基于OneNET物联网云平台构建视频应用

视频能提供丰富的信息量,如何将种类繁多的视频设备接入物联网,是十分有挑战的课题。本文分析了OneNET云平台视频通信流程及通信协议,并设计了应用服务程序,提出了一种基于OneNET云平台构建视频应用的方案。该方案使用常见的网络摄像头采集音视频数据,通过应用服务程序接入OneNET,客户可通过流媒体播放器观看实时视频。实验表明,应用服务程序有较好的兼容性,不同品牌、型号的视频设备,只要支持ONVIF、RTSP、RTP等协议,即可通过应用服务程序向OneNET上传音视频数据,以较小成本实现视频数据接入物联网。     

基于阿里云的低压智能电器云平台监测系统研究

针对智能设备普及带来的运维量大,数据实时性和安全性问题,以及平台需要的快速部署要求,提出基于阿里云物联网平台的低压智能电器云平台监测系统方案.系统通过MQTT协议实现设备与阿里云物联网平台的数据交互,可以安全、稳定、高效地实现数据存储、分析与展示,同时可下发命令控制设备.经测试表明,设计的云平台系统,为大量低压智能电器...     

物联网网关实时双向通信模块化设计

针对物联网系统数据的传输问题,以Node.j s为运行平台、采用Socket.IO通信机制和Redis数据库缓存技术实现网关与云平台之间的实时数据传输的双向通信系统.对网关进行功能模块划分,实现网关与平台之间关于底层设备认证、设备数据传输以及设备心跳的交互过程.对于系统进行功能及性能测试,实验结果表明,采用Socket.IO双向通信技术可以实现物联网网关物理模型与物联网云平台虚拟模型的同步更新,有效提高系统的数据传输效率.     

远程感知增强现实开发平台的设计与实现

针对物联网远程感知、实时交互等功能需求,将增强现实技术与物联网的远程感知相结合,实现物联网设备节点在真实环境下的监控,跟踪定位和控制,并使用虚拟现实技术对设备节点的行为和状态作出模拟、预测,提出了一套插件化的平台架构和体系.运用视频数据获取、数据跟踪与分析组件封装、基于时间线的数据动态展示等增强现实关键技术,以OSG底层平台为基础,实现了一个开放性和扩展性强并具有行业针对性的软件开发平台.实验证明,该平台能较好满足不同设备、环境下用户远程感知、实时交互的需求.     

基于OneNET云平台的智慧教室系统设计与实现

针对传统教学环境存在诸如学生考勤耗费时间、教室空闲资源利用率不高等问题,利用物联网技术设计并实现了一套"智慧教室"解决方案。方案采用Arduino开源硬件,基于OneNET物联网云平台搭建设备网络,以微信小程序为前端面向全校师生提供实时签到、迟到早退检测、教室舒适度查询以及预约占座等服务。最后对系统试点运行,发现该方案可为师生提供开放式便捷应用服务,极大地提高了教室的智能化水平。     

基于RFID与ZigBee技术的物联网系统实验设计

射频通信识别技术与短距离无线通信网络组建技术是实现物联网技术的两大关键部分,通过ZigBee通信协议实现数据通信与物联网系统的主控与分节点相应模块的搭建,构建完备的物联网系统实验方案,通过相应的硬件系统平台测试,结合实验结果对物联网系统的可行性与可靠性进行相应的分析,以便以其他物联网设备的技术开发与实现。     

一种面向物联网应用的通用网关平台的设计

通信网络的多样性导致的信息割裂是物联网物与物互联互通目标的一个障碍,物联网网关正是为解决异构网络之间互联互通而提出的,是物联网应用系统中重要的基础设备.该文介绍了一个采用面向对象思想设计的与异构网络无关的可移植、易扩展、松耦合的通用物联网网关平台G2W,旨在解决传统网关面对新的应用场景和需求适应性差的问题.G2的软件架构按照网关数据处理流程分通信抽象、数据编解码和应用服务3层,文中详细介绍了每一层的功能目标和实现方式.最后给出一个基于G2w设计的Z-GateWay网关实例和基于Z-GateWay实现的数采系统.     

工业物联网环境下可外包的策略隐藏属性基加密方案

针对工业物联网环境下数据访问控制方案存在解密设备计算负担过重,无法保护解密设备隐私信息,以及不能追踪恶意设备等问题,文章提出一种工业物联网环境下可外包的策略隐藏属性基加密方案。该方案借助边缘计算技术将海量工业数据的大部分解密操作外包给边缘计算节点,极大减轻了解密设备的计算负担。该方案将属性基加密中的访问结构进行拆分,引入策略隐藏技术,在实现工业数据机密性的同时保护解密设备的隐私信息。此外,文章利用区块链技术对系统内设备进行监管和审计。安全性分析表明,该方案在选择明文攻击下是安全的。文章在PBC密码库和Hyperledger Fabric区块链平台上将该方案与同类方案进行模拟仿真,结果表明,该方案具有较高的计算效率,适用于工业物联网环境。     

基于物联网技术的智能变电站数据管理系统研究

本次研究建立了一套基于OneNet物联网平台的智能变电站数据管理系统,详细阐述了该系统的一体化架构和逻辑架构设计方案。通过OneNet物联网平台与变电设备的TCP/IP网络连接,进而以应用服务器的方式对变电设备实现控制与管理。     

基于tPUF的物联网设备安全接入方案

针对现有的物联网设备安全接入方案不适用于资源受限的物联网设备的问题,提出一种基于tPUF的物联网设备安全接入方案。利用物理不可克隆函数技术（Physical Unclonable Function,PUF）,物联网设备不需要存储任何秘密信息,实现设备与认证端的双向认证以及协商会话秘钥;利用可信网络连接技术（Trusted Network Connect,TNC）,完成认证端对物联网设备的身份认证、平台身份认证、完整性认证。安全性分析表明,方案能够有效抵抗篡改、复制、物理攻击等。实验结果表明,相较于其他方案,该方案明显降低了设备的资源开销。     

基于Linux的健康云平台服务优化

移动互联网和健康大数据正在引发医疗健康管理产业发生颠覆性变革,各级厂商着力构建形成一套基于“互联网+物联网+医疗服务”技术的以O2O商业模式为主的云端健康管理系统平台.“中科慧康”云健康平台主要为健康机构以及用户提供健康管理的平台.本文从平台架构设计和系统优化入手,从负载均衡,分布式缓存,数据库优化,socket转发服务器等方面设计了良好的云平台以支撑业务发展.实验结果表明,该系统架构可以满足百万级别的数据转发和用户访问,应用实践表明了该方案的可行性.     

基于NB-IoT的智能网关设计

为解决家庭物联网水、电、气三表数据广域传输中低功耗、低成本的问题,设计了基于NB-IoT网络的智能网关,以STM32F103芯片为核心控制器,主要包括三表数据采集接口、NB-IoT网络接口和家庭智能终端扩展接口,实现了家庭三表数据采集并对智能云端平台的传输功能,并为智能家居服务数据提供网络支撑。所设计智能网关针对性的解决了三表数据的统一管理问题,创新性的将三表接入网关设计成86型底盒的方式,在较小改变房屋电气布局基础上实现了智能网关的安装。实验及应用测试结果表明,所设计智能网关具有性能稳定、功耗较低、便于安装的优势,可快速实现家庭物理信息系统的构建。     

Privacy preserving Internet of Things: From privacy techniques to a blueprint architecture and efficient implementation

The Internet of Things (IoT) is the latest web evolution that incorporates billions of devices that are owned by different organisations and people who are deploying and using them for their own purposes. IoT-enabled harnessing of the information that is provided by federations of such IoT devices (which are often referred to as IoT things) provides unprecedented opportunities to solve internet-scale problems that have been too big and too difficult to tackle before. Just like other web-based information systems, IoT must also deal with the plethora of Cyber Security and privacy threats that currently disrupt organisations and can potentially hold the data of entire industries and even countries for ransom. To realise its full potential, IoT must deal effectively with such threats and ensure the security and privacy of the information collected and distilled from IoT devices. However, IoT presents several unique challenges that make the application of existing security and privacy techniques difficult. This is because IoT solutions encompass a variety of security and privacy solutions for protecting such IoT data on the move and in store at the device layer, the IoT infrastructure/platform layer, and the IoT application layer. Therefore, ensuring end-to-end privacy across these three IoT layers is a grand challenge in IoT. In this paper, we tackle the IoT privacy preservation problem. In particular, we propose innovative techniques for privacy preservation of IoT data, introduce a privacy preserving IoT Architecture, and also describe the implementation of an efficient proof of concept system that utilises all these to ensure that IoT data remains private. The proposed privacy preservation techniques utilise multiple IoT cloud data stores to protect the privacy of data collected from IoT. The proposed privacy preserving IoT Architecture and proof of concept implementation are based on extensions of OpenIoT - a widely used open source platform for IoT application development. Experimental evaluations are also provided to validate the efficiency and performance outcomes of the proposed privacy preserving techniques and architecture.     

Oppositional Red Fox Optimization Based Task Scheduling Scheme for Cloud Environment

Owing to massive technological developments in Internet of Things (IoT) and cloud environment, cloud computing (CC) offers a highly flexible heterogeneous resource pool over the network, and clients could exploit various resources on demand. Since IoT-enabled models are restricted to resources and require crisp response, minimum latency, and maximum bandwidth, which are outside the capabilities. CC was handled as a resource-rich solution to aforementioned challenge. As high delay reduces the performance of the IoT enabled cloud platform, efficient utilization of task scheduling (TS) reduces the energy usage of the cloud infrastructure and increases the income of service provider via minimizing processing time of user job. Therefore, this article concentration on the design of an oppositional red fox optimization based task scheduling scheme (ORFO-TSS) for IoT enabled cloud environment. The presented ORFO-TSS model resolves the problem of allocating resources from the IoT based cloud platform. It achieves the makespan by performing optimum TS procedures with various aspects of incoming task. The designing of ORFO-TSS method includes the idea of oppositional based learning (OBL) as to traditional RFO approach in enhancing their efficiency. A wide-ranging experimental analysis was applied on the CloudSim platform. The experimental outcome highlighted the efficacy of the ORFO-TSS technique over existing approaches.     

Towards Public Integrity Audition for Cloud-IoT Data Based on Blockchain

With the rapidly developing of Internet of Things (IoT), the volume of data generated by IoT systems is increasing quickly. To release the pressure of data management and storage, more and more enterprises and individuals prefer to integrate cloud service with IoT systems, in which the IoT data can be outsourced to cloud server. Since cloud service provider (CSP) is not fully trusted, a variety of methods have been proposed to deal with the problem of data integrity checking. In traditional data integrity audition schemes, the task of data auditing is usually performed by Third Party Auditor (TPA) which is assumed to be trustful. However, in real-life TPA is not trusted as people thought. Therefore, these schemes suffer from the underlying problem of single-point failure. Moreover, most of the traditional schemes are designed by RSA or bilinear map techniques which consume heavy computation and communication cost. To overcome these shortcomings, we propose a novel data integrity checking scheme for cloud-IoT data based on blockchain technique and homomorphic hash. In our scheme, the tags of all data blocks are computed by a homomorphic hash function and stored in blockchain. Moreover, each step within the process of data integrity checking is signed by the performer, and the signatures are stored in blockchain through smart contracts. As a result, each behavior for data integrity checking in our scheme can be traced and audited which improves the security of the scheme greatly. Furthermore, batch-audition for multiple data challenges is also supported in our scheme. We formalize the system model of our scheme and give the concrete construction. Detailed performance analyses demonstrate that our proposed scheme is efficient and practical without the trust-assumption of TPA.     

Hadoop环境下分布式物联网设备状态分析处理系统

设备故障可能会引起严重的生产事故,对企业、社会和人身安全造成严重威胁.因此,对物联网设备状态分析并进行合理的处理具有重要意义.针对物联网设备数据量大且复杂的特性,本文提出了一种针对物联网设备的海量数据处理架构,同时结合Dask分布式计算框架,设计了基于Hadoop环境的分布式物联网设备状态分析处理系统.本系统主要包括数据服务、数据分析和数据存储3个模块,并通过合理的节点调度方案保证了算法的高效运行和分布式计算的稳定性.系统运行表明能有效的处理大批量数据并实时准确预测设备状态,满足工业智能制造过程中的实际应用.     

基于REST架构风格的物联网服务平台研发

随着传感网、无线通信、嵌入式系统等技术的发展,推动了物联网技术在诸如仓储物流、智能家庭等领域的应用。但是,现有系统一般都是独立开发,系统间相对较为孤立,存在着系统耦合性强,设备异构等弊端,使得新应用的创建需要复杂的集成工作。提出了一个基于REST架构风格的物联网服务平台,将传感节点等嵌入式设备和感知数据看作资源,使异构系统模块采用REST架构方式组建新型应用,同时设计了物联网服务平台的系统原型,,并给出具体的实现技术和系统验证。     

A Secure IoT Firmware Update Scheme Against SCPA and DoS Attacks

In the IEEE S&P 2017,Ronen et al.exploited side-channel power analysis (SCPA) and approximately 5000 power traces to recover the global AES-CCM key that Philip Hue lamps use to decrypt and authenticate new firmware.Based on the recovered key,the attacker could create a malicious firmware update and load it to Philip Hue lamps to cause Internet of Things (IoT) security issues.Inspired by the work of Ronen et al.,we propose an AES-CCM-based firmware update scheme against SCPA and denial of service (DoS) attacks.The proposed scheme applied in IoT terminal devices includes two aspects of design (i.e.,bootloader and application layer).Firstly,in the bootloader,the number of updates per unit time is limited to prevent the attacker from acquiring a sufficient number of useful traces in a short time,which can effectively counter an SCPA attack.Secondly,in the application layer,using the proposed handshake protocol,the IoT device can access the IoT server to regain update permission,which can defend against DoS attacks.Moreover,on the STM32F405+M25P40 hardware platform,we implement Philips' and the proposed modified schemes.Experimental results show that compared with the firmware update scheme of Philips Hue smart lamps,the proposed scheme additionally requires only 2.35 KB of Flash memory and a maximum of 0.32 s update time to effectively enhance the security of the AES-CCM-based firmware update process.     

Content-centric data and computation offloading in AI-supported fog networks for next generation IoT

Fog Computing (FC) based IoT applications are encountering a bottleneck in the data management and resource optimization due to the dynamic IoT topologies, resource-limited devices, resource diversity, mismatching service quality, and complicated service offering environments. Existing problems and emerging demands of FC based IoT applications are hard to be met by traditional IP-based Internet model. Therefore, in this paper, we focus on the Content-Centric Network (CCN) model to provide more efficient, flexible, and reliable data and resource management for fog-based IoT systems. We first propose a Deep Reinforcement Learning (DRL) algorithm that jointly considers the content type and status of fog servers for content-centric data and computation offloading. Then, we introduce a novel virtual layer called FogOrch that orchestrates the management and performance requirements of fog layer resources in an efficient manner via the proposed DRL agent. To show the feasibility of FogOrch, we develop a content-centric data offloading scheme (DRLOS) based on the DRL algorithm running on FogOrch. Through extensive simulations, we evaluate the performance of DRLOS in terms of total reward, computational workload, computation cost, and delay. The results show that the proposed DRLOS is superior to existing benchmark offloading schemes.     

基于实体-数据的物联网服务建模

物联网服务作为信息世界软件服务通过物联网向现实世界的延伸,其在物联网系统具有重要的作用.然而,不同于传统Web服务,物联网服务具有现实感知、数据驱动、异构分布、时空相关等新特点,使得现有的服务模型不足以对物联网服务有效刻画,进而也不能满足物联网应用中的后续服务发现、服务卸载、服务组合等需求.在凝练分析物联网服务建模需求和已有物联网服务模型的基础上,提出了一种基于实体-数据的物联网服务建模框架,该框架提出了服务、实体、数据三元信息融合的物联网服务模型概念及概念关系,重点定义了服务、实体、数据的时空属性及时空依赖关系,以支持基于时空相关性的物联网服务关联表示与分析,并通过扩展OWL-S(ontology Web language for services)给出了基于实体-数据的物联网服务描述方式.最后,结合一个高速公路物联网应用案例对模型的使用方式和效果进行了讨论.