Abstract
Internet of Things (IoT) and sensor networks are improving the cooperation between organizations, becoming more efficient and productive for the industrial systems. However, high iteration between human, machines, and heterogeneous IoT technologies increases the security threats. The IoT security is an essential requirement to fully adoption of applications, which requires correct management of information and confidentiality. The system and devices’ variability requires dynamically adaptive systems to provide services depending on the context of the environment. In this paper, we propose a model driven adaptive approach to offer security services for an ontology-based security framework. Model-Driven Engineering (MDE) approach allows creating secure capabilities more efficient with the generation of security services based on security requirements in the knowledge base (IoTSec ontology). An industrial scenario of C2NET project was analyzed to identify the transformation of a system design of security solution in a platform specific model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bi, Z., Xu, L.D., Wang, C.: Internet of things for enterprise systems of modern manufacturing. IEEE Trans. Industr. Inf. 10, 1537–1546 (2014)
Xu, L.D., He, W., Li, S.: Internet of things in industries: a survey. IEEE Trans. Industr. Inf. 10, 2233–2243 (2014)
Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A.: Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146–164 (2014)
Evesti, A., Ovaska, E.: Comparison of adaptive information security approaches. ISRN Artificial Intelligence (2013)
Habib, K., Leister, W.: Adaptive security for the internet of things reference model. Norsk informasjonssikkerhetskonferanse (NISK) 13–25 (2013)
Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57, 2266–2279 (2013)
Yan, Z., Zhang, P., Vasilakos, A.V.: A survey on trust management for internet of things. J. Netw. Comput. Appl. 42, 120–134 (2014)
Granjal, J., Monteiro, E., Silva, J.S.: Security in the integration of low-power wireless sensor networks with the internet: a survey. Ad Hoc Netw. 24, 264–287 (2014)
Mozzaquatro, B.A., Jardim-goncalves, R., Agostinho, C.: Towards a reference ontology for security in the internet of things. In: IEEE International Workshop on Measurement and Networking, pp. 1–6 (2015)
Soylu, A., De Causmaecker, P.: Merging model driven and ontology driven system development approaches pervasive computing perspective. In: 2009 24th International Symposium on Computer and Information Sciences, ISCIS 2009, pp. 730–735. IEEE (2009)
Undercoffer, J., Joshi, A., Pinkston, J.: Modeling computer attacks: an ontology for intrusion detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 113–135. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45248-5_7
Xu, H., Xiao, D., Wu, Z.: Application of security ontology to context-aware alert analysis. In: 2009 Eighth IEEE/ACIS International Conference on Computer and Information Science, ICIS 2009, pp. 171–176 (2009)
Frye, L., Cheng, L., Heflin, J.: An ontology-based system to identify complex network attacks. In: 2012 IEEE International Conference on Communications (ICC), pp. 6683–6688 (2012)
Bézivin, J.: Model driven engineering: an emerging technical space. In: Lämmel, R., Saraiva, J., Visser, J. (eds.) GTTSE 2005. LNCS, vol. 4143, pp. 36–64. Springer, Heidelberg (2006). doi:10.1007/11877028_2
Herzog, A., Shahmehri, N., Duma, C.: An ontology of information security. J. Inform. Secur. 1, 1–23 (2007)
Fenz, S., Ekelhart, A.: Formalizing information security knowledge. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS 2009, pp. 183–194. ACM, New York (2009)
Kim, A., Luo, J., Kang, M.: Security ontology for annotating resources. In: Meersman, R., Tari, Z. (eds.) OTM 2005. LNCS, vol. 3761, pp. 1483–1499. Springer, Heidelberg (2005). doi:10.1007/11575801_34
Denker, G., Kagal, L., Finin, T., Paolucci, M., Sycara, K.: Security for DAML web services: annotation and matchmaking. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 335–350. Springer, Heidelberg (2003). doi:10.1007/978-3-540-39718-2_22
Gyrard, A., Bonnet, C., Boudaoud, K.: An ontology-based approach for helping to secure the ETSI machine-to-machine architecture. In: 2014 IEEE International Conference on Internet of Things (iThings), and Green Computing and Communications (GreenCom), and Cyber, Physical and Social Computing(CPSCom), pp. 109–116. IEEE (2014)
García-Crespo, Á., Gómez-Berbís, J.M., Colomo-Palacios, R., Alor-Hernández, G.: Securontology: a semantic web access control framework. Comput. Stand. Interfaces 33, 42–49 (2011)
Stoneburner, G., Goguen, A.Y., Feringa, A.: Spp. 800–30. Risk management guide for information technology systems (2002)
Abie, H.: Adaptive security and trust management for autonomic message-oriented middleware. In: 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems, pp. 810–817 (2009)
Shnitko, A.: Adaptive security in complex information systems. In: Proceedings of 2003 the 7th Korea-Russia International Symposium on Science and Technology, KORUS 2003, pp. 206–210 (2003)
Laddaga, R., Robertson, P.: Self adaptive software: a position paper. In: SELF-STAR: International Workshop on Self-* Properties in Complex Information Systems, vol. 31, p. 19 (2004)
Agostinho, C., Jardim-Goncalves, R.: Sustaining interoperability of networked liquid-sensing enterprises: a complex systems perspective. Ann. Rev. Control 39, 128–143 (2015)
Dobson, S., Zambonelli, F., Denazis, S., Fernández, A., Gaïti, D., Gelenbe, E., Massacci, F., Nixon, P., Saffre, F., Schmidt, N.: A survey of autonomic communications. ACM Trans. Autonom. Adapt. Syst. 1, 223–259 (2006)
Picek, R., Strahonja, V.: Model driven development-future or failure of software development. IIS 7, 407–413 (2007)
Aman, W., Snekkenes, E.: Event driven adaptive security in internet of things. In: UBICOMM 2014: The Eighth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, pp. 7–15 (2014)
Ouedraogo, W.F., Biennier, F., Merle, P.: Optimizing service protection with model driven security@ run. time. In: 2015 IEEE Symposium on Service-Oriented System Engineering (SOSE), pp. 50–58. IEEE (2015)
Ghimire, S., Melo, R., Ferreira, J., Agostinho, C., Goncalves, R.: Continuous data collection framework for manufacturing industries. In: Ciuciu, I., Panetto, H., Debruyne, C., Aubry, A., Bollen, P., Valencia-García, R., Mishra, A., Fensel, A., Ferri, F. (eds.) OTM 2015. LNCS, vol. 9416, pp. 29–40. Springer, Cham (2015). doi:10.1007/978-3-319-26138-6_5
Hafner, M., Memon, M., Breu, R.: Seaas-a reference architecture for security services in SOA. J. Univ. Comput. Sci. (J.UCS) 15, 2916–2936 (2009)
Bézivin, J., Gerbé, O.: Towards a precise definition of the OMG/MDA framework. In: 2001 Proceedings of the 16th Annual International Conference on Automated Software Engineering, (ASE 2001), pp. 273–280. IEEE (2001)
Kleppe, A.G., Warmer, J., Bast, W.: MDA Explained: The Model Driven Architecture: Practice and Promise. Addison-Wesley Longman Publishing Co. Inc., Boston (2003)
Lúcio, L., Zhang, Q., Nguyen, P.H., Amrani, M., Klein, J., Vangheluwe, H., Traon, Y.L.: Advances in model-driven security. Adv. Comput. 93, 103–152 (2014)
Clavel, M., Silva, V., Braga, C., Egea, M.: Model-driven security in practice: an industrial experience. In: Schieferdecker, I., Hartman, A. (eds.) ECMDA-FA 2008. LNCS, vol. 5095, pp. 326–337. Springer, Heidelberg (2008). doi:10.1007/978-3-540-69100-6_22
Basin, D., Doser, J., Lodderstedt, T.: Model driven security for process-oriented systems. In: Proceedings of the Eighth ACM symposium on Access control models and technologies, pp. 100–109. ACM (2003)
Lang, U., Schreiner, R.: Model driven security management: making security management manageable in complex distributed systems. In: Workshop on Modeling Security (MODSEC08)-International Conference on Model Driven Engineering Languages and Systems (MODELS) (2009)
Ouedraogo, W.F., Biennier, F., Ghodous, P.: Model driven security in a multi-cloud context. Int. J. Electron. Bus. Manage. 11, 178 (2013)
C2NET, P.: Deliverable D1.3: C2NET platform validation scenarios. Version R0.1 (2015)
Acknowledgements
The research leading to this work has received funding from CAPES Proc. No.: BEX 0966/15-0 and European Commission’s Horizon 2020 Programme (H2020/2014-2020) under grant agreement: C2NET No.: 636909.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Mozzaquatro, B.A., Agostinho, C., Melo, R., Jardim-Goncalves, R. (2017). A Model-Driven Adaptive Approach for IoT Security. In: Hammoudi, S., Pires, L., Selic, B., Desfray, P. (eds) Model-Driven Engineering and Software Development. MODELSWARD 2016. Communications in Computer and Information Science, vol 692. Springer, Cham. https://doi.org/10.1007/978-3-319-66302-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-66302-9_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-66301-2
Online ISBN: 978-3-319-66302-9
eBook Packages: Computer ScienceComputer Science (R0)