物联网平台安全接入方案研究

物联网发展过程中,面临的一个重要问题是感知数据如何从感知设备安全地传输到物联网平台的问题。文章针对三种物联网平台部署模式,提出三种物联网平台的安全接入方案,并分别对三种方案的安全性进行讨论。     

上行干扰抑制中的功率控制

在上行OFDM蜂窝系统中,小区间干扰成为系统内的主要干扰。文章重点介绍小区间干扰抑制中的功率控制方法,并引入一种基于小区间干扰信息的功率控制方法。文该方法能更有效地降低小区间干扰对系统的负面影响、使系统IoT（Interference over Thermal）更加稳定。     

物联网数据服务中间件的设计与实现

为了提高物联网设备的互联性及数据处理效率,以智能家居领域为例,设计并实现一种通用的数据服务中间件.通过引入虚拟实体和协议适配器,该中间件可以适配物联网环境中常用设备通信协议,并支持新协议的动态注册.对物联网环境感知数据进行数据建模,以消除数据格式的异构性.通过配置数据处理规则,对物理空间中不同指标对应的数据实现相应的异...     

基于可信计算构筑物联网安全边界

近年来，中国物联网政策支持力度不断加大，技术创新成果接连涌现，各领域应用持续深化，产业规模保持快速增长。本论文以物联网接入边界为切入点，探讨了物联网安全接入问题的解决方案。设计了基于可信计算3.0的物联网可信网关，以及安全管理中心，构建了可信的物联网安全边界接入系统。为各种异构物联网终端设备提供了安全屏障，隔绝了针对于物联网设备的网络安全威胁。     

An IoT-Aware System for Managing Patients’ Waiting Time Using Bluetooth Low-Energy Technology

It is a common observation that whenever patients arrives at the front desk of a hospital, outpatient clinic, or other health-associated centers, they have to first queue up in a line and wait to fill in their registration form to get admitted. The long waiting time without any status updates is the most common complaint, concerning health officials. In this paper, UrNext, a location-aware mobile-based solution using Bluetooth low-energy (BLE) technology is presented to solve the problem. Recently, a technology-oriented method, the Internet of Things (IoT), has been gaining popularity in helping to solve some of the healthcare sector’s problems. The implementation of this solution could be illustrated through a simple example of when a patient arrives at a clinic for a consultation. Instead of having to wait in long lines, that patient will be greeted automatically, receive a push notification of an admittance along with an estimated waiting time for a consultation session. This will not only provide the patients with a sense of freedom but would also reduce the uncertainty levels that are generally observed, thus saving both time and money. This work aims to improve the clinics’ quality of services, organize queues and minimize waiting times, leading to patients’ comfort while reducing the burden on nurses and receptionists. The results demonstrate that the presented system is successful in its performance and helps achieves a pleasant and conducive clinic visitation process with higher productivity.     

A Traceable Capability-based Access Control for IoT

Delegation mechanism in Internet of Things (IoT) allows users to share some of their permissions with others. Cloud-based delegation solutions require that only the user who has registered in the cloud can be delegated permissions. It is not convenient when a permission is delegated to a large number of temporarily users. Therefore, some works like CapBAC delegate permissions locally in an offline way. However, this is difficult to revoke and modify the offline delegated permissions. In this work, we propose a traceable capability-based access control approach (TCAC) that can revoke and modify permissions by tracking the trajectories of permissions delegation. We define a time capability tree (TCT) that can automatically extract permissions trajectories, and we also design a new capability token to improve the permission verification, revocation and modification efficiency. The experiment results show that TCAC has less token verification and revocation/modification time than those of CapBAC and xDBAuth. TCAC can discover 73.3% unvisited users in the case of delegating and accessing randomly. This provides more information about the permissions delegation relationships, and opens up new possibilities to guarantee the global security in IoT delegation system. To the best of our knowledge, TCAC is the first work to capture the unvisited permissions.     

HSDN‐GRA: A hybrid software‐defined networking‐based geographic routing protocol with multi‐agent approach

We propose in this paper a Hybrid Software‐Defined Networking‐based Geographical Routing Protocol (HSDN‐GRA) with a clustering approach. It takes into account three different criteria to select the best relay to send data: (1) the contact duration between vehicles, (2) the available load of each vehicle, (3) and the log of encountered communication errors embedded in each cluster head. The multi‐criteria strategy allows the selection of the most reliable vehicles by avoiding communication problems and ensuring connection availability. Once the hybrid control plane has found out the next eligible neighbor, the data plane will be in charge of dividing and sending data. To validate our approach, HSDN‐GRA has been modeled and implemented in JADE, a multi‐agent platform, to be compared to other multi‐agent based protocols. Simulation results show that HSDN‐GRA achieves good performance with respect to the average routing overhead, the packet drop rate, and the throughput.     

基于序列模型的无线传感网入侵检测系统

随着物联网(IoT)的快速发展，越来越多的IoT节点设备被部署，但伴随而来的安全问题也不可忽视。IoT的网络层节点设备主要通过无线传感网进行通信，其相较于互联网更开放也更容易受到拒绝服务等网络攻击。针对无线传感网面临的网络层安全问题，提出了一种基于序列模型的网络入侵检测系统，对网络层入侵进行检测和报警，具有较高的识别率以及较低的误报率。另外，针对无线传感网节点设备面临的节点主机设备的安全问题，在考虑节点开销的基础上，提出了一种基于简单序列模型的主机入侵检测系统。实验结果表明，针对无线传感网的网络层以及主机层的两个入侵检测系统的准确率都达到了99%以上，误报率在1%左右，达到了工业需求，这两个系统可以全面有效地保护无线传感网安全。     

A low power high-performance area efficient RF front-end exploiting body effect for 2.4 GHz IEEE 802.15.4 applications

The rising internet-of-things applications in home automation, smart wearables, healthcare monitoring demand small, area efficient, high-performance and low power radio frequency (RF) blocks for effective short-range communication. This growing market demand is addressed in this paper by proposing a fully CMOS radio frequency front-end (RFE) exploiting bulk effect. Apart from the primary function of frequency translation, proper circuit performance concerning the linearity, conversion gain, and noise figure is required for low-cost densely integrated transceivers operating in the 2.4 GHz ISM band. The proposed RFE at 2.4 GHz is designed and implemented in UMC 180 nm CMOS process technology with two modes of operation. In high gain mode (Mode-I), the post-layout simulation with SpectreRF shows a peak gain of 30.06 dB, IIP2 at 64.52 dBm, IIP3 at −2.74 dBm and a DSB-NF of 7.68 dB while consuming only 9.24 mW from the 1.8 V supply. In the high linear mode (Mode-II), the RFE achieves a higher IIP3 of 10.78 dBm, IIP2 of 91.56 dBm, the conversion gain of 23.5 dB, DSB-NF of 9.46 dB while consuming a low power of 3.6 mW. The fully CMOS circuit occupies a core area of only 0.0021 mm². The proposed front-end exhibits a spurious free dynamic range (SFDR) of 81.18 dB ensuring the high dynamic operation of the wireless system.