Performance Evaluation of the Policy Enforcement Fog Module for Protecting Privacy of IoT Data

Al-Hasnawi, Abduljaleel; Mohammed, Ihab; Al-Gburi, Ahmed

doi:10.1109/eit.2018.8500157

Cited by 8 publications

(3 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, this kind of approach fails to identify specific requirements of the devices (i.e., they do not envision anything like a contract), offloading to the end-user the cumbersome task of defining fine-grained policies. Other researchers proposed Fog-based policy enforcement approaches to solve different problems in the IoT world, for example, ensuring data privacy [3] and providing secure resource orchestration in Fog computing [16]. Similar to our work, they share the necessity of enforcing policies at the Fog layer over devices that might not be compliant by design.…”

Section: Related Workmentioning

confidence: 65%

S×C4IoT: A Security-by-contract Framework for Dynamic Evolving IoT Devices

Giaretta

Dragoni

Massacci

2021

ACM Trans. Sen. Netw.

View full text Add to dashboard Cite

The Internet of Things (IoT) revolutionised the way devices, and human beings, cooperate and interact. The interconnectivity and mobility brought by IoT devices led to extremely variable networks, as well as unpredictable information flows. In turn, security proved to be a serious issue for the IoT, far more serious than it has been in the past for other technologies. We claim that IoT devices need detailed descriptions of their behaviour to achieve secure default configurations, sufficient security configurability, and self-configurability. In this article, we propose S×C4IoT, a framework that addresses these issues by combining two paradigms: Security by Contract (S×C) and Fog computing. First, we summarise the necessary background such as the basic S×C definitions. Then, we describe how devices interact within S×C4IoT and how our framework manages the dynamic evolution that naturally result from IoT devices life-cycles. Furthermore, we show that S×C4IoT can allow legacy S×C-noncompliant devices to participate with an S×C network, we illustrate two different integration approaches, and we show how they fit into S×C4IoT. Last, we implement the framework as a proof-of-concept. We show the feasibility of S×C4IoT and we run different experiments to evaluate its impact in terms of communication and storage space overhead.

show abstract

Section: Related Workmentioning

confidence: 65%

S×C4IoT: A Security-by-contract Framework for Dynamic Evolving IoT Devices

Giaretta

Dragoni

Massacci

2021

ACM Trans. Sen. Netw.

View full text Add to dashboard Cite

show abstract

“…Other researchers proposed Fog-based policy enforcement approaches to solve different problems in the IoT world, for example, ensuring data privacy [16] and providing secure resource orchestration in Fog computing [17]. Similar to our work, they share the necessity of enforcing policies at the Fog layer over devices that might not be compliant by design.…”

Section: Related Workmentioning

confidence: 69%

IoT Security Configurability with Security-by-Contract

Giaretta

Dragoni

Massacci

2019

Sensors

View full text Add to dashboard Cite

Cybersecurity is one of the biggest challenges in the Internet of Things (IoT) domain, as well as one of its most embarrassing failures. As a matter of fact, nowadays IoT devices still exhibit various shortcomings. For example, they lack secure default configurations and sufficient security configurability. They also lack rich behavioural descriptions, failing to list provided and required services. To answer this problem, we envision a future where IoT devices carry behavioural contracts and Fog nodes store network policies. One requirement is that contract consistency must be easy to prove. Moreover, contracts must be easy to verify against network policies. In this paper, we propose to combine the security-by-contract (S × C) paradigm with Fog computing to secure IoT devices. Following our previous work, first we formally define the pillars of our proposal. Then, by means of a running case study, we show that we can model communication flows and prevent information leaks. Last, we show that our contribution enables a holistic approach to IoT security, and that it can also prevent unexpected chains of events.

show abstract

“…While the value of the IoT lies in the data it generates [33], most of the IoT end nodes responsible for generating the data (which often have access to limited resources) are typically deployed in an unattended manner where attackers may have direct physical access to them. As a result, these devices are exposed to different types of attacks, including tampering, eavesdropping and Denial-of-Service (DoS) attacks, and hence the need for appropriate security measures to protect them.…”

Section: A a Brief Overview Of Security Challenges In The Iotmentioning

confidence: 99%

IoT-HarPSecA: A Framework and Roadmap for Secure Design and Development of Devices and Applications in the IoT Space

et al. 2020

View full text Add to dashboard Cite

The past couple of years have marked continued growth in the applications and services of the Internet of Things (IoT). This has attracted the attention of new operators as well as institutional, corporate, and private investors in every sector of the economy, and as a result, new businesses are springing up rapidly. These include many start-up companies that are producing various kinds of useful IoT devices and Smart Applications (smart apps). While this can be seen as a boost for innovation in the IoT, some of these companies produce IoT devices and smart apps with security vulnerabilities. In this paper, we propose the IoT Hardware Platform Security Advisor (IoT-HarPSecA), a security framework intended to provide support to such IoT producers. IoT-HarPSecA offers three functionality features, namely security requirement elicitation, security best practice guidelines for secure development, and above all, a feature that recommends specific LightWeight Cryptographic Algorithms (LWCAs) for both software and hardware implementations. Accordingly, IoT-HarPSecA is composed of three main components, namely Security Requirements Elicitation (SRE) component, Security Best Practice Guidelines (SBPG) component, and LightWeight Cryptographic Algorithms Recommendation (LWCAR) component, each of them servicing one of the aforementioned features. We implement a command-line tool in C++ to serve as an interface between users and the proposed framework. IoT-HarPSecA can be employed during the early stages of IoT systems design, and it can also be used to facilitate the implementation of security in existing IoT systems. This paper presents a detailed description, design, and implementation of the SRE, SBPG, and LWCAR components of the proposed framework. Using real-world practical scenarios, we show how IoT-HarPSecA can be used to elicit security requirements and recommend appropriate LWCAs based on user inputs. While a full performance evaluation of the SRE and SBPG components is beyond the scope of this paper, we present a detailed performance evaluation of the LWCAR component, which shows that IoT-HarPSecA can serve as a roadmap for secure IoT development.

show abstract

Performance Evaluation of the Policy Enforcement Fog Module for Protecting Privacy of IoT Data

Cited by 8 publications

References 16 publications

S×C4IoT: A Security-by-contract Framework for Dynamic Evolving IoT Devices

S×C4IoT: A Security-by-contract Framework for Dynamic Evolving IoT Devices

IoT Security Configurability with Security-by-Contract

IoT-HarPSecA: A Framework and Roadmap for Secure Design and Development of Devices and Applications in the IoT Space

Contact Info

Product

Resources

About