信息安全在物联网时代面临的挑战

物联网安全研究主要集中在物联网安全体系、物联网个体隐私保护模式、物联网安全相关法律的制定等方面。首先举例说明物联网在智能电网等生产生活领域的应用,然后讨论了物联网安全技术架构。最后根据物联网的安全架构分析了物联网安全面临的挑战。由此警示我们应提早应对物联网发展带来的信息安全等挑战。     

物联网安全问题的分析

近几年,随着物联网技术的不断研究与发展,其逐步走向了实用阶段。物联网技术在智能交通,智能家居,智慧物流等方面得到了广泛的应用。而物联网在各个方面越来越广泛的应用,也对其传输数据、信息的安全性提出了更高的要求。结合物联网特征,就物联网在应用中面临的安全问题展开讨论,就对物联网各逻辑层的安全需求分析,找出物联网环境中最需要关注身份认证的环节,为物联网安全问题的研究与发展起到一定的建言作用。     

物联网信息系统安全测评服务模式的研究

近年来物联网的快速发展导致物联网信息系统的安全性问题越来越被人们所关注。面对物联网信息系统所面临的新的安全威胁,如何对物联网信息系统进行有效、全面的安全测评成为新的挑战。本文介绍了当前信息系统测评服务的发展现状,分析探讨了物联网信息系统所面临的新的安全威胁,基于这些安全威胁给出了测评体系和测评指标的建立方法,并设计出物联网信息系统的安全测评服务模式,为开展物联网信息系统的安全测评工作提供理论基础。     

物联网安全关键技术与挑战

随着物联网的不断发展,在技术方面已经取得了很大进展。物联网发展过程中,不仅要考虑物联网安全方面的问题,而且要探究其未来的发展方向。笔者根据多年的物联网从业经验,总结了物联网安全技术所面临的挑战,阐述了如何克服物联网发展过程中所面临的难题。基于此,从物联网技术的安全需求出发,提出几点建设安全、可靠的物联网体系时需要应用的安全技术,以期为相关从业者深入了解物联网安全关键技术与挑战提供帮助,促使物联网发挥更大的价值。     

物联网技术在智慧城市建设中的应用

通过分析物联网的概念及特点,总结了物联网技术在智慧城市建设中的核心应用。同时对城市智慧交通、智慧医疗、智能电网、智慧物流、智慧水利、智慧旅游、智慧校园等方面的物联网应用进行了描述。     

泛在计算安全综述

随着人机物互联融合的泛在计算及其关键技术的快速发展,泛在计算已成为我国智能软硬件创新研发和生态构建的研究热点,驱动了智慧家庭、工业互联网、自动驾驶、智能云计算等众多典型应用产业日益普及繁荣,其安全问题也受到越来越多研究者的关注.目前,泛在计算安全研究尚在起步阶段,相关研究成果还不能系统地解决泛在计算发展中面临的安全问题.首先对当前泛在计算及其操作系统的发展现状进行了介绍,系统阐述了泛在计算的操作系统架构.归纳和分析了近几年国内外相关研究文献,将泛在计算安全问题划分为3个层面：系统软件安全、智能设备安全和通信安全,并系统总结了各个层面的安全问题与研究现状和重点.集中分析并讨论了泛在计算4个典型应用场景(智慧家庭、工业互联网、自动驾驶和智能云计算)中特定场景相关的安全问题和研究进展.归纳总结了现有研究工作中存在的不足与问题,并指出了泛在计算安全研究面临的八大安全技术挑战与机遇.最后,通过详尽分析这些安全技术挑战,指出了泛在计算安全的8个未来研究方向.     

物联网关键技术分析及安全策略

本文对物联网的发展现状进行了调研,分析了物联网的相关技术:射频识别、传感器技术、智能嵌入式,并着重分析了物联网未来发展的关键技术:小型化和纳米技术,进而总结了物联网所面临的安全问题并给出了模块化的硬件和软件组件、带宽提速、充分的漏洞管理、预防服务中断、防御系统不断更新等的应对策略.     

物联网技术在智慧校园建设中的应用

本文介绍了物联网技术和智慧校园的相关概念、层次结构及特征,并从教学、管理和资源共享等方面论述了物联网技术在智能校园建设中的应用,基于物联网技术的智慧校园是未来高校发展的重要趋势。     

面向智慧城市的物联网基础设施关键技术研究

智慧城市是利用物联网等新一代信息技术实现城市智慧运行和管理的新型城市形态,是信息技术与城市发展深度融合的产物;针对当前智慧城市因碎片化、烟囱式发展模式而面临的重复建设严重、跨域资源难以共享与联动协同等突出问题,从资源汇聚和促进城市应用互联互通互操作的角度,定义了城市物联网基础设施的概念内涵,提出城市物联网基础设施是一个涵盖“网络+平台+服务”的综合体,分析总结了国内外政府与企业在城市物联网基础设施尤其是物联网平台方面的发展现状,在此基础上,研究提出了为实现城市物联资源泛在接入、网络融合、资源管理和智能服务等核心功能亟需突破的关键技术,最后给出了推动城市物联网基础设施快速发展的意见和建议。     

基于物联网理念的流域智能调度技术体系刍议

针对流域调度面临着监测信息不全面、传输效率低下、计算速度远远不能满足实际要求等问题,物联网技术的出现改变了这一局面,为流域调度发生突破性进展奠定了坚实基础。以此作为出发点,总结分析了流域调度的特点和要求,以及现有调度系统存在的问题,并探讨了物联网技术与流域调度的联系。以保障防洪、供水、生态、能源、航运和工程等安全为目标,提出了基于物联网技术的流域智能调度技术体系,对流域智能调度中的智能感知、仿真、诊断、预警、调度、处置、控制、综合指挥平台、数据处理和运维等关键技术进行了研究。最后在物联网技术的基础上,结合流域信息化的发展趋势和数字流域的建设,提出了"智慧流域"的概念。     

物联网无线协议安全综述

近些年来,随着物联网的快速发展,其应用场景涵盖智慧家庭、智慧城市、智慧医疗、智慧工业以及智慧农业.相比于传统的以太网,物联网能够将各种传感设备与网络结合起来,实现人、电脑和物体的互联互通.形式多样的物联网协议是实现物联网设备互联互通的关键,物联网协议拥有不同的协议栈,这使得物联网协议往往能表现出不同的特性.目前应用较广...     

IoT智能设备安全威胁及防护技术综述

伴随着物联网的产生和发展,IoT智能设备越来越多地出现,其大规模普及的同时,也给用户个人资产安全与隐私保护带来了极大地冲击和挑战。本文围绕智能设备,基于智能设备终端、云服务端和用户控制终端三端系统架构,综述目前智能设备安全威胁的主要来源和技术攻击手段,并针对性地梳理已有防护技术和安全研究现状。然后,针对现有IoT智能设备安全防护体系缺失和安全设计不足的问题,本文讨论提出了全生命周期的IoT智能设备系统防护模型设计思路。     

Using virtual environments for the assessment of cybersecurity issues in IoT scenarios

Internet of Things (IoT) has been forecast as the next main evolution in the field of Information and Communication Technology. Recent studies confirm a steep and constant increase of the diffusion of smart objects, which are capable to interact with the real world and to communicate and gather information autonomously through Internet connections. In the rush of devising and releasing to the market the next killer application for the IoT domain, critical issues regarding the cybersecurity risks are currently overlooked. Because security, like most software qualities, is not an orthogonal requirement, i.e. one that can be satisfied by adding some features at any development stage, this is going to have a very costly impact, potentially leading to failure, on the technologies currently developed for the IoT domain. In order to cope adequately with such issues, IoT applications need to be designed to be secure since their inception and suitable security assessment tools should be made available. This paper describes an approach based on the exploitation of virtual environments and agent-based simulation for the evaluation of cybersecurity solutions for the next generation of IoT applications in realistic scenarios. The effectiveness of the approach is shown by considering a concrete case study involving the cooperation of real and virtual smart devices inside a virtualized scenario where security issues are first evaluated and then handled.     

Internet of things: Survey on security

The Internet of things (IoT) is intended for ubiquitous connectivity among different entities or “things”. While it provides effective and efficient solutions to many real world challenges, the security aspect of it has always been questioned. The situation is further exacerbated by the number of connected devices growing exponentially. As a result, security and privacy has emerged as a significant challenge for the IoT. In this paper, we aim to provide a thorough survey on IoT security and privacy challenges from the perspective of technologies and architecture used. This work focuses on IoT intrinsic vulnerabilities and their implications to the fundamental information security challenges in confidentiality, integrity, and availability. The approach of this survey is to summarize and synthesize published work in IoT; relate it to the security conjuncture of the field; and project future research directions.     

Advanced mobile and wearable systems

The recent spectacular progress in the microelectronic, information, communication, material and sensor technologies created a big stimulus towards development of smart communicating cyber-physical systems (CPS) and Internet of Things (IoT). CPS and IoT are undergoing an explosive growth to a large degree related to advanced mobile systems like smart automotive and avionic systems, mobile robots and wearable devices. The huge and rapidly developing markets of sophisticated mobile cyber-physical systems represent great opportunities, but these opportunities come with a price of unusual system complexity, as well as, stringent and difficult to satisfy requirements of many modern applications. Specifically, smart cars and various wearable systems to a growing degree involve big instant data from multiple complex sensors or other systems, and are required to provide continuous autonomous service in a long time. In consequence, they demand a guaranteed (ultra-)high performance and/or (ultra-)low energy consumption, while requiring a high reliability, safety and security. To adequately address these demands, sophisticated embedded computing and embedded design technologies are needed. After an introduction to modern mobile systems, this paper discusses the huge heterogeneous area of these systems, and considers serious issues and challenges in their design. Subsequently, it discusses the embedded computing and design technologies needed to adequately address the issues and overcome the challenges in order to satisfy the stringent requirements of the modern mobile systems.     

Internet of Things for the Future of Smart Agriculture: A Comprehensive Survey of Emerging Technologies

This paper presents a comprehensive review of emerging technologies for the internet of things (IoT)-based smart agriculture. We begin by summarizing the existing surveys and describing emergent technologies for the agricultural IoT, such as unmanned aerial vehicles, wireless technologies, open-source IoT platforms, software defined networking (SDN), network function virtualization (NFV) technologies, cloud/fog computing, and middleware platforms. We also provide a classification of IoT applications for smart agriculture into seven categories: including smart monitoring, smart water management, agrochemicals applications, disease management, smart harvesting, supply chain management, and smart agricultural practices. Moreover, we provide a taxonomy and a side-by-side comparison of the state-of-the-art methods toward supply chain management based on the blockchain technology for agricultural IoTs. Furthermore, we present real projects that use most of the aforementioned technologies, which demonstrate their great performance in the field of smart agriculture. Finally, we highlight open research challenges and discuss possible future research directions for agricultural IoTs.      

面向物联网的基于智能合约的认证和授权方案

由于存在单点失效、规模受限等问题,传统中心化的解决方案很难满足物联网的安全需求。针对这种情况,提出一个面向IoT的基于智能合约的访问控制方案。通过引用IoT智能网关作为IoT设备的中心管理节点和公有区块链的全能节点,采用中心化与去中心化相结合、私有区块链和公有区块相结合、本地局部存储和外部公共存储相结合的方法加以实现。该方案实现IoT设备和IoT智能网关的相互认证,并实现用户对IoT设备中资源及存储在数据库中的数据的授权访问,具有去中心化、分布式优点,满足了规模性和安全性要求。     

How to evaluate an Internet of Things system: Models,case studies,and real developments

The paper proposes the use of Node-RED, a flow-based programming tool targeted to Internet of Things (IoT), along with a series of case studies related to different IoT contexts, which demonstrate Node-RED's potentialities and outcomings toward the realization of well-structured IoT environments. The analyzed applications potentially include a wide range of domains, ranging from smart cities, smart buildings, smart homes/offices, smart retailing, to smart transportation, smart logistics, smart agriculture, smart health, military scenarios, and so on. The motivations behind the presented work are related to the fact that IoT application fields usually involve the same technologies and communication protocols, which are frequently adopted for totally different purposes. Issues such as systems' interoperabiliy, scalability, security and privacy naturally emerge, due to the huge amount of heterogeneous devices acting in the IoT environment itself and to the wireless nature of information transmissions. As a consequence, it is fundamental to dispose of adequate tools for supporting developers in design the network architecture and messages' exchange, in order to realize efficient and effective IoT network infrastructures.     

物联网应用中访问控制智能合约的形式化验证

蓝牙、WiFi等网络技术的进步推动物联网（IoT）的发展,然而IoT在方便了人们生活的同时也存在严重的安全隐患。若无安全的访问控制,非法接入IoT的访问可能给用户带来各方面的损失。传统的访问控制方法需要一个可信任的中心节点,不适合节点分散的IoT环境。区块链及智能合约的出现为IoT应用的访问控制提供了更有效的解决方案,但用一般测试方法难以保证实现IoT应用的访问控制智能合约的正确性。针对这个问题,提出一种利用模型检测工具Verds对访问控制智能合约进行形式化验证从而保障合约正确性的方法。该方法利用状态迁移系统定义Solidity智能合约的语义,应用计算树逻辑（CTL）公式描述所要验证的性质,并对智能合约交互及用户行为进行建模,从而形成Verds的输入模型及所要验证性质,然后利用Verds验证待测性质的正确性。方法核心是Solidity合约子集到Verds输入模型的转换。对两个IoT资源访问控制智能合约的实验结果表明,该方法可以对访问控制合约的典型场景及期望性质进行验证,提升了智能合约的可靠性。     

Middleware for Internet of Things: Survey and Challenges

The Internet of things (IoT) applications span many potential fields. Furthermore, smart homes, smart cities, smart vehicular networks, and healthcare are very attractive and intelligent applications. In most of these applications, the system consists of smart objects that are equipped by sensors and Radio Frequency Identification (RFID) and may rely on other technological computing and paradigm solutions such as M2M (machine to machine) computing, Wifi, Wimax, LTE, cloud computing, etc. Thus, the IoT vision foresees that we can shift from traditional sensor networks to pervasive systems, which deliver intelligent automation by running services on objects. Actually, a significant attention has been given to designing a middleware that supports many features; heterogeneity, mobility, scalability, multiplicity, and security. This papers reviews the-state-of-the-art techniques for IoT middleware systems and reveals an interesting classification for these systems into service and agent-oriented systems. Therefore two visions have emerged to provide the IoT middleware systems: Via designing the middleware for IoT system as an eco-system of services or as an eco-system of agents. The most common feature of the two approaches is the ability to overcome heterogeneity issues. However, the agent approach provides context awareness and intelligent elements. The review presented in this paper includes a detailed comparison between the IoT middleware approaches. The paper also explores challenges that form directions for future research on IoT middleware systems. Some of the challenges arise, because some crucial features are not provided (or at most partially provided) by the existing middleware systems, while others have not been yet tackled by current research in IoT.