IoTBDS 2017 Abstracts

Area 1 - Big Data Research

Full Papers

Paper Nr:	40
Title:	A LAHC-based Job Scheduling Strategy to Improve Big Data Processing in Geo-distributed Contexts
Authors:	Marco Cavallo, Giuseppe Di Modica, Carmelo Polito and Orazio Tomarchio
Abstract:	The wide spread adoption of IoT technologies has resulted in generation of huge amount of data, or Big Data, which has to be collected, stored and processed through new techniques to produce value in the best possible way. Distributed computing frameworks such as Hadoop, based on the MapReduce paradigm, have been used to process such amounts of data by exploiting the computing power of many cluster nodes. Unfortunately, in many real big data applications the data to be processed reside in various computationally heterogeneous data centers distributed in different locations. In this context the Hadoop performance collapses dramatically. To face this issue, we developed a Hierarchical Hadoop Framework (H2F) capable of scheduling and distributing tasks among geographically distant clusters in a way that minimizes the overall jobs execution time. In this work the focus is put on the definition of a job scheduling system based on a one-point iterative search algorithm that increases the framework scalability while guaranteeing good job performance.
Download

Paper Nr:	46
Title:	Secure Electronic Health Record System Based on Online/Offline KP-ABE in the Cloud
Authors:	Kun Liu
Abstract:	Online electronic health record(EHR) enables patients to centrally manage the own medical records, which greatly facilitates the storage, access and sharing of personal health data. With the emergence of cloud computing, it has succeeded in attracting attention and transferring their EHR applications to an efficient system for storing and accessing data. However, due to lose physically control of personal data in a cloud computing circumstance, it brings about a serious privacy problem for the data owner. Therefore, cryptography schemes offering a more suitable solution for enforcing access policies based on user attributes are needed. We have proposed a framework with fine-grained access control mechanism that protects electronic health data in varieties of devices, including smart mobile device. We make EHR security through designing online/offline key policy attribute-based encryption scheme which is an extension of identify-based encryption (IBE). This scheme can provide fine-grain access policy and efficiency for users’ data. Especially, it’s greatly reducing complexity and computational of encryption and key generation.
Download

Paper Nr:	50
Title:	Internet of Things Architecture for Handling Stream Air Pollution Data
Authors:	Joschka Kersting, Michaela Geierhos, Hanmin Jung and Taehong Kim
Abstract:	In this paper, we present an IoT architecture which handles stream sensor data of air pollution. Particle pollution is known as a serious threat to human health. Along with developments in the use of wireless sensors and the IoT, we propose an architecture that flexibly measures and processes stream data collected in real-time by movable and low-cost IoT sensors. Thus, it enables a wide-spread network of wireless sensors that can follow changes in human behavior. Apart from stating reasons for the need of such a development and its requirements, we provide a conceptual design as well as a technological design of such an architecture. The technological design consists of Kaa and Apache Storm which can collect air pollution information in real-time and solve various problems to process data such as missing data and synchronization. This enables us to add a simulation in which we provide issues that might come up when having our architecture in use. Together with these issues, we state reasons for choosing specific modules among candidates. Our architecture combines wireless sensors with the Kaa IoT framework, an Apache Kafka pipeline and an Apache Storm Data Stream Management System among others. We even provide open-government data sets that are freely available.
Download

Paper Nr:	64
Title:	Task Offloading for Scientific Workflow Application in Mobile Cloud
Authors:	Feifei Zhang, Jidong Ge, Zhongjin Li, Chuanyi Li, Zifeng Huang, Li Kong and Bin Luo
Abstract:	Scientific applications are typically data-intensive, which feature complex DAG-structured workflows comprised of tasks with intricate inter-task dependencies. Mobile cloud computing (MCC) provides significant opportunities in enhancing computation capability and saving energy of smart mobile devices (SMDs) by offloading computation-intensive and data-intensive tasks from resource limited SMDs onto the resource-rich cloud. However, finding a proper way to assist SMDs in executing such applications remains a crucial concern. In this paper, we offer three entry points for the problem solving: first, a cost model based on the pay-as-you-go manner of IaaS Cloud is proposed; then, we investigate the problem of mapping strategy of scientific workflows to minimize the monetary cost and energy consumption of SMDs simultaneously under deadline constraints; furthermore, we consider dataset placement issue during the offloading and mapping process of the workflows. A genetic algorithm (GA) based offloading method is proposed by carefully modifying parts of GA to suit the needs for the stated problem. Numerical results corroborate that the proposed algorithm can achieve near-optimal energy and monetary cost reduction with the application completion time and dataset placement constraint satisfied.
Download

Paper Nr:	72
Title:	Device Fingerprinting: Analysis of Chosen Fingerprinting Methods
Authors:	Anna Kobusińska, Jerzy Brzeziński and Kamil Pawulczuk
Abstract:	Device fingerprinting is a modern technique of using available information to distinguish devices. Fingerprinting can be used as a replacement for storing user identifiers in cookies or local storage. In this paper we discover features and corresponding optimal implementations that may enrich and improve an open-source fingerprinting library Fingerprintjs2 that is daily consumed by hundreds of websites. As a result, the paper provides a noticeable progress in the analysis of fingerprinting solutions.
Download

Short Papers

Paper Nr:	5
Title:	Lag Correlation Discovery and Classification for Time Series
Authors:	Georgios Dimitropoulos, Estela Papagianni and Vasileios Megalooikonomou
Abstract:	Time series data are ubiquitous and their analysis necessitates the use of effective data mining methods to aid towards decision making. The mining problems that are studied in this paper are lag correlation discovery and classification. For the first problem, a new lag correlation algorithm for time series, the Highly Sparse Lag Correlation (HSLC) is proposed. This algorithm is a combination of Boolean Lag Correlation (BLC) and Hierarchical Boolean Representation (HBR) algorithms and aims to improve the time performance of Pearson Lag Correlation (PLC) algorithm. The classification algorithm that is employed for data streams is an incremental support vector machine (SVM) learning algorithm. To verify the effectiveness and efficiency of the proposed schemes, the lag correlation discovery algorithm is experimentally tested on electroencephalography (EEG) data, whereas the classification algorithm that operates on streams is tested on real financial data. The HSLC algorithm achieves better time performance than previous state-of-the-art methods such as the PLC algorithm and the incremental SVM learning algorithm that we adopt, increases the accuracy achieved by non-incremental models.
Download

Paper Nr:	15
Title:	Data Warehouse MFRJ Query Execution Model for MapReduce
Authors:	Aleksey Burdakov, Uriy Grigorev, Victoria Proletarskaya and Artem Ustimov
Abstract:	The growing number of MapReduce applications makes the Data Warehouse access time estimating an important task. The problem is that processing of large data requires significant time that may exceed the required thresholds. Fixing these problems discovered at the system operations stage is very costly. That is why it is beneficial to estimate the data processing time for peak loads at the design stage, i.e. before the MapReduce tasks implementation. This allows making timely design decisions. In this case mathematical models serve as an unreplaceable analytical instrument. This paper provides an overview of the n-dimensional MapReduce-based Data Warehouse Multi-Fragment-Replication Join (MFRJ) access method. It analyzes MapReduce workflow, and develops an analytical model that estimates Data Warehouse query execution average time. The modeling results allow a system designer to provide recommendations on the technical parameters of the query execution environment, Data Warehouse and the query itself. This is important in cases where there are restrictions imposed on the query execution time. The experiment preparation and execution in a cloud environment for model adequacy analysis are evaluated and described.
Download

Paper Nr:	30
Title:	Big Data & Analytics to Support the Renewable Energy Integration of Smart Grids - Case Study: Power Solar Generation
Authors:	Guillermo Escobedo, Norma Jacome and G. Arroyo-Figueroa
Abstract:	Smart Grid is the modernization of electrical networks using intelligent systems and information technologies. In smart grid environment, the application of big data analytics based decision support and intelligent control are mainly in the following four aspects: power generation side management, micro grid and renewable energy management, asset management and collaborative operations, and demand side management. The objective of this research is to present a technological infrastructure for the management of large volumes of information through Big Data tools to support the integration of renewable energy. The infrastructure includes a methodological architecture for the acquisition, processing, storage, management, analysis, monitoring and forecast of large amounts of data. The development of a Big Data application for the analysis and monitoring of the information generated by photovoltaic systems is included as a case study. Solar generation technologies have experienced strong energy market growth in the past few years, with corresponding increase in local grid penetration. The goal is to have timely information to make better decisions to improve the integration of renewable energy in the Smart Grid.
Download

Paper Nr:	38
Title:	A Cognitive-IoE Approach to Ambient-intelligent Smart Home
Authors:	Gopal Jamnal and Xiaodong Liu
Abstract:	In today’s world, we are living in busy metropolitan cities and want our homes to be ambient intelligent enough towards our cognitive requirements for assisted living in smart space environment and an excellent smart home control system should not rely on the users' instructions. Cognitive IoE is a new state-of-art computing paradigm for interconnecting and controlling network objects in context-aware perception-action cycle for our cognitive needs. The interconnected objects (sensors, RFID, network objects etc.) behave as agents to learn, think and adapt situations according to dynamic contextual environment with no or minimum human intervention. One most important recent research problem is “how to recognize inhabitant activity patterns from the observed sensors data”. In this paper, we proposed a two level classification model named as ACM (Ambient Cognition Model) for inhabitant’s activities pattern recognition, using Hidden Markov Model based probabilistic model and subtractive clustering classification method. While subtractive clustering separates similar activity states from non-similar activity state, a HMM works as the top layer to train systems for temporal-sequential activities to learn and predict inhabitant activity pattern proactively. The proposed ACM framework play, a significant role to identify user activity intention in more proactive manner such as routine, location, social activity intentions in smart home scenario. The experimental results have been performed on Matlab simulation to evaluate the efficiency and accuracy of proposed ACM model.
Download

Paper Nr:	51
Title:	Process Guidance for the Successful Deployment of a Big Data Project: Lessons Learned from Industrial Cases
Authors:	Christophe Ponsard, Annick Majchrowski, Stephane Mouton and Mounir Touzani
Abstract:	Nowadays, in order to successfully run their business, companies are facing the challenge of processing ever increasing amounts of data coming from digital repositories, enterprise applications, sensors networks and mobile devices. Although a wide range of technical solutions are available to deal with those Big Data, many companies fail to deploy them because of management challenges and a lack of process maturity. This paper focuses on those aspects and reports about lessons learned when deploying a series of Big Data pilots in different domains. We provide feedback and some practical guidelines on how to organise and manage a project based on available methodologies, covering topics like requirements gathering, data understanding, iterative project execution, maturity stages, etc.
Download

Paper Nr:	63
Title:	Situational Awareness based Risk-adaptable Access Control in Enterprise Networks
Authors:	Brian Lee, Roman Vanickis, Franklin Rogelio and Paul Jacob
Abstract:	As the computing landscape evolves towards distributed architectures such as Internet of Things (IoT), enterprises are moving away from traditional perimeter based security models toward so called “zero trust networking” (ZTN) models that treat both the intranet and Internet as equally untrustworthy. Such security models incorporate risk arising from dynamic and situational factors, such as device location and security risk level risk, into the access control decision. Researchers have developed a number of risk models such as RAdAC (Risk Adaptable Access Control) to handle dynamic contexts and these have been applied to medical and other scenarios. In this position paper we describe our ongoing work to apply RAdAC to ZTN. We develop a policy management framework, FURZE, to facilitate fuzzy risk evaluation that also defines how to adapt to dynamically changing contexts. We also consider how enterprise security situational awareness (SSA) - which describes the potential impact to an organisations mission based on the current threats and the relative importance of the information asset under threat - can be incorporated into a RAdAC scheme.
Download

Paper Nr:	70
Title:	Extracting Knowledge from Stream Behavioural Patterns
Authors:	Ricardo Jesus, Mário Antunes, Diogo Gomes and Rui Aguiar
Abstract:	The increasing number of small, cheap devices full of sensing capabilities lead to an untapped source of information that can be explored to improve and optimize several systems. Yet, as this number grows it becomes increasingly difficult to manage and organize all this new information. The lack of a standard context representation scheme is one of the main difficulties in this research area (Antunes et al., 2016b). With this in mind we propose a stream characterization model which aims to provide the foundations of a new stream similarity metric. Complementing previous work on context organization, we aim to provide an automatic organizational model without enforcing specific representations.
Download

Paper Nr:	74
Title:	An Image Data Learning Method by Discriminating Multiple ROIs Data Patterns for Extracting Weather Information
Authors:	Jiwan Lee, Sunghoon Jung, Kijin Kim, Minhwan Kim and Bonghee Hong
Abstract:	In order to generate weather information about rainfall and foggy visibility through analysis of CCTV images, the analysis on the changing patterns of time-series image data is a new approach to generating weather information from CCTV images. This paper demonstrates a method to generate optimum ROIs for extracting subtle weather image changes caused by fog and rainfall. It suggests the optimum ROI size and distance interval between ROIs through experiments. Finally, a clustering-based method for extracting weather information is proposed that has different data pattern difference between ROIs as a learning model, which is based on the suggested optimum ROI size and interval.
Download

Paper Nr:	28
Title:	Resolving the Misconceptions on Big Data Analytics Implementation through Government Research Institute in Malaysia
Authors:	Mohammad Fikry Abdullah, Mardhiah Ibrahim and Harlisa Zulkifli
Abstract:	Evolution and growth of data exclusively in Government sector should be an added advantage for the Government to increase the service delivery to the public. Big Data Analytics (BDA) is one of the most advanced technologies to analyse data owned by the Government to explore other fields, or new opportunities that can bring benefits to the Government. Although BDA concept has been implemented by many parties, there exists a number of misconceptions related to the concept from the aspect of understanding and implementation of the project. National Hydraulic Research Institute of Malaysia (NAHRIM) as one of the four agencies that have been implemented Malaysia’s BDA Proof-of-Concept (POC) initiative is no exception to these misconceptions. In this paper, we will discuss the misunderstandings and challenges faced throughout our BDA project, in encouraging and increasing the awareness of the implementation of BDA in Government sector.
Download

Paper Nr:	56
Title:	From Group-by to Accumulation: Data Aggregation Revisited
Authors:	Alexandr Savinov
Abstract:	Most of the currently existing query languages and data processing frameworks rely on one or another form of the group-by operation for data aggregation. In this paper, we critically analyze properties of this operation and describe its major drawbacks. We also describe an alternative approach to data aggregation based on accumulate functions and demonstrate how it can solve these problems. Based on this analysis, we argue that accumulate functions should be preferred to group-by as the main operation for data aggregation.
Download

Area 2 - Emerging Services and Analytics

Short Papers

Paper Nr:	45
Title:	IoT based Proximity Marketing
Authors:	Zanele Nicole Mndebele and Muthu Ramachandran
Abstract:	Modern communication is moving toward a digital paradigm influenced by increasing connectivity and the IoT. Digital communication can be improved by applying proximity rules to improve relevance especially for marketing messages. The objective of this study was to demonstrate how cloud based proximity marketing can be implemented as a service on existing wireless connectivity service platforms to deliver messages that are timely and relevant, using Wi-Fi broadcasts. Information about networking technologies and proximity determination was used to develop a prototype proximity marketing system to demonstrate the concepts of Proximity Marketing as a Service that can run on a wireless network. The prototype system Precinct PMaaS was successfully designed, implemented and tested. When compared to similar Bluetooth tools the cloud based WiFi driven Precinct PMaaS solution proved to be more efficient and effective, offering a better value proposition than Bluetooth proximity marketing tools. This study demonstrates how to achieve proximity communication cost effectively using network service information, demonstrated in a Wi-Fi only environment. This is ground work on which future projects can apply Big Data analytics to improve impact of proximity driven digital marketing.
Download

Paper Nr:	71
Title:	Optimization for Sustainable Manufacturing - Application of Optimization Techniques to Foster Resource Efficiency
Authors:	Enrico Ferrera, Riccardo Tisseur, Emanuel Lorenço, E. J. Silva, Antonio J. Baptista, Gonçalo Cardeal and Paulo Peças
Abstract:	Resource efficiency assessment methods, along with eco-efficiency assessment methods are needed for various industrial sectors to support sustainable development, decision-making and evaluate efficiency performance. The combination of eco-efficiency with efficiency assessment allows to identify major inefficiencies and provides means to foster sustainability, through the efficient and effective material and energy use. Despite the available information for decision making, this proves to be a difficult task in the manufacturing industry, therefore, there is a real need to develop and use optimization techniques to enhance resource efficiency. In this context, and due to the lack of simple and integrated tools to assess and optimize resource efficiency, crossing the different environmental and economic aspects, arises the need to develop optimisations models, enabling support and optimize sustainable decision making process and identification of potential improvements. The optimisation method should provide robust knowledge to support decisionmaking, allow comparability of the results and consider a cost-saving approach to help set priorities. Moreover, the optimisation techniques should centre the process through design/configuration of the production system, without considering time, in order not to limit the physical agents.
Download

Paper Nr:	61
Title:	A Holistic View of the IoT Process from Sensors to the Business Value
Authors:	Ateeq Khan, Matthias Pohl, Sascha Bosse, Stefan Willi Hart and Klaus Turowski
Abstract:	Internet of things (IoT) is the focus of research, and industries are investing heavily due to potential benefits of IoT in various fields. This paper provides a holistic view of different phases in IoT covering all phases from sensor data collection to the generation of business value. In this paper, we propose to use the proven Six Sigma methodology for IoT projects. We describe each phase using a structured approach. We discuss the consequences of each phase while selecting the phase as an entry or starting point. We use predictive maintenance as a use case to demonstrate the practicability of our IoT process. Using these insights, IoT project managers can identify required activities and competencies to increase success probability. In the end, we summarise the paper findings and highlight the future work.
Download

Area 3 - Big Data for Multi-discipline Services

Short Papers

Paper Nr:	52
Title:	Minimizing the Risks of Data Protection Infringement - Data Lifecycle Risk Assessment
Authors:	Silvia Balaban and Manuela Wagner
Abstract:	In this paper, we propose an evaluation scheme which has the objective to permit the user to identify the legal data protection obligations through a continuous data-lifecycle-assessment-method and to re-design the data processing actively. To ensure the compliance with data protection principles under the European law and thus preventing the risk of sanctions, it is necessary, especially in multi-discipline services, to continuously check during the complete data-usage-process whether personal data are given and which methods of risk minimisa-tion like the application of anonymization techniques are useful.
Download

Paper Nr:	57
Title:	Data Cleaning Technique for Security Big Data Ecosystem
Authors:	Diana Martínez-Mosquera and Sergio Luján-Mora
Abstract:	The information networks growth have given rise to an ever-multiplying number of security threats; it is the reason some information networks currently have incorporated a Computer Security Incident Response Team (CSIRT) responsible for monitoring all the events that occur in the network, especially those affecting data security. We can imagine thousands or even millions of events occurring every day and handling such amount of information requires a robust infrastructure. Commercially, there are many available solutions to process this kind of information, however, they are either expensive, or cannot cope with such volume. Furthermore, and most importantly, security information is by nature confidential and sensitive thus, companies should opt to process it internally. Taking as case study a university's CSIRT responsible for 10,000 users, we propose a security Big Data ecosystem to process a high data volume and guarantee the confidentiality. It was noted during implementation that one of the first challenges was the cleaning phase after data extraction, where it was observed that some data could be safely ignored without affecting result's quality, and thus reducing storage size requirements. For this cleaning phase, we propose an intuitive technique and a comparative proposal based on the Fellegi-Sunter theory.
Download

Paper Nr:	68
Title:	Big Data Analytics Framework for Natural Disaster Management in Malaysia
Authors:	Mohammad Fikry Abdullah, Mardhiah Ibrahim and Harlisa Zulkifli
Abstract:	Decision making in natural disaster management has its own challenge that needs to be tackled. In times of disaster, government as a response organisation must conduct timely and accurate decisions to ensure rapid assistance and effective recovery for the victim involved can be conducted. The aim of this paper is to embark strategic decision making in government concerning to disaster management through Big Data Analytics (BDA) approach. BDA technology is integrated as a solution to manage, utilise, maximise, and expose insight of climate change data for dealing water related natural disaster. NAHRIM as a government agency responsible in conducting research on water and its environment proposed a BDA framework for natural disaster management using NAHRIM historical and simulated projected hydroclimate datasets. The objective of developing this framework is to assist the government in making decisions concerning disaster management by fully utilised NAHRIM datasets. The BDA framework that consists of three stages; Data Acquisition, Data Computation, and Data Interpretation and seven layers; Data Source, Data Management, Analysis, Data Visualisation, Disaster Management, and Decision is hoped to give impact in prevention, mitigation, preparation, adaptation, response and recovery of water related natural disasters.
Download

Area 4 - Internet of Things (IoT) Applications

Full Papers

Paper Nr:	9
Title:	A Data-Driven Methodology for Heating Optimization in Smart Buildings
Authors:	Victoria Moreno, José Antonio Ferrer, José Alberto Díaz, Domingo Bravo and Victor Chang
Abstract:	In the paradigm of Internet of Things new applications that leverage ubiquitous connectivity enable - together with Big Data Analytics - the emergence of Smart City initiatives. This paper proposes to build a closed loop data modeling methodology in order to optimize energy consumption in a fundamental smart city scenario: smart buildings. This methodology is based on the fusion of information about relevant parameters affecting energy consumption in buildings, and the application of recommended big data techniques in order to improve knowledge acquisition for better decision making and ensure energy efficiency. Experiments carried out in different buildings demonstrate the suitability of the proposed methodology.
Download

Paper Nr:	13
Title:	A Dataset and a Comparison of Out-of-Order Event Compensation Algorithms
Authors:	Wolfgang Weiss, Víctor Juan Expósito Jiménez and Herwig Zeiner
Abstract:	Event processing is order and time sensitive and therefore assumes temporally correct ordered event streams, even in distributed systems, to be able to create correct results. In this work we discuss implementations of four different out-of-order event compensation algorithms that use different kinds of dynamic time-out buffering techniques, and we compare those to a static buffering method. This is an approach which is generally applicable and easy to integrate for existing distributed systems such as for Internet of Things applications. For the evaluation, specific datasets were recorded, which are introduced in this paper, and which are freely available under a Creative Commons license. Results show, that even with a restrictive buffer setting, most of the out-of-order events can be compensated. Dynamic time-out buffering is still a trade-off between reaction time and out-of-order event compensation, but it is useful in various applications.
Download

Paper Nr:	65
Title:	Live Migration for Service Function Chaining
Authors:	Dongcheng Zhao, Gang Sun, Dan Liao, Rahat Iqbal and Victor Chang
Abstract:	Network Function Virtualization (NFV) has been proposed to solve these challenges of hardware middle boxes such as high Capital Expenditures (CAPEX) and Operational Expenditures (OPEX). NFV aims to move packet processing from hardware middle boxes to software middle boxes running on commodity hardware. In NVF, users or virtual machines (VMs) communicate through the service function chaining. Therefore, when VMs are migrated, the service function chaining also needs to be migrated. Most research on migration focus on the issue of VM migration, and at present there is little research on the migration problem of the service function chaining. Therefore, in this paper we focus on the service function chaining migration, we will introduce the serial migration strategy and the parallel migration strategy for multiple VMs into the migration problem of the service function chaining, and propose an improved serial migration strategy for the service function chaining that is based on the serial migration strategy. We then present the m mixed migration strategy for the service function chaining that is based on the improved serial migration strategy and the parallel migration strategy. We conduct detailed simulations to evaluate the performance of the m mixed migration strategy in terms of the migration time and the downtime. We also develop the M/M/C/C and the M/M/C queuing models to calculate performance indicators, such as the blocking rate of each migration request.
Download

Paper Nr:	67
Title:	A Low-cost Vehicle Tracking Platform using Secure SMS
Authors:	Rune Hylsberg Jacobsen, Drini Aliu and Emad Ebeid
Abstract:	This paper investigates the possibility of elevating SMS (Short Message Service) to support a cloud-based vehicle-tracking platform. A secure application protocol over SMS is introduced to circumvent the security issues that may succumb the SMS. We propose a cost-effective Internet of Things (IoT) solution to countries dominated with GSM mobile infrastructure taking into consideration technology usage and the mobile network infrastructure available. A commercial off-the-shelf (COTS) IoT device such as the Raspberry Pi single board computer is depicted relying on GPS-GSM technologies envisioned as the in-vehicle device. Furthermore, a cloud web-platform is built involving the de-facto modern web-applications standards and carefully tailored concerning the security aspects. The cost-effectiveness of our solution results from the use of COTS components, open source software, and cheap SMS subscription packages.
Download

Short Papers

Paper Nr:	47
Title:	Memory Optimization of a Distributed Middleware for Smart Grid Applications
Authors:	Stephan Cejka, Albin Frischenschlager, Mario Faschang and Mark Stefan
Abstract:	In order to exploit the full potential of IoT-enabled power distribution grids, Smart Grid applications are developed. Their operation on resource-constraint automation devices requires for memory optimized operation. In this paper we present field-approved operation and management solutions for Smart Grid applications, based on a distributed middleware. We introduce a new entity to allow for dynamically loading Smart Grid applications within one JVM. Presented experiments demonstrate the reduction of the memory footprint on the physical device.
Download

Paper Nr:	36
Title:	Internet of Things - The Power of the IoT Platform
Authors:	Thomas Ochs and Ute Riemann
Abstract:	According to Forbes Magazine (August 18, 2014), the Internet of Things (IoT) takes over Big Data as the most hyped technology. As already well-known the IoT can be characterized by its elements and paradigms (Atzori et al, 2010). The tight integration of the physical and digital worlds enables companies using sensors, software, machine-to-machine learning and other technologies to gather and analyse data from physical objects or other large data streams and sharing this information across platforms in order to develop a common operating picture. (Gubi et al, 2013). If we look towards the promising value IoT is an umbrella for covering various value aspects related operational excellence and new business opportunities (Xiaocong & Jidong, 2010). Having stated that, we would like to focus on the envisions of an IoT value in which digital and physical entities are linked, by means of a single IT platform to enable a whole new class of products and services (Bröring et al, 2017). We believe that once issues such as the security issue are covered, a single and comprehensive IoT IT platform is THE unique element serving not only as an enabler for an IoT ecosystem (Bröring et al, 2017) but combines two previously separated worlds: it expands the value reach of the IoT for process excellence as well as for new business opportunities and new intelligent products.
Download

Area 5 - Internet of Things (IoT) Fundamentals

Full Papers

Paper Nr:	29
Title:	Factors Influencing Adoption of IoT for Data-driven Decision Making in Asset Management Organizations
Authors:	Paul Brous, Marijn Janssen, Daan Schraven, Jasper Spiegeler and Baris Can Duzgun
Abstract:	Organizations tasked with managing large scale, public civil infrastructure are increasingly looking at data to drive their asset management decision-making processes. The Internet of Things (IoT) enables the creation of data that can be used to gain further insights into the current and predicted state of the infrastructure and may help automate the asset management process. Yet, it remains unclear to what extent data from IoT impacts decision-making in public asset management organizations. The objective of this paper is to explore implementation factors for adoption of new data sources for decision-making in asset management organizations. Based on a systematic literature review and case studies in the asset management domain, this paper derives the current use and expectations of new data sources for decision-making in asset management. The paper concludes that although recent technological developments have enabled the deployment of IoT for asset management, the current level of adoption remains low. The inherent complexity of adopting a data-driven approach to asset management requires an effective data governance strategy to ensure data quality, manage expectations, build trust and integrate IoT data in decision-making processes.
Download

Paper Nr:	41
Title:	Secure Edge Computing with ARM TrustZone
Authors:	Robert Pettersen, Håvard D. Johansen and Dag Johansen
Abstract:	When connecting Internet of Things (IOT) devices and other Internet edge computers to remote back-end hybrid or pure public cloud solutions, providing a high level of security and privacy is critical. With billions of such additional client devices rapidly being deployed and connected, numerous new security vulnerabilities and attack vectors are emerging. This paper address this concern with security as a first-order design principle: how to architect a secure and integrated middleware system spanning from IOT edge devices to back-end cloud servers. We report on our initial experiences from building a prototype utilizing secure enclave technologies on IOT devices. Our initial results indicate that isolating execution on ARM TrustZone processors comes at a relatively negligible cost.
Download

Short Papers

Paper Nr:	17
Title:	Wireless Sensor Networks IKE Phase One Negotiation Approach based on Multivariate Quadratic Quasi-groups
Authors:	Yassine Essadraoui and Mohamed Dafir Ech-cherif El Kettani
Abstract:	Key management is one of the biggest problems in IoT security. The Internet Key Exchange (IKE) protocol is well known as a secure key exchange protocol to establish secure channels between two hosts. However, IKE uses RSA as public key cryptography algorithm that is based on Diffie-Hellman (DH) key exchange which is very heavy, in term of arithmetic operations, for very constrained resources devices such as the case for WSNs. In this paper, we propose to use Multivariate Quadratic Quasigroups (MQQ) to negotiate and share a secret key between two sensors. Phase 1 of the IKE protocol is supposed, by the proposal in this paper, to use MQQ instead of Diffie-Hellman (DH) key exchange.
Download

Paper Nr:	39
Title:	Performance Testing of an Internet of Things Platform
Authors:	John Esquiagola, Laisa Costa, Pablo Calcina, Geovane Fedrecheski and Marcelo Zuffo
Abstract:	The Internet of Things (IoT) is a network of physical objects, or things, with embedded electronics, software, sensors, and connectivity. The connection of all these things leverages value generation, by offering new services and strategic information. In order to make the Internet of Things possible, the integration of many technologies is necessary, such as machine-to-machine and cyber-physical systems. The process of testing IoT applications introduces new challenges because it does not only includes typical test strategies and methodologies. Testing an IoT system depends on its the specific configuration, and it also needs to consider the hardware platform and the network environment. Currently, industry and academy efforts are focusing on usability and connectivity tests, such as: simulating the environment where the device is to be used, and ensuring information is exchanged in a secure manner. In this paper, we use the current version of our IoT platform to perform stress testing of our IoT platform under different conditions. Our test methodology for IoT applications is also presented. Three different hardware platforms have been used for performing the stress testing of our platform.
Download

Paper Nr:	48
Title:	Secure IoT: An Improbable Reality
Authors:	Nayana Mannilthodi and Jinesh M. Kannimoola
Abstract:	Internet of Things(IoT) has been the buzzword for the past decade. Apart from its hype over opportunities, the security implications of IoT are unsolvable with current technologies. There is a wide range of security challenges in each layer of IoT conceptual model. We discuss the security challenges caused by the complex structures and integration of different techniques from diverse domains. By analysing attacks at the various layers we argue that the current standards are not enough to provide a secure framework for IoT. The economical and practical reasons make it impossible to puzzle out the various security challenges in IoT stack. From this perspective, we should think twice before connecting a device to the network of things.
Download

Paper Nr:	16
Title:	Evaluating the Efficiency of Blockchains in IoT with Simulations
Authors:	Jari Kreku, Visa Vallivaara, Kimmo Halunen and Jani Suomalainen
Abstract:	As blockchain technology has gained popularity in many different application areas, there is a need to have tools for prototyping and evaluating various ways of applying blockchains. One interesting venue where this type of evaluation is very important is Internet of Things (IoT). In IoT scenarios the efficiency in energy consumption and also the timeliness of the transactions on the blockchain are important variables to consider. We present a way to apply an existing simulation tool - ABSOLUT - in evaluating blockchain implementations on embedded devices. We show the results of simulations on Raspberry Pi and Nvidia Jetson Tk1 platforms and compare the latter to actual executions. Our tool receives a fairly small error (9% on the average) and we see it as a great way to help in deciding the parameters for different blockchain implementations.
Download

Paper Nr:	24
Title:	The Day After Mirai: A Survey on MQTT Security Solutions After the Largest Cyber-attack Carried Out through an Army of IoT Devices
Authors:	Giovanni Perrone, Massimo Vecchio, Riccardo Pecori and Raffaele Giaffreda
Abstract:	Recent news of massive Distributed Denial of Service (DDoS) attacks being carried out using thousands of Internet of Things (IoT) devices transformed into attack bots are nothing else than a wake-up call for all the actors having a role on the IoT stage. The need to define and establish, as quickly as possible, viable security standards able to cope with the heterogeneous requirements arising from the IoT world is urgent, now more than ever. Maybe even before that, the dissemination of basic knowledge connected with the culture of IT security seems to play a major role in the overall security balance for IoT. Since it is more likely that systems using lightweight devices can be more vulnerable to security attacks, in this paper we start with analyzing MQTT, a message-based communication protocol explicitly designed having low-end devices in mind. After that, we move on to describe some of the security solutions and improvements typically suggested and implemented in real-life deployments of MQTT. Finally, we conclude this paper with a concise, though not exhaustive, survey on some of the most promising research topics in the IoT security area.
Download

Area 6 - IoT Technologies

Full Papers

Paper Nr:	60
Title:	RSSI-based Device Free Localization for Elderly Care Application
Authors:	Shaufikah Shukri, Latifah Munirah Kamarudin, David Lorater Ndzi, Ammar Zakaria, Saidatul Norlyna Azemi, Kamarulzaman Kamarudin and Syed Muhammad Mamduh Syed Zakaria
Abstract:	Device-Free Localization (DFL) is an effective human localizing system that exploits changes in radio signals strength of radio network. DFL is playing a critical role in many applications such as elderly care, intrusion detection, smart home, etc. DFL is ideal for monitoring the elderly activities without causing any physical discomfort with the wearable devices. It is challenging for elderly to remember each day to wear or to activate those devices. The purpose of this study is to select the best DFL methods in term of detection and tracking accuracy, which is suitable for human monitoring application especially for elderly and disable people. This paper proposes an RSSI-based DFL system that can be used to detect and locate elderly people in an area of interest (AoI) using changes in signal strength measurements. An attenuation-based and variance based methods have been introduced in the proposed DFL system. In stationary people scenario, attenuation-based method managed to accurately detect the presence of human, which is very suitable for elderly care application compared to variance-based DFL. The result shows that attenuation-based method managed to detect all trajectories of moving people with 100% detection accuracy while variance-based method only give 71.74% accuracy.
Download

Short Papers

Paper Nr:	49
Title:	Enhancing IoT Security and Privacy with Distributed Ledgers - A Position Paper
Authors:	Paul Fremantle, Benjamin Aziz and Tom Kirkham
Abstract:	The Internet of Things has a number of well-publicised security flaws, resulting in numerous recent attacks. In this paper we lay out a framework for looking at how distributed ledgers and Blockchain technology can be used to enhance the security, privacy and manageability of IoT devices and networks. A significant concern is the inability to process blockchains on small devices. We propose an architecture for IoT security and privacy based on blockchains that addresses this and other issues. We look at related work and propose areas of further research.
Download

Area 7 - Security, Privacy and Trust

Full Papers

Paper Nr:	10
Title:	A Solution for Prevention of Selective Dropping and Selfish Attacks in Opportunistic Networks
Authors:	Samaneh Rashidibajgan
Abstract:	Opportunistic Networks (OppNet) are based on routing messages from a node to another node, from a source to the destination. There is not a connection to the Internet in these networks and nodes play routers role, So it is important that all of the nodes participate in the routing protocol. These networks have high potential to vulnerable against ”Dropping and Selective Dropping Attacks” and ”Selfish attacks”. Some nodes may prefer to discard some messages in order to save their Battery life, memory space and so on, while they use the network services. It causes an interruption in the network and makes a high delay for messages. In this paper, we propose a new method based on Game Theory to prevent these attacks against OppNet, and we will prove that our strategy is a Nash equilibrium. Also we will discuss that our algorithm is resistance against various attacks
Download

Paper Nr:	18
Title:	IoDDoS — The Internet of Distributed Denial of Service Attacks - A Case Study of the Mirai Malware and IoT-Based Botnets
Authors:	Roger Hallman, Josiah Bryan, Geancarlo Palavicini, Joseph Divita and Jose Romero-Mariona
Abstract:	The Internet of Things (IoT), a platform and phenomenon allowing everything to process information and communicate data, is populated by ‘things’ which are introducing a multitude of new security vulnerabilities to the cyber-ecosystem. These vulnerable ‘things’ typically lack the ability to support security technologies due to the required lightweightness and a rush to market. There have recently been several high-profile Distributed Denial of Service (DDoS) attacks which utilized a botnet army of IoT devices. We first discuss challenges to cybersecurity in the IoT environment. We then examine the use of IoT botnets, the characteristics of the IoT cyber ecosystem that make it vulnerable to botnets, and make a deep dive into the recently discovered IoT-based Mirai botnet malware. Finally, we consider options to mitigate the risk of IoT devices being conscripted into a botnet army.
Download

Paper Nr:	20
Title:	Outsourcing Access Control for a Dynamic Access Configuration of IoT Services
Authors:	Philipp Montesano, Marc Hueffmeyer and Ulf Schreier
Abstract:	The paper describes a lightweight mechanism for authorizing access to IoT resources within distributed systems. As more and more IoT devices arise, the demand for privacy and security increases. But since current solutions are developed for conventional devices, the paper pursues the target of simplifying and applying approved technologies, such as OAuth, to meet special requirements of IoT devices. Therefore, the implemented architecture follows the idea of sourcing the access control logic out, simplifying the logic of the IoT device. Furthermore, the great diversity and fast change of IoT environments is supported by flexible policies and a dynamic and scalable access control system. Performance tests show that sourcing the access control logic out also helps to reduce the amount of consumed memory on an IoT device, in case that complex access logic is given.
Download

Paper Nr:	34
Title:	Perceptions of Digital Footprints and the Value of Privacy
Authors:	Luisa Vervier, Eva-Maria Zeissig, Chantal Lidynia and Martina Ziefle
Abstract:	Nowadays, life takes place in the digital world more than ever. Especially in this age of digitalization and Big Data, more and more actions of daily life are performed online. People use diverse online applications for shopping, bank transactions, social networks, sports, etc. Common to all, regardless of purpose, is the fact that personal information is disclosed and creates so-called digital footprints of users. In this paper, the questions are considered in how far people are aware of their personal information they leave behind and to what extent they have a concept of the attributed importance of particularly sensitive data. Moreover, it is investigated in how far people are concerned about their information privacy and for what kind of benefit people decide to disclose information. Aspects were collected in a two-step empirical approach with two focus groups and an online survey. The results of the qualitative part reveal that young people are not consciously aware of their digital footprints. Regarding a classification of data based on its sensitivity, diverse concepts exist and emphasize the context-specific and individual consideration of the topic. Results of the quantitative part reveal that people are concerned about their online privacy and that the benefit of belonging to a group outweighs the risk of disclosing sensitive data.
Download

Short Papers

Paper Nr:	7
Title:	The XACML Standard - Addressing Architectural and Security Aspects
Authors:	Óscar Mortágua Pereira, Vedran Semenski, Diogo Domingues Regateiro and Rui L. Aguiar
Abstract:	The OASIS XACML (eXtensible Access Control Markup Language) standard defines a language for the definition of access control requests and policies. It is intended to be used with ABAC (Attribute Based Access Control). Along with the language, the standard defines an architecture, workflow and evaluation mechanism. When implementing real scenarios, developers can come across with the missing of several issues not addressed by the standard. For example, the architecture proposed defines the workflow but does not define the way components should be distributed over different machines. Additionally, the standard does not include any information about how securing communications between components. This paper proposes a solution to deal with the aforementioned gaps. A proof of concept is also presented in an IoT use case in the context of the European project: SMARTIE – secure and smarter cities data management.
Download

Paper Nr:	12
Title:	Yes, I know this IoT Device Might Invade my Privacy, but I Love it Anyway! A Study of Saudi Arabian Perceptions
Authors:	Noura Aleisa and Karen Renaud
Abstract:	The Internet of Things (IoT) ability to monitor our every move raises many privacy concerns. This paper reports on a study to assess current awareness of privacy implications of IoT devices amongst Saudi Arabians. We found that even when users are aware of the potential for privacy invasion, their need for the convenience these devices afford leads them to discount this potential and to ignore any concerns they might initially have had. We then conclude by making some predictions about the direction the IoT field will take in the next 5-7 years, in terms of privacy invasion, protection and awareness.
Download

Paper Nr:	22
Title:	New Computing Model for Securing Mobile Agents in IP Networks
Authors:	Jean Tajer, Mo Adda and Benjamin Aziz
Abstract:	This paper deals with the prevention of security issues on mobile agents in IP Networks. We propose a new security computing model based on trusted server to avert Eavesdropping and Alternation attacks. The new protocol will be implemented using IBM mobile agent platform, Aglet. The new framework consists of components that provide support to the mobile agent while it is touring hosts in the agent space. It also protects the confidentiality and integrity of parts of the mobile agent. We conduct performance analysis over different types of mobile agents over a real IP Traces under malicious actions.
Download

Paper Nr:	23
Title:	Privacy Agents for IoT Cloud Communication
Authors:	Syed Khuram Shahzad, Muhammad Waseem Iqbal and Nadeem Ahmad
Abstract:	Internet of Things (IoT) has been shaped to a phenomenon from some technical framework. The smart environment based on IoT has been introduced by the construction of smart cities, offices, universities and factories. These smart environments consist of smart devices replacing simple appliances from our home and workplaces. With this interconnected environment we are connected, accessible and smartly managed through intelligent systems. These intelligent systems work on our personal, historical and current data. This data sharing brought new challenges of the privacy preservation of individuals living in this smart world. This paper provides a study of the issues related to the data sharing through these smart devices over service providing cloud. It proposes communication architecture by introducing an intermediate layer of data sharing control consisting of privacy agents. It also includes a methodology to define a customized privacy policy for different personal properties within different business models.
Download

Paper Nr:	31
Title:	IBSC System for Victims Management in Emergency Scenarios
Authors:	Alexandra Rivero-García, Iván Santos-González, Candelaria Hernández-Goya and Pino Caballero-Gil
Abstract:	This work describes an optimized system designed to help the greatest number of injured people in emergency situations, using the shortest possible time and cost. It is composed of a mobile application (assigned to medical staff and helpers), a web service and Near Field Communication wristbands assigned to victims. The mobile application is devoted to providing medical staff with the geolocation of victims as well as with an assistant indicating the best route to follow in order to take care of them based on the severity of their conditions and based on a triage method. Resolution of the routes is solved based on a classical problem, a Travelling Salesman Problem, using a k-parition algorithm to divide the huge number of victims in different clusters. Thus, each doctor has a specific area to assist victims. Besides, doctors can use a functionality of the application to contact their peers through a video call when additional help is needed. The proposal combines an keyed-Hash Message Authentication Code scheme to protect Near Field Communication tags and an IDentity-Based Cryptosystem to the wireless communication. Specifically an IDentity-Based Signcryption is used for communication confidentiality, authenticity and integrity, both among peers, and between server and medical staff.
Download

Paper Nr:	37
Title:	A Proposed Best-practice Framework for Information Security Governance
Authors:	Ghada Gashgari, Robert Walters and Gary Wills
Abstract:	Information security (IS) must be integrated into corporate governance and regarded as a governance challenge that includes reporting, accountability and adequate risk management. Good implementation of information security governance (ISG) delivers strategic alignment, risk management, resource management, performance measurement and value delivery. Several publications have addressed this field. However, the critical success factors (CSFs) that ensure the improvement from a high level across the essential governance areas for effective governance, have not been identified. Based on the literature review, this research identifies seventeen initial CSFs for ISG that affect the long-term success of organisations. For clear high-level guidance of ISG practices, a comprehensive set of ISG rules has been developed based on the principles of ISO/IEC 27014 and COBIT for IS. A best-practice framework for ISG has been proposed across the essential governance areas for effective governance of IS that support the organisations to survive and thrive.
Download

Paper Nr:	42
Title:	IoT Forensic: Bridging the Challenges in Digital Forensic and the Internet of Things
Authors:	Nurul Huda Nik Zulkipli, Ahmed Alenezi and Gary B. Wills
Abstract:	The smart devices have been used in the most major domain like the healthcare, transportation, smart home, smart city and more. However, this technology has been exposed to many vulnerabilities, which may lead to cybercrime through the devices. With the IoT constraints and low-security mechanisms applied, the device could be easily been attacked, treated and exploited by cyber criminals where the smart devices could provide wrong data where it can lead to wrong interpretation and actuation to the legitimate users. To comply with the IoT characteristics, two approaches towards of having the investigation for IoT forensic is proposed by emphasizing the pre-investigation phase and implementing the real-time investigation to ensure the data and potential evidence is collected and preserved throughout the investigation.
Download

Paper Nr:	53
Title:	Shalala Cipher, a New Implementation of Vigenere Cipher for Wireless Sensor Node Security
Authors:	Muhammad Shaiful Azrin Md Alimon, L.M. Kamarudin, Azizi Harun, Ammar Zakaria and Shaufikah Shukri
Abstract:	Cryptography is a science that deals on the method of converting plaintext into cipher text, usually with the help of encryption keys and encryption algorithm. Current standard implementation of cryptography is proved to require high resource in memory which is not suitable to be implemented in low memory embedded system, thus a lightweight cryptography are required. Vigenere cipher is one of the encryption algorithms that was easy to implement and comprehand, which can be used to provide confidentiality from the third party. Vigenere cipher is a polyalphabetic Ceaser cipher, which means it shifting the character in plaintext to become character of mod of its key character. Even thou Vigenere cipher are a classical cipher that doing its cipher using character compared to modern cipher that doing its cipher using bits and byte, it still can be implemented in modern computer by representing its character based on ASCII Table. Furthermore, because of this, its character can be extended to contain all alphabet and special character in the ASCII Table, thus allowing it to encrypt every character that can be represented using ASCII Table. Originally the resilience of Vigenere cipher is based on two factors: (1) the length of its key, and (2) the randomness of character in its key. Even though increasing the length and the used random character provide a great resilience, it takes away the fun of using dictionary word to encrypt the plaintext. To overcome that, this paper, proposing a method of implementing a Pseudorandom Path that change the flow of mod use by the Vigenere Cipher to encrypt and decrypt either positive mod or negative mod. Usually Vigenere Cipher use positive mode to encrypt, while negative mod to decrypt, however this paper propose a method to combine both mod during encryption or decryption with the supervision from the Pseudorandom Path. This method of implementation and its result were discussed in this paper and named as Shalala Cryptography. The results were compared between using original resilience and a Shalala Cryptography method. The resource requirement to implement this algorithm using C++ language is also shown, which shows a lightweight cryptography scheme in term of RAM consumption and fast processed time, which are suitable to be used in WSN or IoT environment.
Download

Paper Nr:	59
Title:	A Frequency-domain-based Pattern Mining for Credit Card Fraud Detection
Authors:	Roberto Saia and Salvatore Carta
Abstract:	Nowadays, the prevention of credit card fraud represents a crucial task, since almost all the operators in the E-commerce environment accept payments made through credit cards, aware of that some of them could be fraudulent. The development of approaches able to face effectively this problem represents a hard challenge due to several problems. The most important among them are the heterogeneity and the imbalanced class distribution of data, problems that lead toward a reduction of the effectiveness of the most used techniques, making it difficult to define effective models able to evaluate the new transactions. This paper proposes a new strategy able to face the aforementioned problems based on a model defined by using the Discrete Fourier Transform conversion in order to exploit frequency patterns, instead of the canonical ones, in the evaluation process. Such approach presents some advantages, since it allows us to face the imbalanced class distribution and the cold-start issues by involving only the past legitimate transactions, reducing the data heterogeneity problem thanks to the frequency-domain-based data representation, which results less influenced by the data variation. A practical implementation of the proposed approach is given by presenting an algorithm able to classify a new transaction as reliable or unreliable on the basis of the aforementioned strategy.
Download

Paper Nr:	69
Title:	On the Prospect of using Cognitive Systems to Enforce Data Access Control
Authors:	Fernando Fradique Duarte, Diogo Domingues Regateiro, Óscar Mortágua Pereira and Rui L. Aguiar
Abstract:	Data access control is a field that has been a subject of a lot of research for many years, which has resulted in many models being designed. Many of these models are deterministic in nature, following set rules to allow or deny access to a given user. These are sufficient in fairly static environments, but they fall short in dynamic and collaborative settings where permission needs may change or user attributes may be missing. Risk-based and probabilistic models were designed to mitigate some of these issues. These take a user profile to determine the risk associated with a particular transaction or fill in any missing attributes. However, they need to be maintained as new security threats emerge. It is argued in this paper that cognitive systems, as part of a more general Cognitive Driven Access Control approach, can close this gap by learning security threats on their own and enhancing the security of data in these environments. The benefits and considerations to be made when deploying cognitive systems are also discussed.
Download

Paper Nr:	73
Title:	Decentralized Content Trust for Docker Images
Authors:	Quanqing Xu, Chao Jin, Mohamed Faruq Bin Mohamed Rasid, Bharadwaj Veeravalli and Khin Mi Mi Aung
Abstract:	Default Docker installation does not verify an image authenticity. Authentication is vital for users to trust that the image is not malicious or tampered with. As Docker is currently a popular choice for developers, tightening its security is a priority for system administrators and DevOps engineers. Docker recently deployed Notary that is a solution to verify authenticity of their images. Notary is a viable solution, but it has some drawbacks. This paper specifically addresses its vulnerability towards Denial-of-Service (DoS) attacks, the repercussions, and discuss two potential solutions. The proposed solutions involve decentralising the trust via either a BitTorrent-like protocol or a modified blockchain. The solutions greatly reduce the risk of DoS and at the same time provide a trustless signature verification service for Docker. The solutions could also possibly be repackaged for similar use cases on other technologies. We demonstrate the proposed blockchain-based solution’s scalability and efficiency by conducting performance evaluation.
Download

Paper Nr:	27
Title:	An Overview of Risk Estimation Techniques in Risk-based Access Control for the Internet of Things
Authors:	Hany F. Atlam, Ahmed Alenezi, Robert J. Walters and Gary B. Wills
Abstract:	The Internet of Things (IoT) represents a modern approach where boundaries between real and digital domains are progressively eliminated by changing over consistently every physical device to smart object ready to provide valuable services. These services provide a vital role in different life domains but at the same time create new challenges particularly in security and privacy. Authentication and access control models are considered as the essential elements to address these security and privacy challenges. Risk-based access control model is one of the dynamic access control models that provides more flexibility in accessing system resources. This model performs a risk analysis to estimate the security risk associated with each access request and uses the estimated risk to make the access decision. One of the essential elements in this model is the risk estimation process. Estimating risk is a complex operation that requires the consideration of a variety of factors in the access control environment. Moreover, the interpretation and estimation of the risk might vary depending on the working domain. This paper presents a review of different risk estimation techniques. Existing risk-based access control models are discussed and compared in terms of the risk estimation technique, risk factors, and the evaluation domain. Requirements for choosing the appropriate risk estimation technique for the IoT system are also demonstrated.
Download