物联网安全技术专栏序言(中英文)

物联网的概念已经被提出20多年的时间了,国内对物联网技术和产业的重视是在2009年之后.从2009年开始,国家在物联网相关领域无论从政策方面还是在资金方面都给予了高度的重视和支持.物联网的概念经过最初的热捧阶段,到之后的冷却阶段,再到后来的逐步落地阶段,物联网相关技术和产品慢慢从虚无缥缈发展到实实在在的产业应用.物联网系统和技术不仅应用于许多行业领域,也在不知不觉中走进人们的日常生活:智能家居、智慧交通、智慧医疗、智慧城市,都是人们生活中能感受到的物联网技术的产物.     

物联网安全测评技术综述

近年来,物联网大规模应用于智能制造、智能家居、智慧医疗等产业,物联网的安全问题日益突出,给物联网的发展带来了前所未有的挑战。安全测评技术是保障物联网安全的重要手段,在物联网应用的整个开发生命周期都需要进行安全测评工作,以保证物联网服务的安全性和健壮性。物联网节点面临计算能力、体积和功耗受限等挑战,智慧城市等应用场景提出了大规模泛在异构连接和复杂跨域的需求。本文首先总结了目前物联网中常用的安全测评方法和风险管理技术;然后从绿色、智能和开放三个方面分析物联网安全技术的发展现状和存在的安全问题,并总结了物联网安全测评面临的挑战以及未来的研究方向。     

Middleware for Internet of Things: Survey and Challenges

The Internet of things (IoT) applications span many potential fields. Furthermore, smart homes, smart cities, smart vehicular networks, and healthcare are very attractive and intelligent applications. In most of these applications, the system consists of smart objects that are equipped by sensors and Radio Frequency Identification (RFID) and may rely on other technological computing and paradigm solutions such as M2M (machine to machine) computing, Wifi, Wimax, LTE, cloud computing, etc. Thus, the IoT vision foresees that we can shift from traditional sensor networks to pervasive systems, which deliver intelligent automation by running services on objects. Actually, a significant attention has been given to designing a middleware that supports many features; heterogeneity, mobility, scalability, multiplicity, and security. This papers reviews the-state-of-the-art techniques for IoT middleware systems and reveals an interesting classification for these systems into service and agent-oriented systems. Therefore two visions have emerged to provide the IoT middleware systems: Via designing the middleware for IoT system as an eco-system of services or as an eco-system of agents. The most common feature of the two approaches is the ability to overcome heterogeneity issues. However, the agent approach provides context awareness and intelligent elements. The review presented in this paper includes a detailed comparison between the IoT middleware approaches. The paper also explores challenges that form directions for future research on IoT middleware systems. Some of the challenges arise, because some crucial features are not provided (or at most partially provided) by the existing middleware systems, while others have not been yet tackled by current research in IoT.     

How to evaluate an Internet of Things system: Models,case studies,and real developments

The paper proposes the use of Node-RED, a flow-based programming tool targeted to Internet of Things (IoT), along with a series of case studies related to different IoT contexts, which demonstrate Node-RED's potentialities and outcomings toward the realization of well-structured IoT environments. The analyzed applications potentially include a wide range of domains, ranging from smart cities, smart buildings, smart homes/offices, smart retailing, to smart transportation, smart logistics, smart agriculture, smart health, military scenarios, and so on. The motivations behind the presented work are related to the fact that IoT application fields usually involve the same technologies and communication protocols, which are frequently adopted for totally different purposes. Issues such as systems' interoperabiliy, scalability, security and privacy naturally emerge, due to the huge amount of heterogeneous devices acting in the IoT environment itself and to the wireless nature of information transmissions. As a consequence, it is fundamental to dispose of adequate tools for supporting developers in design the network architecture and messages' exchange, in order to realize efficient and effective IoT network infrastructures.     

物联网应用中访问控制智能合约的形式化验证

蓝牙、WiFi等网络技术的进步推动物联网（IoT）的发展,然而IoT在方便了人们生活的同时也存在严重的安全隐患。若无安全的访问控制,非法接入IoT的访问可能给用户带来各方面的损失。传统的访问控制方法需要一个可信任的中心节点,不适合节点分散的IoT环境。区块链及智能合约的出现为IoT应用的访问控制提供了更有效的解决方案,但用一般测试方法难以保证实现IoT应用的访问控制智能合约的正确性。针对这个问题,提出一种利用模型检测工具Verds对访问控制智能合约进行形式化验证从而保障合约正确性的方法。该方法利用状态迁移系统定义Solidity智能合约的语义,应用计算树逻辑（CTL）公式描述所要验证的性质,并对智能合约交互及用户行为进行建模,从而形成Verds的输入模型及所要验证性质,然后利用Verds验证待测性质的正确性。方法核心是Solidity合约子集到Verds输入模型的转换。对两个IoT资源访问控制智能合约的实验结果表明,该方法可以对访问控制合约的典型场景及期望性质进行验证,提升了智能合约的可靠性。     

Fog computing for next-generation Internet of Things: Fundamental,state-of-the-art and research challenges

In recent times, the Internet of Things (IoT) applications, including smart transportation, smart healthcare, smart grid, smart city, etc. generate a large volume of real-time data for decision making. In the past decades, real-time sensory data have been offloaded to centralized cloud servers for data analysis through a reliable communication channel. However, due to the long communication distance between end-users and centralized cloud servers, the chances of increasing network congestion, data loss, latency, and energy consumption are getting significantly higher. To address the challenges mentioned above, fog computing emerges in a distributed environment that extends the computation and storage facilities at the edge of the network. Compared to centralized cloud infrastructure, a distributed fog framework can support delay-sensitive IoT applications with minimum latency and energy consumption while analyzing the data using a set of resource-constraint fog/edge devices. Thus our survey covers the layered IoT architecture, evaluation metrics, and applications aspects of fog computing and its progress in the last four years. Furthermore, the layered architecture of the standard fog framework and different state-of-the-art techniques for utilizing computing resources of fog networks have been covered in this study. Moreover, we included an IoT use case scenario to demonstrate the fog data offloading and resource provisioning example in heterogeneous vehicular fog networks. Finally, we examine various challenges and potential solutions to establish interoperable communication and computation for next-generation IoT applications in fog networks.     

A design and implementation of a framework for games in IoT

Interconnection of the sensing and actuating devices providing the ability to share information across platform through a unified framework for enabling innovative applications. This is achieved by seamless ubiquitous sensing, data analytics and information representation as the unifying framework. Extending the current internet with interconnected objects and devices and their virtual representation has been a growing trend in recent years. Internet of Things (IoT) services are becoming a popular services. This will be supported challenges in a large of aspects such as smart health, green energy, smart home and personalized applications. So, the IoT plays more and more important issue in lifestyle through entertainment such as Games. As of yet, there has not been much research done on IoT environment games as a service. In this paper, we propose schemes of the design and implantation of IT convergence framework for games as a service of IoT. First of all, we discussed what to consider when design and implementation of IT convergence framework for games through contents using user’s mobile devices and various sensors in IoT environment and suggest related techniques. Then, we showed the possibility of games in the IoT environment by creating games and measuring the interactions of users in the IoT environment.     

面向物联网的基于智能合约的认证和授权方案

由于存在单点失效、规模受限等问题,传统中心化的解决方案很难满足物联网的安全需求。针对这种情况,提出一个面向IoT的基于智能合约的访问控制方案。通过引用IoT智能网关作为IoT设备的中心管理节点和公有区块链的全能节点,采用中心化与去中心化相结合、私有区块链和公有区块相结合、本地局部存储和外部公共存储相结合的方法加以实现。该方案实现IoT设备和IoT智能网关的相互认证,并实现用户对IoT设备中资源及存储在数据库中的数据的授权访问,具有去中心化、分布式优点,满足了规模性和安全性要求。     

物联网无线协议安全综述

近些年来,随着物联网的快速发展,其应用场景涵盖智慧家庭、智慧城市、智慧医疗、智慧工业以及智慧农业。相比于传统的以太网,物联网能够将各种传感设备与网络结合起来,实现人、电脑和物体的互联互通。形式多样的物联网协议是实现物联网设备互联互通的关键,物联网协议拥有不同的协议栈,这使得物联网协议往往能表现出不同的特性。目前应用较广的物联网协议有ZigBee、BLE、Wi-Fi、LoRa、RFID等,这些协议能根据自身特性的不同应用在不同领域,比如说LoRa被广泛应用于低功耗广域网、RFID被用于设备识别。然而,由于物联网端设备只拥有受限的计算和存储资源,无法在其上实施完备的安全算法,许多物联网协议会在功耗和安全性之间进行取舍,使得物联网协议的安全性得不到保障。物联网协议的安全性直接关系到物联网系统的安全性,所以有必要对物联网协议的安全性进行分析。本文阐述常见的几种物联网协议所具备的安全能力,包括物联网协议在保护机密性、完整性以及身份认证上所制定的规则。然后从常见的无线协议攻击出发,包括窃听攻击、重放攻击、电池耗尽以及射频干扰,分析了这几种协议在面对这些攻击时的表现。除此之外,我们比较了常见的几种物...     

Internet of Things for the Future of Smart Agriculture: A Comprehensive Survey of Emerging Technologies

This paper presents a comprehensive review of emerging technologies for the internet of things (IoT)-based smart agriculture. We begin by summarizing the existing surveys and describing emergent technologies for the agricultural IoT, such as unmanned aerial vehicles, wireless technologies, open-source IoT platforms, software defined networking (SDN), network function virtualization (NFV) technologies, cloud/fog computing, and middleware platforms. We also provide a classification of IoT applications for smart agriculture into seven categories: including smart monitoring, smart water management, agrochemicals applications, disease management, smart harvesting, supply chain management, and smart agricultural practices. Moreover, we provide a taxonomy and a side-by-side comparison of the state-of-the-art methods toward supply chain management based on the blockchain technology for agricultural IoTs. Furthermore, we present real projects that use most of the aforementioned technologies, which demonstrate their great performance in the field of smart agriculture. Finally, we highlight open research challenges and discuss possible future research directions for agricultural IoTs.      

The Neural Knowledge DNA Based Smart Internet of Things

Abstract

The Internet of Things (IoT) has gained significant attention from industry as well as academia during the past decade. Smartness, however, remains a substantial challenge for IoT applications. Recent advances in networked sensor technologies, computing, and machine learning have made it possible for building new smart IoT applications. In this paper, we propose a novel approach: the Neural Knowledge DNA based Smart Internet of Things that enables IoT to extract knowledge from past experiences, as well as to store, evolve, share, and reuse such knowledge aiming for smart functions. By catching decision events, this approach helps IoT gather its own daily operation experiences, and it uses such experiences for knowledge discovery with the support of machine learning technologies. An initial case study is presented at the end of this paper to demonstrate how this approach can help IoT applications become smart: the proposed approach is applied to fitness wristbands to enable human action recognition.     

Towards a data‐driven IoT software architecture for smart city utilities

The Internet of things (IoT) is emerging as the next big wave of digital presence for billions of devices on the Internet. Smart cities are a practical manifestation of IoT, with the goal of efficient, reliable, and safe delivery of city utilities like water, power, and transport to residents, through their intelligent management. A data‐driven IoT software platform is essential for realizing manageable and sustainable smart utilities and for novel applications to be developed upon them. Here, we propose such service‐oriented software architecture to address 2 key operational activities in a smart utility: the IoT fabric for resource management and the data and application platform for decision‐making. Our design uses Open Web standards and evolving network protocols, cloud and edge resources, and streaming big data platforms. We motivate our design requirements using the smart water management domain; some of these requirements are unique to developing nations. We also validate the architecture within a campus‐scale IoT testbed at the Indian Institute of Science, Bangalore and present our experiences. Our architecture is scalable to a township or city while also generalizable to other smart utility domains. Our experiences serve as a template for other similar efforts, particularly in emerging markets and highlight the gaps and opportunities for a data‐driven IoT software architecture for smart cities.     

Secured Cloud Communication Using Lightweight Hash Authentication with PUF

Internet-of-Things (IoT) is an awaited technology in real-world applications to process daily tasks using intelligent techniques. The main process of data in IoT involves communication, integration, and coordination with other real-world applications. The security of transferred, stored, and processed data in IoT is not ensured in many constraints. Internet-enabled smart devices are widely used among populations for all types of applications, thus increasing the popularity of IoT among widely used server technologies. Smart grid is used in this article with IoT to manage large data. A smart grid is a collection of numerous users in the network with the fastest response time. This article aims to provide high authentication to the smart grid, which constitutes secure communication in cloud-based IoT. Many IoT devices are deployed openly in all places. This open-access is vulnerable toward cloning attacks. Authentication is a significant process that provides strength while attacking. The security of the cloud and IoT must be computationally high. A lightweight authentication using hashing technique is proposed considering the aforementioned condition. The main factor of the authentication involves physically unclonable functions, which are utilized in improving the performance of the authentication. The proposed approach is evaluated with the existing techniques. Results show that the performance of the proposed algorithm provides high robust security.     

物联网技术于人文艺术之应用

近年来,物联网(Internet of Things,IoT)产业受到许多的关注,世界各国均视其为潜在无限商机的高科技产业,并投入大量的资源从事研发与推广。由于物联网的应用非常广泛,且透过物联网技术人类得以提升生活质量,让生活更加便利,因此,本论文首先简介物联网的背景及应用,并介绍其基本概念与架构。接着,本论文以「无线感测真菌人文树道」为例,针对物联网技术应用于人文艺术领域进行说明,并详细叙述其所使用到之各项软件、韧体及硬件技术,透过真菌的感测、无线通信及异质网络连网功能的设计,使真菌网络成为物联网在人文艺术应用的一个重要典范。     

The IoT electric business model: Using blockchain technology for the internet of things

Nowadays, the development of traditional business models become more and more mature that people use them to guide various kinds of E-business activities. Internet of things (IoT), being an innovative revolution over the Internet, becomes a new platform for E-business. However, old business models could hardly fit for the E-business on the IoT. In this article, we 1) propose an IoT E-business model, which is specially designed for the IoT E-business; 2) redesign many elements in traditional E-business models; 3) realize the transaction of smart property and paid data on the IoT with the help of P2P trade based on the Blockchain and smart contract. We also experiment our design and make a comprehensive discuss.     

An efficient steganographic approach for protecting communication in the Internet of Things (IoT) critical infrastructures

ABSTRACT

With the manifestation of the Internet of Things (IoT) and fog computing, the quantity of edge devices is escalating exponentially all over the world, providing better services to the end user with the help of existing and upcoming communication infrastructures. All of these devices are producing and communicating a huge amount of data and control information around this open IoT environment. A large amount of this information contains personal and important information for the user as well as for the organization. The number of attack vectors for malicious users is high due to the openness, distributed nature, and lack of control over the whole IoT environment. For building the IoT as an effective service platform, end users need to trust the system. For this reason, security and privacy of information in the IoT is a great concern in critical infrastructures such as the smart home, smart city, smart healthcare, smart industry, etc. In this article, we propose three information hiding techniques for protecting communication in critical IoT infrastructure with the help of steganography, where RGB images are used as carriers for the information. We hide the information in the deeper layer of the image channels with minimum distortion in the least significant bit (lsb) to be used as indication of data. We analyze our technique both mathematically and experimentally. Mathematically, we show that the adversary cannot predict the actual information by analysis. The proposed approach achieved better imperceptibility and capacity than the various existing techniques along with better resistance to steganalysis attacks such as histogram analysis and RS analysis, as proven experimentally.     

Elastic Smart Contracts in Blockchains

In this paper, we deal with questions related to blockchains in complex Internet of Things (IoT)-based ecosystems. Such ecosystems are typically composed of IoT devices, edge devices, cloud computing software services, as well as people, who are decision makers in scenarios such as smart cities. Many decisions related to analytics can be based on data coming from IoT sensors, software services, and people. However, they are typically based on different levels of abstraction and granularity. This poses a number of challenges when multiple blockchains are used together with smart contracts. This work proposes to apply our concept of elasticity to smart contracts and thereby enabling analytics in and between multiple blockchains in the context of IoT. We propose a reference architecture for Elastic Smart Contracts and evaluate the approach in a smart city scenario, discussing the benefits in terms of performance and self-adaptability of our solution.      

基于区块链的物联网认证机制综述

随着物联网(Internet of Things, IoT)技术的高速发展,各类智能设备数量激增,身份认证成为保障IoT安全的首要需求.区块链作为一种分布式账本技术,提供了去信任的协作环境和安全的数据管理平台,使用区块链技术驱动IoT认证成为学术界和工业界关注的热点.基于云计算和云边协同两种架构分析IoT身份认证机制设计的主要需求,总结区块链技术应用于IoT场景面临的挑战;梳理现有IoT身份认证机制的工作,并将其归结为基于密钥的认证、基于证书的认证和基于身份的认证;分析应用区块链技术的IoT认证工作,并根据认证对象和附加属性对相关文献进行归纳和总结.从形式化和非形式化两个方向总结基于区块链的IoT认证机制的安全性分析方法.最后展望了未来研究方向.     

RIoTBench: An IoT benchmark for distributed stream processing systems

The Internet of Things (IoT) is an emerging technology paradigm where millions of sensors and actuators help monitor and manage physical, environmental, and human systems in real time. The inherent closed‐loop responsiveness and decision making of IoT applications make them ideal candidates for using low latency and scalable stream processing platforms. Distributed stream processing systems (DSPS) hosted in cloud data centers are becoming the vital engine for real‐time data processing and analytics in any IoT software architecture. But the efficacy and performance of contemporary DSPS have not been rigorously studied for IoT applications and data streams. Here, we propose RIoTBench , a real‐time IoT benchmark suite, along with performance metrics, to evaluate DSPS for streaming IoT applications. The benchmark includes 27 common IoT tasks classified across various functional categories and implemented as modular microbenchmarks. Further, we define four IoT application benchmarks composed from these tasks based on common patterns of data preprocessing, statistical summarization, and predictive analytics that are intrinsic to the closed‐loop IoT decision‐making life cycle. These are coupled with four stream workloads sourced from real IoT observations on smart cities and smart health, with peak streams rates that range from 500 to 10 000 messages/second from up to 3 million sensors. We validate the RIoTBench suite for the popular Apache Storm DSPS on the Microsoft Azure public cloud and present empirical observations. This suite can be used by DSPS researchers for performance analysis and resource scheduling, by IoT practitioners to evaluate DSPS platforms, and even reused within IoT solutions.     

Smart City and IoT

The new Internet of Things (IoT) applications are enabling Smart City initiatives worldwide. It provides the ability to remotely monitor, manage and control devices, and to create new insights and actionable information from massive streams of real-time data. The main features of a smart city include a high degree of information technology integration and a comprehensive application of information resources. The essential components of urban development for a smart city should include smart technology, smart industry, smart services, smart management and smart life. The Internet of Things is about installing sensors (RFID, IR, GPS, laser scanners, etc.) for everything, and connecting them to the internet through specific protocols for information exchange and communications, in order to achieve intelligent recognition, location, tracking, monitoring and management. With the technical support from IoT, smart city need to have three features of being instrumented, interconnected and intelligent. Only then a Smart City can be formed by integrating all these intelligent features at its advanced stage of IOT development. The explosive growth of Smart City and Internet of Things applications creates many scientific and engineering challenges that call for ingenious research efforts from both academia and industry, especially for the development of efficient, scalable, and reliable Smart City based on IoT. New protocols, architectures, and services are in dire needs to respond for these challenges. The goal of the special issue is to bring together scholars, professors, researchers, engineers and administrators resorting to the state-of-the-art technologies and ideas to significantly improve the field of Smart City based on IoT.