[go: up one dir, main page]
Skip to main content
SpringerLink
Log in

A Model-Driven Adaptive Approach for IoT Security

  • Conference paper
  • First Online:
Model-Driven Engineering and Software Development (MODELSWARD 2016)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 692))

Abstract

Internet of Things (IoT) and sensor networks are improving the cooperation between organizations, becoming more efficient and productive for the industrial systems. However, high iteration between human, machines, and heterogeneous IoT technologies increases the security threats. The IoT security is an essential requirement to fully adoption of applications, which requires correct management of information and confidentiality. The system and devices’ variability requires dynamically adaptive systems to provide services depending on the context of the environment. In this paper, we propose a model driven adaptive approach to offer security services for an ontology-based security framework. Model-Driven Engineering (MDE) approach allows creating secure capabilities more efficient with the generation of security services based on security requirements in the knowledge base (IoTSec ontology). An industrial scenario of C2NET project was analyzed to identify the transformation of a system design of security solution in a platform specific model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    http://nvd.nist.gov/.

  2. 2.

    http://c2net-project.eu/.

  3. 3.

    http://www.w3.org/TR/rdf-sparql-query/.

References

  1. Bi, Z., Xu, L.D., Wang, C.: Internet of things for enterprise systems of modern manufacturing. IEEE Trans. Industr. Inf. 10, 1537–1546 (2014)

    Article  Google Scholar 

  2. Xu, L.D., He, W., Li, S.: Internet of things in industries: a survey. IEEE Trans. Industr. Inf. 10, 2233–2243 (2014)

    Article  Google Scholar 

  3. Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A.: Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146–164 (2014)

    Article  Google Scholar 

  4. Evesti, A., Ovaska, E.: Comparison of adaptive information security approaches. ISRN Artificial Intelligence (2013)

    Google Scholar 

  5. Habib, K., Leister, W.: Adaptive security for the internet of things reference model. Norsk informasjonssikkerhetskonferanse (NISK) 13–25 (2013)

    Google Scholar 

  6. Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57, 2266–2279 (2013)

    Article  Google Scholar 

  7. Yan, Z., Zhang, P., Vasilakos, A.V.: A survey on trust management for internet of things. J. Netw. Comput. Appl. 42, 120–134 (2014)

    Article  Google Scholar 

  8. Granjal, J., Monteiro, E., Silva, J.S.: Security in the integration of low-power wireless sensor networks with the internet: a survey. Ad Hoc Netw. 24, 264–287 (2014)

    Article  Google Scholar 

  9. Mozzaquatro, B.A., Jardim-goncalves, R., Agostinho, C.: Towards a reference ontology for security in the internet of things. In: IEEE International Workshop on Measurement and Networking, pp. 1–6 (2015)

    Google Scholar 

  10. Soylu, A., De Causmaecker, P.: Merging model driven and ontology driven system development approaches pervasive computing perspective. In: 2009 24th International Symposium on Computer and Information Sciences, ISCIS 2009, pp. 730–735. IEEE (2009)

    Google Scholar 

  11. Undercoffer, J., Joshi, A., Pinkston, J.: Modeling computer attacks: an ontology for intrusion detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 113–135. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45248-5_7

    Chapter  Google Scholar 

  12. Xu, H., Xiao, D., Wu, Z.: Application of security ontology to context-aware alert analysis. In: 2009 Eighth IEEE/ACIS International Conference on Computer and Information Science, ICIS 2009, pp. 171–176 (2009)

    Google Scholar 

  13. Frye, L., Cheng, L., Heflin, J.: An ontology-based system to identify complex network attacks. In: 2012 IEEE International Conference on Communications (ICC), pp. 6683–6688 (2012)

    Google Scholar 

  14. Bézivin, J.: Model driven engineering: an emerging technical space. In: Lämmel, R., Saraiva, J., Visser, J. (eds.) GTTSE 2005. LNCS, vol. 4143, pp. 36–64. Springer, Heidelberg (2006). doi:10.1007/11877028_2

    Chapter  Google Scholar 

  15. Herzog, A., Shahmehri, N., Duma, C.: An ontology of information security. J. Inform. Secur. 1, 1–23 (2007)

    Google Scholar 

  16. Fenz, S., Ekelhart, A.: Formalizing information security knowledge. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS 2009, pp. 183–194. ACM, New York (2009)

    Google Scholar 

  17. Kim, A., Luo, J., Kang, M.: Security ontology for annotating resources. In: Meersman, R., Tari, Z. (eds.) OTM 2005. LNCS, vol. 3761, pp. 1483–1499. Springer, Heidelberg (2005). doi:10.1007/11575801_34

    Chapter  Google Scholar 

  18. Denker, G., Kagal, L., Finin, T., Paolucci, M., Sycara, K.: Security for DAML web services: annotation and matchmaking. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 335–350. Springer, Heidelberg (2003). doi:10.1007/978-3-540-39718-2_22

    Chapter  Google Scholar 

  19. Gyrard, A., Bonnet, C., Boudaoud, K.: An ontology-based approach for helping to secure the ETSI machine-to-machine architecture. In: 2014 IEEE International Conference on Internet of Things (iThings), and Green Computing and Communications (GreenCom), and Cyber, Physical and Social Computing(CPSCom), pp. 109–116. IEEE (2014)

    Google Scholar 

  20. García-Crespo, Á., Gómez-Berbís, J.M., Colomo-Palacios, R., Alor-Hernández, G.: Securontology: a semantic web access control framework. Comput. Stand. Interfaces 33, 42–49 (2011)

    Article  Google Scholar 

  21. Stoneburner, G., Goguen, A.Y., Feringa, A.: Spp. 800–30. Risk management guide for information technology systems (2002)

    Google Scholar 

  22. Abie, H.: Adaptive security and trust management for autonomic message-oriented middleware. In: 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems, pp. 810–817 (2009)

    Google Scholar 

  23. Shnitko, A.: Adaptive security in complex information systems. In: Proceedings of 2003 the 7th Korea-Russia International Symposium on Science and Technology, KORUS 2003, pp. 206–210 (2003)

    Google Scholar 

  24. Laddaga, R., Robertson, P.: Self adaptive software: a position paper. In: SELF-STAR: International Workshop on Self-* Properties in Complex Information Systems, vol. 31, p. 19 (2004)

    Google Scholar 

  25. Agostinho, C., Jardim-Goncalves, R.: Sustaining interoperability of networked liquid-sensing enterprises: a complex systems perspective. Ann. Rev. Control 39, 128–143 (2015)

    Article  Google Scholar 

  26. Dobson, S., Zambonelli, F., Denazis, S., Fernández, A., Gaïti, D., Gelenbe, E., Massacci, F., Nixon, P., Saffre, F., Schmidt, N.: A survey of autonomic communications. ACM Trans. Autonom. Adapt. Syst. 1, 223–259 (2006)

    Google Scholar 

  27. Picek, R., Strahonja, V.: Model driven development-future or failure of software development. IIS 7, 407–413 (2007)

    Google Scholar 

  28. Aman, W., Snekkenes, E.: Event driven adaptive security in internet of things. In: UBICOMM 2014: The Eighth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, pp. 7–15 (2014)

    Google Scholar 

  29. Ouedraogo, W.F., Biennier, F., Merle, P.: Optimizing service protection with model driven security@ run. time. In: 2015 IEEE Symposium on Service-Oriented System Engineering (SOSE), pp. 50–58. IEEE (2015)

    Google Scholar 

  30. Ghimire, S., Melo, R., Ferreira, J., Agostinho, C., Goncalves, R.: Continuous data collection framework for manufacturing industries. In: Ciuciu, I., Panetto, H., Debruyne, C., Aubry, A., Bollen, P., Valencia-García, R., Mishra, A., Fensel, A., Ferri, F. (eds.) OTM 2015. LNCS, vol. 9416, pp. 29–40. Springer, Cham (2015). doi:10.1007/978-3-319-26138-6_5

    Chapter  Google Scholar 

  31. Hafner, M., Memon, M., Breu, R.: Seaas-a reference architecture for security services in SOA. J. Univ. Comput. Sci. (J.UCS) 15, 2916–2936 (2009)

    Google Scholar 

  32. Bézivin, J., Gerbé, O.: Towards a precise definition of the OMG/MDA framework. In: 2001 Proceedings of the 16th Annual International Conference on Automated Software Engineering, (ASE 2001), pp. 273–280. IEEE (2001)

    Google Scholar 

  33. Kleppe, A.G., Warmer, J., Bast, W.: MDA Explained: The Model Driven Architecture: Practice and Promise. Addison-Wesley Longman Publishing Co. Inc., Boston (2003)

    Google Scholar 

  34. Lúcio, L., Zhang, Q., Nguyen, P.H., Amrani, M., Klein, J., Vangheluwe, H., Traon, Y.L.: Advances in model-driven security. Adv. Comput. 93, 103–152 (2014)

    Article  Google Scholar 

  35. Clavel, M., Silva, V., Braga, C., Egea, M.: Model-driven security in practice: an industrial experience. In: Schieferdecker, I., Hartman, A. (eds.) ECMDA-FA 2008. LNCS, vol. 5095, pp. 326–337. Springer, Heidelberg (2008). doi:10.1007/978-3-540-69100-6_22

    Chapter  Google Scholar 

  36. Basin, D., Doser, J., Lodderstedt, T.: Model driven security for process-oriented systems. In: Proceedings of the Eighth ACM symposium on Access control models and technologies, pp. 100–109. ACM (2003)

    Google Scholar 

  37. Lang, U., Schreiner, R.: Model driven security management: making security management manageable in complex distributed systems. In: Workshop on Modeling Security (MODSEC08)-International Conference on Model Driven Engineering Languages and Systems (MODELS) (2009)

    Google Scholar 

  38. Ouedraogo, W.F., Biennier, F., Ghodous, P.: Model driven security in a multi-cloud context. Int. J. Electron. Bus. Manage. 11, 178 (2013)

    Google Scholar 

  39. C2NET, P.: Deliverable D1.3: C2NET platform validation scenarios. Version R0.1 (2015)

    Google Scholar 

Download references

Acknowledgements

The research leading to this work has received funding from CAPES Proc. No.: BEX 0966/15-0 and European Commission’s Horizon 2020 Programme (H2020/2014-2020) under grant agreement: C2NET No.: 636909.

Author information

Authors and Affiliations

  1. Universidade Nova de Lisboa (UNL), DEE/FCT, 2829-516, Caparica, Portugal

    Bruno A. Mozzaquatro & Ricardo Jardim-Goncalves

  2. Centre of Technology and Systems, UNINOVA, 2829-516, Caparica, Portugal

    Carlos Agostinho & Raquel Melo

Authors
  1. Bruno A. Mozzaquatro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carlos Agostinho
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Raquel Melo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ricardo Jardim-Goncalves
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bruno A. Mozzaquatro .

Editor information

Editors and Affiliations

  1. Université d’Angers/ESEO, Angers, France

    Slimane Hammoudi

  2. Faculty of EEMCS, University of Twente, Enschede, The Netherlands

    Luís Ferreira Pires

  3. Malina Software Corp., Nepean, Ontario, Canada

    Bran Selic

  4. SOFTEAM, Paris, France

    Philippe Desfray

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Mozzaquatro, B.A., Agostinho, C., Melo, R., Jardim-Goncalves, R. (2017). A Model-Driven Adaptive Approach for IoT Security. In: Hammoudi, S., Pires, L., Selic, B., Desfray, P. (eds) Model-Driven Engineering and Software Development. MODELSWARD 2016. Communications in Computer and Information Science, vol 692. Springer, Cham. https://doi.org/10.1007/978-3-319-66302-9_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-66302-9_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-66301-2

  • Online ISBN: 978-3-319-66302-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation