Security-Aware Provenance for Transparency in IoT Data Propagation

被引:4
作者
Jaigirdar, Fariha Tasmin [1 ]
Tan, Boyu [2 ]
Rudolph, Carsten
Bain, Chris
机构
[1] Monash Univ, Fac Informat Technol, Dept Software Syst & Cybersecur, Clayton, Vic 3800, Australia
[2] China Mobile Grp Design Inst Co Ltd, Beijing 100080, Peoples R China
关键词
Internet of Things (IoT); data provenance; IoT-Health; transparency; security-awareness; INTERNET; CHALLENGES;
D O I
10.1109/ACCESS.2023.3280928
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
A successful application of an Internet of Things (IoT) based network depends on the accurate and successful delivery of data collected from numerous sources. A significant concern in IoT systems arises when end-users do not have sufficient transparency and are unaware of any potential data manipulation and risk in each step involved in data propagation. One potential solution is to integrate security metadata in IoT-based security-aware provenance graphs that provides better transparency with security awareness at each step of data propagation. In this paper, we integrate security metadata into the provenance graph with predefined security policies. We design a hypothetical IoT-Health scenario with possible threats: node cloning, fault packet injection, denial of service, unauthorized access, and malicious code injection. We simulate these threats in six cases to identify relevant risks. Our findings show how a security-aware provenance graph can offer end users greater transparency and security awareness by identifying failed signature verification (case 1), denial of service (case 2), unauthorized access (case 3), intrusion detection (case 4), missing WAF (case 5), and permission violation (case 6). We evaluate the transparency through obtaining authentication, integrity, availability and detecting underlying threats. Accordingly, this study promotes better risk assessment and decision-making for users with negligible performance overhead.
引用
收藏
页码:55677 / 55691
页数:15
相关论文
共 51 条
[1]   Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web [J].
Aas, Josh ;
Barnes, Richard ;
Case, Benton ;
Durumeric, Zakir ;
Eckersley, Peter ;
Flores-Lopez, Alan ;
Halderman, J. Alex ;
Hoffman-Andrews, Jacob ;
Kasten, James ;
Rescorla, Eric ;
Schoen, Seth ;
Warren, Brad .
PROCEEDINGS OF THE 2019 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'19), 2019, :2473-2487
[2]   Providing End-to-End Security Using Quantum Walks in IoT Networks [J].
Abd El-Latif, Ahmed A. ;
Abd-El-Atty, Bassem ;
Venegas-Andraca, Salvador E. ;
Elwahsh, Haitham ;
Piran, Md Jalil ;
Bashir, Ali Kashif ;
Song, Oh-Young ;
Mazurczyk, Wojciech .
IEEE ACCESS, 2020, 8 :92687-92696
[3]   Data provenance for cloud forensic investigations, security, challenges, solutions and future perspectives: A survey [J].
Abiodun, Oludare Isaac ;
Alawida, Moatsum ;
Omolara, Abiodun Esther ;
Alabdulatif, Abdulatif .
JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES, 2022, 34 (10) :10217-10245
[4]   Internet of Things security: A survey [J].
Alaba, Fadele Ayotunde ;
Othman, Mazliza ;
Hashem, Ibrahim Abaker Targio ;
Alotaibi, Faiz .
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2017, 88 :10-28
[5]   IoT Data Provenance Implementation Challenges [J].
Alkhalil, Adel ;
Ramadan, Rabie A. .
8TH INTERNATIONAL CONFERENCE ON AMBIENT SYSTEMS, NETWORKS AND TECHNOLOGIES (ANT-2017) AND THE 7TH INTERNATIONAL CONFERENCE ON SUSTAINABLE ENERGY INFORMATION TECHNOLOGY (SEIT 2017), 2017, 109 :1134-1139
[6]  
Aman M.N., 2017, ACM IoTPTS, P11, DOI [10.1145/3055245.3055255, DOI 10.1145/3055245.3055255]
[7]  
[Anonymous], 2013, P INT WORKSH AD SEC
[8]  
[Anonymous], 2004, Sysbench: a system performance benchmark.
[9]  
Bada A., 2019, arXiv
[10]   Smart Home Technologies: A Preliminary Review [J].
Balakrishnan, Sumathi ;
Vasudavan, Hemalata ;
Murugesan, Raja Kumar .
PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: IOT AND SMART CITY (ICIT 2018), 2018, :120-127