skip to main content
editorial
Free Access

Internet of Things (IoT): Smart and Secure Service Delivery

Published:07 December 2016Publication History
Skip Abstract Section

Abstract

The Internet of Things (IoT) is the latest Internet evolution that incorporates a diverse range of things such as sensors, actuators, and services deployed by different organizations and individuals to support a variety of applications. The information captured by IoT present an unprecedented opportunity to solve large-scale problems in those application domains to deliver services; example applications include precision agriculture, environment monitoring, smart health, smart manufacturing, and smart cities. Like all other Internet based services in the past, IoT-based services are also being developed and deployed without security consideration. By nature, IoT devices and services are vulnerable to malicious cyber threats as they cannot be given the same protection that is received by enterprise services within an enterprise perimeter. While IoT services will play an important role in our daily life resulting in improved productivity and quality of life, the trend has also “encouraged” cyber-exploitation and evolution and diversification of malicious cyber threats. Hence, there is a need for coordinated efforts from the research community to address resulting concerns, such as those presented in this special section. Several potential research topics are also identified in this special section.

References

  1. Elisa Bertino. 2016. Data Security and Privacy in the IoT. Keynote Summary, Proceedings of EDBT 2016.Google ScholarGoogle Scholar
  2. Colin Boyd. 2003. Protocols for Authentication and Key Establishment. In Information Security and Cryptography, SpringerGoogle ScholarGoogle Scholar
  3. Kim-Kwang Raymond Choo. 2009. Secure Key Establishment. Advances in Information Security 41, SpringerGoogle ScholarGoogle Scholar
  4. CSA. 2015. Identity and Access Management for the Internet of Things - Summary Guidance. https://downloads.cloudsecurityalliance.org/assets/research/internet-of-things/identity-and-access- management-for-the-iot.pdf (accessed Oct 13, 2016).Google ScholarGoogle Scholar
  5. Quang Do, Ben Martini, Kim-Kwang Raymond Choo. 2016. A Data Exfiltration and Remote Exploitation Attack on Consumer 3D Printers. IEEE Trans. Inf. Foren. Secur. 11, 10, 2174--2186.Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Li Duan, Dongxi Liu, Yang Zhang, Shiping Chen, Ren Ping Liu, Bo Cheng, and Junliang Chen. 2016. Secure Data-centric Access Control for Smart Grid Services based on Publish/Subscribe Systems. ACM Trans. Internet Tech. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Ashish Kamra and Elisa Bertino. 2011. Design and Implementation of an Intrusion Response System for Relational Databases. IEEE Trans. Knowl. Data Engin. 23, 6, 875--888. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Matthew Lentz, Viktor Erdélyi, Paarijaat Aditya, Elaine Shi, Peter Druschel, and Bobby Bhattacharjee. 2014. SDDR: Light-weight, Secure Mobile Encounters. In Proceedings of the 23rd USENIX Security Symposium (USENIX Security’14). pp. 925--940. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Beibei Li, Rongxing Lu, Wei Wang, Kim-Kwang Raymond Choo. 2016. DDOA: A Dirichlet-Based Detection Scheme for Opportunistic Attacks in Smart Grid Cyber-Physical System. IEEE Trans. Inf. Foren. Secur. 11, 11, 2415--2425.Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Milagro Project. 2016. http://dev.docs.milagro.io.s3-website-us-east-1.amazonaws.com/en/milagro-a-case-for-something-new-part-1.html, Accessed Oct. 12, 2016.Google ScholarGoogle Scholar
  11. Anne H. H. Ngu, Mario Gutierrez, Vangelis Metsis, Surya Nepal, and Quan Z. Sheng. 2016. IoT Middleware Survey: Issues and Enabling Technologies. IEEE Internet of Things Journal. online, http://ieeexplore.ieee.org/document/7582463/.Google ScholarGoogle Scholar
  12. Victor Prokhorenko, Kim-Kwang Raymond Choo, and Helen Ashman. 2016. Intent-Based Extensible Real-Time PHP Supervision Framework. IEEE Trans. Inf. Foren. Secur. 11, 10, 2215--2226.Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Deepak Puthal, Surya Nepal, Rajiv Ranjan, and Jinjun Chen. 2016a. Threats to Networking Cloud and Edge Datacenters in the Internet of Things. IEEE Cloud Computing 3, 3, 64--71.Google ScholarGoogle ScholarCross RefCross Ref
  14. Deepak Puthal, Surya Nepal, Rajiv Ranjan, and Jinjun Chen. 2016b. DLSeF: A Dynamic Key Length Based Efficient Real-Time Security Verification Model for Big Data Streams. ACM Trans. Embedd. Comput. Syst.Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Ahmed Saeed, Ali Ahmadina, Abbas Javed, and Hadi Larijani. 2016. Random Neural Network based Intelligent Intrusion Detection and Prevention Mechanism for IoT Applications. ACM Trans. Internet Tech. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Neetesh Saxena, Santiago Grijalva, and Narendra S. Chaudhari. 2016. Authentication Protocol for IoT-Enabled LTE Network. ACM Trans. Internet Tech. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Seung-Hyun Seo, Jongho Won, and Elisa Bertino. 2016. pCLSC-TKEM: A Pairing-free Certificateless Signcryption-tag Key Encapsulation Mechanism for a Privacy-Preserving IoT. Trans. Data Priv. 9, 2, 101--130. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Bilal Shebaro, Oyindamola Oluwatimi, and Elisa Bertino. 2015. Context-Based Access Control Systems for Mobile Devices. IEEE Trans. Depend. Sec. Comput. 12, 2, 150--163.Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Shachar Siboni, Asaf Shabtai, Yuval Elovici, Nils Ole Tippenhauer, and Jemin Lee. 2016. Advanced security testbed framework for wearable IoT devices. ACM Trans. on Internet Tech. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Jongho Won, Seung-Yun Seo, and Elisa Bertino. 2015. A Secure Communication Protocol for Drones and Smart Objects. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIA CCS’15). (Singapore, April 14-17, 2015). Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Yanjiang Yang, Jiqiang Lu, Kim-Kwang Raymond Choo, and Joseph K. Liu. 2015a. On Lightweight Security Enforcement in Cyber-Physical Systems. In Proceedings of 4th International Workshop on Lightweight Cryptography for Security and Privacy (LightSec 2015) (Bochum, Germany). Volume 9542/2015 of Lecture Notes in Computer Science, Springer-Verlag, pp. 97--112. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Yanjiang Yang, Joseph K. Liu, Kaitai Liang, Kim-Kwang Raymond Choo, and Jianying Zhou. 2015b. Extended Proxy-Assisted Approach: Achieving Revocable Fine-Grained Cloud Data Encryption. In Proceedings of 20th European Symposium on Research in Computer Security (ESORICS 2015) (Vienna, Austria). Volume 9327/2015 of Lecture Notes in Computer Science. Springer-Verlag, pp. 146--166.Google ScholarGoogle ScholarCross RefCross Ref
  23. Yuexin Zhang, Yang Xiang, and Xinyi Huang. 2016. Password Authenticated Group Key Exchange: A Cross-Layer Design. ACM Trans. Internet Tech. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Internet of Things (IoT): Smart and Secure Service Delivery

    Recommendations

    Reviews

    Eric Chan-Tin

    The coverage of the Internet of Things (IoT), especially on security, is critical. As the paper and other sources on the Internet say, there are over 15 billion IoT devices in 2014, and this number is expected to grow exponentially in the coming years. It is critical that security is addressed as the "things" become commonplace. The authors provide a summary of the December 2016 special issue of the ACM Transactions on Internet Technology , giving an overview of the five published papers and some avenues for future work. The five published papers cover 1) an access control mechanism, which is important for IoT devices; 2) key establishment, as pre-shared keys are hard to use for IoT; 3) design of a lightweight authentication protocol for IoT; 4) vulnerability assessment for software prior to commercialization; and 5) real-time intrusion detection for IoT infrastructure. The authors also propose some research challenges, which cover all the important aspects of IoT security from middleware to authentication, to patch management to infrastructure security. This special issue and the research challenges will hopefully spur further work on IoT security. Online Computing Reviews Service

    Access critical reviews of Computing literature here

    Become a reviewer for Computing Reviews.

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM Transactions on Internet Technology
      ACM Transactions on Internet Technology  Volume 16, Issue 4
      Special Issue on Internet of Things (IoT): Smart and Secure Service Delivery
      December 2016
      168 pages
      ISSN:1533-5399
      EISSN:1557-6051
      DOI:10.1145/3023158
      • Editor:
      • Munindar P. Singh
      Issue’s Table of Contents

      Copyright © 2016 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 7 December 2016
      • Received: 1 October 2016
      • Accepted: 1 October 2016
      Published in toit Volume 16, Issue 4

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Qualifiers

      • editorial
      • Opinion
      • Refereed limited

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!