IoT/CPS的安全体系结构及关键技术

物联网（IoT）和信息物理融合系统（CPS）作为下一代网络的核心技术,被业界广泛关注。与传统网络不同,IoT/CPS异构融合、协同自治、开放互连的网络特性带来了巨大的系统安全方面的挑战。挑战包括安全协议的无缝衔接、用户隐私保护等。研发新的安全模型、关键安全技术和方法是IoT/CPS发展中的重点。文章基于IoT/CPS安全需求和威胁模型,提出了一种层次化的安全体系结构,并针对隐私保护、跨网认证和安全控制等IoT/CPS的关键安全技术展开讨论。     

物联网的问题和挑战

如今,随着物联网应用范围的不断扩大,其发展已经体现出了多面性。这是从基于计算机的网络模式向智能对象的完全分布式网络的重大转变,这种变化带来了体系结构和安全等问题。文章从物联网的概念、结构、挑战和安全隐私方面对其进行了介绍。     

基于雾计算的物联网架构研究

物联网是一种能将物体连接至互联网使其更加智能的技术.但是物联网设备产生的大数据难以处理,网络架构的可扩展性差,以及用户的安全隐私容易泄露等问题都限制了物联网的发展.为了解决这些问题,通过分析雾计算所具有的优势提出基于雾计算的物联网架构.基于该架构,同时考虑到用户的安全隐私问题,又提出分层的网络架构.最后对文章进行总结和展望.     

Survey on data security and privacy-preserving for the research of edge computing

With the rapid development and extensive application of the Internet of things (IoT),big data and 5G network architecture,the massive data generated by the edge equipment of the network and the real-time service requirements are far beyond the capacity if the traditional cloud computing.To solve such dilemma,the edge computing which deploys the cloud services in the edge network has envisioned to be the dominant cloud service paradigm in the era of IoT.Meanwhile,the unique features of edge computing,such as content perception,real-time computing,parallel processing and etc.,has also introduced new security problems especially the data security and privacy issues.Firstly,the background and challenges of data security and privacy-preserving in edge computing were described,and then the research architecture of data security and privacy-preserving was presented.Secondly,the key technologies of data security,access control,identity authentication and privacy-preserving were summarized.Thirdly,the recent research advancements on the data security and privacy issues that may be applied to edge computing were described in detail.Finally,some potential research points of edge computing data security and privacy-preserving were given,and the direction of future research work was pointed out.     

Security and Privacy in IoT: A Survey

The Internet of Things (IoT) is a network of globally connected physical objects, which are associated with each other via Internet. The IoT foresees the interconnection of few trillions of intelligent objects around us, uniquely and addressable every day, these objects have the ability to accumulate process and communicate data about themselves and their surrounding environment. The best examples of IoT systems are health care, building smart city with advance construction management system, public and defense surveillance and data acquisition. Recent advancement in the technology has developed smart and intelligent sensor nodes and RFIDs lead to a large number of wireless networks with smart and intelligent devices (object, or things) connected to the Internet continuously transmit the data. So to provide security and privacy to this data in IoT is a very challenging task, which is to be concerned at highest priority for several current and future applications of IoT. Devices such as smart phone, WSNs and RFIDs etc., are the major components of IoT network which are basically resource constrained devices. Design and development of security and privacy management schemes for these devices is guided by factors like good performance, low power consumption, robustness to attacks, tampering of the data and end to end security. Security schemes in IoT provide unauthorized access to information or other objects by protecting against alterations or destruction. Privacy schemes maintain the right to control about the collected information for its usage and purpose. In this paper, we have surveyed major challenges such as Confidentiality, Integrity, Authentication, and Availability for IoT in a brief manner.

     

基于物联网的网络信息安全体系

物联网是计算机、互联网与移动通信网等相关技术的演进和延伸,其核心共性技术、网络与信息安全技术以及关键应用是物联网的主要研究内容。物联网感知节点大都部署在无人监控环境,并且由于物联网是在现有的网络基础上扩展了感知网络和应用平台,传统网络安全措施不足以提供可靠的安全保障。物联网安全研究将主要集中在物联网安全体系、物联网个体隐私保护模式、终端安全功能、物联网安全相关法律的制订等方面。     

Security in Internet of Things: issues,challenges, taxonomy,and architecture

Internet technology is very pervasive today. The number of devices connected to the Internet, those with a digital identity, is increasing day by day. With the developments in the technology, Internet of Things (IoT) become important part of human life. However, it is not well defined and secure. Now, various security issues are considered as major problem for a full-fledged IoT environment. There exists a lot of security challenges with the proposed architectures and the technologies which make the backbone of the Internet of Things. Some efficient and promising security mechanisms have been developed to secure the IoT environment, however, there is a lot to do. The challenges are ever increasing and the solutions have to be ever improving. Therefore, aim of this paper is to discuss the history, background, statistics of IoT and security based analysis of IoT architecture. In addition, we will provide taxonomy of security challenges in IoT environment and taxonomy of various defense mechanisms. We conclude our paper discussing various research challenges that still exist in the literature, which provides better understanding of the problem, current solution space, and future research directions to defend IoT against different attacks.     

A Review on the Security of the Internet of Things: Challenges and Solutions

The Internet of Things (IoT) has emerged as a modern wave of Internet technologies that promises great transformation of life in areas such as smart health, smart cities, smart homes, intelligent transport, amongst others. However, security often serves as a critical reason for the widespread adoption of any innovation. While the IoT has increased business productivity and enriched diverse areas of life over the years, the world is yet to see a methodical revolution of its humongous application and transformation given its ubiquity and highly interconnected global network structure. The main culprit for such lapses is principally attributed to security and privacy issues which have been widely discussed in research articles and reviews but remain largely unaddressed in the literature. Hence, this paper provides a state-of-the-art review of IoT security and its challenges. It overviews technical and legal solutions that are useful to private, organizational, and governmental enterprises. The study encompasses the review and security analysis of IoT’s evolution and revolution, IoT security assessments, requirements, current research challenges in security and much more. Consequently, it offers potential solutions to address the security challenges discussed and further present open research issues, research gaps, opportunities, future development, and recommendations. This overview is intended to serve as a knowledgebase that will proffer novel foresight to guide users and administrators in positioning themselves and their organizations in a manner that is consistent with their overall objectives, mission, and vision for remarkable outcomes. Likewise, interested scholars and researchers can explore topics and directions from the study in providing better solutions to the numerous problems in IoT security.

     

Future IoT‐enabled threats and vulnerabilities: State of the art,challenges, and future prospects

In the recent era, the security issues affecting the future Internet‐of‐Things (IoT) standards has fascinated noteworthy consideration from numerous research communities. In this view, numerous assessments in the form of surveys were proposed highlighting several future IoT‐centric subjects together with threat modeling, intrusion detection systems (IDS), and various emergent technologies. In contrast, in this article, we have focused exclusively on the emerging IoT‐related vulnerabilities. This article is a multi‐fold survey that emphasizes on understanding the crucial causes of novel vulnerabilities in IoT paradigms and issues in existing research. Initially, we have emphasized on different layers of IoT architecture and highlight various emerging security challenges associated with each layer along with the key issues of different IoT systems. Secondly, we discuss the exploitation, detection, and defense methodologies of IoT malware‐enabled distributed denial of service (DDoS), Sybil, and collusion attack capabilities. We have also discussed numerous state‐of‐the‐art strategies for intrusion detection and methods for IDS setup in future IoT systems. Third, we have presented a brief classification of existing IoT authentication protocols and a comparative analysis of such protocols based on different IoT‐enabled cyber attacks. For conducting a real‐time future IoT research, we have presented some emerging blockchain solutions. We have also discussed a comparative examination of some of the recently developed simulation tools and IoT test beds that are characterized based on different layers of IoT infrastructure. We have also outlined some of the open issues and future research directions and also facilitate the readers with broad classification of existing surveys in this domain that addresses several scopes related to the IoT paradigm. This survey article focuses in enabling IoT‐related research activities by comparing and merging scattered surveys in this domain.     

Security of the Internet of Things: perspectives and challenges

Internet of Things (IoT) is playing a more and more important role after its showing up, it covers from traditional equipment to general household objects such as WSNs and RFID. With the great potential of IoT, there come all kinds of challenges. This paper focuses on the security problems among all other challenges. As IoT is built on the basis of the Internet, security problems of the Internet will also show up in IoT. And as IoT contains three layers: perception layer, transportation layer and application layer, this paper will analyze the security problems of each layer separately and try to find new problems and solutions. This paper also analyzes the cross-layer heterogeneous integration issues and security issues in detail and discusses the security issues of IoT as a whole and tries to find solutions to them. In the end, this paper compares security issues between IoT and traditional network, and discusses opening security issues of IoT.     

物联网加密技术研究

物联网是一种虚拟网络与现实世界实时交互的新型系统,随着物联网技术的迅猛发展,物联网终端的安全问题也逐渐被重视。文中通过分析物联网终端设备存在的认证、私隐等安全问题,针对终端设备计算能力、网络资源有限的特点,研究了基于IBE密钥参数协商和身份鉴别技术、轻量级加密算法和密码自同步技术,提出了将几种技术相结合的加密技术方案,并对这种方案的安全性进行了分析。     

物联网搜索技术综述

随着物联网的普及和发展,物联网搜索是摆在学术界和工业界面前迫切需要解决的问题,物联网搜索因此成为当前的一个研究热点。面对越来越多的传感器以及它们所产生的数据,只有结合智能的物联网搜索,才能体现这些数据的生命力。与传统的Baidu、Google、Bing、Yahoo等搜索引擎不同,物联网搜索从搜索对象、物理网数据的特点（大规模的、实时变化的、高度动态的、异构的、复杂的安全环境等）到物联网搜索的架构均与传统互联网不同,这导致了物联网搜所面临的挑战将更大。由此,阐述了物联网搜索的概念、特点、相关技术,对现有的典型系统和算法进行了比较性总结,分析了目前研究中存在的问题和挑战,并展望了其未来的发展方向。     

Middleware technologies for cloud of things: a survey

The next wave of communication and applications will rely on new services provided by the Internet of Things which is becoming an important aspect in human and machines future. IoT services are a key solution for providing smart environments in homes, buildings, and cities. In the era of massive number of connected things and objects with high growth rate, several challenges have been raised, such as management, aggregation, and storage for big produced data. To address some of these issues, cloud computing emerged to the IoT as Cloud of Things (CoT), which provides virtually unlimited cloud services to enhance the large-scale IoT platforms. There are several factors to be considered in the design and implementation of a CoT platform. One of the most important and challenging problems is the heterogeneity of different objects. This problem can be addressed by deploying a suitable “middleware” which sits between things and applications as a reliable platform for communication among things with different interfaces, operating systems, and architectures. The main aim of this paper is to study the middleware technologies for CoT. Toward this end, we first present the main features and characteristics of middlewares. Next, we study different architecture styles and service domains. Then, we present several middlewares that are suitable for CoT-based platforms and finally, a list of current challenges and issues in the design of CoT-based middlewares is discussed.     

IoT–Cloud collaboration to establish a secure connection for lightweight devices

Internet of Things (IoT) technologies allow everyday objects including small devices in sensor networks to be capable of connecting to the Internet. Such an innovative technology can lead to positive changes in human life. However, if there is no proper security mechanism, private and sensitive data around humans can be revealed to the public Internet. In this aspect, this paper considers security issues of the IoT. In particular, we focus on various challenges in deploying Datagram Transport Layer Security (DTLS) protocol into a resource constrained environment. DTLS provides secure communication with UDP-based applications the same as TLS does for TCP-based applications. Several standard organizations such as IETF, oneM2M and OMA recommend using the DTLS as a default secure scheme for CoAP which is a new standard specified for resource-constrained environments. To find a practical way to deploy the DTLS in such a constrained IoT environments, we propose an IoT–Cloud collaboration system, where DTLS handshake delegation is the main component. We also implement and evaluate the proposed system in our real IoT testbed, where constrained devices are interconnected with each other in a multi-hop fashion. Evaluation results show that the proposed scheme dramatically reduces DTLS handshake latency, implementation code size and energy consumption.     

A review on smart home present state and challenges: linked to context-awareness internet of things (IoT)

The smart home is considered as an essential domain in Internet of Things (IoT) applications, it is an interconnected home where all types of things interact with each other via the Internet. This helps to automate the home by making it smart and interconnected. However, at the same time, it raises a great concern of the privacy and security for the users due to its capability to be controlled remotely. Hence, the rapid technologically growth of IoT raises abundant challenges such as how to provide the home users with safe and secure services keeping privacy in the account and how to manage the smart home successfully under the controlled condition to avoid any further secrecy or theft of personal data. A number of the research papers are available to address these critical issues, researchers presented different approaches to overcome these stated issues. This research review will analyze smart home approaches, challenges and will suggest possible solutions for them and illustrate open issues that still need to be addressed.

     

Mobile RFID的安全和隐私问题研究

射频识别技术被广泛应用于物体的自动识别,广泛地部署射频识别的标签会给用户的隐私带来新的安全威胁。目前,射频识别出现一种融合的趋势,阅读器被集成到移动电话中。移动射频识别主要应用于普通终端用户,用户的安全和隐私是最优考虑的问题。论文描述了移动RFID的应用场景和安全及隐私威胁,重点描述了移动环境下特殊的安全和隐私危险及解决移动RFID安全和隐私问题的安全体系构架方案。     

A roadmap for security challenges in the Internet of Things

Unquestionably, communicating entities (object, or things) in the Internet of Things (IoT) context are playing an active role in human activities, systems and processes. The high connectivity of intelligent objects and their severe constraints lead to many security challenges, which are not included in the classical formulation of security problems and solutions. The Security Shield for IoT has been identified by DARPA (Defense Advanced Research Projects Agency) as one of the four projects with a potential impact broader than the Internet itself. To help interested researchers contribute to this research area, an overview of the IoT security roadmap overview is presented in this paper based on a novel cognitive and systemic approach. The role of each component of the approach is explained, we also study its interactions with the other main components, and their impact on the overall. A case study is presented to highlight the components and interactions of the systemic and cognitive approach. Then, security questions about privacy, trust, identification, and access control are discussed. According to the novel taxonomy of the IoT framework, different research challenges are highlighted, important solutions and research activities are revealed, and interesting research directions are proposed. In addition, current standardization activities are surveyed and discussed to the ensure the security of IoT components and applications.     

Enabling Location Privacy and Medical Data Encryption in Patient Telemonitoring Systems

Patient telemonitoring systems (PTS) deal with the acquisition, processing, and secure transmission of a patient's physiological and physical parameters to a remote location, where expert medical knowledge is available. In emergency situations, when the patient's life is threatened, the trend in modern PTS is to transmit the current location of the patient. Although research in communications security has led to mechanisms that sufficiently protect medical data, research related to location privacy area is still in its early stages. This paper proposes an architecture that enhances PTS through location privacy and data encryption. We study the most popular PTS technologies in conjunction with location privacy architectures and propose an innovative scheme that exploits a point-to-point protocol called Mist. We describe a prototype implementation, developed for validating the proposed framework along with the corresponding evaluation results.      

智能物联网AIoT研究综述

智能物联网（artificial intelligence of things,AIoT）是人工智能与物联网技术相融合的产物,这一新兴概念在智慧城市、智能家居、智慧制造、无人驾驶等领域得到了广泛应用。然而AIoT相关技术研究仍处于初级阶段, 存在大量问题和挑战。首先简述了AIoT技术产生的背景,明晰其定义和应用场景。以此为契机,构建了一个新型的面向智能信息处理的云边端融合AIoT架构。在给出AIoT研究体系的基础上, 详细探讨并比较了其各组成技术模块,包括AI融合IoT数据采集、复杂事件处理及协同、云边端融合研究、AI融合IoT安全及隐私保护和AI融合应用服务等方面的研究现状和解决方案。最后, 论述了AIoT未来的研究方向和发展趋势。     

物联网技术与应用研究

 在解析物联网两层基本涵义的基础上,提出了包括底层网络分布、汇聚网关接入、互联网络融合、终端用户应用四部分的物联网系统架构;设计了由网络通信协议、网络控制平台、应用终端平台组成的面向物联网的网络协议体系,并从硬件和软件两个层面讨论了实现物联网的关键技术;在分析当前物联网标准、技术、安全以及应用方面存在问题的基础上提出了未来物联网发展的六个重要理念.