Managing security trade-offs in the Internet of Things using adaptive security

Adaptive security can take dynamic trade-off decisions autonomously at runtime and is considered a key desirable attribute in the Internet of Things (IoT). However, there is no clear evidence that it can handle these trade-offs optimally to add value to such a complex and dynamic network. We present a scenario-based approach to recognize and evaluate typical security trade-off situations in the IoT. Using the Event-driven Adaptive Security (EDAS) model, we provide the assessment of dynamic trade-off decisions in the IoT. We have showed that an optimum trade-off mitigation response in the IoT can be automated by assessing various contextual requirements, such as the QoS and user preferences, thing capabilities, and the risk faced, at runtime. eHealth scenarios are examined to illustrate system application in IoT-based remote patient monitoring systems.

[1]  Karl Aberer,et al.  A middleware for fast and flexible sensor network deployment , 2006, VLDB.

[2]  Waqas Aman,et al.  EDAS: An Evaluation Prototype for Autonomic Event-Driven Adaptive Security in the Internet of Things , 2015, Future Internet.

[3]  马华东 Internet of Things: Objectives and Scientific Challenges , 2011 .

[4]  Reijo Savola,et al.  Development of Measurable Security for a Distributed Messaging System , 2010 .

[5]  M. Dufwenberg Game theory. , 2011, Wiley interdisciplinary reviews. Cognitive science.

[6]  Rick Kazman,et al.  The architecture tradeoff analysis method , 1998, Proceedings. Fourth IEEE International Conference on Engineering of Complex Computer Systems (Cat. No.98EX193).

[7]  Waqas Aman,et al.  Event Driven Adaptive Security in Internet of Things , 2014 .

[8]  Stefan Poslad,et al.  An Evaluation Framework for Adaptive Security for the IoT in eHealth , 2014 .

[9]  William H. Allen,et al.  A scenario-based framework for the security evaluation of software architecture , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[10]  Bogdan Ksiezopolski,et al.  QoP-ML: Quality of protection modelling language for cryptographic protocols , 2012, Comput. Secur..

[11]  Dave Evans,et al.  How the Next Evolution of the Internet Is Changing Everything , 2011 .

[12]  Ieee Beijing Internet of Things:Objectives and Scientific Challenges , 2011 .

[13]  Bruce G. Marcot,et al.  Metrics for evaluating performance and uncertainty of Bayesian network models , 2012 .

[14]  Viktor Mikhaĭlovich Glushkov,et al.  An Introduction to Cybernetics , 1957, The Mathematical Gazette.