| 1. |
- Gunnarsson, Martin, et al.
(author)
-
Performance Evaluation of Group OSCORE for Secure Group Communication in the Internet of Things
- 2022
-
In: ACM Transactions on Internet of Things. - : Association for Computing Machinery. - 2577-6207 .- 2691-1914. ; 3:3
-
Journal article (peer-reviewed)abstract
- The Constrained Application Protocol (CoAP) is a major application-layer protocol for the Internet of Things (IoT). The recently standardized security protocol Object Security for Constrained RESTful Environments (OSCORE) efficiently provides end-to-end security of CoAP messages at the application layer, also in the presence of untrusted intermediaries. At the same time, CoAP supports one-to-many communication, targeting use cases such as smart lighting and building automation, firmware update, or emergency broadcast. Securing group communication for CoAP has additional challenges. It can be done using the novel Group Object Security for Constrained RESTful Environments (Group OSCORE) security protocol, which fulfills the same security requirements of OSCORE in group communication environments. While evaluations of OSCORE are available, no studies exist on the performance of Group OSCORE on resource-constrained IoT devices.This article presents the results of our extensive performance evaluation of Group OSCORE over two popular constrained IoT platforms, namely Zolertia Zoul and TI Simplelink. We have implemented Group OSCORE for the Contiki-NG operating system and made our implementation available as open source software. We compared Group OSCORE against unprotected CoAP as well as OSCORE. To the best of our knowledge, this is the first comprehensive and experimental evaluation of Group OSCORE over real constrained IoT devices. © 2022 Copyright held by the owner/author(s).
|
|
| 2. |
- Kim, Hokeun, et al.
(author)
-
Resilient Authentication and Authorization for the Internet of Things (IoT) Using Edge Computing
- 2020
-
In: ACM Transactions on Internet of Things. - : ACM Press. - 2691-1914 .- 2577-6207. ; 1:1, s. -27
-
Journal article (peer-reviewed)abstract
- An emerging type of network architecture called edge computing has the potential to improve the availability and resilience of IoT services under anomalous situations such as network failures or denial-of-service (DoS) attacks. However, relatively little has been explored on the problem of ensuring availability even when edge computers that provide key security services (e.g., authentication and authorization) become unavailable themselves. This article proposes a resilient authentication and authorization framework to enhance the availability of IoT services under DoS attacks or failures. The proposed approach leverages a technique called secure migration, which allows an IoT device to migrate to another trusted edge computer when its own local authorization service becomes unavailable. Specifically, we describe the design of a secure migration framework and its supporting mechanisms, including (1) automated migration policy construction and (2) protocols for preparing and executing the secure migration. We formalize secure migration policy con- struction as an integer linear programming (ILP) problem and show its effectiveness using a case study on smart buildings, where the proposed solution achieves significantly higher availability under simulated at- tacks on authorization services.
|
|
| 3. |
- Toczé, Klervie, et al.
(author)
-
VioLinn: Proximity-aware Edge Placement with Dynamic and Elastic Resource Provisioning
- 2023
-
In: ACM TRANSACTIONS ON INTERNET OF THINGS. - : ASSOC COMPUTING MACHINERY. - 2691-1914 .- 2577-6207. ; 4:1
-
Journal article (peer-reviewed)abstract
- Deciding where to handle services and tasks, as well as provisioning an adequate amount of computing resources for this handling, is a main challenge of edge computing systems. Moreover, latency-sensitive services constrain the type and location of edge devices that can provide the needed resources. When available resources are scarce there is a possibility that some resource allocation requests are denied. In this work, we propose the VioLinn system to tackle the joint problems of task placement, service placement, and edge device provisioning. Dealing with latency-sensitive services is achieved through proximityaware algorithms that ensure the tasks are handled close to the end-user. Moreover, the concept of spare edge device is introduced to handle sudden load variations in time and space without having to continuously over-provision. Several spare device selection algorithms are proposed with different cost/performance tradeoffs. Evaluations are performed both in a Kubernetes-based testbed and using simulations and show the benefit of using spare devices for handling localized load spikes with higher quality of service (QoS) and lower computing resource usage. The study of the different algorithms shows that it is possible to achieve this increase in QoS with different tradeoffs against cost and performance.
|
|
| 4. |
- Turchet, Luca, et al.
(author)
-
Cloud-smart Musical Instrument Interactions : Querying a Large Music Collection with a Smart Guitar
- 2020
-
In: ACM Transactions on Internet of Things. - : Association for Computing Machinery (ACM). - 2577-6207 .- 2691-1914. ; 1:3
-
Journal article (peer-reviewed)abstract
- Large online music databases under Creative Commons licenses are rarely recorded by well-known artists, therefore conventional metadata-based search is insufficient in their adaptation to instrument players' needs. The emerging class of smart musical instruments (SMIs) can address this challenge. Thanks to direct internet connectivity and embedded processing, SMIs can send requests to repositories and reproduce the response for improvisation, composition, or learning purposes. We present a smart guitar prototype that allows retrieving songs from large online music databases using criteria different from conventional music search, which were derived from interviewing 30 guitar players. We investigate three interaction methods coupled with four search criteria (tempo, chords, key and tuning) exploiting intelligent capabilities in the instrument: (i) keywords-based retrieval using an embedded touchscreen; (ii) cloud-computing where recorded content is transmitted to a server that extracts relevant audio features; (iii) edge-computing where the guitar detects audio features and sends the request directly. Overall, the evaluation of these methods with beginner, intermediate, and expert players showed a strong appreciation for the direct connectivity of the instrument with an online database and the approach to the search based on the actual musical content rather than conventional textual criteria, such as song title or artist name.
|
|
| 5. |
- Turchet, Luca, et al.
(author)
-
Elk Audio OS: An Open Source Operating System for the Internet of Musical Things
- 2021
-
In: ACM Transactions on Internet of Things. - : Association for Computing Machinery (ACM). - 2577-6207 .- 2691-1914. ; 2:2, s. 1-18
-
Journal article (peer-reviewed)abstract
- As the Internet of Musical Things (IoMusT) emerges, audio-specific operating systems (OSs) are required on embedded hardware to ease development and portability of IoMusT applications. Despite the increasing importance of IoMusT applications, in this article, we show that there is no OS able to fulfill the diverse requirements of IoMusT systems. To address such a gap, we propose the Elk Audio OS as a novel and open source OS in this space. It is a Linux-based OS optimized for ultra-low-latency and high-performance audio and sensor processing on embedded hardware, as well as for handling wireless connectivity to local and remote networks. Elk Audio OS uses the Xenomai real-time kernel extension, which makes it suitable for the most demanding of low-latency audio tasks. We provide the first comprehensive overview of Elk Audio OS, describing its architecture and the key components of interest to potential developers and users. We explain operational aspects like the configuration of the architecture and the control mechanisms of the internal sound engine, as well as the tools that enable an easier and faster development of connected musical devices. Finally, we discuss the implications of Elk Audio OS, including the development of an open source community around it.
|
|
| 6. |
- Wang, Han, et al.
(author)
-
FL4IoT : IoT Device Fingerprinting and Identification Using Federated Learning
- 2023
-
In: ACM Trans. Internet Things. - : Association for Computing Machinery. - 2691-1914 .- 2577-6207. ; 4:3
-
Journal article (peer-reviewed)abstract
- Unidentified devices in a network can result in devastating consequences. It is, therefore, necessary to fingerprint and identify IoT devices connected to private or critical networks. With the proliferation of massive but heterogeneous IoT devices, it is getting challenging to detect vulnerable devices connected to networks. Current machine learning-based techniques for fingerprinting and identifying devices necessitate a significant amount of data gathered from IoT networks that must be transmitted to a central cloud. Nevertheless, private IoT data cannot be shared with the central cloud in numerous sensitive scenarios. Federated learning (FL) has been regarded as a promising paradigm for decentralized learning and has been applied in many different use cases. It enables machine learning models to be trained in a privacy-preserving way. In this article, we propose a privacy-preserved IoT device fingerprinting and identification mechanisms using FL; we call it FL4IoT. FL4IoT is a two-phased system combining unsupervised-learning-based device fingerprinting and supervised-learning-based device identification. FL4IoT shows its practicality in different performance metrics in a federated and centralized setup. For instance, in the best cases, empirical results show that FL4IoT achieves ∌99% accuracy and F1-Score in identifying IoT devices using a federated setup without exposing any private data to a centralized cloud entity. In addition, FL4IoT can detect spoofed devices with over 99% accuracy.
|
|
