A 3-D Security Modeling Platform for Social IoT Environments

Social Internet-of-Things (SIoT) environment comprises not only smart devices but also the humans who interact with these IoT devices. The benefits of such system are overshadowed due to the cyber security issues. A novel approach is required to understand the security implication under such a dynamic environment while taking both the social and technical aspects into consideration. This paper addressed such challenges and proposed a 3-D security modeling platform that can capture and model the security requirements in the SIoT environment. The modeling process is graphical notation based and works as a security extension to the Business Process Model and Notation. Still, it utilizes the latest 3-D game technology; thus, the security extensions are generated through the third dimension. Consequently, the introduction of security extensions will not increase the complexity of the original SIoT scenario, while keeping all the key information on the same platform. Together with the proposed security ontology, these comprehensive security notations created a unique platform that aims at addressing the ever complicated security issues in the SIoT environment.

[1]  Joe Tullio,et al.  Usability analysis of 3D rotation techniques , 1997, UIST '97.

[2]  Shari Lawrence Pfleeger,et al.  Security in Computing, 4th Edition , 2006 .

[3]  Mario Piattini,et al.  A BPMN Extension for the Modeling of Security Requirements in Business Processes , 2007, IEICE Trans. Inf. Syst..

[4]  Jason Gregory,et al.  Game Engine Architecture , 2009 .

[5]  Daniel L. Moody,et al.  The “Physics” of Notations: Toward a Scientific Basis for Constructing Visual Notations in Software Engineering , 2009, IEEE Transactions on Software Engineering.

[6]  Daniel Amyot,et al.  Analysing the Cognitive Effectiveness of the BPMN 2.0 Visual Notation , 2010, SLE.

[7]  Paolo Bocciarelli,et al.  A BPMN extension for modeling non functional properties of business processes , 2011, SpringSim.

[8]  Munir,et al.  SECURITY OF VIRTUAL PRIVATE NETWORK , 2011 .

[9]  Jan Recker,et al.  Using virtual worlds for collaborative business process modeling , 2011, Bus. Process. Manag. J..

[10]  Mohd Fadzil Hassan,et al.  A Domain-Specific Language for Modelling Security Objectives in a Business Process Models of SOA Applications , 2012 .

[11]  Alberto Trombetta,et al.  BPMN: An introduction to the standard , 2012, Comput. Stand. Interfaces.

[12]  Stefanie Rinderle-Ma,et al.  An Analysis and Evaluation of Security Aspects in the Business Process Model and Notation , 2013, 2013 International Conference on Availability, Reliability and Security.

[13]  Jon A. Sanford,et al.  Icon design for user interface of remote patient monitoring mobile devices , 2013, SIGDOC '13.

[14]  Nikolay Mehandjiev,et al.  Modeling of privacy-aware business processes in BPMN to protect personal data , 2014, SAC.

[15]  Paolo Giorgini,et al.  Modeling and Verifying Security Policies in Business Processes , 2014, BMMDS/EMMSAD.

[16]  Alain Wegmann,et al.  Using the Physics of Notations Theory to Evaluate the Visual Notation of SEAM , 2014, 2014 IEEE 16th Conference on Business Informatics.

[17]  David Llewellyn-Jones,et al.  A Cyber Security Ontology for BPMN-Security Extensions , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.

[18]  Bo Zhou,et al.  BPMN Security Extensions for Healthcare Process , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.

[19]  Stephen Tang,et al.  An Application of Game Technology to Virtual University Campus Tour and Interior Navigation , 2015, 2015 International Conference on Developments of E-Systems Engineering (DeSE).

[20]  Xiaojun Zhang,et al.  SCLPV: Secure Certificateless Public Verification for Cloud-Based Cyber-Physical-Social Systems Against Malicious Auditors , 2015, IEEE Transactions on Computational Social Systems.

[21]  Michael J. McGuffin,et al.  The Impact of Interactivity on Comprehending 2D and 3D Visualizations of Movement Data , 2015, IEEE Transactions on Visualization and Computer Graphics.

[22]  Qi Shi,et al.  Adding a Third Dimension to BPMN as a Means of Representing Cyber Security Requirements , 2016, 2016 9th International Conference on Developments in eSystems Engineering (DeSE).

[23]  Rami Puzis,et al.  Creation and Management of Social Network Honeypots for Detecting Targeted Cyber Attacks , 2017, IEEE Transactions on Computational Social Systems.

[24]  Achim D. Brucker,et al.  Modelling, validating, and ranking of secure service compositions , 2017, Softw. Pract. Exp..

[25]  Shuangshuang Han,et al.  Cyber-Physical-Social Systems: The State of the Art and Perspectives , 2018, IEEE Transactions on Computational Social Systems.

[26]  Yap-Peng Tan,et al.  Scenario-Based Insider Threat Detection From Cyber Activities , 2018, IEEE Transactions on Computational Social Systems.

[27]  Wanlei Zhou,et al.  A Hybrid Privacy Protection Scheme in Cyber-Physical Social Networks , 2018, IEEE Transactions on Computational Social Systems.