Figure - available from: International Journal of Information Security
This content is subject to copyright. Terms and conditions apply.
Source publication
In recent years, the design of effective authorization mechanisms for IoT and, in particular, for smart home applications has gained increasing attention from researchers and practitioners. However, very little attention is given to the performance evaluation of those authorization mechanisms. To fill this gap, this paper presents a thorough experi...
Similar publications
Internet of Things (IoT) applications are exposed to harsh conditions due to factors such as device failure, network problems, or implausible sensor values. We investigate how the inherent encapsulation of component and connector (C&C) architectures can be used to develop and deploy reliable IoT applications. Existing C&C languages for the developm...
Citations
... Computation offloading is used for efficient coordination between the edge layer and the user device layer [20]. They not only reduce the computational burden on local devices but also decrease computational latency [21]. User privacy is better protected because data processing and storage occur closer to the data source. ...
Edge computing relocates computational resources closer to user terminals, which can effectively reduce the latency of computation offloading. The Genetic Algorithm (GA) performs well in multi-objective optimization problems. However, GA exhibits a slow convergence rate when identifying the optimal solution within extensive solution spaces. Therefore, this paper proposes a Parallel Cooperative Genetic Algorithm (PCGA) to find an optimal solution more quickly. This algorithm improves implementation efficiency by utilizing parallel computation. In our formulated computing offloading model, two processes collaboratively work to find the optimal solution, retaining the top five individuals with the highest fitness values in each iteration to update the population of GA. Furthermore, we designed a more comprehensive cost function to optimize objectives such as latency, energy consumption, and the quantity of offloaded tasks. Moreover, we considered a task priority offloading model that prioritizes the offloading of higher-priority tasks based on demand in multi-user and multi-task scenarios. The simulation results demonstrate that the proposed PCGA achieves higher fitness and faster convergence with the same fitness evaluation function. Specifically, with the same fitness evaluation function, the convergence speed of the PCGA algorithm is improved by 50% relative to that of the GA algorithm and 40% relative to that of the TOGA algorithm. In addition to this, PCGA significantly reduces the latency of the task offloading model by 19.7% and 4.4% compared to GA and TOGA, respectively.
... The additional components consist of a relay module, 16-key 4*4 type Keypad, optical fingerprint reader (R307 sensor), door magnetic sensor, MC-38 solenoid electric door locker, active buzzer, transducer, ESP32 Camera, ESP32 Development board, and DC power cable. KiCad software was deployed to draw the expected schematic and confirm the electrical rules check [25]. In addition, the Telegram bot is configured for the ESP32, interfacing with the Passive Infrared Sensor (PIR) motion sensor. ...
The Internet of Things (IoT) has been widely employed in the development of smart locker systems over the last decade. However, some of these systems are based on authentication methods which lack flexibility. Such systems did not consider the possibility that an authentication method could be unavailable for different reasons, namely access card loss, camera or mice break, etc. Moreover, such systems do not consider dual-authentication methods that enhance security. This paper aims to develop a smart locker system that considers several authentication methods including dual authentication (phone number and One Time Password (OTP)), fingerprint, face recognition, and emergency code utilizing IoT technology. Dual authentication method is the considered base authentication method. The system has been fabricated and evaluated taking into account different scenarios including monitoring door status, ensuring access for authorized users, and denying access to unauthorized users.
... Access control is a fundamental aspect of the IoT where the ability to grant authorized access to a large number of devices is crucial [5]. The growing popularity of IoT has increased the need to consider the requirements of access control for IoT and design new solutions that can prevent unauthorized resource access [6]. Most existing solutions in this field either use a centralized approach or rely on IoT devices for decision-making, however, these solutions can be difficult to secure due to the resource constraints of most IoT devices. ...
The increasing use of the Internet of Things (IoT) has driven the demand for enhanced and robust access control methods to protect resources from unauthorized access. A cloud-based access control approach brings significant challenges in terms of communication overhead, high latency, and complete reliance. In this paper, we propose a Fog-Based Adaptive Context-Aware Access Control (FB-ACAAC) framework for IoT devices, dynamically adjusting access policies based on contextual information to prevent unauthorised resource access. The main purpose of FB-ACAAC is to provide adaptability to changing access behaviors and context by bringing decision-making and information about policies closer to the end nodes of the network. FB-ACAAC improves the availability of resources and reduces the amount of time for information to be processed. FB-ACAAC extends the widely used eXtensible Access Control Markup Language (XACML) to manage access control decisions. Traditional XACML-based methods do not take into account changing environments, different contexts, and changing access behaviors and are vulnerable to certain types of attacks. To address these issues, FB-ACAAC proposes an adaptive context-aware XACML scheme for heterogeneous distributed IoT environments using fog computing and is designed to be context-aware, adaptable, and secure in the face of unauthorised access. The effectiveness of this new scheme is verified through experiments, and it has a low processing time overhead while providing extra features and improved security.
... In this study, we analyze the Z-Wave protocol, a newer technology, and discuss its implementation in smart homes with remarkable performance. This wireless protocol offers superior reliability, low radio interference, high interoperability, and simple operation compared to the standard and widely adopted ZigBee protocol (Ahmad, Morelli, Ranise, & Zannone, 2022). ...
... In this study, we analyze the Z-Wave protocol, a newer technology, and discuss its implementation in smart homes with remarkable performance. This wireless protocol offers superior reliability, low radio interference, high interoperability, and simple operation compared to the standard and widely adopted ZigBee protocol (Ahmad, Morelli, Ranise, & Zannone, 2022). ...
The concept of a "smart home" has gained attention recently, facing challenges like decision-making, secure IoT device identification, continuous connectivity, and privacy. Existing systems address some of the issues, but a truly effective smart home needs built-in security and analytical capabilities. This work proposes a novel smart home using Z-wave and Wi-Fi, with the Dynamic Analysis and Preplanning Tool (DART) for maximum security. The system employs a support vector machine (SVM) classifier to determine device status ("OFF" or "ON"). The setup includes Raspberry Pi, a 5 V relay circuit, and sensors. An Android app communicates with the Raspberry Pi server via HTTP and Apache. Laboratory and field testing with common devices like TVs, air conditioners, and microwaves validate system effectiveness. TV reaction time increases with distance, but air-conditioner responses remain consistent, enhancing security through Z-wave, Wi-Fi, and DART integration. Our safety module safeguards smart home assets and blocks intruders, improving security and dependability in home automation. The performance of the model was assessed and validated using quantitative analysis techniques and statistical metrics in comparison with other state-of-the-art (SOTA) studies. Experimental findings analyzed using metrics like Mean Absolute Percentage Error (MAPE), Mean Absolute Error (MAE), Root Mean Square Error (RMSE), and VAPE, show that Z-wave, Wi-Fi, and DART offer superior dependability, low radio rebirth, simple operation, and straightforward interoperability compared to ZigBee, home plug, and INSTEON. This approach is cost-effective for replication, emphasizing potential security enhancements within a manageable budget.
... In 2021, Taslim et al. [19] proposed a smart home door lock system using security protocol in the Internet of Things (IoT) scenario is proposed, which has the problems of unencrypted data transmission and insufficient authentication methods. Ahmad et al. [20] developed an enhanced access control system for smart locks, using cloud and edge computing to improve authorization, focusing on scalability and performance. Unfortunately, the approach adds complexity in deploying and enforcing policies. ...
The access control system is a critical element in intelligent buildings. In this paper, we present SPCL, an innovative access control system designed to facilitate building entry through the use of mobile phones. Our system aims to provide a secure and convenient solution for building access, capitalizing on the widespread availability and capabilities of mobile devices. Additionally, we propose a lightweight authentication protocol to enhance security. The performance of the protocol is measured for different curves at different frequencies, proving that the protocol is more suitable for door lock systems than the benchmark protocol. In addition, we investigated the security and usability of SPCL. Finally, a comparison of the security of human-lock interfaces for smart locks and blockchain-based payment methods are discussed.
Recently, several researchers motivated the need to integrate Zero Trust (ZT) principles when designing and implementing authentication and authorization systems for IoT. An integrated Zero Trust IoT system comprises the network infrastructure (physical and virtual) and operational policies in place for IoT as a product of a ZT architecture plan. This paper proposes a novel Zero Trust architecture for IoT systems called ZTA-IoT. Additionally, based on different types of interactions between various layers and components in this architecture, we present ZTA-IoT-ACF, an access control framework that recognizes different interactions that need to be controlled in IoT systems. Within this framework, the paper then refines its focus to object-level interactions, i.e., interactions where the target resource is a device (equivalently a thing) or an information file generated or stored by a device. Building on the recently proposed Zero Trust score-based authorization framework (ZT-SAF) we develop the object-level Zero Trust score-based authorization framework for IoT systems, denoted as ZTA-IoT-OL-SAF, to govern access requests in this context. With this machinery in place, we finally develop a novel usage control model for users-to-objects and devices-to-objects interactions, denoted as UCON IoT . We give formal definitions, illustrative use cases, and a proof-of-concept implementation of UCON IoT . This paper is a first step toward establishing a rigorous formally-defined score-based access control framework for Zero Trust IoT systems.
The norm in the design of epidemic agent-based models (ABM) for communication networks is to represent only the parameters of propagation and control for a particular malware infection. However, nothing is said about the transmission of data packets, i.e., the routing protocols in such models. Most likely, this trend originated from the design of ABMs for disease propagation in biological/social networks, where the concept of packet transmission is absent. The inherent assumption is that ordinary ABMs are enough to highlight infection strategies of viruses/worms. Therefore, the study aims to complement a hypothetical epidemic agent computational model for wireless sensor network by including actual routing protocols such as flooding and gossiping using NetLogo version 5.3.1—a popular programmable multi-agent language. Coding was done using the agent-oriented programming approach, and the simulation experiments for the two protocols were performed. Implementing these data transmission strategies strengthens the possibilities of reifying the actual communication networks, thereby advocating their use in subsequent ABMs.
