposed
by the IoT platform, including their access
2015 security for the internet of things a survey ofVinod Salunkhe
This document surveys existing protocols and open issues regarding security for communications in the Internet of Things (IoT). It analyzes how current approaches ensure security requirements and protect IoT communications. The document also identifies challenges and opportunities for future research. Key points:
- The IoT will connect everyday objects to the Internet, requiring secure communication protocols optimized for constrained sensing devices.
- Standardization bodies are developing a protocol stack to enable reliable, efficient Internet connectivity between devices. This includes 6LoWPAN, RPL, CoAP and security protocols.
- The survey analyzes these protocols and how they address security requirements like authentication, integrity and confidentiality. It also discusses open problems and strategies for future research.
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)IJCNCJournal
Traditional standards and security protocols are recognized as unable to solve the security, privacy, and availability of services of the Internet of Medical Things (IoMT) ecosystem, especially during the Coronavirus (COVID-19) pandemic. Blockchain technology has then emerged as a distributed ledger technology that can manage many intelligent transactions and ensure greater security in data management. The Blockchain-based security mechanisms with specific adaptation and additional layers of authentication and verification can offer a complete resources' management system. It has demonstrated it’s superlatively as the core component of the Bitcoin cryptocurrency. In this paper, we propose a ThreeTier Blockchain Architecture in a hierarchical clustering network, with a lightweight authentication system-based API Gateway model that provides network and communication security. Reasonable implementation is proposed and the obtained results demonstrate that our approach shows satisfactory performances in terms of transfer time, energy consumption, and CPU impacts. The traffic analysis also shows that the proposed model can meet the requested security, integrity, and confidentiality of user data.
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)IJCNCJournal
Traditional standards and security protocols are recognized as unable to solve the security, privacy, and
availability of services of the Internet of Medical Things (IoMT) ecosystem, especially during the
Coronavirus (COVID-19) pandemic. Blockchain technology has then emerged as a distributed ledger
technology that can manage many intelligent transactions and ensure greater security in data
management. The Blockchain-based security mechanisms with specific adaptation and additional layers of
authentication and verification can offer a complete resources' management system. It has demonstrated
it’s superlatively as the core component of the Bitcoin cryptocurrency. In this paper, we propose a ThreeTier Blockchain Architecture in a hierarchical clustering network, with a lightweight authentication
system-based API Gateway model that provides network and communication security.
Reasonable implementation is proposed and the obtained results demonstrate that our approach shows
satisfactory performances in terms of transfer time, energy consumption, and CPU impacts. The traffic
analysis also shows that the proposed model can meet the requested security, integrity, and confidentiality
of user data.
Io t security_review_blockchain_solutionsShyam Goyal
This document reviews security issues related to the Internet of Things (IoT) and potential blockchain solutions. It presents a survey of emerging topics in IoT security and blockchain technology. The document maps major IoT security issues to possible solutions and reviews how blockchain could help address challenging security problems in IoT. It also identifies open challenges for IoT security.
Research Inventy : International Journal of Engineering and Scienceinventy
Research Inventy : International Journal of Engineering and Science is published by the group of young academic and industrial researchers with 12 Issues per year. It is an online as well as print version open access journal that provides rapid publication (monthly) of articles in all areas of the subject such as: civil, mechanical, chemical, electronic and computer engineering as well as production and information technology. The Journal welcomes the submission of manuscripts that meet the general criteria of significance and scientific excellence. Papers will be published by rapid process within 20 days after acceptance and peer review process takes only 7 days. All articles published in Research Inventy will be peer-reviewed.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
A survey on Internet of Things (IoT) security : Challenges and Current statusvivatechijri
When Internet of Things (IoT) applications become a part of people’s daily life, security issues in IoT have caught substantial attention in both academia and industry. Compared to traditional computing systems, IoT systems have more inherent vulnerabilities, and in the intervening time, could have higher security requirements. However, the current design of IoT does not successfully address the higher security requirements postured by those vulnerabilities. Many recent attacks on IoT systems have shown that novel security solutions are needed to defend this emerging system. This paper purposes to examine security challenges resulted from the special characteristics of the IoT systems and the new features of the IoT applications. This could help pave the road to better security solution design. Furthermore, three architectural security designs are suggested and analyzed. Examples of how to implement these designs are discussed. Finally, for each layer in IoT architecture, open issues are also identified.
Architectural Layers of Internet of Things: Analysis of Security Threats and ...Scientific Review SR
A pervasive network architecture that interconnect heterogeneous objects, devices, technologies and services called
Internet of Things has prompted a drastic change in demand of smart devices which in turn has increased the rate of
data exchange. These smart devices are built with numerous sensors which collect information from other interacting
devices, process it and send it to remote locations for storage or further processing. Although this mechanism of data
processing and sharing has contributed immensely to the information world, it has recently posed high security risk
on privacy and data confidentiality. This paper therefore analyses different security threats to data at different
architectural layers of Internet of Things, possible countermeasures and other in-depth security measures for Internet
of Things. The paper identifies device authentication on IoT network to be of paramount impo rtance in securing IoT
systems. This paper also suggests some essential technologies of security such as encryption for securing IoT
devices and the data shared over IoT network
2015 security for the internet of things a survey ofVinod Salunkhe
This document surveys existing protocols and open issues regarding security for communications in the Internet of Things (IoT). It analyzes how current approaches ensure security requirements and protect IoT communications. The document also identifies challenges and opportunities for future research. Key points:
- The IoT will connect everyday objects to the Internet, requiring secure communication protocols optimized for constrained sensing devices.
- Standardization bodies are developing a protocol stack to enable reliable, efficient Internet connectivity between devices. This includes 6LoWPAN, RPL, CoAP and security protocols.
- The survey analyzes these protocols and how they address security requirements like authentication, integrity and confidentiality. It also discusses open problems and strategies for future research.
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)IJCNCJournal
Traditional standards and security protocols are recognized as unable to solve the security, privacy, and availability of services of the Internet of Medical Things (IoMT) ecosystem, especially during the Coronavirus (COVID-19) pandemic. Blockchain technology has then emerged as a distributed ledger technology that can manage many intelligent transactions and ensure greater security in data management. The Blockchain-based security mechanisms with specific adaptation and additional layers of authentication and verification can offer a complete resources' management system. It has demonstrated it’s superlatively as the core component of the Bitcoin cryptocurrency. In this paper, we propose a ThreeTier Blockchain Architecture in a hierarchical clustering network, with a lightweight authentication system-based API Gateway model that provides network and communication security. Reasonable implementation is proposed and the obtained results demonstrate that our approach shows satisfactory performances in terms of transfer time, energy consumption, and CPU impacts. The traffic analysis also shows that the proposed model can meet the requested security, integrity, and confidentiality of user data.
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)IJCNCJournal
Traditional standards and security protocols are recognized as unable to solve the security, privacy, and
availability of services of the Internet of Medical Things (IoMT) ecosystem, especially during the
Coronavirus (COVID-19) pandemic. Blockchain technology has then emerged as a distributed ledger
technology that can manage many intelligent transactions and ensure greater security in data
management. The Blockchain-based security mechanisms with specific adaptation and additional layers of
authentication and verification can offer a complete resources' management system. It has demonstrated
it’s superlatively as the core component of the Bitcoin cryptocurrency. In this paper, we propose a ThreeTier Blockchain Architecture in a hierarchical clustering network, with a lightweight authentication
system-based API Gateway model that provides network and communication security.
Reasonable implementation is proposed and the obtained results demonstrate that our approach shows
satisfactory performances in terms of transfer time, energy consumption, and CPU impacts. The traffic
analysis also shows that the proposed model can meet the requested security, integrity, and confidentiality
of user data.
Io t security_review_blockchain_solutionsShyam Goyal
This document reviews security issues related to the Internet of Things (IoT) and potential blockchain solutions. It presents a survey of emerging topics in IoT security and blockchain technology. The document maps major IoT security issues to possible solutions and reviews how blockchain could help address challenging security problems in IoT. It also identifies open challenges for IoT security.
Research Inventy : International Journal of Engineering and Scienceinventy
Research Inventy : International Journal of Engineering and Science is published by the group of young academic and industrial researchers with 12 Issues per year. It is an online as well as print version open access journal that provides rapid publication (monthly) of articles in all areas of the subject such as: civil, mechanical, chemical, electronic and computer engineering as well as production and information technology. The Journal welcomes the submission of manuscripts that meet the general criteria of significance and scientific excellence. Papers will be published by rapid process within 20 days after acceptance and peer review process takes only 7 days. All articles published in Research Inventy will be peer-reviewed.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
A survey on Internet of Things (IoT) security : Challenges and Current statusvivatechijri
When Internet of Things (IoT) applications become a part of people’s daily life, security issues in IoT have caught substantial attention in both academia and industry. Compared to traditional computing systems, IoT systems have more inherent vulnerabilities, and in the intervening time, could have higher security requirements. However, the current design of IoT does not successfully address the higher security requirements postured by those vulnerabilities. Many recent attacks on IoT systems have shown that novel security solutions are needed to defend this emerging system. This paper purposes to examine security challenges resulted from the special characteristics of the IoT systems and the new features of the IoT applications. This could help pave the road to better security solution design. Furthermore, three architectural security designs are suggested and analyzed. Examples of how to implement these designs are discussed. Finally, for each layer in IoT architecture, open issues are also identified.
Architectural Layers of Internet of Things: Analysis of Security Threats and ...Scientific Review SR
A pervasive network architecture that interconnect heterogeneous objects, devices, technologies and services called
Internet of Things has prompted a drastic change in demand of smart devices which in turn has increased the rate of
data exchange. These smart devices are built with numerous sensors which collect information from other interacting
devices, process it and send it to remote locations for storage or further processing. Although this mechanism of data
processing and sharing has contributed immensely to the information world, it has recently posed high security risk
on privacy and data confidentiality. This paper therefore analyses different security threats to data at different
architectural layers of Internet of Things, possible countermeasures and other in-depth security measures for Internet
of Things. The paper identifies device authentication on IoT network to be of paramount impo rtance in securing IoT
systems. This paper also suggests some essential technologies of security such as encryption for securing IoT
devices and the data shared over IoT network
This document is a project report on automated color detection system submitted by Prem Vijay Borse to fulfill the requirements of a diploma in computer engineering. The report includes an introduction outlining the need for computerized network security. It also includes chapters on literature review, existing system analysis, proposed new system design, implementation details, and conclusions. The overall aim is to design a computerized network security system to replace the existing manual process and address issues like fraudulent activities and unauthorized access of data in banks.
SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGSIJNSA Journal
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn significant attention during the past few years, the pace at which new devices are being integrated into the system will profoundly impact the world in a good way but also poses some severe queries about security and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide security assurance for the data exchange because data is vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where each layer provides a service. The security needs vary from layer to layer as each layer serves a different purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks have been discussed along with some existing and proposed countermeasures.
SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGSIJNSA Journal
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of
the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating
interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn
significant attention during the past few years, the pace at which new devices are being integrated into the
system will profoundly impact the world in a good way but also poses some severe queries about security
and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most
significant concerns of IoT is to provide security assurance for the data exchange because data is
vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where
each layer provides a service. The security needs vary from layer to layer as each layer serves a different
purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks
have been discussed along with some existing and proposed countermeasures.
Design of a Hybrid Authentication Technique for User and Device Authenticatio...IRJET Journal
The document proposes a hybrid authentication technique using blockchain authentication and artificial intelligence for user and device authentication in an integrated Internet of Things (IoT) environment. It discusses challenges with IoT security and reviews existing literature on blockchain and AI approaches for IoT authentication. The proposed technique aims to create a decentralized authentication system using a blockchain to store authentication records that are then used to train a neural network model. This trained model can authenticate new users and devices in the IoT network. The document outlines the objectives, methodology, and potential benefits of the proposed hybrid authentication approach for improving IoT security.
Aggregated proof based hierarchical authentication scheme for the internet of...Pvrtechnologies Nellore
The document proposes an aggregated-proof based hierarchical authentication scheme (APHA) for layered networks in the U2IoT (unit IoT and ubiquitous IoT) architecture. The scheme aims to 1) establish aggregated-proofs for anonymous data transmission, 2) use directed path descriptors, homomorphism functions, and Chebyshev chaotic maps for mutual authentication, and 3) assign different access authorities for hierarchical access control. The scheme is designed to satisfy security requirements like data confidentiality, integrity and availability, hierarchical access control, forward security, mutual authentication, and privacy preservation for the U2IoT architecture.
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...IJECEIAES
‘Internet of Things (IoT)’emerged as an intelligent collaborative computation and communication between a set of objects capable of providing on-demand services to other objects anytime anywhere. A large-scale deployment of data-driven cloud applications as well as automated physical things such as embed electronics, software, sensors and network connectivity enables a joint ubiquitous and pervasive internet-based computing systems well capable of interacting with each other in an IoT. IoT, a well-known term and a growing trend in IT arena certainly bring a highly connected global network structure providing a lot of beneficial aspects to a user regarding business productivity, lifestyle improvement, government efficiency, etc. It also generates enormous heterogeneous and homogeneous data needed to be analyzed properly to get insight into valuable information. However, adoption of this new reality (i.e., IoT) by integrating it with the internet invites a certain challenges from security and privacy perspective. At present, a much effort has been put towards strengthening the security system in IoT still not yet found optimal solutions towards current security flaws. Therefore, the prime aim of this study is to investigate the qualitative aspects of the conventional security solution approaches in IoT. It also extracts some open research problems that could affect the future research track of IoT arena.
A signature-based data security and authentication framework for internet of...IJECEIAES
This document presents a research paper that proposes a signature-based data security and authentication framework for Internet of Things (IoT) applications. The paper introduces a novel computational model that establishes a unique authentication process using a simplified encryption strategy. The model considers both local and global IoT environments and implements an authentication mechanism using challenge-response exchanges between communicating nodes. A digital signature is generated using parameters like random seeds, secret keys, prime values, and data packets. Simulation results show that the proposed system offers efficient security and data transmission performance in the presence of unknown adversaries, performing better than commonly used security solutions in vulnerable IoT environments.
This document discusses a research paper on home automation systems using the Internet of Things (IoT). It begins with an introduction to IoT, defining it as a network of everyday objects that can share information and complete tasks. It then discusses how IoT is enabling home automation through technologies like smart lights, door sensors, and webcams. The paper also outlines the key components of an IoT system, including hardware, middleware, and interfaces. It describes several enabling technologies used in IoT, such as RFID, wireless sensor networks, and addressing schemes. Finally, it discusses reference architectures for IoT from standards bodies like ITU and WSO2.
IRJET- An Approach to Authenticating Devise in IoT using BlockchainIRJET Journal
The document proposes using blockchain technology to authenticate devices in the Internet of Things (IoT) and address major security issues. It describes how IoT currently lacks adequate authentication of entities and integrity of exchanged information due to its decentralized nature. The approach suggests an initial decentralized system using blockchain's security elements to guarantee solid device identification and authentication while preserving integrity and accessibility of information. This would help generate secure virtual environments where devices can identify and trust each other. The document provides background on IoT security issues, blockchain technology, and smart contracts before reviewing related literature on authentication in IoT.
This document summarizes research on Internet of Things (IoT) malware based on a literature review. It defines IoT and IoT malware, categorizes common types of IoT malware, and discusses platforms and operating systems that are targets for IoT malware. The document analyzes reference models for IoT security and surveys recent studies on malware affecting popular mobile and embedded operating systems like Android, iOS, ARM mbed OS, and TinyOS.
Secure Modern Healthcare System Based on Internet of Things and Secret Sharin...Eswar Publications
This document proposes an Internet of Things (IoT)-based system for healthcare and an authentication scheme to secure it. It first reviews existing literature on IoT and healthcare systems. It then presents the architecture of the proposed system, which has perception, network and application layers. Devices in the perception layer would collect health data from patients. The network layer would communicate this data to cloud servers via gateways. The application layer would manage devices, analyze data and share it with applications. The document proposes authenticating healthcare devices during access of patient data. It aims to enhance security in IoT-based healthcare through device authentication.
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
The Internet of Things (IoT) alludes to the continually developing system of physical articles that component an
IP address for web availability, and the correspondence that happens between these items and other Web
empowered gadgets and frameworks. The security issues of the Internet of Things (IoT) are straight forwardly
identified with the wide utilization of its framework. IoT securities and enhancing the design and several
elements of this work showcases various security issues with respect to IoT and thinks of solutions for the issues
under the advancements included. Here we are going to do a study of all the security issues existing in the
Internet of Things (IoT) alongside an examination of the protection issues that an end-client might confront as
an outcome of the spread of IoT. Most of the overview is centred around the security emerging out of the data
trade innovations utilized as a part of Internet of Things. As a piece of IoTs, genuine concerns are raised over
access of individual data relating to gadget and individual protection. This review tells about the security and
protection issues of IoT.
The document discusses key topics related to the Internet of Things (IoT) including:
1. It defines IoT and lists its main characteristics as intelligence, connectivity, enormous scale, dynamic nature, heterogeneity, sensing, and security.
2. It describes the physical design of IoT including IoT devices and protocols used for communication between devices and cloud servers.
3. It outlines the logical design of IoT including functional blocks, common communication models like request-response, publish-subscribe, and push-pull, as well as communication APIs.
This document discusses challenges and techniques for securing Internet of Things (IoT) architecture. It begins with an introduction to IoT and outlines key challenges including privacy, security, scalability, and connectivity issues that arise from the large number of interconnected devices. The document then reviews literature on techniques for securing IoT, such as using network function virtualization (NFV) and information-centric networking (ICN). It describes several proposed secure IoT architectures in detail and compares different approaches. The document concludes by discussing future directions for securing IoT architecture.
CICS: Cloud–Internet Communication Security Framework for the Internet of Sma...AlAtfat
This document proposes a Cloud-Internet Communication Security (CICS) framework to provide secure communication among smart devices connected to the internet. The framework has four layers - a presentation layer on smart devices, a communication security layer providing encryption/decryption, a ubiquitous network layer, and a cloud layer. The cloud layer collects encrypted data from devices, processes it, and stores it securely. This framework aims to address security challenges like attacks that could disrupt services or cause denial of service when smart devices communicate using cloud computing.
Network security is one of the foremost anxieties of the modern time. Over
the previous years, numerous studies have been accompanied on the
intrusion detection system. However, network security is one of the foremost
apprehensions of the modern era this is due to the speedy development and
substantial usage of altered technologies over the past period. The
vulnerabilities of these technologies security have become a main dispute
intrusion detection system is used to classify unapproved access and unusual
attacks over the secured networks. For the implementation of intrusion
detection system different approaches are used machine learning technique
is one of them. In order to comprehend the present station of application of
machine learning techniques for solving the intrusion discovery anomalies in
internet of thing (IoT) based big data this review paper conducted. Total 55
papers are summarized from 2010 and 2021 which were centering on the
manner of the single, hybrid and collaborative classifier design. This review
paper also includes some of the basic information like IoT, big data, and
machine learning approaches are discussed.
The document discusses the key components of an Internet of Things (IoT) architecture. It describes the five layers of an IoT architecture: perception layer, object abstraction layer, service management layer, application layer, and business layer. It also discusses the key elements that enable IoT such as things, gateways, data streaming processors, data lakes, data warehouses, data analysts, machine learning models, and control applications. Security is an important consideration for IoT architectures and the requirements vary across the different layers.
With rapid growth of science and information technology, Internet of things (IoT) becomes as an integral part of daily life. The applications of IoT are expanded starting from connected cars, wearables, connected health, smart retail and healthcare. However, security issues are increasing with the increase of its use. Lack of compliances on the part of IoT manufacturers, lack of user knowledge and awareness, device update and management, lack of physical hardening and botnet attacks are considered as the major reasons for security issues in IoT based applications. In this aspect, it becomes important to analyze security issues involved with IoT and its impact on the users that has been performed in the present study
Understanding Architecture of Internet of ThingsIJSRED
The document discusses the architecture of the Internet of Things (IoT). It begins by introducing IoT and its key components. It then discusses three traditional IoT architectures: (1) a three-layer architecture consisting of a perception, network and application layer; (2) the TCP/IP four-layer model; and (3) the Telecommunications Management Network's five-layer logical layered architecture. The document proposes a new five-layer IoT architecture combining aspects of these models. The five layers are the business, application, processing, transport and perception layers. The perception layer collects data via sensors while the business layer manages the overall enterprise.
A survey on secure communication protocols for io t systemsVishwesh Nagamalla
This document provides a survey of secure communication protocols for Internet of Things (IoT) systems. It discusses the security requirements for IoT including confidentiality, integrity, authentication, privacy and resilience. It then evaluates the security capabilities of several standardized IoT communication protocols, including IEEE 802.15.4, WiFi, Bluetooth Low Energy, 6LoWPAN, and others. For each protocol, it describes the security features like encryption algorithms, authentication methods, and how they aim to satisfy the core security requirements for IoT systems.
Revolutionizing Visual Effects Mastering AI Face Swaps.pdfUndress Baby
The quest for the best AI face swap solution is marked by an amalgamation of technological prowess and artistic finesse, where cutting-edge algorithms seamlessly replace faces in images or videos with striking realism. Leveraging advanced deep learning techniques, the best AI face swap tools meticulously analyze facial features, lighting conditions, and expressions to execute flawless transformations, ensuring natural-looking results that blur the line between reality and illusion, captivating users with their ingenuity and sophistication.
Web:- https://undressbaby.com/
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
This document is a project report on automated color detection system submitted by Prem Vijay Borse to fulfill the requirements of a diploma in computer engineering. The report includes an introduction outlining the need for computerized network security. It also includes chapters on literature review, existing system analysis, proposed new system design, implementation details, and conclusions. The overall aim is to design a computerized network security system to replace the existing manual process and address issues like fraudulent activities and unauthorized access of data in banks.
SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGSIJNSA Journal
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn significant attention during the past few years, the pace at which new devices are being integrated into the system will profoundly impact the world in a good way but also poses some severe queries about security and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide security assurance for the data exchange because data is vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where each layer provides a service. The security needs vary from layer to layer as each layer serves a different purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks have been discussed along with some existing and proposed countermeasures.
SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGSIJNSA Journal
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of
the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating
interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn
significant attention during the past few years, the pace at which new devices are being integrated into the
system will profoundly impact the world in a good way but also poses some severe queries about security
and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most
significant concerns of IoT is to provide security assurance for the data exchange because data is
vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where
each layer provides a service. The security needs vary from layer to layer as each layer serves a different
purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks
have been discussed along with some existing and proposed countermeasures.
Design of a Hybrid Authentication Technique for User and Device Authenticatio...IRJET Journal
The document proposes a hybrid authentication technique using blockchain authentication and artificial intelligence for user and device authentication in an integrated Internet of Things (IoT) environment. It discusses challenges with IoT security and reviews existing literature on blockchain and AI approaches for IoT authentication. The proposed technique aims to create a decentralized authentication system using a blockchain to store authentication records that are then used to train a neural network model. This trained model can authenticate new users and devices in the IoT network. The document outlines the objectives, methodology, and potential benefits of the proposed hybrid authentication approach for improving IoT security.
Aggregated proof based hierarchical authentication scheme for the internet of...Pvrtechnologies Nellore
The document proposes an aggregated-proof based hierarchical authentication scheme (APHA) for layered networks in the U2IoT (unit IoT and ubiquitous IoT) architecture. The scheme aims to 1) establish aggregated-proofs for anonymous data transmission, 2) use directed path descriptors, homomorphism functions, and Chebyshev chaotic maps for mutual authentication, and 3) assign different access authorities for hierarchical access control. The scheme is designed to satisfy security requirements like data confidentiality, integrity and availability, hierarchical access control, forward security, mutual authentication, and privacy preservation for the U2IoT architecture.
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...IJECEIAES
‘Internet of Things (IoT)’emerged as an intelligent collaborative computation and communication between a set of objects capable of providing on-demand services to other objects anytime anywhere. A large-scale deployment of data-driven cloud applications as well as automated physical things such as embed electronics, software, sensors and network connectivity enables a joint ubiquitous and pervasive internet-based computing systems well capable of interacting with each other in an IoT. IoT, a well-known term and a growing trend in IT arena certainly bring a highly connected global network structure providing a lot of beneficial aspects to a user regarding business productivity, lifestyle improvement, government efficiency, etc. It also generates enormous heterogeneous and homogeneous data needed to be analyzed properly to get insight into valuable information. However, adoption of this new reality (i.e., IoT) by integrating it with the internet invites a certain challenges from security and privacy perspective. At present, a much effort has been put towards strengthening the security system in IoT still not yet found optimal solutions towards current security flaws. Therefore, the prime aim of this study is to investigate the qualitative aspects of the conventional security solution approaches in IoT. It also extracts some open research problems that could affect the future research track of IoT arena.
A signature-based data security and authentication framework for internet of...IJECEIAES
This document presents a research paper that proposes a signature-based data security and authentication framework for Internet of Things (IoT) applications. The paper introduces a novel computational model that establishes a unique authentication process using a simplified encryption strategy. The model considers both local and global IoT environments and implements an authentication mechanism using challenge-response exchanges between communicating nodes. A digital signature is generated using parameters like random seeds, secret keys, prime values, and data packets. Simulation results show that the proposed system offers efficient security and data transmission performance in the presence of unknown adversaries, performing better than commonly used security solutions in vulnerable IoT environments.
This document discusses a research paper on home automation systems using the Internet of Things (IoT). It begins with an introduction to IoT, defining it as a network of everyday objects that can share information and complete tasks. It then discusses how IoT is enabling home automation through technologies like smart lights, door sensors, and webcams. The paper also outlines the key components of an IoT system, including hardware, middleware, and interfaces. It describes several enabling technologies used in IoT, such as RFID, wireless sensor networks, and addressing schemes. Finally, it discusses reference architectures for IoT from standards bodies like ITU and WSO2.
IRJET- An Approach to Authenticating Devise in IoT using BlockchainIRJET Journal
The document proposes using blockchain technology to authenticate devices in the Internet of Things (IoT) and address major security issues. It describes how IoT currently lacks adequate authentication of entities and integrity of exchanged information due to its decentralized nature. The approach suggests an initial decentralized system using blockchain's security elements to guarantee solid device identification and authentication while preserving integrity and accessibility of information. This would help generate secure virtual environments where devices can identify and trust each other. The document provides background on IoT security issues, blockchain technology, and smart contracts before reviewing related literature on authentication in IoT.
This document summarizes research on Internet of Things (IoT) malware based on a literature review. It defines IoT and IoT malware, categorizes common types of IoT malware, and discusses platforms and operating systems that are targets for IoT malware. The document analyzes reference models for IoT security and surveys recent studies on malware affecting popular mobile and embedded operating systems like Android, iOS, ARM mbed OS, and TinyOS.
Secure Modern Healthcare System Based on Internet of Things and Secret Sharin...Eswar Publications
This document proposes an Internet of Things (IoT)-based system for healthcare and an authentication scheme to secure it. It first reviews existing literature on IoT and healthcare systems. It then presents the architecture of the proposed system, which has perception, network and application layers. Devices in the perception layer would collect health data from patients. The network layer would communicate this data to cloud servers via gateways. The application layer would manage devices, analyze data and share it with applications. The document proposes authenticating healthcare devices during access of patient data. It aims to enhance security in IoT-based healthcare through device authentication.
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
The Internet of Things (IoT) alludes to the continually developing system of physical articles that component an
IP address for web availability, and the correspondence that happens between these items and other Web
empowered gadgets and frameworks. The security issues of the Internet of Things (IoT) are straight forwardly
identified with the wide utilization of its framework. IoT securities and enhancing the design and several
elements of this work showcases various security issues with respect to IoT and thinks of solutions for the issues
under the advancements included. Here we are going to do a study of all the security issues existing in the
Internet of Things (IoT) alongside an examination of the protection issues that an end-client might confront as
an outcome of the spread of IoT. Most of the overview is centred around the security emerging out of the data
trade innovations utilized as a part of Internet of Things. As a piece of IoTs, genuine concerns are raised over
access of individual data relating to gadget and individual protection. This review tells about the security and
protection issues of IoT.
The document discusses key topics related to the Internet of Things (IoT) including:
1. It defines IoT and lists its main characteristics as intelligence, connectivity, enormous scale, dynamic nature, heterogeneity, sensing, and security.
2. It describes the physical design of IoT including IoT devices and protocols used for communication between devices and cloud servers.
3. It outlines the logical design of IoT including functional blocks, common communication models like request-response, publish-subscribe, and push-pull, as well as communication APIs.
This document discusses challenges and techniques for securing Internet of Things (IoT) architecture. It begins with an introduction to IoT and outlines key challenges including privacy, security, scalability, and connectivity issues that arise from the large number of interconnected devices. The document then reviews literature on techniques for securing IoT, such as using network function virtualization (NFV) and information-centric networking (ICN). It describes several proposed secure IoT architectures in detail and compares different approaches. The document concludes by discussing future directions for securing IoT architecture.
CICS: Cloud–Internet Communication Security Framework for the Internet of Sma...AlAtfat
This document proposes a Cloud-Internet Communication Security (CICS) framework to provide secure communication among smart devices connected to the internet. The framework has four layers - a presentation layer on smart devices, a communication security layer providing encryption/decryption, a ubiquitous network layer, and a cloud layer. The cloud layer collects encrypted data from devices, processes it, and stores it securely. This framework aims to address security challenges like attacks that could disrupt services or cause denial of service when smart devices communicate using cloud computing.
Network security is one of the foremost anxieties of the modern time. Over
the previous years, numerous studies have been accompanied on the
intrusion detection system. However, network security is one of the foremost
apprehensions of the modern era this is due to the speedy development and
substantial usage of altered technologies over the past period. The
vulnerabilities of these technologies security have become a main dispute
intrusion detection system is used to classify unapproved access and unusual
attacks over the secured networks. For the implementation of intrusion
detection system different approaches are used machine learning technique
is one of them. In order to comprehend the present station of application of
machine learning techniques for solving the intrusion discovery anomalies in
internet of thing (IoT) based big data this review paper conducted. Total 55
papers are summarized from 2010 and 2021 which were centering on the
manner of the single, hybrid and collaborative classifier design. This review
paper also includes some of the basic information like IoT, big data, and
machine learning approaches are discussed.
The document discusses the key components of an Internet of Things (IoT) architecture. It describes the five layers of an IoT architecture: perception layer, object abstraction layer, service management layer, application layer, and business layer. It also discusses the key elements that enable IoT such as things, gateways, data streaming processors, data lakes, data warehouses, data analysts, machine learning models, and control applications. Security is an important consideration for IoT architectures and the requirements vary across the different layers.
With rapid growth of science and information technology, Internet of things (IoT) becomes as an integral part of daily life. The applications of IoT are expanded starting from connected cars, wearables, connected health, smart retail and healthcare. However, security issues are increasing with the increase of its use. Lack of compliances on the part of IoT manufacturers, lack of user knowledge and awareness, device update and management, lack of physical hardening and botnet attacks are considered as the major reasons for security issues in IoT based applications. In this aspect, it becomes important to analyze security issues involved with IoT and its impact on the users that has been performed in the present study
Understanding Architecture of Internet of ThingsIJSRED
The document discusses the architecture of the Internet of Things (IoT). It begins by introducing IoT and its key components. It then discusses three traditional IoT architectures: (1) a three-layer architecture consisting of a perception, network and application layer; (2) the TCP/IP four-layer model; and (3) the Telecommunications Management Network's five-layer logical layered architecture. The document proposes a new five-layer IoT architecture combining aspects of these models. The five layers are the business, application, processing, transport and perception layers. The perception layer collects data via sensors while the business layer manages the overall enterprise.
A survey on secure communication protocols for io t systemsVishwesh Nagamalla
This document provides a survey of secure communication protocols for Internet of Things (IoT) systems. It discusses the security requirements for IoT including confidentiality, integrity, authentication, privacy and resilience. It then evaluates the security capabilities of several standardized IoT communication protocols, including IEEE 802.15.4, WiFi, Bluetooth Low Energy, 6LoWPAN, and others. For each protocol, it describes the security features like encryption algorithms, authentication methods, and how they aim to satisfy the core security requirements for IoT systems.
Revolutionizing Visual Effects Mastering AI Face Swaps.pdfUndress Baby
The quest for the best AI face swap solution is marked by an amalgamation of technological prowess and artistic finesse, where cutting-edge algorithms seamlessly replace faces in images or videos with striking realism. Leveraging advanced deep learning techniques, the best AI face swap tools meticulously analyze facial features, lighting conditions, and expressions to execute flawless transformations, ensuring natural-looking results that blur the line between reality and illusion, captivating users with their ingenuity and sophistication.
Web:- https://undressbaby.com/
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
What is Augmented Reality Image Trackingpavan998932
Augmented Reality (AR) Image Tracking is a technology that enables AR applications to recognize and track images in the real world, overlaying digital content onto them. This enhances the user's interaction with their environment by providing additional information and interactive elements directly tied to physical images.
Odoo ERP software
Odoo ERP software, a leading open-source software for Enterprise Resource Planning (ERP) and business management, has recently launched its latest version, Odoo 17 Community Edition. This update introduces a range of new features and enhancements designed to streamline business operations and support growth.
The Odoo Community serves as a cost-free edition within the Odoo suite of ERP systems. Tailored to accommodate the standard needs of business operations, it provides a robust platform suitable for organisations of different sizes and business sectors. Within the Odoo Community Edition, users can access a variety of essential features and services essential for managing day-to-day tasks efficiently.
This blog presents a detailed overview of the features available within the Odoo 17 Community edition, and the differences between Odoo 17 community and enterprise editions, aiming to equip you with the necessary information to make an informed decision about its suitability for your business.
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
Hand Rolled Applicative User ValidationCode KataPhilip Schwarz
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
Utilocate offers a comprehensive solution for locate ticket management by automating and streamlining the entire process. By integrating with Geospatial Information Systems (GIS), it provides accurate mapping and visualization of utility locations, enhancing decision-making and reducing the risk of errors. The system's advanced data analytics tools help identify trends, predict potential issues, and optimize resource allocation, making the locate ticket management process smarter and more efficient. Additionally, automated ticket management ensures consistency and reduces human error, while real-time notifications keep all relevant personnel informed and ready to respond promptly.
The system's ability to streamline workflows and automate ticket routing significantly reduces the time taken to process each ticket, making the process faster and more efficient. Mobile access allows field technicians to update ticket information on the go, ensuring that the latest information is always available and accelerating the locate process. Overall, Utilocate not only enhances the efficiency and accuracy of locate ticket management but also improves safety by minimizing the risk of utility damage through precise and timely locates.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Zoom is a comprehensive platform designed to connect individuals and teams efficiently. With its user-friendly interface and powerful features, Zoom has become a go-to solution for virtual communication and collaboration. It offers a range of tools, including virtual meetings, team chat, VoIP phone systems, online whiteboards, and AI companions, to streamline workflows and enhance productivity.
Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...kalichargn70th171
A dynamic process unfolds in the intricate realm of software development, dedicated to crafting and sustaining products that effortlessly address user needs. Amidst vital stages like market analysis and requirement assessments, the heart of software development lies in the meticulous creation and upkeep of source code. Code alterations are inherent, challenging code quality, particularly under stringent deadlines.
WhatsApp offers simple, reliable, and private messaging and calling services for free worldwide. With end-to-end encryption, your personal messages and calls are secure, ensuring only you and the recipient can access them. Enjoy voice and video calls to stay connected with loved ones or colleagues. Express yourself using stickers, GIFs, or by sharing moments on Status. WhatsApp Business enables global customer outreach, facilitating sales growth and relationship building through showcasing products and services. Stay connected effortlessly with group chats for planning outings with friends or staying updated on family conversations.
Graspan: A Big Data System for Big Code AnalysisAftab Hussain
We built a disk-based parallel graph system, Graspan, that uses a novel edge-pair centric computation model to compute dynamic transitive closures on very large program graphs.
We implement context-sensitive pointer/alias and dataflow analyses on Graspan. An evaluation of these analyses on large codebases such as Linux shows that their Graspan implementations scale to millions of lines of code and are much simpler than their original implementations.
These analyses were used to augment the existing checkers; these augmented checkers found 132 new NULL pointer bugs and 1308 unnecessary NULL tests in Linux 4.4.0-rc5, PostgreSQL 8.3.9, and Apache httpd 2.2.18.
- Accepted in ASPLOS ‘17, Xi’an, China.
- Featured in the tutorial, Systemized Program Analyses: A Big Data Perspective on Static Analysis Scalability, ASPLOS ‘17.
- Invited for presentation at SoCal PLS ‘16.
- Invited for poster presentation at PLDI SRC ‘16.
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI AppGoogle
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-fusion-buddy-review
AI Fusion Buddy Review: Key Features
✅Create Stunning AI App Suite Fully Powered By Google's Latest AI technology, Gemini
✅Use Gemini to Build high-converting Converting Sales Video Scripts, ad copies, Trending Articles, blogs, etc.100% unique!
✅Create Ultra-HD graphics with a single keyword or phrase that commands 10x eyeballs!
✅Fully automated AI articles bulk generation!
✅Auto-post or schedule stunning AI content across all your accounts at once—WordPress, Facebook, LinkedIn, Blogger, and more.
✅With one keyword or URL, generate complete websites, landing pages, and more…
✅Automatically create & sell AI content, graphics, websites, landing pages, & all that gets you paid non-stop 24*7.
✅Pre-built High-Converting 100+ website Templates and 2000+ graphic templates logos, banners, and thumbnail images in Trending Niches.
✅Say goodbye to wasting time logging into multiple Chat GPT & AI Apps once & for all!
✅Save over $5000 per year and kick out dependency on third parties completely!
✅Brand New App: Not available anywhere else!
✅ Beginner-friendly!
✅ZERO upfront cost or any extra expenses
✅Risk-Free: 30-Day Money-Back Guarantee!
✅Commercial License included!
See My Other Reviews Article:
(1) AI Genie Review: https://sumonreview.com/ai-genie-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
#AIFusionBuddyReview,
#AIFusionBuddyFeatures,
#AIFusionBuddyPricing,
#AIFusionBuddyProsandCons,
#AIFusionBuddyTutorial,
#AIFusionBuddyUserExperience
#AIFusionBuddyforBeginners,
#AIFusionBuddyBenefits,
#AIFusionBuddyComparison,
#AIFusionBuddyInstallation,
#AIFusionBuddyRefundPolicy,
#AIFusionBuddyDemo,
#AIFusionBuddyMaintenanceFees,
#AIFusionBuddyNewbieFriendly,
#WhatIsAIFusionBuddy?,
#HowDoesAIFusionBuddyWorks
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Essentials of Automations: The Art of Triggers and Actions in FME
inteross-iot.pdf
1. Attribute-Based Access Control scheme in
federated IoT platforms
Savio Sciancalepore1,4
, Michal Pilc2
, Svenja Schröder3
,
Giuseppe Bianchi1,5
, Gennaro Boggia1,4
, Marek Pawlowski2
, Giuseppe Piro1,4
,
Marcin Plóciennik2
, Hannes Weisgrab3
1
CNIT, Consorzio Nazionale Interuniversitario per le Telecomunicazioni
2
Poznań Supercomputing and Networking Center, IBCh PAS, Poznań, Poland;
e-mail: {name.surname}@man.poznan.pl
3
University of Vienna, Cooperative Systems Research Group, Vienna, Austria
4
Department of Electrical and Information Engineering (DEI), Politecnico di Bari,
Bari, Italy; e-mail: {name.surname}@poliba.it.
5
Department of Electronic Engineering, University of Rome Tor Vergata, Rome,
Italy; e-mail: giuseppe.bianchi@uniroma2.it
Abstract. The Internet of Things (IoT) paradigm rapidly changed how
people think about and experience the Internet. During the inevitable
evolution of the Internet landscape, in fact, IoT introduced the possi-
bility to connect electronic things from everyday life to the Internet,
while making them ubiquitously available. Now, the new research trend
is following the development of advanced services, based on a trusted
federation among heterogeneous IoT platforms. In this context, however,
a new set of security problems (including authentication and authoriza-
tion) emerges. The aim of this contribution is to describe the main facets
of the preliminary security architecture envisaged in the context of the
symbIoTe project, recently lunched by European Commission under the
Horizon 2020 EU program. At the time of this writing, the developed so-
lution already offers distributed and decoupled mechanisms for the provi-
sioning of authentication and authorization services in complex scenarios
embracing many, heterogeneous, and federated IoT platforms. Specif-
ically, they leverage Attribute Based Access Control and token-based
authorization techniques. Thus, the work will provide a step-by-step de-
scription of security functionalities in three different target scenarios and
will suggest, at the end, some promising technical implementations that
can be taken into account in the hereafter of the symbIoTe project.
Keywords: Internet of Things, Security mechanisms, Attribute-Based
Access Control, interoperability framework, Macaroons, JSON Web To-
ken, symbIoTe
1 Introduction
Since its invention Internet changed many times. Originally, in the 1970s, it was
invented to connect mainframe computers. In the middle of 1980s, the invention
2. 2 [S.Sciancalepore et. al]
of the IP protocol allowed thousands of desktop computers to join the Internet.
The idea of a ubiquitous network, where all devices are connected each other,
world-spanning network and can be controlled remotely was presented in 1991
by Mark Weiser in Scientific American [1], and led to the development of the
World Wide Web.
The term Internet of Things (IoT) was first used by Kevin Ashton in 1999 as
a name of a network of RFID devices used to monitor corporate supply chains
while simultaneously being connected to the Internet [2]. By 2004 the term had
been adopted by most scientific and technological journals like Scientific Amer-
ican [3]. Many proposals of IoT platforms like smart housing, smart stadium or
even a smart city have been presented since then [4][5]. In parallel, consortia of
enterprises and international institutions started to develop protocols and com-
munication standards more suitable for different deployment cases (including
machine-to-machine, body area network, industrial telemetric network, and so
on). Now, with the incumbent explosion of the IoT in everyday life, heteroge-
neous application-specific platforms are emerging, often designed as standalone
solutions that hardly communicate with each other. They leverage different com-
munication technologies (i.e. RFID, Bluetooth, ZigBee, BACnet, IEEE 802.15.4),
lightweight protocols provided by Internet Engineering Task Force (IETF) stan-
dardization efforts [6], and new application protocols, including Message Queuing
Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP).
Unfortunately, the fragmentation of the IoT ecosystem resulted in poor coop-
eration between different IoT platforms in terms of resource sharing and reusabil-
ity of applications. In the face of the demand for interoperability between differ-
ent IoT platforms, several international projects like symbIoTe1
, INTER-IoT2
and bIoTope3
were launched by European Commission under the Horizon 2020
EU program.
Security is an important cornerstone of all those projects which will impact
their success or failure in two aspects: usability and technical implementation.
Every solution therefore needs to protect the privacy of users and its resources
against unauthorized access and must still provide full functionality.
In distributed (but interoperable) IoT networks, for instance, the protection
of resources against unauthorized accesses and the authentication of users require
more sophisticated methods. Conventional computer networks adopt the Role-
Based Access Control (RBAC) paradigm. In RBAC a user is assigned a role
such as ”administrator” or ”ordinary user” that predetermines access rights
policies. Unlike RBAC, the Attribute-Based Access Control (ABAC) method of
authorization derived from distributed computing relies on the assignment of
so-called ”attributes” to each entity in the system. An attribute may refer either
to a user or to a particular resource or to the surrounding environment. An
”attribute” is defined as a particular property, role or permission associated to
1
https://www.symbiote-h2020.eu
2
http://www.inter-iot-project.eu
3
http://biotope.cs.hut.fi
3. ABAC scheme in federated IoT platforms 3
a component in the system. It is assigned after an authentication procedure by
the system administrator [7].
In this paper we present a security architecture that enables an ABAC-based
controlled access to IoT resources and easily supports a trusted resource sharing
among different IoT platforms. The proposed security architecture was developed
in the symbIoTe project, which aims at a symbiosis of smart objects across IoT
environments. The main contributions of the work are summarized below:
– we describe general requirements for a secure and standardized interoper-
ability framework;
– we identify components to be deployed in the system to manage security
issues;
– we provide a baseline architecture for the authentication and authorization
among federated IoT platforms;
– we identify different scenarios that require customized security functionali-
ties;
– we design interfaces and interactions among components in the aforemen-
tioned architecture;
– we propose two possible technical solutions for the token format, that are
Macaroons and JSON Web Tokens (JWTs).
The rest of the paper is organized as in the following.
Section 2 presents security requirements for the IoT interoperability frame-
work and Section 3 outlines the state-of-the-art in distributed systems and IoT.
Section 4 describes the architecture of the proposed system with focus on se-
curity aspects. Following the requirements and architecture, two possible token
solutions are presented and compared in Section 5. Our efforts, contributions
and future work are summarized in Section 6.
2 Requirements
Security system mechanisms in software are a crucial part of large and complex
systems, where attackers can get critical information about users or have the
possibility to remotely control critical functions, like opening doors in a smart
home environment or launch the evacuation mechanism in a smart stadium,
to name a few. The following requirements have been derived from a subset
of IoT use cases (smart home, smart ecological routing, smart stadium, etc.),
from existing IoT platform solutions and finally from knowledge about security
and privacy in software projects we obtained from the OWASP Secure Coding
Practices [8].
The most fundamental and the most important security mechanisms are
authentication (proving the identity of a user) and authorization (granting a
user access rights to resources). Another important security mechanism is the
validation of input data. This validation is based on sanitization mechanisms
which for example eliminate potentially harmful characters from user input by
means of: removal, replacement, encoding and escaping the characters.
4. 4 [S.Sciancalepore et. al]
Based on those findings, we derived the first and most important security re-
quirements for a federated IoT network, which are mechanisms for the authen-
tication and authorization of entities/actors i.e., users/application developers,
IoT platforms, developed applications and clients. Another important security
requirement in such a framework is the implementation of access control in the
system, defined through access policies. The major function here is the capa-
bility of getting access to resources in one platform while being a registered
user in a different one. To solve this problem the framework must offer a user
identification methodology, for example through tokens (this paper contains the
description of two different technology approaches which would be suitable).
Another feature which must be implemented in a federated IoT network
in the application layer are mechanisms of establishing trust relationships -
and thus implicitly trust levels - prior to applying security mechanisms for the
first time. Information about thais must be stored in a secure data store, e.g.
by Public Key Infrastructure (PKI). Two-factor authentication (if the under-
lying platform supports it, e.g. authenticate by using password and PIN) is
one of the solutions considered to increase the level of security at the appli-
cation level. Impersonating users or devices in the ecosystem is not the only
potential attack against infrastructure/system: impersonating whole services or
servers, is more problematic. To prevent this type of attacks mutual authentica-
tion must be supported by all security mechanisms. This means that not only
the user/application/software/. . . must be authenticated against the platform
but also vice versa, in order to facilitate malicious platform detection.
From a privacy perspective, one of the the most important requirements is
the possibility to let users/entities choose where their data is being used and
processed. Those users/entities must be able to modify the privacy parameters
regarding their data. Another crucial security mechanism is the support of en-
crypted data communication between all involved entities in the application and
core level (e.g. applications, platforms).
Apparently, large and complex systems like federated IoT networks pose even
more demands in terms of security requirements. Unfortunately, listing them all
would extend the scope of this publication. Thus, in the rest of this contribution
we focused on the most important ones, that were identified while analyzing IoT
platforms requirements.
3 State of the Art
Guaranteeing user authentication and authorization in distributed computing
systems has been always regarded as a concern. In 1993 Woo and Lam proposed
a logical approach for representing and evaluating authorization, independently
of implementation [9]. In this seminal paper they postulated separating secu-
rity requirements of a distributed computer network from the implementation
and defined subject attributes referring to the location, in addition to other at-
tributes. Following their ideas Foster et al. defined in [10] a security policy for
large-scale distributed computing environments and presented the correspond-
5. ABAC scheme in federated IoT platforms 5
ing security architecture, where they included a user proxy to avoid transferring
user credentials. Moreover, they mapped attributes between a local subnet and
the global network [10].
Authorization methods that rely on attributes were widely applied in cloud
computing systems, where security policies are supported by the authorization
mechanisms of the cloud [11]. More recently a commercial solution of security
architecture specifically designed for Supervisory Control and Data Acquisition
(SCADA) systems was presented in [12].
A decentralized network of federated IoT platforms like our approach re-
sembles the aforementioned scenarios. The core part of our design is a cloud
responsible for seamless connection between sensors, actuators and user applica-
tions placed in different IoT platforms. Trust management concerns about the
Internet-of-Things were summarized in [13].
A related work showing security threats in IoT was published in 2015 by
Sicari et al. [14].
In 2014, the concept of macaroon tokens for decentralized authorization in
the cloud was presented [15]. A different authorization method, widely adopted
in online purchasing, that is JWT, was described in [16]. Recently, a recommen-
dation for authentication and authorization in IoT was issued in the Authenti-
cation and Authorization for Constrained Environments (ACE) IETF Working
Group [17].
Security concerns were also addressed in EU-funded projects under the 7th
Framework Programme (FP7) like SMARTIE4
, RERUM5
, ARMOUR6
and COS-
MOS7
. Scalability and adaptation of access control policies to the environment
conditions were proposed as a solution for the Internet of Things [18].
4 Architecture
The reference architecture considered in this contribution is depicted in Figure 1.
It integrates many independent IoT platforms exposing heterogeneous resources.
Each IoT platform (thus, each available resource) is registered with a trusted
mediator (i.e., the framework’s core) which offers advanced mechanisms for en-
abling platform interoperability and distributed resource access. Moreover, there
are applications willing to access the available resources.
To maximize interoperability among platforms our framework has to deal
with different scenarios: applications can be registered to only the trusted me-
diator, to only one IoT platform, or two (or more) IoT platforms federated with
the mediator entity. Therefore, the following target scenarios can be identified:
– Scenario #1: an application is registered with the trusted mediator and
it would like to access resources exposed by an IoT platform federated with
the mediator;
4
http://www.smartie-project.eu
5
https://www.ict-rerum.eu
6
https://team.inria.fr/eva/h2020-armour
7
http://iot-cosmos.eu
6. 6 [S.Sciancalepore et. al]
– Scenario #2: an application is registered with an IoT platform and it would
like to access resources exposed by the IoT platform where it is registered
to;
– Scenario #3: an application is registered with one or more IoT platforms
federated with the mediator and it would like to access resources exposed
elsewhere in the considered architecture. This scenario also refers to the
multi-domain access rights composition paradigm.
Fig. 1. System Architecture.
4.1 Main security rationale
The resource access is handled through the ABAC logic. ABAC is a well-known
technique for dealing with access control in distributed environments, which is
able to protect sensitive data, applications or services from unauthorized op-
erations by means of efficient, simple and flexible access rules. It is based on
attributes and access policy concepts.
An attribute encodes a specific property, role or permission assigned to an
application. Attributes are stored within a digital object, namely atoken, that
certifies the authenticity of both the issuer (i.e., a dedicated component of me-
diator or IoT platform) and the owner (i.e., the application), additionally to its
time validity. Both symmetric or asymmetric cryptography techniques can be
used to ensure authenticity and integrity of those tokens.
An access policy, instead, enables a fine-grained access control mechanism. In
fact, it describes the combination of attributes needed to obtain the access to a
7. ABAC scheme in federated IoT platforms 7
given resource. For each resource, a dedicated access policy can be defined. Then,
an application in possession of tokens storing a set of attributes matching the
aforementioned access policy can successfully obtain the access to the resource.
Otherwise, its access request will be denied.
It emerges that the token represents a key element in the resource access
mechanism. From the security perspective, it is generated during the authenti-
cation procedure and inspected and validated during the authorization proce-
dure. The solution described in this contribution natively offers the decoupling
between authentication and authorization processes. This means that authen-
tication and authorization involve different components and are independently
executed at different times. An application uses the authentication procedure to
authenticate itself within a given domain (like the trusted mediator or an IoT
platform federated with the mediator). In case of a successful authentication it
obtains a set of tokens storing its own attributes. Then, the collected attributes
can be used during the authorization procedure to obtain access to resources.
Since an application should not perform the whole authentication process for
each resource access, the designed approach allows also for enhanced flexibility
and scalability benefits for the whole system.
Note that when an application or component registered in a given IoT plat-
form or in the mediator would like to access resources exposed elsewhere, it could
be possible that the attributes that are assigned to it are not valid also in the
new domain. Therefore, an Attributes Mapping Function is needed to manage
the translation between attributes in different platforms.
4.2 Component description
To practically implement the aforementioned security rationale in each target
scenario, the following logical components are introduced:
Core Authentication and Authorization Manager (AAM): With refer-
ence to Scenario #1, it handles the authentication procedure for applica-
tions registered with the mediator. Therefore, it releases core tokens stor-
ing attributes that describe properties, roles and/or permissions assigned to
the application at the mediator side. It also manages a Token Revocation
List (TRL) storing the list of tokens that have been revoked before their
expiration. For this reason it may be contacted by any component in the
architecture during the check revocation procedure.
Platform AAM: With reference to Scenario #2 and Scenario #3, it han-
dles the authentication procedure for applications registered with the IoT
platform. Therefore, it releases home tokens storing attributes that describe
properties, roles and/or permissions assigned to the application within the
platform where it is registered to. Moreover, similarly to the Core AAM, it
manages the TRL and can be contacted by any component in the architec-
ture during the check revocation procedure.
With reference to Scenario #1 and Scenario #3, it is in charge of (i)
verifying the validity and the possible revocation of tokens generated by the
8. 8 [S.Sciancalepore et. al]
AAM component of the mediator or the AAM component of another IoT
platform, (ii) performing the attributes mapping functionality and (iii) re-
leasing a new set of tokens, namely foreign tokens, usable in the local IoT
platform.
Resource Access Proxy (RAP): With reference to Scenario #1, Scenario
#2 and Scenario #3, it holds the URL for obtaining all the resources
available in the specific IoT platform, along with the access control policy
associated to each of them. Therefore, it receives all the requests for access-
ing these resources along with the tokens containing the attributes of the
requester. Finally, it enforces the access control by checking if the provided
attributes satisfies the policy associated with the resource. In the positive
case it provides access to the resource itself, otherwise the access is denied.
4.3 Sequence Diagrams
The sequence diagram describing the resource access in Scenario #1 is depicted
in Figure 2. It is composed by three main steps:
Step 1: Core authentication. At the beginning, the application performs the
login with the mediator by contacting the core AAM and receiving core
tokens.
Step 2: Foreign authentication. The application forwards core tokens to the
AAM component of the foreign platform. The AAM component of the for-
eign platform initiates the challenge-response mechanism to verify that the
application is the real owner of the tokens, thus preventing both replay and
impersonation attacks. In the case the challenge-response mechanism is suc-
cessfully completed, the AAM component of the foreign platform validates
the tokens, verifies that they have not been revoked by contacting the AAM
component of the mediator and performs the attribute mapping function.
Then, it generates a new set of foreign tokens and sends them to the appli-
cation.
Step 3: Resource access authorization. The application contacts the RAP
and delivers it the foreign tokens retrieved in the previous step. The RAP
initiates the challenge-response mechanism to verify that the application is
the real owner of the tokens. In the case the challenge-response mechanism is
successfully completed, the RAP verifies that tokens are valid and that they
have not been revoked by contacting its reference platform AAM component.
Then it checks the provided attributes against the access policy associated
to the requested resource: if the attributes supplied by the applications are
enough to satisfy the access policy associated to the resource (according to
the ABAC logic) the RAP grants the access to the resource. Otherwise the
access is denied.
The sequence diagram describing the resource access in Scenario #2 is
depicted in Figure 3. It is composed by two main steps:
9. ABAC scheme in federated IoT platforms 9
Fig. 2. An application registered in the mediator space would like to access resources
in an IoT platform.
Step 1: Home authentication. At the beginning, the application performs
the login in it’s home platform by contacting the home AAM and receiving
home tokens.
Step 2: Resource access authorization. The application contacts the RAP
and delivers the home tokens retrieved in the previous step. The RAP initi-
ates the challenge-response mechanism to verify that the application is the
real owner of the tokens. In the case the challenge-response mechanism is
successfully completed, the RAP verifies that tokens are valid and that they
have not been revoked by contacting its reference platform AAM component.
Then it checks the provided attributes against the access policy associated
with the requested resource: if the attributes supplied by the applications are
enough to satisfy the access policy associated with the resource (according
to the ABAC logic) the RAP grants the access to the resource. Otherwise
access is denied.
The sequence diagrams describing the resource access in Scenario #3, re-
ferring to as multi-domain access rights composition, are depicted in Figure 4.
Without loss of generality, it is assumed that the application is registered in
platforms IoT A and IoT B and would like to gain access to a resource available
in the platform IoT C. Also in this case, the procedure has three main steps:
Step 1: Home authentications. At the beginning the application performs
the login in the IoT platforms where it is registered to (i.e., IoT A and
10. 10 [S.Sciancalepore et. al]
Fig. 3. An application registered in a given IoT platform wants to access resources
produced within its home IoT platform.
IoT B). To this end it contacts the AAM component of each platforms for
retrieving home tokens.
Step 2: Foreign authentication. The application combines the home tokens
and forwards them to the AAM component of the foreign platform IoT C.
The AAM component of the foreign platform initiates the challenge-response
mechanism to verify that the application is the real owner of the tokens, thus
preventing both replay and impersonation attacks. In the case the challenge-
response mechanism is successfully completed, the AAM component of the
foreign platform validates the tokens, verifies that they have not been revoked
by contacting AAM components of the home platforms (i.e., IoT A and
IoT B) and performs the attribute mapping function. Then, it generates a
new set of foreign tokens and sends them to the application.
Step 3: Resource access authorization. The application contacts the RAP
and delivers the foreign tokens retrieved at the previous step. The RAP
initiates the challenge-response mechanism to verify that the application is
the real owner of the tokens. In the case the challenge-response mechanism
is successfully completed, the RAP verifies that the tokens are valid and
that they have not been revoked by contacting its reference platform AAM
component. Then it checks the provided attributes against the access pol-
icy associated with the requested resource: if the attributes supplied by the
applications are sufficient to satisfy the access policy associated to the re-
source (according to the ABAC logic) the RAP grants access to the resource.
Otherwise, the access is denied.
11. ABAC scheme in federated IoT platforms 11
Fig. 4. Multi-Domain Access Rights Composition.
5 Planned implementation
The implementation of the security architecture described in Section 4 requires
the selection of a suitable token format. Without loss of generality a token is a
digital object used as a container for security-related information. It serves for
authentication and/or authorization purposes and generally appears as a list of
elements. Each element contains an assertion that further specifies properties
assigned to the owner of the token. Each token must contain an explicit expira-
tion date, indicating the date until the token can be considered valid. Moreover,
the token also contains at the end an element that certifies its authenticity and
integrity. Depending on the chosen solution, validating a token could require
different procedures.
In what follows we describe two promising technical solutions, candidates for
the implementation of tokens in our approach. During implementation of the
framework itself one or a combination of the following technologies will be used.
We aim at a flexible solution where platforms, applications and other use cases
can decide which of the following technologies they want to use.
5.1 Macaroons
Macaroons are a new kind of authorization credential developed by Google [15].
As bearer credentials they serve a similar purpose as cookies in World Wide
12. 12 [S.Sciancalepore et. al]
Web, but they are more flexible and provide better security. Macaroons are
based on a construction that uses nested, chained MACs (e.g., Hash-based Mes-
sage Authentication Code (HMAC)) in a manner that is highly efficient, easy to
deploy and widely applicable. They allow authority delegation between bearers
with attenuation and contextual confinement. Each field embedded within mac-
aroons structure, i.e. the caveat, restricts both the macaroons’ authority and the
context in which it may be used (e.g. by limiting the permitted actions and re-
quiring the bearer to connect from a certain IP address and to present additional
evidence such as a third-party signature). Macaroon caveats are plain-text read-
able. Macaroons also contain a list of AND conditions. Its bearer is authorized
to perform an operation AS LONG AS condition1, condition2, ..., conditionN
hold true. The main (root) macaroon which allows for everything gets succes-
sively attenuated with those conditions. Each of them is signed with an HMAC
function.
By considering the reference architecture shown in Figure 1, three possible
tokens can be introduced: root macaroons, platform macaroons, and application
macaroons. The mediator creates a root macaroon by calculating the HMAC
function of a random nonce and its secret key. Note that the output of the
HMAC function must be shared among AAMs of federated platforms for veri-
fying the authenticity of tokens received during the resource access procedure.
Starting from the root macaroon the mediator also generates platforms mac-
aroons. The platform macaroons are signed by the HMAC function with the
key being the previously calculated HMAC value. Then, each platform can au-
tonomously generate application macaroons by following the same process.
An application, after obtaining the macaroon from the AAM component of
its platform, may further attenuate it and therefore authorize others to perform
actions in its name. For example a Smart Home System mints its owner a full
access token. The owner can go on vacation and want the neighbor next door to
be able to operate the windows and doors but not the garage. The owner can
do so by attenuating his/her own token and handing it to the neighbor.
5.2 JSON Web Tokens
JWT is an open industry standard widely used in today’s Internet to deal with
authentication and authorization issues [16]. It contains a set of claims. A claim
is a specific certified statements related both to the token itself or to the entity
that is using it. Typically, these claims are encoded in the JavaScript Object
Notation (JSON) format, thus easily allowing system interoperability. A claim
is identified with a specific name: it is possible to distinguish between Regis-
tered Claim Names, that are names defined and standardized in the reference
document and Private Claim Names, that represent extensions that a developer
could choose for his/her own system.
The cryptographic force of the JWT resides in the sign field, stored at the end
of the token. It can be generated through symmetric or asymmetric cryptography
techniques and allows to verify the authenticity of the token, i.e. generation by
13. ABAC scheme in federated IoT platforms 13
a trusted entity, as well as integrity, in the sense that no one could modify its
content without invalidating it.
Each JWT contains a header that provides information about the type of the
token and the algorithm used to build the sign of the token. It contains also a
body, encoding a set of claims for this token, and finally - a sign containing the
cryptographic validation of the token and generated as stated in the header.
Registered Claim Names carried in the body of the JWT include iss, that
uniquely identifies the entity that issued the token, sub, which uniquely identifies
the entity for which this token has been released (it is a key field when a token
needs to be used also for authentication purposes), exp, indicating the expiration
time, after which this token should not be used and processed by any entity in
the system; nbf, that identifies the time in which this token becomes effectively
valid and can be processed by any entity in the system, iat, identifying uniquely
the time in which this token has been created and, finally, jti, that is the unique
identifier of the token.
JWT fits perfectly within the reference architecture described in Section 4.
From a cryptographic perspective, the only requirement for its adoption is the
deployment of a public-key infrastructure, which issues a private/public key pair
to each entity in the system.
AAMs uses their private keys to generate and sign tokens. Any entity in the
system that receives a token could easily verify its authenticity by gathering the
public key of the issuer of the token (specified in the token itself).
Important features such as the support for an expiration date are integrated
by JWT thanks to the definition of the exp claim.
Also, each token can be easily associated to a given entity in the system
through the sub claim. More in detail, the public key of the owner of the token can
be embedded in this claim. This can be used in the challenge-response procedure
described in Section 4 to prove the possession of the respective private key and
verify that the application using the token is effectively the entity for which the
token has been generated. This procedure avoids replay attacks.
Finally, the JWT can be easily extended to support the carrying of attributes
associated to the ABAC logic, thanks to the possibility to integrate customized
Private Claims.
5.3 Comparison
To conclude, the comparison between the user macaroon and the user JWT is
reported in Fig. 5.
The application macaroon is showed in Figure 5(a). It has a hierarchical
structure. The nonce is used as a unique identifier of the token. The second,
third and fourth caveats are related to the AAM of the platform in which the
application is registered to. In particular, the ID of the AAM is signed through
the private key of the mediator entity (PVroot). The remaining lines are dedicated
to the application. They contain the list of attributes assigned to the application,
its public key certificate and, finally, the sign on the user ID by the AAM that
issued the token, through its private key (PViot−a). The last line is needed to
14. 14 [S.Sciancalepore et. al]
nonce
access all
time constraints for platform-token
sign_aam_id =
S (Pvroot, iot-a)
time constraints for user-token
list of attributes [A1, AN]
user certificate (user id)
sign_user_id =
S(Pviot-a, user_id)
sign_user =
HMACplatform-token (token)
(a)
Header: Alg: RSA/ECDSA Typ: JWT
jti = id
iss = iot-a
sign_iss = S (Pvroot, iot-a)
iat [value]
nbf [value]
exp [value]
sub = user certificate
att = list of attributes
token_sign = S (Pviot-a, token)
(b)
Fig. 5. Details of the content of (a) Macaroons and (b) JWT tokens for the designed
architecture.
assure that the AAM is the unique component able to sign the token. Finally,
the last caveat is the chained HMAC of all the caveats in the token, performed
starting from the output of the HMAC function of the root macaroon.
The application JWT is showed in Figure 5(b). Also in this case we can
identify the part related to the issuer of the token, certified through the sign
with the private key (PVroot), and the part related to the owner of the token.
The private claim att is introduced to encode the information about the list of
attributes possessed by the application. Finally, the sign of the whole token is
performed through the private key of the issuer (PViot−a) without the need of
a symmetric shared secret.
Note that both token types have a limited time validity. After the expiration
of that date, the token must be renewed through a new authentication procedure.
The evaluation of pros and cons of macaroons tokens and JWTs as well as
their suitability for the proposed scenario is left for future work.
6 Conclusions and future activities
In this paper we presented the baseline security architecture for an interoper-
ability framework among IoT platforms, developed within the H2020 EU project
symbIoTe. First, we described our general system requirements derived from use
cases and similar projects. Based on those we illustrated our approach for a
standardized IoT architecture with the focus on security. Current plans for im-
plementation foresee the usage of the ABAC paradigm, through Macaroons or
JWT tokens.
15. ABAC scheme in federated IoT platforms 15
Future work will aim at designing the system to be interoperable with a
broad variety of heterogeneous IoT platforms. So far our project has focused on
a certain range of IoT platforms as reference use cases, but we aim at developing
interoperability IoT security architecture, which can also be applied to further
use cases.
Additionally, in the context of the developing IoT market, usability increas-
ingly becomes a sales argument. Especially with secure systems interfaces need
to have a high usability to avoid human error during usage. Future challenges
include thorough usability testing of the developed solutions and improvements
of the security mechanisms to achieve a proper usable security experience.
Our main action point for future work, however, will be on the implementa-
tion of the aforementioned secure interoperability framework (and thus valida-
tion of the architecture concept), the review of the architecture and the require-
ments.
7 Acknowledgements
This work was framed in the context of the project SymbIoTe, which receives
funding from the European Union’s Horizon 2020 research and innovation pro-
gramme under grant agreement 688156.
References
1. Weiser, M.: The computer of the 21st century. Technical report, Scientific Ameri-
can (1991)
2. Ashton, K.: That Internet of Things Thing. RFID Journal (2009)
3. Gershenfeld, N., Krikorian, R., Cohen, D.: The Internet-of-Things. Technical
report, Scientific American (2004)
4. Gross, M.: Smart House and Home Automation Technologies. Technical report,
Encyclopedia of Housing (1998)
5. Mohanty, S.P., Choppali, U., Kougianos, E.: Everything you wanted to know about
smart cities. IEEE Consumer Electronics Magazine 5(3) (Jul. 2016) 60–70
6. Palattella, M., Accettura, N., Vilajosana, X., Watteyne, T., Grieco, L., Boggia, G.,
Dohler, M.: Standardized Protocol Stack for the Internet of (Important) Things.
IEEE Commun. Surveys Tuts (2012)
7. Hu, V., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.:
Guide to Attribute Based Access Control (ABAC) Definition and Considerations.
Nist special publication 800-162, NIST (Jan. 2014)
8. OWASP: Secure Coding Practices. . Quick reference guide, ver 2.0. (Nov. 2010)
9. Woo, T.Y.C., S.Lam: Authorization in Distributed Systems: a new approach.
Journal of Computer Security (1993)
10. Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for
Computational Grids. In: Proc. of the 5th ACM Conf. on Comp. and Commun.
Security. (1998) 83–92
11. Khan, A.: Access Control in Cloud Computing Environment. ARPN Journal of
Engineering and Applied Sciences 7(5) (2012)
16. 16 [S.Sciancalepore et. al]
12. Networks, J.: Architecture for secure SCADA and distributed control system net-
works. White paper (2010)
13. Yan, Z., P.Zhang, A.Vasilakos: A survey on trust management for Internet of
Things. Journal of Network and Computer Applications 42 (2014) 120–134
14. Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A.: Security, privacy and trust
in internet of things: The road ahead. Computer Networks 76 (2015) 146 – 164
15. Birgisson, A., Gibbs Politz, J., Erlingisson, U., Lentczner, M.: Macaroons: Cookies
with Contextual Caveats for Decentralized Authorization in the Cloud. In: Proc.
of the Conf. on Network and Distributed System Security Symposium. (2014)
16. Jones, M., Bradley, J., Sakimura, N.: JSON Web Token (JWT). RFC 5719, IETF
(May. 2015)
17. Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., Tschofenig, H.: Authoriza-
tion for the Internet of Things for Constrained Environments draft-ietf-ace-oauth-
authz-02. Internet draft, IETF (Jun. 2016)
18. : IoT Governance, Privacy and Security Issues. Tech. rep., European Research
Cluster on the Internet of Things (Jan. 2015)