Secure Service Virtualization in IoT by Dynamic Service Dependency Verification

Virtualizing Internet-of-Things (IoT) services is a concept of dynamically building customized high-level IoT services that rely on the real-time data streams flowing from low-level standalone IoT devices. IoT service virtualization is essential when a myriads of IoT devices can get online, interact with each other, exchange data, and based on them create one's own service. Especially, when virtualization occurs across multiple externals domains, it is crucial for clients to verify the source of virtual services, i.e., whether they are built based on authentic original service sources. Also, original services' sources must be constantly aware of the identity of entities who (recursively) virtualize their services. To address these issues, this paper proposes IoT service dependency tree (SDT) validation scheme. SDT uses service dependency trees and dependency signature trees, which enable clients to validate the original sources of a virtual IoT service, verify its service dependency relationships, and have original service sources to be constantly notified of the list of entities (recursively) virtualizing their services. This paper explains SDT scheme and presents use cases for IoT service virtualization where SDT can be applied. Our experimental analysis shows that SDT is scalable for practical use.

[1]  Rahim Rahmani,et al.  Deployment of Flow-Sensors in Internet of Things' Virtualization via OpenFlow , 2012, 2012 Third FTRA International Conference on Mobile, Ubiquitous, and Intelligent Computing.

[2]  Jean-Pierre Seifert,et al.  Beyond Kernel-Level Integrity Measurement: Enabling Remote Attestation for the Android Platform , 2010, TRUST.

[3]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[4]  Josep Domingo-Ferrer,et al.  A Provably Secure Additive and Multiplicative Privacy Homomorphism , 2002, ISC.

[5]  Yuan Tian,et al.  OAuth Demystified for Mobile Application Developers , 2014, CCS.

[6]  Shamim N. Pakzad,et al.  Statistical Analysis of Vibration Modes of a Suspension Bridge Using Spatially Dense Wireless Sensor Network , 2009 .

[7]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[8]  Dirk Westhoff,et al.  CDA: concealed data aggregation for reverse multicast traffic in wireless sensor networks , 2005, IEEE International Conference on Communications, 2005. ICC 2005. 2005.

[9]  Klaus Wehrle,et al.  SCSlib: Transparently Accessing Protected Sensor Data in the Cloud , 2014, EUSPN/ICTH.

[10]  C. Castelluccia,et al.  Efficient aggregation of encrypted data in wireless sensor networks , 2005, The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services.

[11]  Se Won Oh,et al.  Study on access permission control for the Web of Things , 2015, 2015 17th International Conference on Advanced Communication Technology (ICACT).

[12]  Josef Noll,et al.  SenaaS: An event-driven sensor virtualization approach for Internet of Things cloud , 2010, 2010 IEEE International Conference on Networked Embedded Systems for Enterprise Applications.

[13]  Jatinder Singh,et al.  Camflow: Managed Data-Sharing for Cloud Services , 2015, IEEE Transactions on Cloud Computing.

[14]  Laurence T. Yang,et al.  Cyberentity Security in the Internet of Things , 2013, Computer.

[15]  Tao Zhang,et al.  Defending Connected Vehicles Against Malware: Challenges and a Solution Framework , 2014, IEEE Internet of Things Journal.

[16]  Marimuthu Palaniswami,et al.  An Information Framework for Creating a Smart City Through Internet of Things , 2014, IEEE Internet of Things Journal.

[17]  Arnar Birgisson,et al.  Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud , 2014, NDSS.

[18]  Ravi Sunil,et al.  ENABLING SMART CLOUD SERVICES THROUGH REMOTE SENSING: AN INTERNET OF EVERYTHING ENABLER , 2015 .

[19]  Jatinder Singh,et al.  Securing tags to control information flows within the Internet of Things , 2015, 2015 International Conference on Recent Advances in Internet of Things (RIoT).

[20]  Maneesha V. Ramesh,et al.  Real-time monitoring of explosives using wireless sensor networks , 2010, A2CWiC '10.

[21]  Adrian Perrig,et al.  On the distribution and revocation of cryptographic keys in sensor networks , 2005, IEEE Transactions on Dependable and Secure Computing.

[22]  Barry Leiba,et al.  OAuth Web Authorization Protocol , 2012, IEEE Internet Computing.

[23]  Antonio F. Gómez-Skarmeta,et al.  A decentralized approach for security and privacy challenges in the Internet of Things , 2014, WF-IoT.

[24]  Qian Huang,et al.  Intelligent Building Hazard Detection Using Wireless Sensor Network and Machine Learning Techniques , 2012 .

[25]  Anthony Rowe,et al.  Supporting Personizable Virtual Internet of Things , 2013, 2013 IEEE 10th International Conference on Ubiquitous Intelligence and Computing and 2013 IEEE 10th International Conference on Autonomic and Trusted Computing.

[26]  David W. Chadwick,et al.  Role-Based Access Control With X.509 Attribute Certificates , 2003, IEEE Internet Comput..

[27]  Jolyon Clulow,et al.  New Strategies for Revocation in Ad-Hoc Networks , 2007, ESAS.

[28]  Hannes Tschofenig,et al.  Securing the Internet of Things: A Standardization Perspective , 2014, IEEE Internet of Things Journal.

[29]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.