Top

Published in:

2017 | OriginalPaper | Chapter

A Model-Driven Adaptive Approach for IoT Security

Authors : Bruno A. Mozzaquatro, Carlos Agostinho, Raquel Melo, Ricardo Jardim-Goncalves

Published in: Model-Driven Engineering and Software Development

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Internet of Things (IoT) and sensor networks are improving the cooperation between organizations, becoming more efficient and productive for the industrial systems. However, high iteration between human, machines, and heterogeneous IoT technologies increases the security threats. The IoT security is an essential requirement to fully adoption of applications, which requires correct management of information and confidentiality. The system and devices’ variability requires dynamically adaptive systems to provide services depending on the context of the environment. In this paper, we propose a model driven adaptive approach to offer security services for an ontology-based security framework. Model-Driven Engineering (MDE) approach allows creating secure capabilities more efficient with the generation of security services based on security requirements in the knowledge base (IoTSec ontology). An industrial scenario of C2NET project was analyzed to identify the transformation of a system design of security solution in a platform specific model.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Meta-Tool for Model-Driven Verification of Constraints Satisfaction

next chapter Identifying Performance Objectives to Guide Service Oriented Architecture Layers

http://nvd.nist.gov/.

http://c2net-project.eu/.

http://www.w3.org/TR/rdf-sparql-query/.

Bi, Z., Xu, L.D., Wang, C.: Internet of things for enterprise systems of modern manufacturing. IEEE Trans. Industr. Inf. 10, 1537–1546 (2014)CrossRef

Xu, L.D., He, W., Li, S.: Internet of things in industries: a survey. IEEE Trans. Industr. Inf. 10, 2233–2243 (2014)CrossRef

Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A.: Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146–164 (2014)CrossRef

Evesti, A., Ovaska, E.: Comparison of adaptive information security approaches. ISRN Artificial Intelligence (2013)

Habib, K., Leister, W.: Adaptive security for the internet of things reference model. Norsk informasjonssikkerhetskonferanse (NISK) 13–25 (2013)

Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57, 2266–2279 (2013)CrossRef

Yan, Z., Zhang, P., Vasilakos, A.V.: A survey on trust management for internet of things. J. Netw. Comput. Appl. 42, 120–134 (2014)CrossRef

Granjal, J., Monteiro, E., Silva, J.S.: Security in the integration of low-power wireless sensor networks with the internet: a survey. Ad Hoc Netw. 24, 264–287 (2014)CrossRef

Mozzaquatro, B.A., Jardim-goncalves, R., Agostinho, C.: Towards a reference ontology for security in the internet of things. In: IEEE International Workshop on Measurement and Networking, pp. 1–6 (2015)

10.

Soylu, A., De Causmaecker, P.: Merging model driven and ontology driven system development approaches pervasive computing perspective. In: 2009 24th International Symposium on Computer and Information Sciences, ISCIS 2009, pp. 730–735. IEEE (2009)

11.

Undercoffer, J., Joshi, A., Pinkston, J.: Modeling computer attacks: an ontology for intrusion detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 113–135. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45248-5_7 CrossRef

12.

Xu, H., Xiao, D., Wu, Z.: Application of security ontology to context-aware alert analysis. In: 2009 Eighth IEEE/ACIS International Conference on Computer and Information Science, ICIS 2009, pp. 171–176 (2009)

13.

Frye, L., Cheng, L., Heflin, J.: An ontology-based system to identify complex network attacks. In: 2012 IEEE International Conference on Communications (ICC), pp. 6683–6688 (2012)

14.

Bézivin, J.: Model driven engineering: an emerging technical space. In: Lämmel, R., Saraiva, J., Visser, J. (eds.) GTTSE 2005. LNCS, vol. 4143, pp. 36–64. Springer, Heidelberg (2006). doi:10.1007/11877028_2 CrossRef

15.

Herzog, A., Shahmehri, N., Duma, C.: An ontology of information security. J. Inform. Secur. 1, 1–23 (2007)

16.

Fenz, S., Ekelhart, A.: Formalizing information security knowledge. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS 2009, pp. 183–194. ACM, New York (2009)

17.

Kim, A., Luo, J., Kang, M.: Security ontology for annotating resources. In: Meersman, R., Tari, Z. (eds.) OTM 2005. LNCS, vol. 3761, pp. 1483–1499. Springer, Heidelberg (2005). doi:10.1007/11575801_34 CrossRef

18.

Denker, G., Kagal, L., Finin, T., Paolucci, M., Sycara, K.: Security for DAML web services: annotation and matchmaking. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 335–350. Springer, Heidelberg (2003). doi:10.1007/978-3-540-39718-2_22 CrossRef

19.

Gyrard, A., Bonnet, C., Boudaoud, K.: An ontology-based approach for helping to secure the ETSI machine-to-machine architecture. In: 2014 IEEE International Conference on Internet of Things (iThings), and Green Computing and Communications (GreenCom), and Cyber, Physical and Social Computing(CPSCom), pp. 109–116. IEEE (2014)

20.

García-Crespo, Á., Gómez-Berbís, J.M., Colomo-Palacios, R., Alor-Hernández, G.: Securontology: a semantic web access control framework. Comput. Stand. Interfaces 33, 42–49 (2011)CrossRef

21.

Stoneburner, G., Goguen, A.Y., Feringa, A.: Spp. 800–30. Risk management guide for information technology systems (2002)

22.

Abie, H.: Adaptive security and trust management for autonomic message-oriented middleware. In: 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems, pp. 810–817 (2009)

23.

Shnitko, A.: Adaptive security in complex information systems. In: Proceedings of 2003 the 7th Korea-Russia International Symposium on Science and Technology, KORUS 2003, pp. 206–210 (2003)

24.

Laddaga, R., Robertson, P.: Self adaptive software: a position paper. In: SELF-STAR: International Workshop on Self-* Properties in Complex Information Systems, vol. 31, p. 19 (2004)

25.

Agostinho, C., Jardim-Goncalves, R.: Sustaining interoperability of networked liquid-sensing enterprises: a complex systems perspective. Ann. Rev. Control 39, 128–143 (2015)CrossRef

26.

Dobson, S., Zambonelli, F., Denazis, S., Fernández, A., Gaïti, D., Gelenbe, E., Massacci, F., Nixon, P., Saffre, F., Schmidt, N.: A survey of autonomic communications. ACM Trans. Autonom. Adapt. Syst. 1, 223–259 (2006)

27.

Picek, R., Strahonja, V.: Model driven development-future or failure of software development. IIS 7, 407–413 (2007)

28.

Aman, W., Snekkenes, E.: Event driven adaptive security in internet of things. In: UBICOMM 2014: The Eighth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, pp. 7–15 (2014)

29.

Ouedraogo, W.F., Biennier, F., Merle, P.: Optimizing service protection with model driven security@ run. time. In: 2015 IEEE Symposium on Service-Oriented System Engineering (SOSE), pp. 50–58. IEEE (2015)

30.

Ghimire, S., Melo, R., Ferreira, J., Agostinho, C., Goncalves, R.: Continuous data collection framework for manufacturing industries. In: Ciuciu, I., Panetto, H., Debruyne, C., Aubry, A., Bollen, P., Valencia-García, R., Mishra, A., Fensel, A., Ferri, F. (eds.) OTM 2015. LNCS, vol. 9416, pp. 29–40. Springer, Cham (2015). doi:10.1007/978-3-319-26138-6_5 CrossRef

31.

Hafner, M., Memon, M., Breu, R.: Seaas-a reference architecture for security services in SOA. J. Univ. Comput. Sci. (J.UCS) 15, 2916–2936 (2009)

32.

Bézivin, J., Gerbé, O.: Towards a precise definition of the OMG/MDA framework. In: 2001 Proceedings of the 16th Annual International Conference on Automated Software Engineering, (ASE 2001), pp. 273–280. IEEE (2001)

33.

Kleppe, A.G., Warmer, J., Bast, W.: MDA Explained: The Model Driven Architecture: Practice and Promise. Addison-Wesley Longman Publishing Co. Inc., Boston (2003)

34.

Lúcio, L., Zhang, Q., Nguyen, P.H., Amrani, M., Klein, J., Vangheluwe, H., Traon, Y.L.: Advances in model-driven security. Adv. Comput. 93, 103–152 (2014)CrossRef

35.

Clavel, M., Silva, V., Braga, C., Egea, M.: Model-driven security in practice: an industrial experience. In: Schieferdecker, I., Hartman, A. (eds.) ECMDA-FA 2008. LNCS, vol. 5095, pp. 326–337. Springer, Heidelberg (2008). doi:10.1007/978-3-540-69100-6_22 CrossRef

36.

Basin, D., Doser, J., Lodderstedt, T.: Model driven security for process-oriented systems. In: Proceedings of the Eighth ACM symposium on Access control models and technologies, pp. 100–109. ACM (2003)

37.

Lang, U., Schreiner, R.: Model driven security management: making security management manageable in complex distributed systems. In: Workshop on Modeling Security (MODSEC08)-International Conference on Model Driven Engineering Languages and Systems (MODELS) (2009)

38.

Ouedraogo, W.F., Biennier, F., Ghodous, P.: Model driven security in a multi-cloud context. Int. J. Electron. Bus. Manage. 11, 178 (2013)

39.

C2NET, P.: Deliverable D1.3: C2NET platform validation scenarios. Version R0.1 (2015)

Title: A Model-Driven Adaptive Approach for IoT Security
Authors: Bruno A. Mozzaquatro
Carlos Agostinho
Raquel Melo
Ricardo Jardim-Goncalves
Publisher: Springer International Publishing
Book: Model-Driven Engineering and Software Development
Print ISBN: 978-3-319-66301-2

Electronic ISBN: 978-3-319-66302-9

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-3-319-66302-9_10

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner