Prov-IoT: A Security-Aware IoT Provenance Model

Jaigirdar, Fariha Tasmin; Rudolph, Carsten; Bain, Chris

doi:10.1109/trustcom50675.2020.00183

Cited by 13 publications

(20 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There is also a lot of research being done on using metadata to ensure the security, reliability, and privacy of IoT systems [16], [38], [40], [41]. To ensure stronger security, [16], [38], [40] propose the use of blockchain as a way to combine and store collected sensing data and metadata, taking advantage of blockchain's features to achieve highly secure and robust management of IoT systems.…”

Section: Related Workmentioning

confidence: 99%

Proposal for Low-Layer Metadata Collection Technology to Enhance IoT Metadata Utilization

et al. 2023

View full text Add to dashboard Cite

With the rapid spread of Internet of Things (IoT) services, the number of sensor devices has exploded, and the complexity of managing sensor devices has become a problem. To solve this problem, a metadata-based approach that uses the unique environmental information associated with each device for its management is being developed. This paper focuses on metadata collection for device management and control, and proposes a new collection method that uses low-layer communication while not modifying the existing protocol. Our proposal utilizes the extended area of the probe request (PRQ) frame of IEEE 802.11, which is a layer-2 protocol, to collect metadata. This makes it possible to achieve stable operation even on inexpensive and resource-limited IoT devices, and to realize metadata collection with low communication overhead and power consumption. It is shown to reduce the load on the central processing unit (CPU) and reduce power consumption compared to Internet Protocol (IP) -based metadata collection (layer-3 protocol and above). In addition, in terms of time sensitivity, the collection delay at the time of rising from deep sleep is reduced by 89.8% compared to IP-based techniques. Furthermore, as a benefit of low-layer collection, it enables periodic metadata collection in the background regardless of network connection above the IP layer. To demonstrate this benefit, an example of applying metadata collection to device management is prototyped and its feasibility is experimentally confirmed.

show abstract

Section: Related Workmentioning

confidence: 99%

Proposal for Low-Layer Metadata Collection Technology to Enhance IoT Metadata Utilization

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Encouraged by the above discussion, in this paper, we aim to provide transparency in IoT data propagation by identifying relevant risks using a security-aware data provenancebased approach [16]. Different studies have been carried out to explore the relationship between data provenance and IoT networks [17], [18], [19].…”

Section: Introductionmentioning

confidence: 99%

“…Documenting this information along with data lineage history (data provenance) would provide transparency from security viewpoints. To extend data provenance graphs with security information, the authors proposed a novel security-aware IoT provenance model named Prov-IoT in [16]. It includes evidence on security-aware features (denoted as security metadata) in data provenance graphs considering all processing steps of data propagation.…”

Section: Introductionmentioning

confidence: 99%

Security-Aware Provenance for Transparency in IoT Data Propagation

et al. 2023

Self Cite

View full text Add to dashboard Cite

A successful application of an Internet of Things (IoT) based network depends on the accurate and successful delivery of data collected from numerous sources. A significant concern in IoT systems arises when end-users do not have sufficient transparency and are unaware of any potential data manipulation and risk in each step involved in data propagation. One potential solution is to integrate security metadata in IoT-based security-aware provenance graphs that provides better transparency with security awareness at each step of data propagation. In this paper, we integrate security metadata into the provenance graph with predefined security policies. We design a hypothetical IoT-Health scenario with possible threats: node cloning, fault packet injection, denial of service, unauthorized access, and malicious code injection. We simulate these threats in six cases to identify relevant risks. Our findings show how a security-aware provenance graph can offer end users greater transparency and security awareness by identifying failed signature verification (case 1), denial of service (case 2), unauthorized access (case 3), intrusion detection (case 4), missing WAF (case 5), and permission violation (case 6). We evaluate the transparency through obtaining authentication, integrity, availability and detecting underlying threats. Accordingly, this study promotes better risk assessment and decision-making for users with negligible performance overhead.INDEX TERMS Internet of Things (IoT), data provenance, IoT-Health, transparency, security-awareness.

show abstract

“…The electric Internet of Things can be divided into perception layer, network layer, platform layer and application layer. At present, relatively mature security protection schemes have been proposed for network layer, platform layer and application layer, and the data security has been basically guaranteed [8][9][10]. However, most terminal devices at the perception layer transmit data in plaintext mode and access the IoT management platform through the APN private network or Ethernet.…”

Section: Introductionmentioning

confidence: 99%

Research on terminal security access of the power Internet of Things

Zhu

et al. 2023

International Conference on Internet of Things and Machine Learning (IoTML 2022)

View full text Add to dashboard Cite

With the proposal of new power system, the construction of the power Internet of Things is also accelerating gradually. As an important equipment for collecting massive data, how to ensure the information security of the Internet of Things perception layer terminal has become an urgent problem to be solved. We proposed a secure access scheme for electric Internet of Things terminals, which includes three modules: secure SDK, terminal encryption management module and agent component. The secure SDK is used to realize terminal security encryption and decryption. The terminal encryption management module is mainly responsible for file and information management, and the agent component is mainly responsible for device configuration update. Based on this scheme, the terminal accesses the secure access gateway by changing device configuration information through the agent component, after the authentication of the unified password service platform is completed, the terminal encryption management module sends the digital certificate to the terminal remotely, the terminal establishes an encrypted transmission channel with secure access gateway through secure SDK to ensure the security of data transmission.

show abstract

Prov-IoT: A Security-Aware IoT Provenance Model

Cited by 13 publications

References 12 publications

Proposal for Low-Layer Metadata Collection Technology to Enhance IoT Metadata Utilization

Proposal for Low-Layer Metadata Collection Technology to Enhance IoT Metadata Utilization

Security-Aware Provenance for Transparency in IoT Data Propagation

Research on terminal security access of the power Internet of Things

Contact Info

Product

Resources

About