Enhancing IoT Security

Enhancing IoT
Security
A holistic approach to security for
connected platforms
Vidushi Sharma
Gamini Joshi
www.bpbonline.com
Copyright © 2024 BPB Online
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or
transmitted in any form or by any means, without the prior written permission of the publisher,
except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information
presented. However, the information contained in this book is sold without warranty, either express
or implied. Neither the author, nor BPB Online or its dealers and distributors, will be held liable for
any damages caused or alleged to have been caused directly or indirectly by this book.
BPB Online has endeavored to provide trademark information about all of the companies and
products mentioned in this book by the appropriate use of capitals. However, BPB Online cannot
guarantee the accuracy of this information.
First published: 2024

WeWork
119 Marylebone Road
London NW1 5PU
UK | UAE | INDIA | SINGAPORE
ISBN 978-93-55515-506
www.bpbonline.com
Dedicated to
Lord Shiva and Guru Sai – My Torch Bearer

My Son Shouryaa for supporting me and
driving me to achieve my goals
My Husband Rohit and my Brother Sadashiv – My pillars
of strength
— Dr. Vidushi Sharma
My beloved:
Parents: Mr. Lalit Mohan Joshi and Mrs. Geeta Joshi
(For their endless love, support and encouragement
to achieve everything in life)
&
Parents-in-law: Dr. S.P. Lohani and Mrs. Hema Lohani
(For their continuous emotional and moral support)
&
My Husband: Mani Lohani
(For his continuous encouragement to improve my
knowledge and move ahead in my career)
&
My Daughter: Mishthi Lohani
(For her smile that inspires me to always be
positive and give my best)
— Gamini Joshi
About the Authors
❖ Dr. Vidushi Sharma has received the Ph.D. degree in computer

science from Dr. B.R. Ambedkar University, Agra, India, in 2008.
She is currently the Head of the Department of Electronics and
Communication Engineering, and the Convenor of Centre of Rapid
and Alternative Energy Mobility at Gautam Buddha University,
Greater Noida, India. She teaches Doctoral, Postgraduate, and
Graduate courses; and has authored over 100 research papers for
international and national publications. She has also authored a book
titled Energy Efficient Wireless Sensor Network (2017, Taylor and
Francis). She has supervised nine Ph.D. students and more than 50
Dissertation students in the area of wireless sensor networks and the
Internet of Things; mentored two - Department of Science and
Technology, India projects. She also has two patents awarded and
three patents published. Her research interests include IT
applications and performance evaluation of information systems,
which includes wireless sensor networks, Internet of Things. She
has organized several conferences, workshops, and FDP and is also
a reviewer for reputed journals.
❖ Gamini Joshi is pursuing Ph.D. at Gautam Buddha University,

Greater Noida, India. She has worked as an assistant professor and
has taught graduate-level courses. She has authored as well as co-
authored a large number of papers for international and national
publications. Her research interests include IT applications,
performance evaluation, and security of IoT information systems,
which include wireless sensor networks and the Internet of Things.
About the Reviewer
Anuj Gargeya Malkapuram is an accomplished Security Practitioner

known for his leadership in cross-functional teams and enterprise-level
security initiatives. With expertise in security detection, incident response,
threat intelligence, and security engineering, Anuj evangelizes information
security within organizations and beyond. He currently serves as a Principal
Security Engineer at Salesforce and has previously worked at reputable
companies like Amazon and LendingClub Corporation in FinTech, E-
Commerce, and SaaS sectors. Anuj’s contributions extend beyond the
corporate realm, as he has filed multiple patents and published his work in
international journals. He actively collaborates with non-profit
organizations such as World Economic Forum, CENSA, and other
recognized internet security entities. Anuj holds a Master’s degree in
Electrical Engineering, specializing in Computer Networking and Security,
from San Jose State University.
Acknowledgements
❖ I want to express my deepest gratitude to the Almighty lord for

holding my hand and guiding me on the path destined by him. I
express my sincere thanks to my son Shouryaa who has changed my
perspective towards life and given it a direction. He is my biggest
supporter and critique and because of him I am able to live up to my
aspirations. He has been my best buddy in this journey so far. I am
indebted to my Parents (K.N. Sharma and Saroj Sharma) for
showering unconditional love. My special thanks to my husband
Rohit for always encouraging me to attain my professional goals, he
is the very essence of my life. My gratitude and love to my brother
Sadashiv and my sister-in-law Shipra who have always provided me
support in thick and thin. I am also grateful to soul mates Dr. Kriti
Priya, Shilpee Sharma and Neetu Gupta for being my life anchor
and stabilizer. I am thankful to my students Dr. Arjun Sirohi, Dr.
Anuradha Pughat, Dr. Gayatri Sakya, Dr. Gourav Verma, Dr. Neeti
Bansal, Dr. Aarti Gautam Dinkar, Gamini Joshi, Monika Kashyap,
and Zaineb Naaz for always standing by my side. I am indebted to
Dr. Neeta Singh, Dr. Navaid Zafar Rizvi, Dr. Vimlesh, Dr. Rajesh
Mishra, Dr. Madhu Jain, and Prof. G.C. Sharma for helping me in
my academic journey.
I am thankful to BPB Publications for their support and help in
framing this book and I hope our readers will use it to further
enhance their knowledge and attain their career goals.
Thanks & Regards

Dr. Vidushi Sharma
❖ I would like to extend my sincere thanks to some people who have

generously contributed and supported me in writing and presenting
this book. First and foremost, I would like to thank my parents and
parents-in-law for continuously encouraging and supporting me.
Next, I owe my gratitude to my supervisor Dr. Vidushi Sharma, for
her valuable guidance, constructive comments and continuous
encouragement throughout my book. I feel overwhelmed to spell
some of my guiding force - my brother Gaurav Joshi and his wife
Vandana Upadhyaya, my sister-in-law Dr. Meenakshi Lohani, and
my friends Sunita Mishra and Sharad Rai. Last but not least, my
loving and supporting husband Mr. Mani Lohani and my darling
daughter Mishthi. I could have never completed this book without
their support.
My gratitude also goes to the team at BPB Publications for being
supportive enough to provide me enough time to finish and publish
the book. At last, I would like to thank God who gave me enough
strength and patience to write such a detailed book on IoT security.
Hope this book brings wonderful joy and experience to readers
worldwide.
Thanks & Regards

Gamini Joshi
Preface
Internet of Things is an emerging technology, which has changed our life

from smart homes to smart defense to smart industrial applications.
Criticality of these applications has led to an intense need to provide
security, safety and privacy to these applications and shield them from
awful threats and attacks. In connection with this, the book “Enhancing
IoT Security” is presented, that aims to introduce the next generation
security measure for Internet of Things (IoT) with their permissive security
technologies and applications to a wide interdisciplinary readership of
engineering and non-engineering graduate students, post-graduate students
and researchers.
This book aims to reveal the importance of IoT security and introduces the
efficient technique that effortlessly recognizes the existing threats and
attacks with their impressive solutions of mitigating them. Its ambition is to
secure resource constraint sensor enabled IoT networks and devices at
minimal cost concerning complexity, energy and power. This book intends
to analyze the critical application areas where security and privacy are
indispensable. It includes theoretical as well as practical aspect of securing
network with empirical IoT products (hardware) and simulators (software).
In doing so, this book destines the target readers to move beyond their
theoretical knowledge and include features of practicality that triggers new
experiments and multidisciplinary project ideas. Moreover, authors in this
book have illustrated their teaching and research experience which would
assist the academician and researchers in extending their research and
studies in right direction.
This book fulfills the basic and advanced level need of the readers related to
the topic it covers. The book is self-satisfied for the topics it covers and
contains the detailed as well as advances knowledge on security issues in
IoT networks.
Apart from the detailed text, the book includes figures, tables, graphs (real-
time and lab results), case studies and examples too. For assessing the
knowledge of the readers, Questionnaire including multiple choice
questions, short and long answer questions is given at the end of each
chapter. Each chapter starts with an introduction of the topic and discusses
its related issues and future directions to the work in that specified area. The
details of every chapter are listed below:
Chapter 1- The Internet of Things and its Security Requirements: It
gives the basic architecture of IoT and fulfills the requirement of
preliminary knowledge for subsequent chapters. Though IoT is changing
everything; yet industries, consumers, and technology owners are under
security nightmare since smart devices and infrastructures are giving frenzy
opportunity to cyber-criminals. This states that IoT security is clearly an
important aspect; diving into it this chapter explores the need of security in
IoT and its requirement with respect to architecture, devices, and protocols.
This continues with the range of security applications within the specific
domain like SCADA system, enterprise system, agriculture system and
much more. In the next section of this chapter, the need of securing IoT
databases is discussed with advanced technologies like embedded systems,
bigdata analytics, cloud, fog and edge computing
Chapter 2- IoT Security - Vulnerabilities, Attacks, and
Countermeasures: It explores different types of vulnerabilities, attacks and
risk against IoT implementations and deployments. This chapter dives into
the organization of attack and illustrates how attacks are organized into
attack and fault tree. Next, the access control techniques with their different
types are investigated and systematic methodology for incorporating
countermeasures against attacks is talked about. Thereafter, the chapter
provides the tailored approach to threat modeling that demonstrates the
method of identifying threats and its sources with their procedure of
mitigating them. We have explained it with the help of suitable examples.
Chapter 3- Security Engineering for IoT Development: After discussing
the IoT security requirements and the threats affecting the security of the
system. We now investigate the security engineering for IoT development,
where various tools and methodology are discussed that is implemented on
IoT system during its designing and development phase. This chapter
presents the different phases of designing security into exiting system which
involves planning, selection, processing, and development methodology.
Chapter 4- IoT Security Lifecycle: In continuation with chapter 3, in this
chapter we will present the complete lifecycle of IoT security, which
involves secure designing, implementation, integration, operation,
maintenance and dispose. Each phase is discussed in detail with every
perspective of securing IoT.
Chapter 5- IoT as Interconnection of Threats: Next, we present the
interconnection of threats in IoT applications and the methods to secure
them. This chapter presents various fusion schemes, defense scheme and
solution-based analyses of detecting attack vectors like Sybil attack and
malwares in smart vehicular and home systems.
Chapter 6- Crypto Foundations I: It explores the role of cryptography in
engineering IoT security. It includes the cryptographic primitives, modules,
principles and fundamentals, which encompasses MAC codes, Hash codes,
signature codes and various cipher suites. We have also included various
key management algorithms with their fundamental and advanced schemes.
Next, the chapter examines transport encryption and cryptographic controls
for IoT communication and messaging protocols. Last but not the least, we
have also discussed light weighted cryptographic technique for
authenticating IoT Node.
Chapter 7- Crypto Foundations II: This chapter is in continuation to
chapter 6. It extends the concept of cryptography with hash function and
digital signature. It also provides an in-depth illustration of how
cryptography can be used to protect IoT communications and its messaging
protocols. The chapter outlines the cryptographic controls for IoT
communication and messaging protocols, along with the IoT node
authentication mechanisms.
Chapter 8- Privacy Preservation for the Internet of Things: In this
chapter, we present the privacy preserving schemes for IoT systems. It
explores the Privacy preservation Data Dissemination problem with its
spatial privacy graph (SPG) solution. Privacy preservation is further
explored with the help of real time example of smart buildings where the
concept of IoT in smart building is explained with possible threats and its
solution approaches.
Chapter 9- Location Privacy Enhancement in the Internet of Vehicles:
This chapter further explores the privacy preservation with yet another
smart example in Internet of vehicles. Since Vehicles are mobile the focus
of this chapter is on location privacy. This chapter explores location privacy
requirements with preservation schemes and protocols. Further, the security
analysis is presented with performance evaluation.
Chapter 10- Privacy Protection in Key Personal IoT Applications:
Since IoT devices and systems are resource constraint, there is always a
need to have light weighted algorithms. In connection with it, this chapter
presents a lightweight and robust scheme for privacy protection in mobile
WBSN and Participatory Sensing network.
Chapter 11- Trust and Trust Models for the IoT: It presents another
aspect of securing IoT system, that is, using Trust as the parameter of
protecting IoT network and devices. This chapter explores the concept of
trust model and its perspective of securing IoT. It also explores Trust
models with the help of example scenarios.
Chapter 12- Framework for Privacy and Trust in IoT: This chapter
explores trust and its framework in decentralized IoT system. Framework
presents user centric as well as device centric framework with Face-to-face
enabler as well as Indoor localization enabler tool.
Chapter 13- Preventing Unauthorized Access to Sensor Data and
Authentication in IoT: Authentication is yet another issue in IoT system.
In regard with this, the chapter illustrates the fundamentals of authentication
with detailed study of message and entity authentication. It also explores
the cooperative authentication scheme using Game modeling where players,
strategies and utility function are illustrated with respect to cooperative
authorization with experimental results and analysis.
Chapter 14- Computational Security for the IoT and Beyond: IoT
systems are very complex systems. Considering this, the chapter explores
the characteristics of complex IoT systems like wireless networks,
biological networks, social networks, economic networks and heavy
computer networks. Further, the complexity of these networks is evaluated
with the help of computational tools like, signal processing, and network
science tools. The controllability and observability of networks is further
studied from communication engineering.
Chapter 15- Identity and Access Management Solutions for the IoT:
This chapter explores the issue of identification and access management of
IoT devices and network in different environment and organization. This
chapter reviews the identity lifecycle and discusses the infrastructure
components needed for provisioning authentication credentials. It focuses
on authentication credentials and its approaches of providing authorization
and access controls to IoT devices.
Chapter 16- Privacy-Preserving Time Series Data Aggregation for IoT:
This chapter describes the concept of data aggregation in IoT network for
preserving network privacy. System and security models are detailed out
and a time-series data aggregation schemes is presented for preserving IoT
network and security analysis with performance evaluation is showed in
terms of computational and communication cost.
Chapter 17- Path Generation Scheme for Real-Time Green IoT: This
chapter investigates the issue of secure routing in IoT network. It presents
the secure path generation scheme for real-time Green Internet of Things.
Network model and problem definitions are deeply discussed and then a
framework of path generation is established with all security measures.
Chapter 18- Security Protocols for IoT Access Networks and Their
Impact on Mobile Networks: This chapter presents the detailed study of
existing security protocols and its impact on mobile networks. It also
investigates the scalability issue in large cellular network. The chapter
presents the unidirectional and bidirectional data transmission security
algorithm.
Chapter 19- Cloud Security for the IoT: This chapter presents the
prospect of cloud security designed for Internet of Things. It addresses
cloud services and IoT related internal and external threats. It explores the
cloud service providers for IoT and their security-as-a-service. The chapter
also examines the security functionality needed from cloud for building an
effective IoT architecture. Lastly, it discusses and explores new computing
paradigms that cloud could provide to IoT system.
Chapter 20- Policy-Based Approaches for Informed Consent in IoT:
This chapter gives a detailed description about policy based approaches for
Internet of Things. It provides the framework and enforcement policy with
their future developments.
Chapter 21- Blockchains for Internet of Things: This chapter presents
the blockchain technique as next generation technology for securing
Internet of Things. It addresses the concept of bitcoin, crypto-currency and
other matter of concern for Internet of Things.
Chapter 22- Game Theory Foundation: This chapter introduces the
concepts and techniques of Game Theory. The mathematical formulations
of the game along with its strategy are detailed out. We present different
types of games and its strategic approach like repeated games, Bayesian
games and coalitional games that will help readers to justify their problems.
Chapter 23- Security Products: In this chapter, we have presented the
recent trends of securing Internet of Things where existing security
products and their test beds are discussed. We have also illustrated the
commercialized IoT products and their usage.
Coloured Images
Please follow the link to download the
Coloured Images of the book:
https://rebrand.ly/lsyz3qa
We have code bundles from our rich catalogue of books and videos
available at https://github.com/bpbpublications. Check them out!
Errata
We take immense pride in our work at BPB Publications and follow best
practices to ensure the accuracy of our content to provide with an indulging
reading experience to our subscribers. Our readers are our mirrors, and we
use their inputs to reflect and improve upon human errors, if any, that may
have occurred during the publishing processes involved. To let us maintain
the quality and help us reach out to any readers who might be having
difficulties due to any unforeseen errors, please write to us at :
errata@bpbonline.com
Your support, suggestions and feedbacks are highly appreciated by the BPB
Publications’ Family.
Did you know that BPB offers eBook versions of every book published, with PDF
and ePub files available? You can upgrade to the eBook version at
www.bpbonline.com and as a print book customer, you are entitled to a discount on
the eBook copy. Get in touch with us at :
business@bpbonline.com for more details.
At www.bpbonline.com, you can also read a collection of free technical articles,
sign up for a range of free newsletters, and receive exclusive discounts and offers
on BPB books and eBooks.
Piracy
If you come across any illegal copies of our works in any form on the internet, we
would be grateful if you would provide us with the location address or website
name. Please contact us at business@bpbonline.com with a link to the material.
If you are interested in becoming an author

If there is a topic that you have expertise in, and you are interested in either writing
or contributing to a book, please visit www.bpbonline.com. We have worked with
thousands of developers and tech professionals, just like you, to help them share
their insights with the global tech community. You can make a general application,
apply for a specific hot topic that we are recruiting an author for, or submit your
own idea.
Reviews
Please leave a review. Once you have read and used this book, why not leave a
review on the site that you purchased it from? Potential readers can then see and
use your unbiased opinion to make purchase decisions. We at BPB can understand
what you think about our products, and our authors can see your feedback on their
book. Thank you!
For more information about BPB, please visit www.bpbonline.com.
Join our book’s Discord space

Join the book’s Discord Workspace for Latest updates, Offers, Tech
happenings around the world, New Release and Sessions with the Authors:
https://discord.bpbonline.com
Table of Contents
1. The Internet of Things and its Security Requirements

Structure
1.1 Internet of Things - A brief introduction
1.1.1 Growth trends and market opportunity
1.2 Networking in the IoT device - The framework
1.2.1 Identification
1.2.2 Sensing
1.2.3 Communication
1.2.4. Computation
1.2.5 Services
1.2.6 Semantics
1.3 Need to secure IoT - Its limitations
Reason 1 - Constrained system resources
Reason 2 - Device Heterogeneity
Reason 3 - Interoperability in IoT
Reason 4 - Over-the-Air firmware update
1.4 Cyber security versus IoT security and cyber-physical systems
1.5 IoT architecture
Layer 1 - Perception/Sensing layer
Layer 2 - Network layer
Layer 3 - Service/Processing layer
Layer 4 - Application/Interface layer
1.5.1 Security threats in IoT architecture layers
1.5.2 Security requirements in IoT architecture layers
1.6 Authorization and authentication requirement in IoT
1.6.1 Insufficient authentication/authorization in IoT
1.7 Security in enabling technologies behind the Internet of Things
1.7.1 Security in hardware technologies - Identification
1.7.2 Security in software technologies: Integration of WSN and
RFID
1.7.3 Security in communication technologies - tracking,
monitoring, and communicating28
Security in network technologies: network function
1.8 IoT networking protocols and its security
1.8.1 Application protocol
1.8.2 Network Layer Protocols: 6LoWPAN
1.8.3 Routing /Transport Layer Protocol - RPL
1.8.4 Link Layer Protocol: IEEE 802.15.4
1.8.5 Physical Layer Protocol - LTE-A, Z-Wave
1.9 Domain-specific IoT and its security concerns
1.9.1 Security concerns in SCADA systems
1.9.2 Security concerns in Enterprise Information Systems
1.9.3 Security concerns in home automation
1.9.4 Security concerns in agriculture
1.9.5 Security concerns in smart cities
1.9.6 Security concerns in social IoT
1.9.7 Security concerns in IoT-based healthcare
1.10 IoT supporting technologies
1.10.1 Big Data analytics
1.10.2 Cloud computing
1.10.3 Edge computing
1.10.4 Fog computing
Conclusion
1.11 Questionnaire
Multiple choice questions
Answer key
Long answer questions
Short answer questions
Keywords(†)
References
Things to check before moving to next chapter
2. IoT Security - Vulnerabilities, Attacks, and Countermeasures

Introduction
Structure
2.1 Information Assurance: components
2.2 Threats
Associated terms
Threat classification
2.3 Vulnerabilities
2.4 Risk
2.5 Insecure Access control
2.5.1 Access Control List-Based Systems or Discretionary Access
control
2.5.2 Role-Based Access control
2.5.3 Capability-Based Access control or Key-based Access control
system
2.5.4 Challenges in Access control
2.5.5 Threats to Access control, privacy, and availability
2.6 Attacks: types, composition, and tools
2.6.1 Types of attacks
2.6.2 Tools for attack identification
2.7 Threat modeling for IoT systems
Conclusion
2.8 Questionnaire
Answer key
Long answer question
Keywords (†)
References
Things to check before moving to the next chapter
3. Security Engineering for IoT Development

Introduction
Structure
3.1 Building Security into design and development
3.1.1 Managing security requirement
3.1.2 Managing security in IoT when in operation
3.2 The IoT security life cycle: Secure design
Phase 1: Secure design
3.2.1 Safety and security design
3.2.2 Processes and Agreements
3.2.3 Technology selection: Security products and services
Conclusion
3.3 Questionnaire
Answer key
Keywords (†)
References
4. IoT Security Lifecycle

Structure
4.1 Introduction
4.2 Phase 2: Implementation and Integration
4.2.1 IoT Security CONOPS document
4.2.2 Network implementation and security integration
4.2.3 System security verification and validation (V&V)
4.2.4 Security training
4.2.5 Secure configurations
4.3 Phase 3: Operations and maintenance
4.3.1 Managing identities, roles, and credentials
4.3.2 Security monitoring
4.3.3 Penetration testing
4.3.4 Asset and configuration management
4.3.5 Incident management
4.3.6 Forensics
4.4 Phase 4: Dispose
4.4.1 Secure device disposal and zeroization
4.4.2 Data purging
4.4.3 Inventory control
4.4.4 Data archiving and records management
Conclusion
4.5 Questionnaire
Answer key
Keywords (†)
References
5. IoT as Interconnection of Threats

Structure
5.1 Sybil Attack Detection in Vehicular Network
5.1.1 Concept of a Vehicular Network or a Vehicular Ad-Hoc
Network
5.1.2 Challenges and Attacks in Vehicular Network
5.1.3 Consequences of a Sybil attack
5.1.4 Sybil Attack Detection Schemes in a VANET Network
5.2 Malware Propagation and control in Internet of Things
5.2.1 Malware in Internet of Things
5.2.1 Modeling of malware propagation
5.2.3 Malware control strategy
5.3 Solution-based analysis of attack vectors on smart home systems
5.3.1 Concept of a Smart Home System with an example of
digitalSTROM
Technical Structure of digitalSTROM(dS)
5.3.2 Attack vectors on SHS
Central digitalSTROM Server
Smart control devices
Smart home communication bus
Remote third-party services
5.3.3 SHS Hardening
Hardening of Central digitalSTROM server
Hardening of Smart Control Devices
Hardening of Smart Communication Bus
Hardening of remote third-party services
5.3.4 Attack scenario and its solution analysis
Attack 1
Attack 2
5.4. Network robustness of the Internet of Things
5.4.1 Network Robustness using Game-Theoretic analysis
Conclusion
5.5 Questionnaire
Answer key
Keywords (†)
References
6. Crypto Foundations I
Structure
6.1 Cryptography and its role in securing the IoT
6.2 Cryptography and its primitives in the IoT
Cryptographic primitives
6.3 Secrecy and secret-key capacity in IoT
Secret key capacity
6.4 Encryption and decryption
6.4.1 Symmetric key encryption algorithm
Substitution technique
Transposition technique
Electronic Code Book
Cipher Block Chaining Mode
Cipher Feedback Mode
Output Feedback Mode
Counter Mode
6.4.2 Asymmetric key encryption algorithm
Conclusion
6.5 Questionnaire
Answer key
Keywords (†)
References
7. Crypto Foundations II
Structure
7.1 Message integrity- Hash functions and their security
7.1.1 Properties and applications of Hash functions
Applications of the Hash function
7.1.2 Popular Hash function
7.1.3 Merkle tree
Significance of the Merkle tree
7.2 Message authentication
7.2.1 Message Authentication Code
7.2.2 Authenticated encryption
7.3 Random number generation
7.4 Cipher suites
7.5 Signature algorithm means of IoT node authentication
7.5.1 Types of signatures
7.5.1 Digital signature schemes
7.6 Cryptographic key management
7.6.1 Key management fundamentals
7.6.2 Diffe-Hellman key exchange
Algorithm
7.6.3 Elliptic Curve Cryptography
Background explanation of ECC
ECC algorithm for key-exchange
ECC Algorithm for encryption and decryption
7.6.4 Public Key Infrastructure
PKIX Model
PKIX Management function
7.7. Examining cryptographic controls for IoT protocols
7.7.1. Cryptographic controls built into IoT communication
protocols
ZigBee
Bluetooth-LE
Near Field Communication
7.7.2 Cryptographic controls built into IoT messaging protocols
7.8 Transport encryption
7.8.1 Transport Layer Security
7.8.2 Secure Sockets Layer
7.8.3 HTTPS
Conclusion
7.9 Questionnaire
Answer key
Keywords (†)
References
8. Privacy Preservation for the Internet of Things

Structure
8.1. Privacy preservation
8.2. Classification of privacy threats in IoT
8.2.1. Content-oriented privacy threats
8.2.2. Contextual-oriented privacy threats
8.3. Privacy preservation techniques
8.3.1. Cryptographic techniques
8.3.2. Anonymization techniques
K-anonymity
L diversity
8.3.3. Dynamic data masking
8.4. Futuristic approach of privacy preservation data dissemination
8.4.1. Pre-requirements of the approach
Network model
Threat model
Resolution of uncertainty
The objective of the FDD approach
8.4.2. Implementation of the privacy preservation data
dissemination approach
SPG-based data dissemination
8.5. Privacy preservation for IoT used in smart buildings- A case study
8.5.1. The concept of smart buildings
Smart Building Subsystems
IoT Technologies used in smart buildings
8.5.2. Privacy threats in smart buildings
8.5.3 Privacy-preserving approaches in smart buildings
Wireless LAN privacy-preserving approaches
RFID privacy-preserving approaches
Video surveillance privacy-preserving approaches
Conclusion
8.6 Questionnaire
Answer key
Keywords (†)
References
9. Location Privacy Enhancement in the Internet of Vehicles

Structure
9.1. Location privacy and its requirements in IoV
9.1.1. Location-privacy requirements
9.2. Traditional location-privacy preservation solutions
9.2.1. Pseudonyms
9.2.2. Mix-Zone
9.2.3. Group signature
9.2.4. Silent period
9.3. A new location-privacy preservation scheme: A MixGroup
approach
9.3.1. Pre-requirements of the MixGroup approach
Network model
Social model
Threat model
Characteristics of the vehicular social network
Some observations from the traces of vehicles
Theory of MixGroup
9.3.2. Process of MixGroup
System initialization and key generation
Group join
Pseudonym exchange
RSU signing protocol
Group leaving
Revocation protocol
9.3.3. Security analysis
Conditional tracking
Attack and defense analysis
Entropy optimal pseudonym exchange
9.3.4. Experimental analysis of the MixGroup approach
Conclusion
9.4. Questionnaire
Answer key
Keywords (†)
References
10. Privacy Protection in Key Personal IoT Applications

Structure
10.1. Concept of personal IoT
10.1.1. Mobile WBSN
Architecture of WBSN
Issues in mobile WBSN
10.1.2. Participatory sensing
Architecture of Participatory Sensing
Issues in participatory sensing
10.2. Security aspect of personal IoT
10.2.1. Lightweight and robust schemes for protecting privacy in
Mobile WBSN
10.2.1.1. One Time Mask scheme
10.2.1.2. One Time Permutation scheme
10.2.1.3. Comparative analysis of OTM and OTP
10.2.2. Lightweight and robust scheme for privacy protection in
participatory sensing
10.2.2.1. The LRTP scheme
Conclusion
10.3 Questionnaire
Answer key
Keywords (†)
References
11. Trust and Trust Models for the IoT

Structure
11.1. Concept of trust and its role in securing IoT
11.2. A brief study on Trust Management System
11.2.1. Information gathering
11.2.2. Trust computation
11.2.3. Trust propagation
11.2.4. Trust update
11.3. Classification of Trust Management Systems in IoT network
11.3.1. Layered architecture
a. Device layer
b. Support layer
c. Other layers
11.3.2. Propagational architecture
a. Distributed architecture
b. Centralized architecture
11.3.3. Conceptual architecture
a. Direct trust model
b. Indirect trust model
11.4. Challenges in existing trustable IoT techniques
11.4.1. Naming and name resolution
11.4.2. Identifier/locator splitting
11.4.3. Availability of resources and services
11.4.4. Security and privacy
11.5. Introducing Nova-Genesis as an IoT architecture
Conclusion
11.6. Questionnaire
Answer key
Keywords (†)
References
12. Framework for Privacy and Trust in IoT

Structure
12.1. The concept of user-centric Internet of Things
12.1.1. Internet of People
12.1.2. Social Internet of Things
Basic components of SIoT
12.1.3. Physical Cyber Social Computing
12.1.4. People as a Service
12.1.5. Advantages of user-centric Internet of Things
12.2. Issues in user-centric Internet of Things
12.2.1. Utility and usability
12.2.2. Fault tolerance
12.2.3. Interoperability, data-models, and nomenclatures
12.2.4. Big data (graph) analysis
12.2.5. Trust and privacy
12.3. SocIoTal- A socially aware citizen-centric Internet of Things
12.3.1. Classical IoT-architectural framework
Core component
12.3.2. SocIoTal security framework
12.3.2.1. Authentication
12.3.2.2. Trust and reputation
12.3.2.3. Key-exchange management
12.3.2.4. Context manager
12.3.2.5. Identity management
12.3.2.6. Authorization
12.3.2.7. Group manager
Conclusion
12.4. Questionnaire
Answer key
Keywords (†)
References
13. Preventing Unauthorized Access to Sensor Data and

Authentication in IoT
Structure
13.1 The idea of cooperation in IoT
13.1.1. Cooperative communication
13.1.2. Cooperative authentication
13.1.3. Cooperative incentive
13.1.4. Conflict balancing
13.2. The practical implementation of cooperative authentication
13.3. Bargaining-based dynamic game model for cooperative
authentication
13.3.1. The pre-requisite of the cooperative authenticated
bargaining system
13.3.1.1. Factors affecting the price
13.3.1.2. Bargaining-based price
13.3.1.3. Bargaining procedure
13.3.2. The dynamic game
Players
Strategy
Utility function
Performance of the bargaining-based dynamic game model for
cooperative authentication
13.3.3.1. Location privacy leakage
13.3.3.2. Energy consumption
13.3.3.3. Network survivability
13.4. Analysis of dynamic game model for cooperative authentication
13.4.1. Dynamic game with complete information
13.4.2. Dynamic game with incomplete information
13.5. Variants of entity authentication
a. Reputation
b. Vote
c. Abstinence
d. Police
13.5.1. Performance analysis of the variants of entity
authentication
a. Average vulnerability time
b. Average risks
13.6. Message authentication: content delivery in VANET
13.6.1. Voting on reputation for VANET(VOR4VANET)
Conclusion
13.7. Questionnaire
Answer key
Keywords (†)
References
14. Computational Security for the IoT and Beyond

Structure
14.1. An introduction to computational models and their security
14.1.1. Need for computational security in the Internet of Things
14.2. Complex systems
14.2.1. Characteristics of complex systems
IoT as a complex system
14.2.2. Security challenges in complex systems
14.3. Examples of complex systems with their security characteristics
14.3.1. Wireless networks
14.3.2. Social networks
a. Multimedia content threats
b. Traditional threats
c. Social threats
14.3.3. Economic networks
14.3.4. Computer networks
14.4. Computational tools for complex systems
14.4.1. Signal processing tools
14.4.2. Network science tools
14.4.3. Controllability and observability of networks
14.4.4. Network tomography
14.5. Future scope
Conclusion
14.6 Questionnaire
Answer key
Keywords (†)
References
15. Identity and Access Management Solutions for the IoT

Structure
15.1. Introduction to identity and access management for the IoT
Implementation of IAM for the development of IoT application
a. Default password risks
b. Cross-domain IoT
c. Credential abuse
d. Virtual Eavesdropping
15.2. The identity lifecycle
15.2.1. Identity establishment with unique requirements
Identity of IoT devices
15.2.2. Secure bootstrap
Bootstrapping using PKI
15.2.3. Credential and attribute provisioning
15.2.4. Account monitoring and control
15.2.5. Account updates
15.2.6. Account suspension
15.2.7. Account/credential deactivation/deletion
15.3. Authentication credentials
15.3.1. Usernames and passwords
15.3.2. Symmetric keys
15.3.3. Certificates
X.509
IEEE 1609.2
15.3.4. Biometrics
15.3.5. New work in authorization for the IoT
15.4. IoT IAM infrastructure
15.4.1. PKI for the IoT IAM
Revocation support
15.5. Authorization and access control
15.5.1. OAuth 2.0
OAuth2.0 components
Working of OAuth2.0
15.5.2. Access controls within publish/subscribe protocols
15.5.3. Access controls within communication protocols
Conclusion
15.6. Questionnaire
Answer key
Keywords (†)
References
16. Privacy-Preserving Time Series Data Aggregation for IoT

Structure
16.1 Data aggregation on IoT system
16.1.1 Data aggregation mechanisms on IoT system
16.1.1.1 Client-server-based data aggregation mechanisms
16.1.1.2 Mobile-agent-based data aggregation mechanisms
16.1.1.3 Time-series-based data aggregation mechanisms
16.2 Time-series data aggregation privacy preservation scheme
16.2.1 Prerequisites
IoT scenario
Security consideration and design goals
Properties of the Group Z*p2
16.2.2 The actual scheme
System settings
Data encryption at nodes
Data aggregation at gateways
Aggregated data decryption at the control center
Privacy maintenance during node joining and leaving
16.2.3 Computational cost of time series data aggregation privacy
preservation scheme
Conclusion
16.3 Questionnaire
Answer key
Short answer question
Keywords (†)
References
17. Path Generation Scheme for Real-Time Green IoT

Structure
17.1 Green Internet of Things: An introduction
17.1.1 GIoT components
a. Green hardware
b. Green software
c. Green communication
d. Green architecture
17.1.2 Green IoT technologies
Green tags
Green sensing networks
Green cloud computing
Green coding
Green data centers
Green M2M
17.1.3 Contribution toward Green IoT
17.1.4 GIoT open issues
a. Technical challenges
b. Standardization
c. Security and privacy
17.2 Real-time GIOT and its issues
17.3 Real-time query processing in the Green Internet of Things
17.3.1 Query processing in the green Internet of Things
Mathematical representation of query processing
17.3.2 Secure path generation scheme
Procedure for the generation of GIoT secured path
Example: Derivation of Query Execution Path
Conclusion
17.4 Questionnaire
Answer key
Keywords (†)
References
18. Security Protocols for IoT Access Networks and Their Impact on
Mobile Networks
Structure
18.1. Existing security features of IoT protocols
18.2. Futuristic security protocol/algorithm for IoT network
18.2.1. Time-based secure key generation and renewal
a. Security protocol for unidirectional data transmissions
b. Security protocol for bidirectional data transmissions
18.2.2 Cognitive security
18.3 Impact of IoT security on mobile networks
Cost of mobile network
The risk and complexity of mobile networks
Delay in mobile network
Scope restriction of mobile network
Conclusion
18.4 Questionnaire
Answer key
Keywords (†)
References
19. Cloud Security for the IoT

Structure
19.1. Cloud services and the IoT
19.1.1. Samples of IoT cloud services
a. Asset/inventory management
b. Service provisioning, billing, and entitlement management
c. Real-time monitoring
d. Sensor coordination
e. Customer intelligence and marketing
f. Information sharing
g. Message transport/broadcast
19.2. IoT threats from the perspective of cloud security
19.3. Exploring cloud service provider IoT offerings
19.3.1. AWS IoT
a. Kinesis
b. Amazon Lambda
c. Simple storage service (S3)
d. CloudWatch
e. DynamoDB
f. AWS Thing Shadow
19.3.2. Microsoft Azure IoT suite
19.3.3. Cisco fog computing
19.3.4. IBM Watson IoT platform
19.4. Cloud IoT security controls
19.4.1. Authentication and authorization
Authentication mechanisms in Amazon AWS
Authentication mechanisms in Microsoft Azure
19.4.2. Software/firmware updates
19.4.3. End-to-end security recommendations
19.4.4. Maintain data integrity
19.4.5. Secure bootstrap and enrollment of IoT devices
19.4.6. Security monitoring
19.5. An enterprise IoT cloud security architecture
19.6. New directions in cloud-enabled IOT computing
19.6.1. IoT-enablers of the cloud
Software defined networking
Data services
Container for secure development and deployment of IoT
environments
Microservices
19.6.2. Cloud-enabled directions
On-demand computing and the IoT
Cognitive IoT
Conclusion
19.7. Questionnaire
Answer key
Keywords (†)
References
Things to check before moving to the upcoming chapter
20. Policy-Based Approaches for Informed Consent in IoT

Structure
20.1 Informed consent
20.1.1. Informed consent in Internet of Things
20.1.2. Implementation challenges of informed consent in IoT
20.2. A policy-based solution for informed consent in IoT
20.2.1. Policy-based framework
Steps for the specification of informed consent (metamodeling)
20.2.2. Policy enforcement component
20.2.3. Implementation of the SecKit to IoT for informed consent
Conclusion
20.3 Questionnaire
Answer key
Keywords (†)
References
21. Blockchains for Internet of Things

Structure
21.1. Blockchain technology: The introduction
21.1.1. Issues with the current banking system and its solutions
21.1.2. Architecture of the blockchain
Components of block
Formation of blockchain
21.1.3. Features of blockchain
a. Public distributed ledger
b. Encryption
c. Mining and Proof of Work
d. Incentives of mining
21.1.4. Use-case of Blockchain technology
21.2. Crypto-currencies
21.2.1. Cryptocurrency examples
Bitcoins
Ether
21.3. Bitcoin P2P network
21.4. Distributed consensus
21.4.1. Types of consensus algorithms
a. Proof of work
b. Proof of Stake
c. Byzantine Fault Tolerance
d. Proof of Burn
e. Proof of Capacity
f. Proof of Elapsed Time
21.5. Smart contracts
21.6. Blockchain wallets
21.6.1. Types of Blockchain wallets
a. Classification based on a private key
b. Classification based on application
21.7. Altcoins
21.8. Anonymity
Conclusion
21.9. Questionnaire
Answer key
References
Keywords (†)
22. Game Theory Foundation

Structure
22.1. Introduction to Game-Theoretic approach
22.1.1. Useful terms in Game Theory
Market game
Political game
Wireless communication game
Auction game
22.1.2. Example 1- Prisoner’s Dilemma Game
Mathematical formulation of the Prisoner’s Dilemma Game
22.2. Best response and Nash equilibrium
22.2.1. Example 2- market game
22.3. Mixed-strategy or randomized-strategy
22.3.1. Example 3- Matching pennies game
22.3.2. Example 4- Paying taxes game
Mixed strategy of paying tax game
22.4. Repeated games
22.4.1. Example 5- Finitely repeated Prisoner’s Dilemma Game
Nash-equilibrium and game table of twice repeated Prisoner’s
Dilemma Game
22.4.2. Example 6- Finitely repeated games having multiple
equilibrium
22.4.3. Infinitely repeated games
22.4.4. Example 7- Infinitely repeated Prisoner’s Dilemma Game
Calculus of infinitely repeated triggering strategy
Calculus of infinitely repeated Prisoner’s Dilemma Game
22.5. Bayesian games
22.5.1. Example 8- Battle of sexes game
Analysis of the Bayesian game
22.6. Coalitional games
22.6.1. Coalitional games with transferable utility
22.6.1.1. Example 9- Voting game
22.6.2. Outcome of coalitional games
22.6.3. Classes of coalitional games
Relationship between the different classes of games
22.6.4. Analyzing coalitional games
Payoffs division methods
The Shapley value
The core
Conclusion
22.7. Questionnaire
Answer key
References
23. Security Products

Structure
23.1. Existing IoT security products
a. AWS IoT device defender
b. Microsoft Defender for IoT
c. McAfee embedded control
d. Entrust IoT security
e. IoT security
f. Cybeats
g. KeyScaler
h. Memfault
i. Quantum edge
j. Spartan
23.2. Testbed on security and privacy of IoTs
a. Smart campus Testbed
b. Supersensor testbed
c. MakeSense testbed
d. INternational Future INdustrial Internet testbed
e. SmartSantander testbed
f. ASSET testbed
g. Stanfords testbed
h. Siboni’s security testbed for IoT devices
23.3. IoT databases and its security
23.3.1 Threats and challenges of IoT databases with their feasible
solutions
a. Data privacy and compliance
b. Data quality and integrity
c. Data security and resilience
d. Data governance and ethics
e. Data innovation and collaboration
f. Data skills and awareness
Conclusion
23.4. Questionnaire
Answer key
References
Keywords (†)
Index
CHAPTER 1
The Internet of Things and its Security
Requirements
The Internet of Things is an emerging technology that is spreading rapidly

and is making our life easy by changing everything with respect to our utility
and lifestyle. For instance, switching on/off the air conditioner while sitting
at the office, shutting down the machine with only a click, or auto-halting
industrial activities with a change in environment are a few illustrations that
explain the utility of IoT in the current world. IoT has persuaded us to live in
a world where machines and humans live under the same roof. Apart from
providing easy services to users and operators, it is giving an open invitation
to criminals and cyber attackers, whose aim is to injure the organization’s
economic transactions, business transactions, safety, and privacy. Besides
damaging the organization; attackers anticipate threats to sensitive data, and
to the safety of individual users. Poorly secured IoT devices have been
weaponized to assist criminals of domestic abuse that monitor and
psychologically distress their victims, particularly women and children.
Considering these facts, it is deduced that securing IoT is of utmost
importance, but before diving into the practical aspects of security, the
chapter addresses a brief introduction to the Internet of Things.
Structure
In this chapter, we will cover the following topics:
The Internet of Things and its fundamentals
The limitations of IoT and the need to secure IoT devices and systems
The security requirements in IoT architecture and its protocols
The threats and security in IoT technologies and their applications
Other IoT-supporting technologies
1.1 Internet of Things - A brief introduction

The Internet of Things is supposed to be the future Internet for the upcoming
generation. It is a combination of numerous technologies, which includes
sensibility and networking technology, communication technology, service-
oriented technology (like Amazon’s Alexa, cloud-based IoT voice service),
and intelligent information processing technologies (like real-time healthcare
processing). In a layman’s language, IoT is the network of physical objects
that includes sensors†, actuators†, and microcontrollers†, which
communicate with each other through low-power protocols via the Internet.
The concept of IoT was first proposed in 1999 but still, the standard
definition of IoT is yet to originate. As per the standard organizations, the
quality-based definitions of IoT are defined as follows:
According to International Telecommunication Union (ITU), the
United Nations Specialized agency for information and
communication technologies defines IoT as “A global infrastructure
for the information society that enables advanced services by
interconnecting things either physically or virtually based on existing
and evolving, interoperable information and communication
technologies”[1].
According to IEEE, IoT is defined as “A self-configuring, adaptive,
and complex network that interconnects things to the Internet through
the use of standard communication protocols. “Things” can be any
objects that have sensing/actuation and programming capabilities and
can be changed anywhere, anytime, and by anything taking security
into consideration [2].
IoT can be used in many ways; it can improve, automate, and control
processes with small-scale information like weather forecasting with only
one or two parameters. It can help in driving new business models and
revenue streams (like manufacturing industries) and provide real-time data to
businesses that develop products and services. There are several domains and
environments where IoT has played a remarkable role and has improved the
quality of our lives; these include home, health, transportation, industrial
automation, energy, agriculture, and many more. The diversifications of
these applications are grouped into two categories: consumer IoT and
business IoT. Consumer IoT is an IoT where things/objects are personally
used by the consumer while in business IoT, sensor-enabled objects are used
to provide new insights to businesses, boost their efficiency, and help to
make more informed and capable decisions. Figure 1.1 demonstrates the
classification of IoT with help of examples:
Figure 1.1: Classification of IoT market
1.1.1 Growth trends and market opportunity

As discussed, the applications of IoT are so diversified that it provides a
considerable market opportunity to all equipment manufacturers, Internet
service providers, and application developers. According to the report 2015
published by McKinsey Global Institute, the global IoT market is expected
to roll globally from $5.5 trillion in 2015 to $12.6 trillion by 2030[3].
It is the foundation for various organizations that empowers them to enhance
the existing processes by creating and monitoring new business models. The
growing acquisition of IoT across industries like enterprises, manufacturing,
automotive, and healthcare is confidently enhancing the market’s growth. It
is encouraging the next industrial revolution of intelligent connectivity,
which aims to improve the efficiency of the machines and reduce its
downtime.
By 2025, it is estimated that robotization will become part of day-to-day
operations and will reach a value of USD 12.3 billion. In addition, M2M†
traffic flows are expected to constitute 75% of the whole Internet market [4].
Next, healthcare applications are predicted to form the largest impact on
economic growth. This has seen a huge rise during the Covid-19 pandemic,
where vendors were collaborating with organizations to offer technology-
enabled healthcare solutions and help them to overcome the crisis
effectively. For instance, Shanghai Public Health Clinical Center (SPHCC)
has used the California-based connected health startup VivaLNK’s continuous
temperature measuring tool to monitor COVID-19 patients which have
therefore reduced the risks of nurses/doctors and other caregivers being
exposed to the threatening virus. According to the IoT healthcare market, the
size is expected to grow from USD 72.5 billion in 2020 to USD 188.2 billion
by 2025[5].
Not only this, IoT is providing its services to automotive, retail, homes,
cities, and so on. The projected market share of these applications by 2030 is
illustrated in Figure 1.2 [3].
It is predicted that the IoT economic value depends on the environment
where it is deployed. As per the Global McKinsey report, factory settings,
including manufacturing and hospitals, will account for the largest amount of
economic growth, around 26% in 2030 followed by human health
representing around 10-14% of its economic value in 2030. Please refer to
the following figure:
Figure 1.2: IoT Growth Trend
Though all these research and statistics point to a significant growth of the
IoT in the near future, related to enterprises and services. However, the
transformation of traditional equipment and appliances to smart products
would definitely invite threats and vulnerabilities towards it. Securing the
IoT and its related services globally requires a security management system
to provision their networks with its safety and protection measures.
However, before that let’s discuss the building blocks of IoT.
1.2 Networking in the IoT device - The framework

The framework and working of IoT can be explained with the help of six
building blocks that provide an insight into the meaning and the functionality
of the Internet of Things. The elements of IoT include identification, sensing,
communication, computation, services, and semantics. Examples of each
element are illustrated in Table 1.1:
IoT Elements Examples

Identification Naming EPC, uCode
Addressing IPv4, IPv6
Sensing Smart sensors, wearable sensing device, actuators,
RFID tags
Communication RFID, NFC,UWB,Wi-Fi , BLE, LTE,Z-Wave
Computation Hardware Aurdino , Raspberry Pi,
Software Contiki, Tiny OS, Riot OS, LiteOS
Service Identity related, information aggregation,
Collaborative aware, Ubiquitous
Semantics RFD,OWL,EXI
Table 1.1: IoT Building Blocks and its Technology
1.2.1 Identification
Identification plays a key role in the Internet of Things where it identifies
and matches services as per the demand. Identifiers are used for
identification that ensures the correct composition and operation of the
system. The process of identification involves naming and addressing
schemes.
The naming scheme includes Electronic Product Codes (EPC) and
ubiquitous codes (uCode) as the object identifier (Object ID). Object ID
refers to the instance of the object, for example, “T1” is the object ID of the
temperature sensor 1, “T2” is the object ID of the temperature sensor 2, and
so on. An extensive illustration of IoT naming schemes are explained as
follows:
Electronic Product Codes (EPC): It is a universal identifier that
provides a unique code to every existing physical object. EPCs are
electronically encoded in barcode tags and in Radio Frequency
Identification (RFID) tags that identify and track objects in inventory
and assets. It is a 96-bit number that distinguishes two identical
products with their manufacturing date, origin, and batch number.
Objects equipped with RFID tags are grouped into classes with each
class having its own GS1 key. The GS1 key assigns and manages keys
and defines the data structure related to EPC data. GS1 keys include
the following code where GDTI stands for Document, GSRN stands
for Service Relation, GTIN stands for Trade Item, GRAI stands for
Returnable/ Reusable Asset, GLN stands for Location, SSCC stands
for Logistical Unit and GIAI stands for Fixed Asset.
The basic format of the EPC code is represented in Figure 1.3, where
Header is an 8-bit number that represents the version and partitioning
scheme. EPC manager is a 28 bit number that indicates the company
manufacturer, Object class identifies the type of product in 24 bits, and the
serial number indicates the instance of each product using a 36-bit number:
Figure 1.3: Electronic Product Code

Ubiquitous Codes (uCode): uCode is also an identification technique
that along with physical entity, identifies the content and information
that do not exist in the real world. To be more understandable, it can
identify abstract concepts, tangible objects, and places in the real
world, anytime and anywhere; for example, in tourist guide
applications, geospatial information applications, housing and real
estate, food, and drug traceability. It is a 128-bit length code that is
stored in a tag (uCode tag) such as in a bar code tag or an RFID tag.
The format of uCode is partitioned into five parts that include a
version of 4 bits, top-level domain ID of 16 bits, class-code of 4 bits,
second-level domain ID, and individual ID each of variable length.
The uCode structure is illustrated in Figure 1.4:
Figure 1.4: Ubiquitous Code
The naming of an object does not make it globally unique; for the global
uniqueness of an object, naming in addition to addressing is used.
The addressing scheme refers to the address of the object within the
communication network. In general, IPv6 and IPv4 addressing schemes are
used for address identification of the object. However, the resource
constraint IoT devices are not able to support IPv4 and IPv6 addressing
systems, thus in support of it, 6LoWPAN addressing scheme is used, which
provides a compressive IPv6 header in support of low power wireless
networks.
IPv4and IPv6 are covered in the computer network, so are not discussed in this
book.
6LoWPAN is discussed in detail in Section 1.7.2.
1.2.2 Sensing
Sensing in IoT refers to the gathering of data by related objects like sensors,
actuators, or any wearable sensing device. Data is collected from the
environment and forwarded to the data warehouse, or the cloud. The
gathered data can be as simple as a temperature reading or can be as complex
as a full video recording. Data is then analyzed and specific action is taken
based on the demanded services. IoT products such as Arduino and
Raspberry Pi are equipped with sensors, built-in TCP/IP, and security
functionality. They are directly used to collect, connect, and provide the
required data to customers as and when required.
1.2.3 Communication
Once the data is sensed and collected, it is then forwarded to the cloud or
processing unit for processing and analysis. Communication between devices
and cloud/processing units is established using IoT communication
technologies such as Wi-Fi, Bluetooth, Z-Wave, LTE, RFID, Near Field
Communication (NFC), and Ultra-Wide Band (UWB). A thorough
explanation of the mentioned communication technologies is provided
below:
RFID is the combination of tags and readers represented by a small
chip. The RFID reader relays the query signal to the tag and receives
the reflected signal back from the tag, which is then transmitted to the
database. The database is then connected to the processing center
where objects are identified based on the reflected signal within the
range of 10cm to 200cm. RFID tags can be battery operated (active
tags) as well as non-battery operated (passive tags). The best example
of an RFID application is Electronic Toll Collection (ETC).
Nowadays, vehicles are enrolled in the ETC program, which consists
of an RFID system, whenever the vehicle passes through the tolls, the
payment is done automatically without any delay. In case if; the
vehicle is not enrolled in ETC, then the system sends an event that
triggers the action like STOP/FINE.
Near-Field Communication (NFC) is a group of communication
protocols that works at a high-frequency band at 13.56 MHz and
carries data rates up to 424 kbps. It provides a low-speed connection
and is used to bootstrap the wireless connections. It can cover a range
of up to 10 cm. They are used in contactless payments such as credit
cards and electronic ticket smart cards.
Ultra-Wide Band is a radio communication that uses low-energy and
high bandwidth for communicating in short-range applications such as
high-sensor data collection, precision locating, and tracking
applications.
Wi-Fi is a wireless network protocol based on IEEE 802.11 standard
and is generally used in Local Area Networks (LAN) ranging within
100 m. It allows devices to communicate and exchange data via a
wireless router which is then connected to the internet. For example, a
home router.
Bluetooth (BLE) is a short-range wireless technology, where data is
exchanged between fixed as well as mobile devices. It uses short-
wavelength radio waves to minimize power consumption. Bluetooth is
managed by the Bluetooth Special Interest Group (SIG) which
provides low-energy Bluetooth with high speed and IP connectivity for
IoT devices. BLEs are used in smartphones, watches, cars, and so on.
LTE (Long-Term Evolution) is a wireless standard communication
protocol that is used to transfer high-speed data between mobile
devices based on GSM † (Global System for Mobile Communication)
and UMTS † (Universal Mobile Telecommunication System) network
technologies. It provides multicasting and broadcasting services,
which are improved in its advanced version (LTE-A); which supports
frequency up to 100MHz downlink, and uplink spatial multiplexing
with higher throughput and lower latencies. It is used for mobile,
fixed, and portable broadband access.
Z-Wave is also a low-energy wave wireless communication protocol
that is used for home/office automation and serves for lightning
control, thermostat, doors/windows lock, security systems, and so on.
Z-Wave supplies application layer interoperability among home/office
control systems of different manufacturers that are part of its alliance.
Detailed explanation of all these protocols is beyond the scope of this book.
1.2.4. Computation
Once the data is delivered to the cloud or processing unit, the actual
evaluation, and analysis of it take place. The processing unit constitutes
microcontrollers, microprocessors, System on Chip† (SOCs), and Field
Programmable Gate Array† (FPGAs), which signifies the computational
ability of the IoT system.
Like other computer systems, IoT systems too cannot run without an
operating system, as the hardware/processing unit alone won’t be able to
communicate and execute the program. Therefore, low-power real-time
operating system platforms are used in IoT that run throughout the time till
the device is activated. Some of the IoT-supported operating systems are
Contiki, TinyOS, LiteOS, and RiotOS.
Cloud platforms form another unit of IoT processing system where a huge
amount of data (big data) is processed and analyzed, and then finally relevant
knowledge is extracted as per the user’s requirement.
Details of the IoT operating systems are discussed in Chapter 23, Security
Products.
1.2.5 Services
When the data is processed and information is acknowledged, it is made
available to end-users through various IoT services. IoT services are
classified into four classes, named as Identity-related services, Information
Aggregation Services, Collaborative – Aware Services, and Ubiquitous
Services. Thorough explanation of the stated services is presented below:
Identity Related Services are used to provide identity to the real-
world objects that wish to be the part of the IoT system. For example,
Azure Identity Service is a package that provides furnishing and
cryptographic services to the IoT devices based on the Azure platform.
The package includes identity service, key service, certificates service,
and Trusted Platform Module (TPM) services. Identity service
certifies the identity of the device, key service holds the cryptographic
keys for encryption, decryption, and digitally signing of the
documents, certificate services issues certificate to the issuer and at
last, TPM services allows the caller to endorse and store root keys,
activate new identity key and sign data using stored identity key. This
service allows the caller to access the TPM module and expose the
APIs which hinders the integrity of the stored keys.
Information Aggregation Services aim to collect and summarize raw
sensory data that is processed and reported to the IoT applications as
per the requirements. For example, in smart healthcare applications,
sensors and actuators in patients’ bodies or monitoring systems collect
the status of the patient and then remotely send it to the processing
center, where it is studied and analyzed to take suitable actions.
Collaborative-Aware Services act on top of information aggregation
services and utilizes the obtained data to make decisions and behave
accordingly. For example, in a building automation system, data such
as temperature, humidity, and so on., collected by sensors and
processed by the processing unit may at times generate a blinking or
alarm in a dishwasher or cooling/heating system indicating that there
is a problem that needs urgent maintenance.
Ubiquitous Services directs to provide collaborative-aware services
anytime, anywhere, and to anyone. The utmost goal of every IoT
application is to provide ubiquitous services. For example, an
intelligent transportation system, whose main aim is to achieve
reliability, availability, efficiency, and safety of transportation
infrastructure.
1.2.6 Semantics
Semantics refers to the smart extraction of knowledge so that the devices
interact and behave unambiguously. It includes the selection of the right
technology and the right resources at right time. It is supported by the
Resource Description Framework (RDF)† and Web Ontology Language
(OWL)†. Efficient XML Interchange (EXI)† is one of the popular
examples of OWL language, which is designed in the context of IoT and
optimizes the XML applications for resource-constrained IoT devices. It
reduces the bandwidth of the application and minimizes the storage size
without affecting battery life, code size, and energy consumption.
1.3 Need to secure IoT - Its limitations

Today, securing IoT and its data is a major challenge for every connected
organization. Although applications of IoT are a boon to large- and small-
scale enterprises and humans, the amount and type of data generated in IoT
applications by IoT devices if not secured will be a greater risk to consumers
and operators. This can be illustrated with help of examples:
Wearable technology includes wearable and medical devices such as
smartwatches, health monitors, wireless pacemakers, wireless insulin
pumps, and so on. Data collected and transmitted by these devices
contain personal as well as detailed health information of the wearer.
In case if the attacker gains the remote control of the device, then it
can leak its private information and can potentially harm or kill the
wearer by malfunctioning the devices like pacemakers or insulin
pumps.
Home security and home automation systems are nowadays
becoming extremely popular. When attacked and compromised may
lead to privacy risks like attackers can gain access to video
surveillance inside or outside the home, motion or electric sensors in
the home can give valuable information that no one is at home
resulting in theft and safety of the home.
A real-life incident of a compromised IoT home device took place in 2014, when
security researchers of BLACK HAT USA, found a defect in the NEST
thermostat. The NEST thermostat was used in controlling the room temperature
and minimizing the heating and cooling bill by 10 to 20 %. However, BLACK
HAT indicated that the NEST thermostat can be effortlessly compromised using a
micro-USB cable that can install a backdoor within 15 sec whenever an attacker
gains physical access to the device and once the device is compromised, an
attacker can gain easy access to the homeowner and his connected devices.
Smart Connected Cars is another example of a sensor-enabled IoT

network that has provided an efficient and comfortable driving
experience to users and manufacturers. In addition to providing a rich
array of real-time and live-entertainment services, it has contributed to
the development of powerful and new applications as well; for
example, over-the-air applications, whose aim is to remotely update
the car’s firmware and software, including fixing bugs and errors.
However, these smart connected cars present a security risk to
consumers and manufacturers related to their theft, privacy, and
productivity. Risk can enable the attackers to remotely take control of
the vehicle and dominate it according to their desire. For example,
attackers can disable the brakes, shut off the engines, or can take
control over its navigation and other systems. Besides, the keyless
feature of smart cars; allow attackers to steal vehicles without breaking
its window or their ignition system.
A practical loophole in smart cars was observed by security researchers in 2013,

where they were able to compromise the Chevrolet Corvette car by just
forwarding a text message. The malicious text message had activated the car’s
windshield wiper and had anonymously cut its brakes resulting in the fatal
accident.
Smart Meter is the IoT metering device connected to the Internet and
is used for monitoring and billing resource consumption such as
energy, water, gas, and so on. It enables real-time bilateral
communication between the service provider and their customers. As
with other IoT devices, smart meters suffer from safety, threats,
privacy, and productivity. Besides this; it has the threat of secure
communication and data management. In case, if an attacker
compromises the meter database and its communication network, then
he can easily gain access to the power grid and its components. The
damaging power grid may result in destroying the individual health
and bank balance.
As per the reports published by Brian Krebs in 2009, it was reported that
employees of Puerto Rico Power Company were illegally paid to reprogram the
devices to show incorrect results leading to large-scale electricity theft.
The examples studied above conclude that consumers, operators, enterprises,

and users are affected by attackers in four different ways, that is, theft,
privacy, safety, and productivity. All this is because of the uncertainties in
IoT system, which is due to the following reasons:
Reason 1 - Constrained system resources

The Internet of Things are supported by devices having limited memory and
processing capabilities. They are designed to be cost-effective in nature by
yielding maximum data output with minimal input power. However, the
security protocols such as symmetric-key cryptosystems which provide
strong security features suffer high computational overhead therefore not
applicable for resource constrained devices. Besides, the implementation of
other cryptosystems when executed in a harsh environment, that is, in
presence of strong attackers, then can be easily hacked and cracked.
Therefore, the design and development of lightweight security protocols will
always be a major challenge for IoT security.
Reason 2 - Device Heterogeneity

As per a recent report, the number of IoT devices in 2030 will be
approximately 24 billion. Maintaining and managing this big IoT data
paradigm is a difficult task since it suffers linking and communication
between a variety of device vendors and their network technologies, often
known as heterogeneous IoT systems. Connected devices have varying
technologies that may or may not be compatible with each other. Driving the
compatibility among devices imposes security challenges like the generation
of massive heterogeneous IoT traffic; detection and selection of only the
relevant traffic from this massive data gives an opportunity to attackers to get
hold of the IoT devices and systems. For instance, in September 2016,
French WebHost and its cloud service provider OVH† were connected by
more than 4,00,000 vendors/technology-specific IoT devices. It was hijacked
by Mirai malware that launched the DDoS attack by generating about 1Tb/s
of DDoS (faulty) traffic and blocked all the existing services; compelling the
breakdown of the network.
Reason 3 - Interoperability in IoT

As discussed above, the IoT network comprises heterogeneous devices that
have different communication technologies, protocols, and data formats,
which require a common platform to jointly support all the needs. The
establishment of this common platform is referred to as interoperability
where the successful communication among heterogeneous devices is done
to achieve a common goal. Several measures have been taken to achieve
interoperability; for instance, Ponte, the software offers open APIs to the
programmer that enables an automatic conversion between various IoT
application protocols such as CoAP and MQTT [6].
Though interoperability binds different types of devices together, at times
security is observed to be conflicting with interoperability. A highly
interoperable IoT system allows all devices to communicate irrespective of
its benevolent and malicious nature. Thus, the interoperable infrastructure if
not secured will attract and persuade intruders towards it.
Reason 4 - Over-the-Air firmware update

Firmware is the heart of smart devices that enable smart operations, edge
intelligence, the device-to-cloud connectivity, and device security. They are
essential for patching the vulnerabilities but require regular updates. Unlike
any other network, where devices can be updated manually, IoT makes
manual updates unfeasible and impractical since they are deployed and
connected to objects located in remote areas; for instance, in a connected car,
pacemakers, airplanes, and so on. Therefore, Over-The-Air (OTA) updates
via the Internet are involved, where the updated codes are deployed and
installed wirelessly to the devices without the interference of any human or
underlying hardware connection. Though OTA provides automatic firmware
updates but is not safe and reliable, since the updates via the Internet form an
unprotected attack surface where attackers can easily exploit and intrude the
network, compromise the data, and can even take control of devices by
launching malicious code in form of updates. According to OWASP† 2021
(Open Web Application Security Project), the firmware update mechanism is
one of the top 10 vulnerabilities affecting IoT security [7].
1.4 Cyber security versus IoT security and cyber-physical

systems
Till now we have discussed “What an IoT system is?”, ”What are its building
blocks?”, ”How does it work?” and “What is the need to secure it?” Before
considering its security architectures, technologies, and frameworks, let’s
understand the difference between cyber security and IoT security since the
term “cyber security “is the most commonly used term when security in any
network is considered.
Cybersecurity is the traditional security measurement of the network that
includes data/information security, software programs, and applications
security from unauthorized access. It is a collection of processes, protocols,
and practices that protects data, servers, and network infrastructure from any
malicious attacks implemented either intentionally or unintentionally.
On the contrary, IoT security is a combination of cybersecurity with some
engineering principles like sensing, communicating, and analyzing. In
addition to cyber security features, it includes the monitoring and controlling
of the state of the physical systems connected over the Internet. Besides
assuring the basic security principle like confidentiality, integrity, non-
repudiation, and so on, IoT security also involves the protection of physical
resources and machines that originate and receive IoT data in the physical
world.
Other than IoT systems, Cyber-physical System (CPS) is another buzz in
this emerging technology. It is similar to IoT, it includes sensors, actuators,
monitoring/control systems, and so on., except that it is not necessary that
they all have to be connected to the Internet. In other words, CPS can
achieve its objective by remaining isolated from the Internet, unlike IoT,
which can attain its objective only when connected to the Internet:
Though we say CPS can work without the Internet but is somehow connected to
the Internet, it can be through the supply chain, operating personnel, or can be by
any software patching system. It can be illustrated with the help of Figure 1.5:
Figure 1.5: Cyber Physical System Vs Internet of Things

1.5 IoT architecture
IoT architecture is a way of designing various elements of IoT so that
appropriate services could be delivered whenever and wherever required.
While designing the framework, following factors were taken into account:
Technical factors: It includes sensing techniques, communication
mechanisms, and networking technologies.
Security factors: It includes maintaining confidentiality, integrity,
privacy, and protection.
Business factors: It includes business modeling and business
processing.
It’s been observed that the three-layer IoT model (Figure 1.6a) was the most
common but due to the increasing demand and growth of IoT all around the
world, three layers were not enough to explain the IoT system, hence an
additional layer was introduced to describe the IoT system. Discussion and
analysis state that any IoT environment consists of four important layers:
perception layer/sensing layer, network layer, service layer/processing layer,
and application layer/interface layer (Figure 1.6b):
(a) Three Layer (b) Four Layer IoT Architecture Model

IoT Architecture
Figure 1.6: IoT Architecture
Layer 1 - Perception/Sensing layer

This layer is integrated with IoT-end devices and is responsible for sensing,
collecting, and processing environmental parameters such as lightning,
temperature, and so on. This includes sensors and actuators to perform
different functions such as querying temperature, location, humidity, and so
on. The layer digitizes the information and transfers it to the next layer that is
network layer.
Layer 2 - Network layer

This layer is responsible for transmitting the sensor data from the perception
layer to the processing layer and vice versa. Data can be transferred through
wired or wireless networks such as wireless 3G, LAN, Bluetooth, RFID,
NFC, and so on.
Layer 3 - Service/Processing layer

This layer is also known as the middleware layer and is responsible for
storing, analyzing, and processing enormous amounts of data through
technologies such as databases, cloud computing, and big-data processing.
This layer is accountable for providing a diverse set of services to the lower
layers as well as upper layers including users and applications.
Layer 4 - Application/Interface layer

This layer is responsible for delivering high-quality smart application-
specific services to the user. For instance, it provides measurements like
temperature and humidity to the user who asks for it. The application layer
covers various markets like smart homes, smart buildings, transportation,
industrial automation, and smart healthcare.
1.5.1 Security threats in IoT architecture layers

The open-ended behavior of IoT towards the Internet has made them
vulnerable to threats and attacks. Attackers, usually launch malicious code
and threats, and aim to get control of all the devices and technologies used in
each architecture layer. Each of these layers uses multiple technologies that
introduce several security issues and threats. This section features the
possible security threats in each of these four layers:
Security threats in the perception/sensing layer
This layer includes various types of sensors that perform varying
functions such as motion sensors (Accelerometer, Acceleration Sensor,
Gyroscope) which are responsible for measuring the momentum and
acceleration, the environmental sensor (Light Sensor, Proximity
Sensor, Temperature Sensor, Barometer) measures light, temperature,
and humidity, position sensors (GPS, Magnetic Sensor) are used for
navigation and measurement of earth’s magnetic field. All these
measurement sensors have limited power, resources, and memory;
thus, are vulnerable to threats. Attackers can easily have access to
information, malware can easily be induced and devices can be
effortlessly compromised. Possible threats to this layer are illustrated
in Table 1.2:
Threats Explanation
Information Theft of personal information such as location, private

Leakage picture or videos and so on.
Malware Injection of malicious software which is designed to
Injection disrupt, damage or gain unauthorized access.
Power analysis Information is extracted from the active sensor by
attacks & exploiting power consumption and electromagnetic
emission of the device.
Electromagnetic
emanation
attacks
Denial-of- Adversary makes network resources unavailable to its
Service (DoS) intended user by temporarily disrupting the services of a
host connected to the Internet.
Table 1.2: Threats and protection methods for perception layer
Security threats in the network layer
The network layer comprises technologies like RFID, NFC, Bluetooth,
zig-bee, and 6LowPAN. All these technologies are often limited in
terms of storage, transmission range, and data rate and are vulnerable
to various threats. Devices with RFID suffer from a deficiency of
authentication, DoS attack, and confidentiality. NFC suffers from
eavesdropping, unauthorized manipulation of data, and MitM attacks.
Bluetooth technology though provides different modes of protection
still suffer from threats like Surveillance, Fuzzer, range extension, and
so on. Unauthorized traffic gathering, packet decoding, and data
manipulation are some of the security threats to ZigBee technology.
6LowPAN technology is one of the best-suited technologies for IoT
networks but is vulnerable to attacks such as Sybil attacks, wormhole
attacks, and so on. Table 1.3 summarizes some of the possible attacks
in the transport layer:
Threats Technology Explanation

involved
Tag/ID Cloning RFID The attack generates replicas of

6LoWPAN genuine tag/ID and impersonates
itself as actual tag/ID to gain illegal
access.
Replay attack RFID In this attack, valid data transmission
is repeated or delayed to misdirect
the receiver.
Man-in-middle RFID , Attackers secretly relay or alter the
attack Bluetooth communication between two parties.
De- RFID Memory tag and back-end database
Synchronization are synchronized to block the
Attack communication between two parties.
Eavesdropping RFID,NFC Theft of information is transmitted
over network.
Information RFID,NFC Theft of personal information such as
leakage location , private picture or videos
and so on.
Surveillance attack Bluetooth To gather unwanted information
Range extension Extending the range of network to
attack execute the attack.
Obfuscation attack To hide the identity of the attacker.
involved
Fuzzer Responsible for breaking the

communication between two parties.
Sniffing Extraction of unencrypted data
traffic.
Malware Injection of malicious software
which is designed to disrupt, damage
or gain unauthorized access.
Unauthorized Unauthorized collection of personal
direct access data.
(UDDA)
Unauthorized ZigBee Unauthorized accessing and
traffic gathering, alteration of data traffic.
packet decoding
and data
manipulation.
Sybil Attack 6LowPAN Node in the network operates
multiple identities actively at the
same time and misuse the reputation
system
Wormhole Attack In this attack, a malicious node
entraps the packets from a single
position in the network and tunnels it
to another malicious node located at
a far distance.
Blackhole Attack It is a type of packet drop attack
where instead of relaying the packet
router discard it.
Alternation and Adversaries impersonate themselves
Spoofing Attack as normal device and launch attacks
against network hosts to steal data,
spread malware and gain illegal
access.
involved
Sinkhole Attack Malicious node attracts and captures

the network traffic by advertising its
fake routing updates.
Selective In this attack, attackers refuse to
Forwarding Attack forward the packet by dropping it.
Denial of Service Bluetooth Adversary makes network resources
Attack 6LowPAN unavailable to its intended user by
temporarily disrupting the services of
a host connected to the internet.
Table 1.3: Threats and protection methods for network layer
Security threats in the service/processing layer
The rapid evolution and high acceptance of technologies like big-data
processing and cloud computing in the middleware layer had led to the
involvement of several threats and vulnerabilities in the service layer.
This layer suffers from data leakage, data segregation, and indulgence
of the cloud in malicious activity, and so on. Threats in the processing
layer are summarized in Table 1.4:
Threats Explanation
Flooding This attack is similar to DoS attacks in the cloud where an

attack in attacker continuously sends multiple requests to deplete cloud
cloud resources.
Cloud An attacker obtains control and injects malicious code into the
Malware cloud.
Injection
Man-in- An attacker gets complete hold of all communication without
middle any knowledge to clients.
attack
SQL An attacker embeds malicious SQL statements in a program.
injection
attack
Table 1.4: Threats and protection methods for processing layer
Security threats in the application/interface layer
The increasing services in the application layer had proportionally
expanded the threat like software bugs, backdoor attacks, malicious
code attacks, SQL injection, data theft, and so on. Services provided
by this layer can be simple (time monitoring) as well as critical
(medical care). Table 1.5 illustrates the threats in the application layer:
Types of Examples Thre

applications
Mission Navigating Data t

critical system of an
applications aircraft or DoS a
vehicle. Unaut
Safety Failure of access
critical chemical contro
applications manufacture attack
Critical applications plant, failure
of any health
device like
pacemaker.
Security Failure of
critical security
applications system or
firewall
Consumer Based Smart Smart Sniffin
Applications Home and lightning, attack
its security smart lock ,
smart security Data t
system. Acces
Personal BP and contro
Health care diabetes attack
measurement
tool.
Wearable Smart watch
technology
Types of Examples Thre
applications
Personal Blackberry
assets or pet radar(assets),
tracking AIRcable
Gateway,
Yepzon GPS
tracking
device (pets)
Periodic Environmental Sniffin
monitoring monitoring, attack
apps water level
Time monitoring Data t
specific Malw
Event based Theft control,
applications injecti
monitoring controlling of
apps home devices Repro
such as AC - attack
ON/OFF
Only GPS location
monitored monitor,
apps Personal
health care
Monitoring monitoring
applications devices
Monitored When
Control apps with unfamiliar
specific manual data is
monitoring control collected
applications Monitored Intervention of
apps with the rule-based
automated approach such
control as setting rules
for
temperature,
pressure for
different
carriage goods
Table 1.5: Threats and protection methods for application layer
1.5.2 Security requirements in IoT architecture layers

The basic requirement of the IoT architecture is that all devices should be
appropriately connected to each other. They should be able to perform all
types of tasks; that can be as simple as sensing and storing or can be as
complex as automating and decision making. Besides IoT should provide
applications having strong security protection; for instance, during an online
transaction, the IoT system should be able to maintain the integrity and
confidentiality of the information. Security requirements in each and every
layer is discussed as follows:
Security requirement in device sensing layer
Devices in the sensing layer suffer from authentication, authorization,
and identity management. In addition, the low-power nature of IoT
devices has invited DoS attacks, malware attacks, and information
leakage. Important security requirements in this layer are the designing
of standard light-weight security solutions that support device identity,
availability, access control, authentication, and selection of trusted
devices for back-and-forth communication. In addition, it also needs
the installation of security controls that maintain the interoperability
and scalability of the devices, since devices in an IoT system are added
swiftly and dynamically. Furthermore, security proposals must also
support the protection of devices and data from physical actions or
events that can cause physical damage to devices within this layer.
Security requirement in the network layer
The network layer receives the data from the device layer and then
routes it to the required destination through a different communication
medium. The major security requirements in the network layer include
confidentiality, privacy, integrity, authentication, key protection, and
technological availability. It requires the development of a lightweight
secure communication protocol that transmits data from one end to
another such as to the cloud or servers and supports the scalability and
mobility of devices within the networks. Further, for the over-
connected network layer; the prevention of DoS attacks and Man-in-
middle attacks are of major concern. In addition, key security is
another major requirement in the network layer.
Security requirement in the service layer
It is the middleware layer in the IoT architecture and provides standard
services to enterprises and consumers. The key security requirements
in this layer include service authentication, authorization, key security,
and availability of services at the required time. The service layer also
includes the security of IoT applications from illegal and unsubscribed
services. Other essential requirements of this layer are prevention from
privacy leakage, DoS attack, replay attack, and repudiation attacks. In
addition, the design of service protocols should support interactions
without unnecessary overhead.
Security requirement in the application/interface layer
The IoT application layer provides a wide variety of applications to the
users ranging from simple applications like monitoring temperature to
critical applications like defense and healthcare services. The
significant security requirements of this layer involve remote safe
configuration, secure downloading and uploading of software, secure
firmware updates, and secure administrator authentication. In addition,
this layer requires communication security, which includes the
confidentiality and integrity of information between layers that entails
different applications. Further, the design of applications should be
scalable that is single application should have the ability to include a
vast variety of services without any degradation in the QoS.
Summarizing the section, Table 1.6, outlines some notable security
requirements in different layers of the IoT security architecture:
Architectural Security Requirements

Layers
Device Light-weight solutions/Support for device

sensing layer identity/availability/access
control/authentication/heterogeneity/interoperability/scalabilit
Network Require confidentiality/privacy/integrity/authentication/key
management protection/technological availability/light-weight secure
layer communication protocol/
Scalability/mobility of devices
Service layer Service authentication/authorization/key
security/availability/security from illegal and unsubscribed
services/prevention from privacy leakage, DoS attack, replay
attack and repudiation attacks
Application Remote safe configuration/secure downloading and uploading
layer of software/secure firmware updates/secure administrator
authentication/secure communication/confidentiality
/integrity/scalability /QoS
Table 1.6: IoT Security Requirements
1.6 Authorization and authentication requirement in IoT

Other than the requirements discussed in Section 1.5, it is perceived that
authorization and authentication are the heart of security requirements. So,
every object and user within the system must have valid authorization and
authentication space.
Authorization is the process that is used to determine whether an entity
(user or device) can access the provided resources or not such as whether it
can read or write, whether can execute the program, or can control sensors,
actuators, and so on. It also includes denying and revoking access to anyone
(especially the malicious ones) within the network.
Authentication is the prerequisite of authorization and is used to identify the
identity of objects or devices or endpoints of the network. Basically,
authorization is not possible without authentication because if we do not
know the identity of the object then it is not practical to grant or deny access
to that object.
Authentication and authorization are based on trust. For instance, when we
verify someone by checking their ID, then we must first trust the issuer of
that ID such as a government authority, in this case, illustrated in Figure 1.7:
Figure 1.7: General Authorization method
A similar analogy is applied to the network system, where the Certificate
Authority (CA) is responsible for establishing trust between the two
communicating parties. It can be illustrated with the help of the diagram in
Figure 1.8, where the trust is established between the browser (client) and
the bank (server) with the help of the central CA:
Figure 1.8: Authentication in Network System

The browser before trusting the bank verifies its identity using the bank’s
certificate, issued by CA and then initiates the communication with the bank
server. The bank’s certificate (a token for authentication) is issued and signed
by CA, which includes the server’s public key for its identification.
Whenever the browser (client) tries to connect to the bank, the bank server
presents its certificate to it. The browser then verifies the bank’s certificate
using CA’s database and if the verification succeeds, the browser establishes
its trust and initiates its communication with it.
Indeed, certificates are not only the way of authentication; passwords are the
most common and easy method of authentication used nowadays. For
additional security, we often use two-factor authentication and fingerprints
for authenticating devices, servers, and users.
Authentication will be further detailed in Chapters 13, Preventing Unauthorized

Access to Sensor Data and Authentication in IoT and Chapter 15, Identity and
Access Management Solutions for the IoT
1.6.1 Insufficient authentication/authorization in IoT

As discussed, authorization and authentication are mandatory requirements
for keeping attackers away from the network system. Authorization in IoT is
generally done by using a similar set of credentials that are stored in a
secured storage area. Negligence in authorization may result in illegal access
control by malicious actors that may tend to hinder the safety and privacy of
the system. In addition, insufficient authentication may also invite new
threats and attacks that could exploit the vulnerabilities of the system.
Therefore, individuals, businesses, and enterprises must keep the following
aspects in mind:
Individuals should avoid:
Unlawful remote monitoring offered by small-scale IoT devices.
Inappropriate access to the IoT metadata, IoT network, and its
geographic location.
Unauthorized tracking of individual’s location through use of tracking
pattern such as time and duration.
Businesses/enterprises should avoid:
Unauthorized manipulation of financial transaction as depicted in
Point-of-Sale(POS) document.
Monetary loss due to inability of authorized services.
Theft and destruction of IoT assets due to lack of physical authorized
security controls.
IoT devices should avoid:
Giving unauthorized access to attackers that illegally update the
software and firmware of IoT embedded devices; for example,
embedded devices in cars, houses and healthcare.
Using compromised IoT edge devices that have an unauthorized
access to the enterprise network.
Attackers from launching botnet attacks that is, devices should avoid
their connection with malware infected servers, PCs, or any other IoT
devices.
1.7 Security in enabling technologies behind the Internet of

Things
The dreams of a smart and automated future are not possible until we
acknowledge and secure the myriads of IoT technologies. The technological
maze of IoT is diversified and includes numerous security solutions that can
be layered into hardware security, software security, communication security,
and network security. Hardware security includes security in identification
technologies, software security inculcates security in the program that
integrates the hardware with its wired or wireless networks, security in
communication incorporates securing in linking and tracking technologies
like RFID, NFC, LTE-A, and so on, and lastly, network security comprises
securing the homogenous as well as heterogeneous IoT network.
1.7.1 Security in hardware technologies - Identification

Identification is the basic building block of the Internet of Things, where
each object or hardware is provided with its proof of identity to connect and
exchange information within the same or different domain. RFID Tags,
barcodes, EPC, biometrics, and computer vision are the basic IoT
identification hardware technologies. Securing these elements is an
elementary requirement because if an unidentified object gets scanned or
connected, then it may result in jeopardizing the system. Mechanisms and
methods used for securing identification technologies are listed below:
Signal Theft can be reduced by implementing light-weight
cryptographic challenge-response authentication, 128-bit AES, triple-
DES, and SHA-2 algorithms, though it adds cost to the system.
Security can be provided by manufacturers themselves, for example
RFID manufacturers can provide RFID of class EPC G1 and G2 for
ensuring confidentiality, integrity, and availability in the identification
system.
The execution of malicious codes by hackers can be prevented by
sealing the RFID tag’s writable memory.
Barcode scanners should be equipped with firewall technology, to
prevent hackers from gaining access to it.
Whenever an invalid barcode is scanned, immediate action should be
taken to minimize the potential risk.
Biometrics used for identification should be provided with a
lightweight authentication mechanism.
Biometric data can be protected by using anti-spoofing technology
against unauthorized users.
The use of strong internal and external passwords with strong cyber
security processes can be used to prevent the hacking of biometric
data.
Machine learning algorithms like random forest and supervised
learning are utilized to identify the devices generating malicious traffic
within the network domain.
1.7.2 Security in software technologies: Integration of WSN and

RFID
WSN and RFID are the two key technologies that have attracted
considerable attention for ubiquitous computing in the Internet of Things.
RFID is used to provide a unique identity to the objects and WSN is used to
give the surrounding information about the object. The deployments of these
two technologies complement each other and their integration provides an
excellent infrastructure that collects, processes, and distributes data in a
dynamic environment. Their integration also helps in providing the identity
and location of an object along with the information stating the condition of
the object that is attached to the sensor-enabled RFID tags. In addition,
combining WSN with RFID increases the range of RFID readers from 100 to
200 m, which is beyond the normal range. Besides it also adds the multi-hop
functionality to the RFID application that extends its capability to be
operated in a wider area such as in healthcare systems, complex decision-
making systems, and smart civic systems (transport, cities, or water supply
systems).
Like any other system, integration of WSN and RFID also faces security
challenges like privacy, authentication, secrecy, secure routing, key
establishment, and robustness against DoS and reply attacks†. Therefore,
there is an intended need that the system designer should consider the
following security aspect while integrating RFID with WSN:
Critical data should be kept in a back-end server which should be
highly secured.
Secure secret keys and light-weight cryptographic protocols should be
designed to prevent attacks.
Since DoS attacks are most common in WSN, a jamming (DoS)
resistant network should be designed; this can detect and map the
affected region and then can route the data around the jammed area.
Tags cloning attack is another problem in the integration of these
technologies. To avoid this attack, a stored secret key can be shared
among system components during the authentication process, to make
it difficult for attackers to predict it.
1.7.3 Security in communication technologies - tracking,

monitoring, and communicating
Communication is another major building block of the IoT environment,
where devices communicate with each other to deliver desired services
anytime, anywhere like tracking and monitoring consumers and
organizations. However, the open-ended and resource constrained nature of
IoT communication has given rise to security and privacy issues that are not
yet well addressed.
The primary requirements of secure communication include authentication,
availability, integrity, and confidentiality. Addressing and designing these
requirements is of utmost importance since it forces hackers to draw back
themselves before they succeed.
Some of the major communication protocols (discussed in Section 1.2.3) and
their security features are as follows:
RFID: Security in RFID is provided with different classes like EPC
class G1 and G2 that are equipped with manufacturers provided
Confidentiality, Integrity, and Availability (CIA) security features.
NFC: NFC is used for payment and ticketing that attracts hackers and
fraudulent towards it. To secure NFC from being attacked, a secure
channel should be used with standard key-agreement protocols to
protect it against eavesdropping, data modification, and man-in-middle
attacks. The NFC secure channel is capable of yielding CIA security
features.
Ultra-Wide Band: UWB operates at a very high frequency and uses a
wide spectrum (above 500MHz) to communicate with low-power
devices. UWB in itself is equipped with secure ranging capabilities
that account for its accuracy and stable connectivity with little or no
interference. It protects the system against relay attacks and provides
access only to the authorized user.
Wi-Fi: Wi-Fi can be protected by setting the strong router’s password,
hiding its admin credentials, strengthening the encryption, using of
firewall, keeping firmware updates, and limiting the use of the public
network.
Z-Wave: Z-Wave communication protocol is supported by the Z-Wave
security layer that provides message integrity, confidentiality, and data
freshness that is it sends only updated data. It ensures end-to-end
security at the application layer and provides prevention, detection,
and reaction features against malicious attackers.
Traditional IP Technologies: IP technologies include IPV4 and IPV6
which provide security to every connected device. The IPsec feature of
IPV6 includes an authentication header that ensures authenticity and
integrity within the network. In addition, the encapsulated security
payload accounts for data confidentiality.
Security in network technologies: network function

The network is the interconnection of devices, where they communicate and
collaborate to fulfill the desired needs of consumers and enterprises. IoT
network is considered to be a heterogeneous network that requires
multifaceted security solutions against attacks and intruders. For ensuring
confidentiality, integrity, and security within the network following actions
can be considered:
Only the identified devices should be connected to the network.
A strong abnormal detection mechanism should be implemented.
Powerful security policies should be enforced that should be followed
by all the connected devices. For instance, if connected cameras are
allowed to talk only to the administrator, then the network should be
forced to follow it.
Only the trusted devices within the network should be allowed to take
part in communication, thus a strong trust management technique
should be developed.
A low-power and strong intrusion detection and mitigation mechanism
should be implemented to mitigate intruders from the system.
1.8 IoT networking protocols and its security

As a normal network domain, the IoT domain comprises various protocols at
a different layer. This section gives a brief introduction to each protocol,
along with its security features.
1.8.1 Application protocol
The application layer is the highest in the IoT architecture from the client
end. It is the association between the end devices and the network and is
implemented through a dedicated application at the device end. IoT has
provided various application layer protocols which are explained below [8].
Constrained Application Protocol
Constrained Application Protocol (CoAP) is a web transfer protocol
that is designed for constrained hardware. It redesigns the HTTP to
reach the IoT requirements like low power consumption and operates
in the presence of lossy and noisy links. Like HTTP, it follows the
client-server architecture. CoAP makes use of Confirmable and Non-
Confirmable messages. Figure 1.9 depicts the flow of these messages
in a constrained environment. a) For confirmable messages, the client
needs to respond with an acknowledgment after receiving the data
packet. b) In the case of non-confirmable messages, the client sends
data without waiting for Acknowledgement (ACK) [9].
Figure 1.9: a) Confirmable message b) Non-Confirmable message

Security in CoAP protocol: CoAP is by default bound to unreliable UDP
transport where messages may be redundant, out of order, or maybe missed.
So, there is a need to provide a security layer to this protocol. The protection
layer in UDP is provided by binding Datagram Transport Layer Security
(DTLS) to CoAP. DTLS provides three security modes -PreSharedKey
mode (this mode is enabled by preprogrammed sensing devices with
symmetric cryptographic keys), RawPublicKey mode (this mode is enabled
by a pre-provisioned list of keys that initiate a DTLS session without a
certificate), and Certificate mode (it supports authentication based on public
key and devices that have X.509 certificates is validated in certificate mode)
[10].
Message Queue Telemetry Transport
Message Queue Telemetry Transport (MQTT) is a lightweight
messaging protocol and uses the publish/subscribe protocol for
communication. It is based on the TCP-IP protocol and is designed to
operate at a limited bandwidth. It consists of three components –
publisher, subscriber, and Broker. An interesting device that wants to
have information regarding a specific topic, registers itself as a
subscriber to the broker. The publisher acts as a generator of the
interesting topic which is then transferred to the subscriber through a
broker. Furthermore, the broker achieves security by checking the
authorization of the publishers and subscribers [11]. As per the current
application, MQTT is used in the Facebook Messenger application and
allows delivering messages in a minimum span of milliseconds,
irrespective of internet connection. MQTT consumes low power thus
prevents the draining of smartphone batteries. Figure 1.10 depicts the
architecture of the MQTT protocol with the publish/subscribe process.
Security in the MQTT protocol: There is no security mechanism
imposed in the MQTT protocol as it is designed to be operated in a
secure network. For authentication, SSL/TLS encryption is used in
handshaking. The client validates the server certificate, which states
that it verifies its identity to authenticate it. Similarly, for client
authentication, client certificates are used by the broker to authenticate
it. This protocol cannot be created globally because complexity
increases with an increase in topic size and in the case of poor
application design, hackers inject harmful messages into the network
with ease. Therefore, a proper security feature should be implemented
on top of MQTT. Though SSL/TLS is used but is a quite expensive
protocol for resource-constrained IoT devices.
Figure 1.10: MQTT architecture
Extensible Messaging and Presence Protocol (XMPP)
It is an XML-based messaging protocol and is used for real-time
communication like instant messaging, multi-party chat, voice and
video calls, collaboration, content syndication, and so on. The devices
that want to communicate can have one or more nodes and each node
has several informational fields that are readable as well as writable.
The nodes who need to get the updates of other nodes are required to
send a friend request to that node and once the request is accepted, it
can receive the updates from the other node. If another node also needs
to get the updating; the same process is repeated. The data in XMPP is
communicated between the nodes on one to one basis where a node
can read or write field values in the other node [12].
Security in the XMPP protocol: Unprotected XMPP systems are
vulnerable to eavesdropping, sniffing passwords, spoofing users, man-
in-middle attack, and more. The XMPP community has failed to
produce an end-to-end encryption solution that is suitable for
widespread implementation and deployment in IoT. As mentioned by
Internet Engineering Task Force (IETF), authentication in XMPP is
supported by the Simple Authentication and Security Layer
(SASL), which provides a set of authentication methods from which
the client can choose any of the best-fit methods according to its need.
For peer authentication, IETF recommends SCRAM-SHA-1 or
SCRAM-SHA-1-PLUS, which protect against man-in-the-middle-
attacks, spoofing, and unauthorized access. For transport security,
IETF recommends TLS support, where the stream of data is encrypted
using the TLS protocol that prevents tampering and eavesdropping.
1.8.2 Network Layer Protocols: 6LoWPAN

This layer is accountable for addressing and routing data packets. Here, data
received from the above layer are encapsulated in data packets and delivered
to their destinations using the IP address. IPv6 addressing scheme is used for
addressing but to support low power IoT devices, 6LowPAN protocol is used
above the IPv6 layer, and for providing routing services, the RPL protocol is
used.
IPV6-based Low power Personal Area Network (6LowPAN)
This protocol is a modified version of IPv6 that implements the IP
protocol in resource-constrained IoT devices. The standard provides
header compression to reduce the transmission overhead,
fragmentation to meet the IPv6 Maximum Transmission Unit (MTU)
requirement, and then forwarded to the link-layer to support multi-hop
delivery [13], [14].
Security in the 6LowPAN protocol suffers from identification where
forging or duplicating of the EUI-64 interface is done. Another
problem of 6LowPAN is the compression of UDP from 16 bits to 4
bits, which increases the possibility of applications receiving the
wrong type of payload or message. The solutions proposed for the
above problems are the acquisition of IPsec over 6LowPAN, the
designing of the compressed secure header for the existing
Authentication Layer (AH), and Encapsulating Security Payload
(ESP) for the transport mode. To protect 6LowPAN from packet
fragmentation attacks, a new field is added to the fragmentation header
that provides security against unidirectional and bidirectional fragment
replays. Authentication in this protocol is achieved by key
management.
1.8.3 Routing /Transport Layer Protocol - RPL

Routing protocols are necessary for the successful delivery of information.
They are the set of rules that routes the data and establishes the optimized
path from source to destination. The most commonly used IoT routing
protocol is RPL which is discussed in this section.
RPL
RPL is a link-independent routing protocol based on IPV6 for
resource-constrained nodes. It supports a minimal routing requirement
that builds a robust topology over lossy links. RPL specifies a
Destination Oriented Directed Acyclic Graph (DODAG) using one
or more objective functions and a set of metrics/constraints. The
objective function is used to formulate the best path in combination
with metrics/constraints. For example, DODAG can have objective
functions such as ‘Find paths with best Expected Transmissions
(ETX) values (metric) and avoid non-encrypted links (constraint)’ or
‘Find the best path in terms of latency (metric) while avoiding battery-
operated nodes (constraint)’. The DODAG graph built by RPL is a
logical routing topology over a physical network to meet certain
criteria. Graph formation starts at the root or LowPAN Border Router
(LBR), which is configured by the system administrator. The system
can contain multiple roots. The graph-related information is exchanged
via control messages. These messages are called DODAG
Information Solicitation (DIS) that is used by the node to acquire
DIO messages from the reachable adjacent node, DODAG
Information Object (DIO) keeps the current rank of the node that
determines the distance between each node to the root, and DODAG
Destination Advertisement Object (DAO) message provides upward
and downward traffic to RPL by which it unicast destination
information towards the selected parents. The routing process starts
from node to root with the help of these control messages and is
summarized in [15]. Figure 1.11 illustrates the DODAG architecture:
Figure 1.11: DODAG architecture

Security in the RPL Protocol: RPL itself supports message
confidentiality and integrity. It has three basic modes: unsecured mode
(by default with no additional security), preinstalled mode (it includes
devices with pre-configured symmetric keys that join the RPL
instance. Key in this mode support integrity, data authentication, and
confidentiality), and authenticated mode (this mode is applicable for
routers that authenticate and authorize the devices). RPL includes
AES/CCM with 128-bit keys for MAC and Consistency Check (CC)
control messages that help in authenticating other nodes’ current
counter value. This helps in securing RPL against a replay attack.
1.8.4 Link Layer Protocol: IEEE 802.15.4

Protocols in the Link Layer handle the data into and out of the physical layer
and provide services to the network layer. IoT standards include IEEE
802.15.4 protocol which acts as the standard MAC layer protocol:
IEEE 802.15.4
This protocol provides services to a low-rate wireless private area
network along with secured encryption and authentication services. It
supports three frequency channel bands and utilizes a Direct
Sequence Spread Spectrum (DSSS) method. Based on the used
frequency channel, the physical layer transmits and receives data over
three different data rates. Higher frequency provides higher throughput
and low latency [16].
Security in IEEE 802.15.4 Protocol: IEEE 802.15.4 is vulnerable to
active tampering and eavesdropping. Its security depends on the
Advanced Encryption Standard (AES) and symmetric cryptography.
AES provides data encryption and data authentication with 32, 64, or
128 bits. Replay attacks in IEEE 802.15.4 are intercepted by time-
synchronized channel hopping. The drawback of this protocol is that
the sender and receiver may reuse the nonce value as it does not
support key management modeling.
1.8.5 Physical Layer Protocol - LTE-A, Z-Wave

The physical layer is the lowest in any protocol stack. It includes devices and
technologies that collect data from the surroundings.
Long-Term Evolution-Advanced (LTE-A)
LTE-A is a scalable low-cost protocol designed for resource-
constrained devices in the IoT network. It uses the Orthogonal
Frequency Division Multiple Access (OFDMA) technology that
divides the frequency into multiple bands and accesses them
separately. Its architecture consists of a Core Network (CN), a Radio
Access Network (RAN), and mobile nodes. The CN manages the
mobile devices and keeps track of their IPs. RAN is accountable for
establishing control and data planes. In addition to it, LTE-A handles
wireless connectivity and radio-access control [17].
Security in Long-Term Evolution-Advanced (LTE-A) Protocol- As
per Third Generation Partnership Project (3GPP), LTE-A security
architecture is available with five security levels: network domain
security ,network access security, application domain security , user
domain security , and non-3GPP domain security. These mentioned
levels impart integrity protection, mutual authentication, and protect
communication access links [18].
Z-Wave
Z-Wave is considered as a low power communication protocol
designed basically for Home Automation Networks since it covers
only 30 m point-to-point communication and is suitable for short IoT
messages, like energy control, light control, wearable healthcare
control. It follows master/slave architecture and uses CSMA/CA for
collision detection.
Security in Z-Wave Protocol– Z-Wave security framework by silicon
lab and OEM supports confidentiality and message integrity. It
prevents information leakage, unauthorized access, and intrusion of
malicious nodes [19].
1.9 Domain-specific IoT and its security concerns

The domains of IoT are expanding and penetrating in most applications. IoT
is involved in various applications such as smart cities, smart homes, smart
agriculture, and so on. It is perceived that security is a critical issue in all the
applications that are deployed as well as those in the state of deployment.
Though these applications make our life easy but need strong security
support to secure them from threats and vulnerabilities. In this section, we
will discuss some of the critical IoT applications and their security concerns.
1.9.1 Security concerns in SCADA systems

Supervisory Control and Data Acquisition (SCADA) systems are the
heart of processes that are used by all types of industries ranging from small-
scale traffic management systems to large-scale power plant industry. They
are the product of automation for manufacturing and industry 4.0 [20].
SCADA systems are the Industrial Control Systems (ICS) that supervise
the machines and industrial processes which can span over a wide
geographical area like in energy distribution plants. These systems constitute
supervisory computers, programmable logic controllers (PLCs), and
remote transmission units (RTUs). PLCs and RTUs have sensors and
actuators that receive and send commands to other units of the SCADA
system. Data once received by sensors connected to SCADA systems are
then used for making critical decisions based on real-time information. Data
and decisions in the form of statistics and functions are displayed to
supervisors for review and control in the human-machine interface (HMI),
which is also a part of SCADA systems. SCADA systems are the most
versatile systems and are used in all kinds of industries and infrastructures
such as smart buildings, smart cities, transportation networks, oil and gas,
energy generation and distribution, wastewater treatment and distribution,
manufacturing, food production, and so on.
Unfortunately, the reports received by Zero Day Initiative (ZDI)† state that
there are huge vulnerabilities that are plaguing the SCADA systems.
Therefore, it is essential to root out the vulnerabilities and mitigate them at
the earliest. SCADA when integrated into IoT systems raises the security
concerns like authentication and access control, physical security,
identification of vulnerabilities, and recovery and backups. These security
concerns can be avoided if the organization follows the following security
measures, proposed by the National Institute of Standards and Technology:
Use of virtual patching that manages updates and prevents exploits
during system downtime.
Partitioning the system into smaller parts so as to minimize the
exposure of sensitive information
An adequate security measure like firewalls should be used between
ICS/SCADA and the corporate network to prevent the lateral
movement of attacks.
Restrict the role of transitory SCADA nodes for a single purpose.
There should be thorough monitoring of SCADA authorization and
user accounts.
Endpoint protection should be provided to the engineering station that
is connected to SCADA for device programming and control
adjustments.
1.9.2 Security concerns in Enterprise Information Systems

The Enterprise Information System (EIS) is an information system that
improves the functionality of the enterprises by integrating all business
processes. It offers high-quality services, deals with a large volume of data,
and supports the easy functioning of the complex organization. It integrates
the customer relationship and the supply chain management to centralize the
information and resource management services. EIS constitutes Enterprise
Resource Planning (ERP), relational databases, and transaction processing
systems. ERP manages the data resource and personnel, relational databases
provide storage, retrieval, and reporting functions, and transaction processing
deals with the operational functioning of the organization.
Integrating all processes demands high processing devices and servers. In
today’s world of the System On Chip (SOC), this capability is provided by
implementing IoT to EIS systems leading to new IoT-enabled enterprise
systems. Binding IoT with EIS, although enhances the capability of the
enterprise, but includes security challenges like lack of privacy and
confidentiality because in sensor-enabled EIS, information might be carried
away beyond the enterprise system.
To protect the IoT-enabled EIS system, the conceptual enterprise security
architecture is proposed. According to this architecture, four security pillars
are positioned just after the implementation of the EIS system. The four
pillars of EIS security include:
Security Policy: It states a set of behavioral rules, consequences of
violations, the procedure for dealing with breaches, rules of
monitoring and investigation, and a set of legal and regulatory
compliance.
Security Awareness: It includes education, collective, and individual
activities, formal classes, emails, group discussions, and employee
compliance.
Access Control: It includes limited information, access linked to job
function, information restriction to relevant position, and management
of access rule changes.
Top Level Management Support (TLMS): It supports transparent
support of policies and procedures, ingrains information security into
company culture, and effective communications.
1.9.3 Security concerns in home automation

Home, office, and building automation are the most widely used IoT
applications. Homes and offices include applications like remotely controlled
electrical appliances for saving energy, automated doors, and windows for
intruder detection, and so on. Automated buildings involve building
monitoring (lighting, elevators, smoke alarms, and fire extinguishers),
building security (room access, surveillance), and so on. Although the use of
these smart applications intends to improve the quality of our lives, it comes
with a threat to the privacy of users. Intruders can easily gain unauthorized
access to the sensor and objects deployed in-home or offices and may steal
confidential data to harm the users. Following security measures can be
undertaken for the protection of smart homes:
Confidentiality/Privacy can be maintained by using
symmetric/asymmetric encryption algorithms, homomorphic
encryption, and data obfuscation.
Integrity can be attained by hashing, digital watermarking, time
stamping, maintaining session keys, load profiling, and installation of
known secure units.
Authentication in smart homes is carried by hashing and MAC coding.
Non-repudiation is maintained by mutual authentication, transaction
logging, and using unique communication keys.
Availability is maintained by using alternate devices, and other
resources like frequency channel.
Authorization can be retained by using encryption and a digital
certificate like X.509.
1.9.4 Security concerns in agriculture

The use of sensor technology in agriculture drives the productivity and
sustainability of food production. IoT sensors assist the farmers to make
stronger decisions to attain higher crop yields with better quality. It saves
costs by reducing the use of fertilizers and pesticides. Smart agriculture
includes applications like livestock monitoring, irrigation management, and
the use of automated drones for surveying farms, mapping fields, and
spraying crops. These low-power IoT sensors gather agricultural data which
includes weather conditions, soil moisture, and chemical composition at a
lower cost to ownership. If such applications are compromised, then it may
damage the crops and hamper the productivity of food. A flaw in livestock
monitoring may lead to the theft of animals. Security resources that can
improve the security in smart agriculture are as follows:
Intrusion Detection System (IDS) implemented in cloud and gateway
detects DoS/DDoS attacks, controls forged actuators, the forged
gateway-cloud request, flooding, SQL injection, backdoor entries,
worms, and routing attacks.
Anomaly Detection system controls the data and services like optical
deformation, irregular measurement, sensor weakening, random sensor
incidents, system disruption, and data transit attacks.
Cryptography ensures the smooth functioning of data and
communication links. It administers false data injection,
eavesdropping, traffic interception, data capture, and man-in-middle
attack.
Authentication and access control ensure the security in forged
actuators, fake node/gateway, false data injection, persistent attacks,
and unauthorized access.
1.9.5 Security concerns in smart cities

Smart cities are another important areas for IoT applications. According to
IMD Smart City Index† 2021, it is spotted that citizens are accepting
automation and are making efforts to shape their city smart by balancing
economical and biological aspects. Singapore, Dubai, and Copenhagen are
marked as the top 3 smartest cities of 2021, followed by others that continue
to embrace the concept of a smart city. Projects in smart cities entail utilities
(smart waste, lightning), connected traffic (smart parking, traffic
management), public safety (video surveillance), and environmental
monitoring (air pollution). The use of smart applications aims to improve the
overall quality of life of citizens but comes with a threat to human life.
Security breaches in any area related to IoT applications can have serious
consequences. For example, if a traffic signaling application fails, it can lead
to accidents and loss of life/property. Similarly, if the application fails to
monitor the presence of lethal gasses, then it may result in a hazardous
situation. To guide the smart city developers, following are the security
checklist that can be referred to when implementing smart technologies:
Perform quality inspection and penetration testing
Technologies in smart cities should be thoroughly inspected and tested
before their city-wide implementation; this catches the issues like data
leakage and service malfunction before it is made available to the
public.
Rank security in service-level agreements (SLAs) for all vendors
and service providers
Smart city adopters should make sure that vendors and service
providers have prioritized security in their service-level agreement and
are meeting its requirements.
Establishing a municipal computer emergency response team
(CERT) or computer security incident response team (CSIRT)
This ensures that whenever an attack occurs or any system fails; a
dedicated municipal CERT/CSIRT team is always available to counter
it. CERT/CSIRT is also in charge of reporting, patching, and sharing
best security practices.
Ensuring the consistency and security of software updates
Both municipal cooperation and vendors should make sure that all
updates are securely encrypted and digitally signed so as to ensure
software integrity.
Process data with privacy in mind
All data should not be available to everyone, only the authenticated
municipal authority and service provider who is bounded by SLA
should be allowed to access it.
Encrypt, authenticate, and regulate public communication
channels
Parties should make sure that all wired and wireless communication is
protected against eavesdropping, interception, and modification attack.
Strong authentication mechanisms like OTP, biometrics, or two-factor
authentication can be adopted to enhance the security and privacy of
citizens’ data.
1.9.6 Security concerns in social IoT

IoT is a network of billions of objects that communicate and interact
intelligently with each other. One of the most important paradigms of IoT is
the Social Internet of Things (SIoT), where objects with similar
characteristics or interests combine to form social communities. They create
their social network to achieve common goals such as improved
performance, functionality, or efficiency of the provided services. In social
IoT different aspects of objects interact with different viewpoints, so may
have a significant impact on security. For example, fake accounts holders
having a negative viewpoint may disseminate vulnerabilities like spam and
malware on social networking sites (such as Facebook, Youtube, Instagram,
and so on) and may illegally gain access to it. Therefore, it is necessary; to
detect and mitigate the objects behaving differently from others so as to have
successful cooperative communication among them. The precautionary
measures that could be taken under consideration while dealing with SIoT
are:
Objects in SIoT should have cognitive capabilities, that is, with their
mental thinking, reasoning, and problem-solving ability, objects
should be able to recognize the malicious objects among them.
An effective intrusion detection mechanism can be established for the
detection and mitigation of compromised objects.
The system should have energy-aware security protocols so as to cope
with increased energy demand.
1.9.7 Security concerns in IoT-based healthcare

IoT has extensively escalated itself in the healthcare industry. In this
situation of the COVID-19 pandemic, digital health solutions are swelling
and are boosting the efforts of digitization. There is an increasing demand for
health applications like telehealth consultations, remote monitoring, digital
diagnostics, and robot assistance. Healthcare applications acknowledged as
E-health include medical device monitors, health team coordinators, and out-
patient focused solutions. Out-patient applications include elderly care,
distant patient diagnosing, and pain medication if not severe. IoT in
healthcare has optimized the workflow but is vulnerable to threats and
attacks, such as theft of personal details, loss of crucial data, cyber-attacks,
and intentional or unintentional actions that are dangerous to humans. In
view of this situation, the U.S. Food and Drug Administration released
guidance that suggests the following security measures for the protection of
medical devices and services:
Limit the access of devices to only trusted users by using appropriate
authentication techniques such as ID, password, smart card, biometric
and two-factor authentication.
Ensuring encrypted transfer of data to and from the devices.
Establishing an intrusion detection system that detects and recognizes
the compromised devices within the logged interval and takes
appropriate action to it.
1.10 IoT supporting technologies

The interconnection of sensor-enabled objects to the internet generates a
large amount of data, which is known as “Big Data”. Since IoT devices are
resource constrained, the processing, analysis, and storage of this big data
alone in IoT systems is not possible. So there is a need for supporting
technology that provides smart and efficient; processing and storage
mechanisms in a secure way. Visually, IoT is supported by big-data
analytics; cloud computing, edge computing, and fog computing that enable
the processing, storage, and retrieval of data in an efficient manner. In the
given section, we will discuss the relationship between the IoT and its
supporting technologies.
1.10.1 Big Data analytics

Big data analytics is an asset to enterprises that diagnose and extract the
relevant knowledge from the pool of data by which businesses can achieve a
competitive advantage. It involves the processing and managing of a huge
amount of data in an efficient way. Apache Hadoop† and SciDB† are some of
the big data analytics platforms that process the bulk of real-time IoT data in
an economical manner. For example, Facebook, one of the giant social
networking sites uses the Hadoop tool to analyze and manage the billions of
messages per day and demonstrate the real-time statistics of user actions like
interesting advertisements, groups to follow, and so on. Other than using big
data tools, IoT data can also be managed by just keeping the track of
interesting data only. Some of the existing approaches that extract only the
interesting data are pattern reduction, dimension reduction, feature selection,
Principal Component Analysis (PCA), and distributed computing methods.
1.10.2 Cloud computing

Cloud computing technology offers an on-demand availability of resources
such as storage, power, and services without human intervention. It imparts
the management mechanism for IoT big data that ensures the processing of
data and the extraction of valuable knowledge from it. The integration of
cloud computing with IoT had escalated the efficiency of the IoT system, all
because both IoT and cloud computing persist the common characteristics
of:
Storage over the internet
Services over the Internet
Applications over the internet
Energy efficiency
Computational capability
Though employing cloud computing in IoT has improved the performance,
yet faces certain challenges like:
Synchronization: Synchronization of real-time services between
different cloud vendors.
Interoperability: Balancing the difference between IoT and cloud’s
resources, infrastructures, and components.
Reliability: Ensuring the security and reliability between IoT devices
and cloud platforms.
IoT is supported by numerous cloud platforms such as ThingWorx, OpenIoT,
Google cloud, Amazon, GENI, Xively, Nimbits, and so on. These platforms
provide Platform-as-services (PaaS) to IoT application developers and
service providers. Their aim is to securely connect devices to applications
and allows the relevant sensor data to be readily available on the web. In
addition, to these characteristics, IoT enabled cloud platforms also have the
following features such as:
Support gateway for reconciling short-range network with wide-range
network
Support discovery, delivery, configuration, and activation of
applications and services
Provide proactive and reactive assurance of the platform
Support accounting and billing of applications and services
Support security
Support standard application protocols
Table 1.7 summarizes the characteristics of publicly available IoT-cloud
platforms:
IoT Gateway Service Assurance Billing Security

Platform Support support
REST
Arkessa ✓ ✓ ✓ ✓
Axeda ✓ ✓ ✓ ✓ ✓ ✓
Etherios ✓ ✓ ✓ ✓ ✓
LittleBits ✓ ✓
NanoService ✓ ✓ ✓ ✓ ✓
Nimbits ✓ ✓
Ninja ✓ ✓ ✓
Blocks
IoT Gateway Service Assurance Billing Security
Platform Support support
REST
One ✓ ✓ ✓ ✓ ✓
Platform
RealTime.io ✓ ✓ ✓ ✓
Sensor ✓ ✓ ✓ ✓
Cloud
SmartThings ✓ ✓ ✓ ✓
TempoDB ✓ ✓
Thingworx ✓ ✓ ✓ ✓
Xively ✓ ✓ ✓ ✓ ✓ ✓
Table 1.7: IoT cloud platforms and their characteristics
Security in cloud computing is discussed in Chapter 19, Cloud Security for the
IoT.
1.10.3 Edge computing

The integration of IoT with the cloud is not enough to address all the issues
owing to the enormous distance between IoT devices and the cloud. Due to
this distance, the cloud could not directly access local information (for
example, mobility pattern, local details, and so on) and tends to increase the
network latency and jitter. To address this issue, the idea of edge computing
was initiated. Edge computing incorporates the layer between the cloud and
devices, known as the edge layer. This layer consists of high-end servers
(also known as edge nodes) with satisfactory processing and storage ability.
Edge computing empowers the edge nodes to satisfy the on-demand services
and reduces network latency and bandwidth consumption without moving
the data to the cloud. The remarkable features of edge computing when
integrated with IoT solve the critical IoT issues of latency and jittering; and
help to improve its performance. Figure 1.12, illustrates the three-layer
architecture of edge-computing-based IoT:
If the amount of generated data is very large, such that it is out of the capability of
edge nodes, then all the data is transmitted to the cloud for processing. This
obviously will increase the latency of the system. To solve this issue, fog
computing is used, which will filter and transmit only the relevant data to the
cloud.
Figure 1.12: Edge Layer Computing

The architecture consists of a device layer, edge layer, and cloud layer. The
device layer comprises IoT sensors and actuators. The Edge layer includes
devices (or servers) that have sufficient residual computation power that can
provide uninterrupted on-demand services. Moreover, the edge devices in an
application can create a network among them and can cooperate to compute
the data. This prevents the unnecessary flow of data outside the network. The
topmost layer acknowledged as the cloud layer constitutes cloud servers that
provide long-term data storage and analysis ability.
1.10.4 Fog computing
An increase in the number of edge devices and their analysis at centralized
cloud servers struggles to attain the qualifying Quality of Service (QoS).
With IoT technology on the horizon, fog computing has emerged as the key
solution to resolve this issue. Fog computing provides similar functionality
as that of edge computing but is located in close proximity to clouds instead
of devices. Thus, it forms a layer known as the fog layer that lies between the
device layer (or edge layer, if exists) and the cloud layer. Another major
difference between edge and fog computing is that instead of forwarding all
the data to the cloud, the fog layer forwards only the relevant data; this is
done by filtering the huge amount of generated big data. Thus, in this way,
QoS is maintained and efficiency is achieved.
Conclusion
The chapter demonstrates and explores the security aspect of the Internet of
Things and its emerging technologies. It gives the basic architecture of IoT
and fulfills the requirement of preliminary knowledge for the subsequent
chapters. The chapter states the importance of IoT security and explores its
requirements with respect to architecture, protocols, and applications. The
comprehensive illustration of the chapter is summarized as follows:
The Internet of Things (IoT) is defined as the interconnection (wired
or wireless) of low-power devices such as sensor and actuators, that
gathers, communicate, analyze and transmit information whenever and
wherever required via the internet.
There are various domains and applications where IoT has marked its
presence such as healthcare, smart homes, cities, defense, agriculture,
transportation, and many more. These applications are grouped into
Consumer IoT and Business IoT, where consumer IoT deals with the
application that is personally used by users while business applications
are those applications that present the insights of an organization and
tend to boost its efficiency.
The functioning of IoT is illustrated with the help of six building
blocks labeled as identification, sensing, communication, computation,
service, and semantics.
Identification: connected devices are identified using EPC code
and uCode.
Sensing: Data is gathered from the surroundings using sensors.
Communication: The collected data is then transmitted to the
cloud or processing unit for processing and analysis using
communication protocols such as RFID, NFC, LTE, and so on.
Computation: Transmitted data is computed and processed in the
cloud or in the processing unit.
Service: Relevant information is acknowledged from the processed
data and is made available to end-users in form of services.
Semantics: This element of IoT includes the selection of the right
technology, and right resources at right time.
Though IoT is a boon to the world, if not secured properly then may
serve as a curse to the world and can be the reason for its destruction.
It has been perceived that theft, privacy, safety, and productivity are
the four different ways in which attackers can attack consumers,
enterprises, and users.
There is an intense need to protect and secure IoT from attackers
because of the following reasons:
R1: Constrained system resources
R2: Device Heterogeneity
R3: Interoperability in IoT
R4: Over-the-air Firmware update
Cyber Security is generally used in place of IoT security. But they are
not similar; there is a slight difference between the two terms. Cyber-
security deals with the protection of data, information, software, and
application from unauthorized access with no engineering principle
whereas IoT security is an integration of cyber security and the
engineering principles like collection, communication, and
examination, which maintains confidentiality, integrity, and non-
repudiation of the IoT data and devices.
IoT systems are also sometimes confused with Cyber-physical
systems (CPS). IoT systems always need the interconnection of the
internet for fulfilling their objectives whereas CPS systems do not
always need the internet for achieving their objectives. They can
achieve their objective without even being connected to the Internet.
The architecture of IoT consists of four basic layers, specified as the
perception layer, network layer, processing layer and application layer.
Each of these layers is vulnerable to various threats, and attacks such
as information leakage, eavesdropping, man-in-middle attack, and
many more.
In general, the security requirements in every layer include lightweight
solutions that support confidentiality, integrity, availability,
heterogeneity, and much more.
For smooth functioning of IoT, it is needed that IoT technologies
should also be secured from threats and attacks. IoT enabling
technologies include:
Identification technologies: RFID tags, biometrics, EPC
Software Technologies: Integration of WSN and RFID
Communication Technologies: RFID, NFC, LTE-A and so on.
Network Technologies: Network functioning
As a normal network, an IoT network is too supported by various
protocols in a different layer. Safety in all these protocols is another
major requirement of IoT. IoT protocol stack includes:
Application Protocol: CoAP, MQTT, XMPP
Network Protocol: 6LoWPAN
Routing/transport Protocol: RPL
Link Layer Protocol: IEEE 802.15.4
Physical layer protocol: LTE-A, Z-Wave
The interconnection of millions of objects generates a huge amount of
data known as “Big Data”. The maintenance and analysis of this huge
amount of data are done with the help of superficial technologies, such
as Big-data analytics, cloud computing, Edge computing, and Fog
computing.
Big data includes the extraction of relevant knowledge from the pool
of data generated by IoT devices. It constitutes the processing and
managing of data in an efficient way.
Cloud computing is another technology that offers automated on-
demand availability resources such as storage, power, and services.
The distance between the IoT devices and the cloud is too large, which
may result in a delay in services as well as the vulnerability of being
attacked. Therefore, two new technologies known as edge computing
and fog computing were proposed to avoid the delay in services.
Edge computing is a computation of data at the network’s edge, which
is in close proximity to the physical location where IoT devices are
installed.
Fog computing is the mediator layer between edge and cloud that
transmits only the filtered data to the cloud so as to reduce the delay
and complexity of the system.
1.11 Questionnaire

1. IoT can be defined as:
a. network of physical objects embedded with sensors
b. network of virtual objects
c. network of objects in the ring structure
d. network of sensors
2. Which of the following is not a fundamental component of an IoT
system?
a. Sensors
b. Connectivity and data processing
c. User interface
d. Transformer
3. Which of the following is not an IoT communication technology?
a. NFC
b. BLE
c. LTE
d. IPV6
4. Which of the following is not an IoT supported operating system?
a. TinyOS
b. Contiki
c. Windows
d. Riot OS
5. The architecture of IoT consists of following layers:
a. perception, network, transport, application
b. presentation layer, session layer
c. perception, network, processing and application
d. none of the above

6. Which of the following API allows the user to control electronic
components?
a. MQTT
b. RESTFul
c. Android
d. CoAP
7. MQTT stands for _________.
a. Message Query Telemetry Transport
b. MetaQuery Telemetry Transport
c. Multiple Query Telemetry Transport
d. Multi-Queue Query Telemetry Transport

8. On what is MQTT based upon?
a. Publish-subscribe architecture
b. Client-server architecture
c. Both a and b
d. None
9. The applications of IoT include:
a. HOME and cities
b. Healthcare and agriculture
c. Defense
d. All of the above

10. Edge computing is processing in:
a. IoT device
b. Cloud
c. Edge servers close to IoT devices
d. Edge servers close to cloud
Answer key
1. (a) 2. (d) 3. (d) 4. (c) 5. (c) 6. (b) 7. (a) 8. (a) 9. (d) 10. (c)

1. Explain the architecture of IoT with its security requirements.
2. Explain the importance of following IoT applications and their
security concerns:
a. SCADA systems
b. Health care systems
c. EIS systems
d. Home Automation systems

1. What is the difference between sensors and actuators?
2. What is the difference between CPS and IoT?
3. State the importance of authentication and authorization in securing
IoT.
4. What is the difference between Fog computing and edge computing?
Keywords(†)
Sensors: It is a device that detects events and changes in its
environment, collects data, and transmits information to other devices
for further processing.
Actuators: This device is the opposite of sensors. It takes the
processed information as input and turns it into the environment
inform of physical action.
Microcontrollers: It is a small computer integrated into a chip and
contains more than one CPU along with memory and programmable
input/output devices.
M2M: It is a machine-to-machine technology that establishes a wired
or wireless connection between devices using any communication
channel.
GSM: It is a standard to describe the protocols for second-generation
digital cellular networks used by mobile phones and tablets.
UMT: Like GSM, it is also a standard but describes the protocols for
third-generation mobile-cellular networks.
System on Chip (SOCs):It is an integrated circuit that combines all
the components of a system into a single chip.
Field programmable gate array (FPGAs): They are semi-conductor
devices that consist of a matrix of Configurable Logic Blocks
(CLBs) comprising of AND, OR, and NOT gates; connected via
programmable interconnects. After manufacturing, they can be
programmed and reprogrammed as per the required application.
Resource Description Framework (RDF):It is a framework that
represents data on the web. Its statements are used to describe and
exchange metadata based on relationships.
Web Ontology Language (OWL): It is a semantic web language that
is used to represent complex knowledge about things, groups of things,
and the relations between things.
EfficientXML Interchange (EXI):It is a binary XML language that is
used to exchange data on a computer network.
OVH: It is a cloud service provider that provides infrastructure-as-
service to IoT systems.
OWASP: It is a community that produces freely-available articles,
methodologies, documentation, tools, and technologies in the field of
web application security.
Apache Hadoop: It is a framework that facilitates the distributed
processing of huge data set across network of computers using simple
programming models.
SciDB: It is a multi-dimensional data base management system that
analyses the IoT applications generating big data.
Zero Day Initiative (ZDI): It is an international software vulnerability
initiative that acquires software vulnerabilities from different security
researchers and then present these vulnerabilities to their original
vendors for patching before generalizing it into public domain.
Reply attacks: It is a network attack where valid data transmission is
maliciously or fraudulently repeated or delayed.
IMD Smart City Index: It is an index that defines the city as an
intelligent city that applies the latest technology to enhance their
benefits and diminish their shortcomings. It ranks the cities on the
basis of their smartness and technological advancement.
References
[1] ITU, “ITU : Committed to connecting the world.

”https://www.itu.int/en/Pages/default.aspx.”
[2] R. Minerva, A. Biru, and D. Rotondi, “Towards a definition of the
Internet of Things (IoT),” IEEE Internet Initiat., pp. 1–86, 2015.
[3] McK, “McKinsey Digital.” https://www.mckinsey.com/business-
functions/mckinsey-digital/our-insights/iot-value-set-to-accelerate-
through-2030-where-and-how-to-capture-it.”
[4] “Mordor Intelligence.” https://www.mordorintelligence.com/industry-
reports/internet-of-things-moving-towards-a-smarter-tomorrow-
market-industry#.
[5] “MarketsANDMarkets.”
https://www.marketsandmarkets.com/Market-Reports/iot-
healthcare-market-160082804.html#:~:text=The global IoT in
Healthcare market size is expected to,21.0%25 during the forecast
period.
[6] M. Collina, G. E. Corazza, and A. Vanelli-Coralli, “Introducing the
QEST broker: Scaling the IoT by bridging MQTT and REST,” in 2012
IEEE 23rd International Symposium on Personal, Indoor and Mobile
Radio Communications - (PIMRC), Sep. 2012, pp. 36–41, doi:
10.1109/PIMRC.2012.6362813.
[7] “Security Boulevard.” https://securityboulevard.com/2021/03/the-key-
to-firmware-security-in-connected-iot-devices-keyfactor/.
[8] L. Nastase, “Security in the Internet of Things: A Survey on Application
Layer Protocols,” in 2017 21st International Conference on Control
Systems and Computer Science (CSCS), May 2017, pp. 659–666, doi:
10.1109/CSCS.2017.101.
[9] Z. Shelby, K. Hartke, and C. Bormann, “Constrained Application
Protocol (CoAP). draft-ietf-core-coap-18,” in Internet Engineering Task
Force(IETF) , Fremont,CA,USA, 2013.
[10] R. A. Rahman and B. Shah, “Security analysis of IoT protocols: A focus
in CoAP,” in 2016 3rd MEC International Conference on Big Data and
Smart City (ICBDSC), Mar. 2016, pp. 1–7, doi:
10.1109/ICBDSC.2016.7460363.
[11] U. Hunkeler, H. L. Truong, and A. Stanford-Clark, “MQTT-S - A
publish/subscribe protocol for Wireless Sensor Networks,” in 2008 3rd
International Conference on Communication Systems Software and
Middleware and Workshops (COMSWARE ’08), Jan. 2008, pp. 791–
798, doi: 10.1109/COMSWA.2008.4554519.
[12] P. Saint-Andre, “Extensible Messaging and Presence Protocol (XMPP):
Core,” Cambridge University Press, Cambridge, Feb. 2011. doi:
10.1088/1751-8113/44/8/085201.
[13] J. W. Hui and D. E. Culler, “Extending IP to Low-Power, Wireless
Personal Area Networks,” IEEE Internet Comput., vol. 12, no. 4, pp. 37–
45, Jul. 2008, doi: 10.1109/MIC.2008.79.
[14] N. Kushalnagar, G. Montenegro, and C. Schumacher, “IPv6 over Low-
Power Wireless Personal Area Networks (6LoWPANs): Overview,
Assumptions, Problem Statement, and Goals,” Internet Eng. Task Force,
pp. 213–221, 2007.
[15] J. P. Vasseur, N. Agarwal, J. Hui, Z. Shelby, P. Bertrand, and C.
Chauvenet, “RPL: The IP routing protocol designed for low power and
lossy networks,” Internet Protoc. Smart Objects Alliance, San Jose, CA,
USA, 2011., 2011.
[16] L.-H. Yen and W.-T. Tsai, “The room shortage problem of tree-based
ZigBee/IEEE 802.15.4 wireless networks,” Comput. Commun., vol. 33,
no. 4, pp. 454–462, Mar. 2010, doi: 10.1016/j.comcom.2009.10.013.
[17] M. Hasan, E. Hossain, and D. Niyato, “Random access for machine-to-
machine communication in LTE-advanced networks: issues and
approaches,” IEEE Commun. Mag., vol. 51, no. 6, pp. 86–93, Jun. 2013,
doi: 10.1109/MCOM.2013.6525600.
[18] J. Cao, M. Ma, H. Li, Y. Zhang, and Z. Luo, “A Survey on Security
Aspects for LTE and LTE-A Networks,” IEEE Commun. Surv. Tutorials,
vol. 16, no. 1, pp. 283–302, 2014, doi:
10.1109/SURV.2013.041513.00174.
[19] C. W. Badenhop, S. R. Graham, B. W. Ramsey, B. E. Mullins, and L. O.
Mailloux, “The Z-Wave routing protocol and its security implications,”
Comput. Secur., vol. 68, pp. 112–129, Jul. 2017, doi:
10.1016/j.cose.2017.04.004.
[20] “trendmicro.”
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-
and-exploits/one-flaw-too-many-vulnerabilities-in-scada-systems.
Things to check before moving to next chapter

Fundamentals of Internet of Things with its framework
Understanding the need of security in IoT
The architecture of IoT
Threats in IoT layer and its security requirements
Role of authentication and authorization in securing IoT
Methods to secure IoT Technologies
IoT protocols and their security
Security concerns in IoT applications
Role of Big-Data, cloud, fog, and edge computing in Internet of
Things

Join the book's Discord Workspace for Latest updates, Offers, Tech
CHAPTER 2
IoT Security - Vulnerabilities, Attacks, and
Countermeasures
Introduction
The chapter discusses various aspects of information assurance followed by
the administration and execution of attacks in IoT systems. It presents the
difference between threats, vulnerability, and risk. The chapter supplements
various types of attacks and their organization into attack trees with
acceptable countermeasures like secrecy and encryption of the Internet of
Things. For determining the gravity of the threats, this chapter illustrates the
remarkable threat modeling process where threats are identified and rated
based on severity.
Structure
Information Assurance – Components
Threats
Vulnerabilities
Risk
Insecure Access Control
Attacks- Types, Composition, and Tools
Threat modeling for IoT Systems
2.1 Information Assurance: components
Information Assurance (IA) is an important domain of IoT security, which
assures information certainty and manages risks related to its usage, process,
storage, and transmission. It includes the following essential components,
also termed the five pillars of information assurance:
Confidentiality: It is the security measure that keeps secrecy of the
sensitive information and protects it against unwanted disclosure.
Secrecy of information is attained only if an authorized user is allowed
to access it. This can be done by using usernames, passwords, and any
secret code † or by any other form of two-factor authentication † .
Unwanted disclosure as stated is also a characteristic of confidentiality
which is attained by a method of encryption†.
Integrity: It is the security measure that protects the information from
unauthorized alteration, either intentionally or accidentally. It ensures
the accuracy of the data throughout the lifespan. For instance, market
purchases should be appropriately reflected in the account. If not, then
we say that the integrity of information is not maintained. Integrity can
be assured as simple as by “read-only file” constraint or as complexly
as by encryption, hashing†, or checksum
Authentication: It is the security measure that ensures that the valid
data is coming from a valid source. The validity of the source is
examined by access control mechanisms like username, password, and
OTP † (one-time-password). In simple terms, authentication is the
process in which the validity of the user is checked before providing
the access to the system.
Non-Repudiation: It is the security measure that prevents the denial
of occurred action caused by an individual or system in course of time.
For example, digital signatures † used in online transactions or in any
contract or in any receipt serves as the proof that the data has been sent
by that person or system. In other words, affiliated parties within the
course of time cannot deny the authenticity and integrity of the signed
document. For example: Tec builders received an email from Mr
Raghu. The digital signatures and time stamping on the mail signifies
that the mail has been sent by Mr Raghu and he cannot deny sending
the mail.
Availability: It is the security measure that ensures the presence of
information when needed by an authorized individual. Backup, spare
data channels, and onsite-offsite capabilities like customer support
help are some of the tools of availability.
An organization doesn’t need to imply all the stated pillars of information

assurance. There may be some pillars that impede the functioning of other
pillars or there can be pillars that boost other pillars. For instant, an
increase in the availability of the information works against the integrity,
authentication, and confidentiality [7].
These pillars of Information Assurance play an important role in

securing IoT because the reliable flow of information in IoT is
considered as the combination of the device domain, its physical
aspect, its information, its data sources, sinks, and networks. However,
for the comprehensive security and reliability of the IoT as well as
cyber-physical IoT, two additional assurances associated with cyber-
physical aspects are introduced, namely, resilience and safety.
Resilience: It is the security measure that ensures the capability of the
system to combat and recover from accidental attacks, deliberately
done attacks, or any naturally occurring attacks. Resilience on any
system or network can be maintained by taking backups, deploying
durable devices, and developing continuity plans. Resilience can also
be acquired by a complete understanding of how our network works so
that immediate measures can be taken at the time of attacks; as we
know how the network functions. As per the researchers, resilience is
defined as “A system that maintains state awareness and an accepted
level of operational normalcy in response to disturbances, including
threats of an unexpected and malicious nature.” [1].
Safety: It is the security measure that refers to the state of being
protected from a situation that is likely to cause harm. Safety
measurements are implemented by using antivirus † , by locking the
digital screen of the computer or by using network firewalls † . As per
researchers, safety is defined as “The condition of being safe from
undergoing or causing hurt, injury, or loss.” [2].
2.2 Threats
A threat is defined as the possible negative activity or event performed by
any intruder† or vulnerable† individual that may have an awful impact on any
system or application. A threat can be natural or man-made; for example, the
act of God like earthquakes, storms, and hurricanes is a natural threat while
hacking and cracking without authorization are man-made threats.
Associated terms
Threat Actors: Threat actors are individuals or groups that perform
the action of threats; for example, a burglar invading our home, or an
intruder who exploits a vulnerability to realize a negative impact.
Threat source: These are the individuals who wish to employ threats.
They may persuade or give any kind of commission to the threat actor
to carry out the threat.
Threat action: It is an attack on system security.
Threat analysis: It is the process of determining, which component
within the system needs protection and from which type of security
threats.
Threat consequence: It is the result of a security violation (threat) that
includes disclosure, deception, and disruption.
Threat classification
As per Microsoft, threats are classified as STRIDE and are named as:
Spoofing: It is the condition where an attacker gains an illegitimate
advantage by falsifying its own identity. It is applied to various
communication methods like email communication; here, attackers
send false an email message to the recipient tricking them to think that
it is coming from a trusted source. These emails and messages contain
malicious attachments and links, which spread as soon as the email
message is unfolded. Another example of spoofing is IP spoofing. It is
the most common in IoT networks, where attackers disguise their
device IP address and pretend to be one of them or a trusted device. It
is basically done to gain access to a network where authentication is
based on IP addresses.
Tampering: It is the destructive action taken by an unauthorized user.
The unauthorized user alters the information such as those in a
database where sensitive information (price, credentials, permissions,
and so on.) is manipulated.
Repudiation: The situation where the attacker denies the action is
called repudiation. It can be avoided by using digital signatures, where
an attacker or any communication entity can never deny the action
performed by him like sending a document, message or a mail and so
on.
Information Disclosure: In this type of threat; the attacker performs
privacy breaching or data leaking. For instance, an attacker can
provide access to source code via temporary backups; he can reveal
the hidden directory , its structure or can unveil the technical details,
and so on.
Denial of Service (DoS): It is the threat where the attacker tends to
disrupt the services of the network by flooding unwanted data within
the network. The aim of the attacker is neither to steal any information
nor to leak any data; they only aim to disrupt communication with
respect to time and money. DoS attackers often target the servers and
services of high-profile organizations like banks, media, government,
and trade organizations.
DoS attack is implemented either by flooding or by crashing services.
In flooding, an attacker sends enormous traffic to the server, causing it
to slow down and then eventually stop it. In crashing, the attacker aims
to smash the target system and services by exploiting its weaknesses.
Elevation of Privilege: It is the act of exploiting bugs or design flaws
in an operating system or application to gain unwanted access to
resources that are generally hidden from the user and application. For
instance, a flaw in the IoT authentication method can be exploited by
an attacker, whereby he can smoothly get control of hidden
administrative power.
IoT devices are subjected to physical threats, hardware threats, software quality
threats, environmental threats, supply chain threats, and much more inherent to
both security and safety domains.
IoT devices in CPS (for example, actuation, physical sensing, and so on) are
subjected to physical reliability and resilience threats along with the compromise
and degradation of the computing platform.
It is not necessary for an organization to imply all the stated pillars of information
assurance (IA). There may be some pillars that impede the functioning of other
pillars or there can be pillars that boost other pillars. For instant, increase in
availability of the information works against the integrity, authentication and
confidentiality [1].
2.3 Vulnerabilities
Vulnerability is defined as the weakness in any device or application that can
be any existing bug, design flaw, or loophole within the system that allows
attackers to exploit it. Figure 2.1 presents the act of threat and vulnerabilities
within the system. Primarily, vulnerability is of four types: hardware
vulnerability, software vulnerability, network vulnerability, and procedural
vulnerability.
Hardware Vulnerability: It is the weakness within the system
hardware that can be attacked physically or remotely, for example, an
old version of systems or devices, unprotected storage, unencrypted
devices, and so on.
Software Vulnerability: It is the weakness in software development
or its configuration. For example, lack of input validation, unverified
uploads, cross-site scripting, unencrypted data, and so on.
Network Vulnerability: It is the weakness within the network which
can be hardware or software. For example, unprotected
communication, malware, or malicious software (for example: viruses,
keyloggers, worms, and so on.), Social engineering attacks,
misconfigured firewalls, and so on.
Procedural Vulnerability: It is within the organization’s operational
methods. For example, password procedure, that is, a password should
follow the standard password policy.
Figure 2.1: The act of attack exploitation
2.4 Risk
Risk is defined as the potential loss or damage caused by any threat that
exploits the vulnerability of the system. It can be any financial loss, loss of
privacy, damage of reputation, legal implications, or even loss of life.
Statistically, we can express risk as a product of threat and vulnerability
(equation 1).
Risk = Threat X Vulnerability (1)
Risk Management Plan

Risk can be reduced by employing and implementing a risk
management plan. Strategies for the development of risk include the
following steps:
Assessment and determination of risk and its needs: In this step,
breaches are addressed and prioritized as per the severity and
frequency of occurrence regularly.
Inculcation of stakeholder’s perspective: Once the risks have
been identified, the views of all stakeholders regarding its
mitigation are considered and employed. Stakeholders include
owners, employees, customers, and even vendors.
Employing a risk management team: Next, a risk management
team is formed where a group of employees is given the
responsibility of managing risk and appropriate funding is provided
at every level.
Implementation of policies and related control: For effective
implication of risk; end users should be informed of all the policies
and their updates.
Evaluating and monitoring policies and their control: Since risk
is ever-changing, so an organization should be prepared with a team
that can make necessary changes and adjustments whenever
required. This can also involve incorporating new monitoring tools
and techniques.
2.5 Insecure Access control

Access control is used to determine whether the user is allowed to carry out
the event that he is attempting to perform. Its design decisions are generally
made by humans, not technology. In case, if any component is compromised
then access control ensures that the intruder has minimal access to other
components within the system. Access control systems are classified into
different categories as follows:
2.5.1 Access control List-Based Systems or Discretionary Access

control
This permits owners to make their own decisions about who can access
which part of the IoT system at what period. At each entry point, the IoT
system has an Access Control List (ACL) which contains the details of each
individual or group who has, what, permission to access it. Each node or
device has a security attribute that identifies its ACL.
2.5.2 Role-Based Access control
This system permits users based on their role within the organization. As per
the IoT, RABC is not suitable for IoT devices since the identity of individual
devices may not be known. However, OAuth is one of the role-based access
control tools for applications (not users) where applications must prove their
identity by submitting tokens.
2.5.3 Capability-Based Access control or Key-based Access

control system
A capability is a cryptographic key that provides communication access to
the node to interact within the IoT system. IoT systems generally depend on
the nodes that collect data, analyze data, and perform the control action
accordingly. The collection and analysis of data is done by the node having
key access or cryptographic key which permits it to perform the required
action.
2.5.4 Challenges in Access control

The IoT access control system consists of several challenges. Some of them
are as follows:
Neglecting the use of Secure Socket Layer (SSL) connections: SSL
provides privacy, authentication, and integrity to the communication
between two parties; so if not carried out in an IoT network, then may
result in man-in-middle attack.
Unavailability of mutual authentication: In mutual authentication,
both parties and communicating devices are intended to verify each
other’s identity before establishing a connection between them.
Lack of strong passwords in IoT devices: Users of IoT devices are
required to follow the standard password policy to make it difficult for
an intruder to gain access to it.
Lack of two-factor authentication: In two-factor authentication, an
extra security layer is added to a device account to prevent an intruder
from accessing it, even if the password is known. For instance,
accessing the bank account requires a password as well as OTP for
providing access to the account.
Absence of lock-out or delaying measures within the IoT services:
Delay in services should be as low as possible because a higher delay
may give time to an attacker to perform brute-force attack, that is, an
attacker will be able to guess what the actual password is.
Presence of web application vulnerabilities in IoT cloud: Weakness
in web applications may incur large amounts of illegal data to the
cloud that may result in falsifying the IoT system. For example, if a
web application does not have a strong authentication mechanism,
then easily an intruder can have access to the device as well as its
cloud.
Absence of signed or encrypted firmware updates by IoT devices:
Firmware should be updated from time to time since it improves the
functionality and features of the device as well as fixes the
performance issue.
2.5.5 Threats to Access control, privacy, and availability

Access control, privacy and availability are important elements of IoT
security that need to be protected from unwanted threats. Some of the
existing threats in these elements are presented in Table 2.1:
Threats Explanation
Access Internal Threats Threats are performed by individuals that have

control direct access to the system such as employees,
students, and contractors. Threats performed by
them can be illegal scanning of ports, illegal
distribution of confidential data, spreading of
SPAM or malicious code, and so on.
Threats Explanation
External Threats Threats are performed by outside intruders such

as hackers and crackers. Threats performed can
be brute force attacks (guessing the password
with all possible combinations), dictionary
attacks (guessing password as per dictionary
files), or hybrid attack (guessing the password
with extra characters attached to the end of the
word)
Privacy Digital Profiling It is the process of evaluating and analyzing a
person’s data without their consent. For
example, cookies, where data stored in the
browser can be read without the user’s consent.
Cyber Stalking This type of attack is basically performed on
social media platforms where the perpetrator
(untrusted user) builds its trust with the victim
and when the victim transmits confidential
information; the perpetrator exploits it and may
even abuse them for blackmailing purposes.
Recommendation A recommendation system is a machine
systems learning model where an attacker tends to
exploit them by analyzing the emotional state of
the people. It may disclose the secret details of
the person by promotional offers like insurance
offers, banking offers, medication offers, and so
on.
Infrastructure Failure of a disk, network switch, or crashing of
Availability
failure virtual servers.
Infrastructure When load placed on the infrastructure becomes
overload so high that all services are disrupted, and the
system gets crashed. The best defence is to
build scalability.
Malicious Threats like DDoS attacks disrupt the
activity availability of the data and services within the
system
Threats Explanation
Data The presence of data in the wrong format

inconsistency results in inconsistency, which may affect the
availability within the IoT system.
Poor data quality Data filled with inconsistency, redundancy, and
inaccuracy prevents the availability of the data.
When the right users do not have access to the
Data access
right data, then the availability of the data is
problems
disrupted.
Table 2.1: Possible threats in an IoT environment
2.6 Attacks: types, composition, and tools

IoT is one of the versatile technologies where the growing capacity of
network devices and connections has made them scalable and adaptable to
the real-world environment. However, the growing reality of IoT has given
rise to millions and trillions of attacks, where attackers restrain the
communication of the system. This section dives into the types of attacks and
presents the visualization of real-world attacks with the help of attack trees
and fault trees.
2.6.1 Types of attacks

Attacks can be classified as follows.
Common types of IoT attacks
IoT applications are subjected to million types of attacks; however, we
list some of the common attacks related to the Internet of Things in
Table 2.2:
Attack Description
Attack Description
Side-channel It is the type of attack where information is gained from

attacks the implementation of the system rather than from the
vulnerabilities of the system. The attacker targets the
security implementation details and recovers secret data
by making use of execution-related information. For
example, instead of stealing keys, attackers analyze the
execution parameters such as timing and power
consumption of the cryptographic algorithm to obtain the
secret key data.
Spoofing and It is the type of attack where attackers use a fake identity
masquerading to get unauthorized access to their network and devices
attacks through legitimate access identification. It is a type of
(authentication authentication attack where if the authorization is not
attacks) fully protected then it can be extremely detrimental. For
example, if information sent from a false sender address,
that demands the recipient to reveal their sensitive data
like account and credit card details in return for prize
money, then it is said that you are a victim of spoofing.
Sniffing It is the type of attack where an attacker illegally or
secretly extracts or intercepts unencrypted data by
invading the network traffic using a packet sniffer.
Sniffing is of two types: active sniffing and passive
sniffing. In active sniffing, sniffers interact with the
network and capture traffic and the data by exploiting a
switch-based network, where the switch task is to
regulate the flow of data to a specific port using the
port’s MAC address†. While in passive sniffing, sniffers
capture data by spying on the victim for a long time
without being identified.
Attack Description
Neighbor It is the type of attack where the attacker targets the

discovery neighbor discovery protocol’s characteristics used in the
attack IoT system. The neighbor discovery protocol in IOT
helps in identifying the neighbor so that the transmission
of data can take place between them. The attacker can
target this technology for discovering a neighbor or can
tamper with the exchanging message used in discovering
neighbor or tamper with the link between host and router.
It can also tamper the address detection mechanism.
Rogue Device Rogue devices are malicious devices that launch various
types of cyber-attacks like malware, data breaches, and
ransomware by exploiting the weakness of employed
access control mechanisms within the IoT system.
Man-in-middle It is the type of attack where the attacker secretly relays
attack or alters the communication between two parties, while
the parties actually believe that they are directly
communicating with each other, for example active
eavesdropping.
Eavesdropping In an eavesdropping attack, the attacker steals, deletes, or
attacks (loss of modifies the information while in transmission over the
confidentiality) network.
Cryptographic It is an attack where the attacker targets the cryptographic
algorithm and and key management mechanisms used in the network.
key
management
attacks
Denial of In this attack, the attacker makes resources unavailable to
service and their intended users by temporarily disrupting the
jamming services of a host connected to the network. Jamming is
the most popular DoS attack where an attacker floods a
large amount of traffic to the servers and blocks all the
prevailing services.
Table 2.2: Possible IoT attacks
These are only some types of attacks; however, throughout the book, we
will cover the other remaining attacks.
Attacks specific to IoT
Other than the discussed attacks in the preceding section, some
specific attacks related to IoT have emerged recently where attackers
tend to intercept or alter the behavior of devices either by physically
damaging them or by injuring them remotely. Attacks based on these
scenarios are as follows:
Physical access attack
In this type of attack, the attacker gains physical access to devices
and then tries to damage them without the user’s consent. Though it
seems impossible but can be discussed with the help of the
following scenarios: In scenario 1, the attacker gains access to the
market where second-hand IoT devices are contemplated. Users
using these devices are unaware that it has been compromised and
an eye is on them. In scenario 2, an attacker gets access to home
devices where he can easily reconfigure them and can have access
to the whole network. Similarly, they can pair new devices or reset
them, configure new passwords, or redirect traffic to an attacker’s
server. In scenario 3, attackers compromise the devices through
supply chain hacks. In this, the attacker illegally gets hold of the
Supplier Company’s network and trojanizes their software updates,
permitting the threat to spread on all devices that avail poisoned
updates. In scenario 4, skilled attackers can alter the device’s
internal memory or its firmware and can get the system under their
control. Thus, we can deduce that though physical access attacks
seem improbable but are still plausible threats, they should be
avoided.
Local attacks over Wi-Fi
In this type of attack, IoT devices present within the local home
network receive the malicious command from attackers either
through cloud polling or through a direct connection. As soon as the
attacker gets hold of the network; unwanted activities are
performed. For instance, an adversary can damage the IoT devices
like television, air-condition, digital lockers and so on by remotely
turning it on and off.
Attack against enterprise IoT components
IoT devices in enterprise systems utilize wireless communication
protocols such as ZigBee, ZWave, Bluetooth-LE, WiFi802.11, and
others. This section outlines the attacks against enterprise IoT
components:
Wireless reconnaissance and mapping attack
In this type of attack, the attacker collects all possible information
about the target before launching the actual attack. In the case of
enterprise systems, before instigating an attack, hackers tend to
gather all information on IoT devices and communication protocols
like Zigbee, z-wave, and so on with regards to its hosts, subnets,
ports, and protocols before damaging them.
Security protocol attacks
In these attacks, attackers tend to damage the protocol design,
implementation, and configuration. Here, external parties try to
sniff the exchanged network key during the pairing of zig-bee or z-
wave transactions and gain control over the zig-bee and z-wave
devices. Therefore, there is a need to determine additional layered
security control for these wireless communication protocols [3].
Physical Security Attacks
In physical security attacks, the attacker physically gets control of
the IoT host, embedded devices, and computing platforms where
they can easily access its processor, memory, and other sensitive
components like passwords, configuration data, and so on. To
protect enterprise IoT from physical attacks, various tamper
evidence controls, tamper response mechanisms, hardware security
cryptographic modules, and smart card chips are employed to verify
device identity and data from being compromised.
Application security attacks
In IoT enterprise, application endpoints include web servers and
mobile applications (as in iPhone and Android) which can be easily
exploited by attackers. The attacker can get control of the
application code, application host, and application process by
fuzzing the malicious program within the device. In addition,
attackers can crack hardcoded keys and passwords through reverse
engineering.
2.6.2 Tools for attack identification

The type of attacks has been discussed in Section 2.6.1. It is important for
organizations to identify various attacks. This can be done by visualizing the
attacks, communicating with the concerned system, and identifying the
vulnerabilities. Two such tools for handling attacks are Attack trees and Fault
trees.
Attack trees
Attack trees are conceptual representations of stating how an asset or
target system can be attacked. They provide the probabilistic analysis
of attacks to be successful and reveal the vulnerabilities present in the
system before an attacker aims to damage it. The effectiveness of
various security measures such as IoT security, cyber security, banking
security, network security, and any kind of personal security can be
easily modeled using attack trees. The increased risk of hacking
attacks on IoT systems, terrorist attacks on homeland IoT networks
and digital fraud on banking systems has modeled attack tree analysis
as an invaluable tool for the system designer and security personnel. It
helps our organization to visualize, communicate, and conclude to a
realistic understanding of the flow of vulnerabilities that can be
exploited at any point for some end effect. The next section illustrates
the fabrication of attack trees and their usages.
Building of attack tree
Attack trees illustrate the formal and methodological way of
expressing the security of systems. They are represented in a form of a
structured tree with root nodes as attack goals and leaf nodes as
different ways of achieving that goal. Nodes in the attack tree are
represented with the help of AND (Plane base) and OR (curve base)
logical operators. The illustration of an attack tree can be best
described with the help following example:
Example 1 - Attack tree against a physical safe
The objective or the goal of the attack is to open the safe. The safe can
be illegally opened in any of the four ways: (i) Attackers can steal the
lock (ii) Learn the combination of locks (iii) Break the lock (iv)
Compromise the lock during installation so that it can be opened later.
Since the safe can be opened in either of the alternative ways, the
logical OR node is used to represent the node which is just now the
root node.
Learning combination nodes can be further extended in two ways:
either the attacker could find the combination written somewhere or
could get it from the safe owner by either bribing, threatening, or
eavesdropping, or blackmailing. Here too all combinations can be
obtained by either of the ways, thus is also represented by OR the
operator. But eavesdropping can take place when the attacker listens to
the conversation and gets the targeting combination of the safe. Since
sub-goals are required to eavesdrop, this is represented by the AND
operator. In this way, each node becomes the sub-goal, and the
children of that node present ways to achieve that sub-goal. The level
of the tree is extended till the probability of occurrence is anticipated
(Figure 2.2)[4]:
Figure 2.2: Attack Tree against Safe System
Nodes within the attack tree are represented by two logical operators AND
and OR where AND nodes represent different steps of achieving the same
goal while OR nodes are alternatives for achieving the goal.
Example 2 - Attack of Unmanned Aircraft Systems

Another example of an attack tree can further be studied using an
Unmanned Aircraft System (UAS), that is, a drone. The attacker’s
goal is to redirect the drone while in flight. An attacker can redirect the
UAS by either corrupting the navigation database (it maps named
locations to positions in space such as latitude, longitude, and altitude
above mean sea level) or by spoofing the GPS system or by spoofing
the ground control station. Since the root node provides alternatives,
where any of the children nodes can satisfy the end goal; thus, it is
made up of an OR operator (Figure 2.3):
Figure 2.3: First Level of UAS Attack Tree
In the case of:
Corrupting navigation database: An attacker aims to compromise the
database by changing navigation and supply chain data.
Spoofing GPS: An attacker performs Radio Frequency based GPS
attack where they generate and transmit false GPS timing data so that
UAS interprets false location and follows the malicious path.
Spoofing the ground control station (GCS): The attacker spoofs the
drone’s legitimate operator and targets to send malicious routing
commands.
The attack tree in Figure 2.3 can further be extended by expanding the
Corrupt Navigation Database goal node as in Figure 2.4:
Figure 2.4: Second Level of UAS Attack tree
Navigation databases can be corrupted by exploiting transitive trust,
compromising database servers, and modifying the Geographic
Information System (GIS) table. Since for corrupting the navigation
database, all three conditions should be satisfied, thus it is represented by the
AND operator:
The arrow symbol in nodes “exploiting transitive trust” and “compromising

database server” show that these nodes can further be expanded while “GIS” node
has now become the leaf node.
The expansion of the Exploit transitive trust node is presented in Figure 2.5.
The representation and expansion of all nodes is a complex task; thus, it
needs greater analysis where the attack tree modeling requires a huge
number of experts in each of the sub-tree domains. Therefore, to model the
tree in an IoT system (or device), security engineering tools like the
SecurITree tool are used:
Figure 2.5: Third level of UAS attack tree
The SecurITree tool not only creates tree diagrams but also models the
effectiveness of each attack goal by measuring its capabilities (like technical
ability, attack cost, and noticeability), behavior probability, attack impact
(that is, the impact of the attack on the victim), attackers benefits, and
detriments of the attackers (how an attack can be demotivated). The tool
estimates every attack vector based on all possible tree traversal and logic
operators that define each attack goal. Once the attack vectors are generated,
reports in the form of graphs such as willingness-to-capability ratios are
produced, whose slope indicates to what extent the attacker continues to
pursue attacks with limited capability. This information helps in selecting
and prioritizing the security controls and other mitigation controls.
Attack trees can be represented in either of the ways as illustrated in example 1

and example 2.
Fault (Failure) Tree

IoT applications such as nuclear power plants, healthcare, agriculture,
defence, and so on. require a high standard of maintenance in terms of
safety (that is, absence of random failures or natural failures) and
security (that is, no disruption due to any malicious activity). Attack
trees discussed till now provide only the security assessment of the
system, thus are not sufficient to characterize risk (in terms of safety)
in any IoT paradigm [5].
For modeling the safety and reliability in any IoT engineering system,
fault trees also known as failure trees are used in the form of Fault
Tree Analysis (FTA). FTA is a method of obtaining a complete detail
of the system. The aim of the FTA is to analyze the system and
identify areas of risk. For example, in the case of nuclear reactors or
aircraft flight systems, areas of risk or nodes in fault trees can be any
undesired events like “safety valve does not open” or “the aircraft
crashes”. Events in the fault tree can be a discrete occurrence of a fault
or can be any event that is not at fault but can contribute to a fault in
the future. For qualitative and quantitative analysis, fault rates (or
failure rates) are entered at every node of the fault tree which states the
probability of the system working correctly in the absence of any
malicious activity. Like attack trees, fault trees are represented by the
following symbols as shown in Figure 2.6 [6]:
Figure 2.6: Symbols for Fault tree
Like attack trees, fault trees can also be better demonstrated with the help of
an example. Let us construct an FTA for the software package cryptographic
signing application. This software package consists of archive files and
digital signatures. Signature in this software is calculated using Hash (of the
archive) and a secret key, which is checked against the published public key.
The fault in this software depends on two factors:
Difficulty in choosing input to a hash algorithm that produces
particular output
Difficulty in deriving a secret key from the public key.
The FTA of this system is presented in Figure 2.7.
In the given example (Figure 2.7 (a)), the enemy can forge the package in
either of the two cases, in the first case; the enemy can sign the forged
package using the secret key and in the second case, the enemy can replace
the genuine archive files with the malicious files, which means he can
construct malicious files with the same hash as of actual files.
Enemy has alternatives for forging packages; thus, the root of the FTA is
connected with the OR symbol.
In the first case, if the enemy gets the secret key, it means he can either steal
the key or can self-calculate the key. Since alternatives are available, it is
represented by the OR symbol. If the enemy steals the key, then it is the end
of the event and cannot be extended because the package can be forged
easily, hence is represented by a basic event symbol. While if the enemy
aims to self-calculate the key, then how key calculation is performed, can be
further extended (Figure 2.7 (b)).
In the second case, the enemy tends to construct malicious files with valid
hash functions. It will be possible only if the enemy has effectively broken
the cryptographic algorithm. Thus, this event requires further extension
(Figure 2.7(c)).
Considering extension 1 (Figure 2.7 (b)) - When the enemy can calculate
the secret key
The enemy can calculate the secret key in any of the three situations. First,
when the secret key algorithm is not strong enough, second; when the enemy
can exploit the signing vulnerability, and last, the enemy can use its known
attacks on signing algorithms like brute-force to get the key. The first two
situations are the end of events while in the third situation, a secret key can
be calculated if the signing algorithm is poor (not complex) and the enemy
has applied its known attack. Since both conditions are a must for an
attacker, therefore it is represented by the AND symbol.
Considering extension 2 (Figure 2.7 (c)) - When effectively the enemy
can break the hash algorithm
Like in extension 1, in extension 2 also, the enemy can break the hash
algorithm, if either he has exploited the vulnerability of the hash algorithm or
has used the known attacks on hash algorithm. In either of the situations, the
enemy can break the hash algorithm (represented by OR gate). The first
situation is the end of the event as the weakness of the hash algorithm is
exploited while in the second situation, the enemy can break the hash
algorithm if the design of hash algorithm is poor and the enemy knows the
attack which can be applied to break it, thus is represented by AND gate.
Figure 2.7: FTA for software package cryptographic signing application

Summarizing the above explanation, from Figure 2.7 (a) we can see that any
of the three-leaf events can lead to a root event where an enemy can easily
forge the packet and we can say the system is compromised. Calculation of
secret keys and cracking of hash algorithms are computationally difficult
cases; thus, these two undesired events can be further extended as in Figures
2.7(b) and 2.7(c). After performing the FTA, it can be concluded that even if
the strongest algorithm is considered, the major risk to the system is from a
user who does not properly protect the secret keys. Thus, we can say that the
safety and reliability of the system depend on the protection of its secret
keys.
The difference between attack trees and fault trees depends on how one
enters and traverses these trees. For example, firstly, fault trees do not
depend on any planned attacks where multiple leaves can enter at the will of
an intelligent entity; secondly, fault trees traverse according to their failure
rate (stochastic rate) from each leaf through dependent and intermediate
nodes, and thirdly, each fault tree leaf is completely independent of all other
leaves of the tree because faults occur randomly and are independent of each
other.
2.7 Threat modeling for IoT systems

Since IoT environments are complicated, it is necessary to know what
security measures can be undertaken to avoid them and in case, if they can’t
be avoided, then how one can resolve it. For this, the threat modeling
approach is used. The threat modeling is primarily used during the
development phase to avoid issues that are expensive to fix or can be
disgraceful if publicly revealed. They are used to:
Avoid introducing any new vulnerability, since it is more beneficial to
identify vulnerabilities on a whiteboard than to fix them on the
keyboard, that is, precaution is better than cure.
Identify the existing vulnerabilities within the system, since it provides
a structured way of looking at and analyzing the systems
Understand the system, that is “What are its parts?”, “How do they
combine together? “, “What happens if something is changed?”, and
so on.
Determine the severity of threats introduced by any new system.
There are multiple methods for modeling threats; however, the analysis is
carried out considering the following steps, as shown in Figure 2.8:
Figure 2.8: Threat Modeling
1. Identify the assets or decide on the scope

In this step, the documentation of assets within the system is done to
know what items should be protected from attackers.
2. Create a system or present an architectural overview
In this step, the functionality of the IoT system is reviewed and how
an attacker could misuse this functionality is explored. This step
includes the following flow of action:
a. Documentation of expected functionality.
b. Creation of an architectural diagram that details the components

of the system, their interaction, and the protocols employed
within their interaction.
c. Establishment of trust boundaries that elucidate the trust between

actors and their directionality.
d. Identification of technologies used within the IoT system.
3. Decompose the IoT system
In this step, we understand the flow of data within the system by
decomposing it into a series of processes and data flows and try to
address the vulnerabilities and weak points within the security
architecture. This step includes the following sub steps:
a. Identification and documentation of data entry points like
sensors, gateways, and control and management computing
resources.
b. Trace the flow of data from the entry point and document all the
components that interact with that data throughout the system.
c. Identification of high-profile targets (it can be storage, high-value

sensors, or any data aggregator) that require significant
protection to maintain the comprehensive integrity of the system.
In the end, we receive a detailed understanding of the IoT system’s
attack surface that is in terms of data sensitivity and system
movements.
4. Identify threats from the flow of data
In this step, the popular threats based on the STRIDE model (Section
2.2) are identified and documented using an attack tree or fault tree, or
any available vulnerability repositories.
5. Document and map the threats to asset types
In this step, the identified threats are documented and mapped with
their associated assets. This provides a list of assets or things that we
need to worry about. Finally, some countermeasures are provided to
protect these assets from attackers. Some of them are:
a. Doing nothing
b. Remove the feature
c. Turn off the feature

d. Warn the user
e. Counter the threat with operations
f. Accountability
g. Separation of duties
h. Counter the threat with technology
i. Change in design
j. Change in implementation
k. There is no “catch-all” countermeasure

6. Rate or rank the threats
In this step, the likelihood and impact of each threat are evaluated and
the level of control is estimated which helps in the mitigation of these
threats. Microsoft’s DREAD approach is used for the evaluation and
assignment of the risk level. The DREAD model includes these basic
questions and assigns a score varying from 1 to 10.
Damage: The amount of damage incurred by a successful attack.
Reproducibility: What level of difficulty is involved in reproducing
the attack?
Exploitability: Can the attack be easily exploited by others?
Affected users: What percentage of a user/stakeholder population
would be affected given a successful attack?
Discoverability: Can the attack be discovered easily by an attacker?
Based on DREAD’s questions, the score of every threat is evaluated and
threat mitigation is prioritized within the security architecture.
Example - Threat Modeling for a smart parking system
Modeling of threat can be further explained with the help of the example of a
smart parking system:
Let us consider a smart parking system that involves the deployment of IoT
elements that are subjected to a high-threat environment. The system consists
of multiple endpoints that aim to capture and provide data to the backend
infrastructure for processing. The system also provides trend analysis for
decision-makers, correlation of the sensor data for identification of real-time
parking violators, and an API to smart-phone application for facilitating real-
time parking spot status and payments to customers. A step-by-step threat
modeling of this application is illustrated as follows:
1. Identify the assets or decide on the scope
Any smart parking system includes the following assets (Table 2.3):
ID Asset Description
1 Sensor data Sensor data states whether the

parking space is filled or empty.
Data is transmitted via the Zig-bee
protocol to the sensor gateway
which is then merged with other
sensor data and transmitted via Wi-
Fi to a router that is connected to the
cloud. Data is then processed by an
application and is stored in the
database as raw storage.
2 Video streams Data is captured by an IP camera
and transmitted over Wi-Fi for
backend processing.
3 Payment data This data is transmitted from
smartphones or Kiosks to a payment
processing system.
4 Lot sensors These sensors determine when a
parking spot is empty or filled.
5 Sensor gateway Data is aggregated from all sensors
using Zig-bee protocol and then
transmitted it to backend system via
Wi-Fi.
ID Asset Description
6 IP camera It records the video of spots and then

sends the streamed data over Wi-Fi
to the backend processing system.
7 Parking It processes the received data from
application sensors and provides parking and
rate information to customers
through smart-phone applications
and kiosks.
8 Analytics It collects data directly from cameras
system and sensor gateways.
9 Kiosk The kiosk allows parking payment
for pay & display, either pay by
license or pay by space.
10 Infrastructure These types of equipment provide
communications communication access across the
equipment system and interface with all aspects.
Table 2.3: Assets in the smart parking system
2. Create a system/architecture overview
The architecture of the system is presented in Figure 2.9 and the
documentation of functionality is given by use cases:
Figure 2.9: Architectural Overview of the smart parking System
Use case 1: A customer pays for the time in a parking spot
Preconditions
A customer has installed a parking application on the smartphone.
Payment information has been made available for transactions

using the parking application.
Use case
The customer opens a parking application on the smartphone.
The smartphone communicates with and collects data from parking

applications and provides real-time location and pricing for nearby
vacant spots.
The customer drives to the spot.
The customer uses the smartphone application to pay for the spot.
Postconditions
The customer has paid to park the car for a set amount of time.
Use case 2: Parking enforcement officer is alerted to the non-payment
incident
Preconditions
The time allocated to a parking transaction has expired and the car
is still in the parking spot.
Use case
Parking application (backend) records the parking session start
time.
IP video cameras capture video of the vehicle in the parking spot.
The parking application correlates the video of the car in a spot

with the start time and duration for the parking transaction.
The system flags for video confirmation once the transaction

duration has expired.
IP video cameras provide evidence that the vehicle is still parked.
The parking application transmits an alert to the enforcement

application.
The enforcement officer receives an SMS alert and precedes in-

person to ticket the vehicle.
Post conditions
The parking enforcement officer has ticketed the vehicle.
3. Decompose the IoT system
It includes the list of entry points and the flow of data to those access
points. Entry points in the defined parking system are shown in Table
2.4:
S.No Entry points S.No Entry points
1 Parking management 4 The smartphone

application (It provides application
web services that accept (establishes the
the incoming request connection
overexposed API) between API
and smart
parking
management
system)
2 Kiosk (User can 5 Sensor gateway
physically access it or administrative
can access it remotely account
via Wi-Fi) (Technicians
gain control
over it through
Wi-Fi or
physically)
3 IP cameras (Technicians 6 Enforcement
can get control over it application
via IP network) (manages the
data SMS alert
to registered
IoT devices)
Table 2.4: Entry points in the smart parking system
The flow of data access is shown in Figure 2.10:
Figure 2.10: Flow of data with their entry points
4. Identifying threats from the flow of data
Data is identified using the STRIDE model is given in Table 2.5:
Type Examples Security

Controls
Spoofing Parking thief charge the Authentication

legitimate customer for
parking time by accessing
that customer’s account.
Tampering Parking thief receives free Authentication
parking through unauthorized Integrity
access to backend smart
parking application
Repudiation Parking thief receives free Non-
parking by asserting that the repudiation
system malfunctioned. Integrity
Information Malicious actor accesses Authentication
Disclosure customer financial details Confidentiality
through the compromise of a
backend smart parking
application.
Denial of Malicious actor shuts down Availability
Service the smart parking system
through a DoS attack.
Elevation of Malicious actor disrupts Authorization
Privilege smart parking operations by
implanting rootkit on
backend servers.
Table 2.5: Identified data with their security controls and type
5. Document and map the threats to asset types
In this step, threats are listed with their target assets:
Threat A parking thief charges a legitimate

description #1 customer for parking time by accessing
that customer’s account.
Threat target Legitimate customer account credentials
Attack Social engineering, phishing, database
techniques compromises, MITM attacks
Countermeasures Require multi-factor authentication on
accounts used to access payment information.
Threat Parking thief receives free parking through

description #2 unauthorized access to the backend smart
parking application
Threat target Parking application
Attack Application exploit, web server compromise
techniques
Countermeasures Implement web application firewall fronting
parking application webserver; implement
validation of inputs to application over API
Threat Parking thief receives free parking by

description #3 asserting that the system malfunctioned
Threat target Parking attendant or administrator
Attack Social engineering
techniques
Countermeasures Implement data integrity measures on all
sensor and video data captured within the
system
6. Rate the threats

Rating of threat description 1 according to DREAD model is given in
Table 2.6:
Item Description Item

score
Damage The damage is limited to a single 3

Potential customer account
Reproducibility The attack is not highly 4
reproducible unless mass
compromise of customer database
occurs
Exploitability The exploitation of this threat can 8
be done by unskilled persons
Affected users Single user in most scenarios 2
Discoverability This threat is highly discoverable 9

as it can be accomplished using
non- technical activities
Overall score: 5.2
Table 2.6: Threat risk ranking: Parking thief charges legitimate
customer for parking time by accessing that customer’s account
Rating of all threats is calculated and then threats are prioritized for
mitigations within the parking security systems. In this way, threats with
higher priority are mitigated first, followed by lower priority threats.
Conclusion
This chapter explores IoT threats, vulnerabilities, and risks along with their
countermeasures which would help the reader in analyzing and strategizing
the security model for an IoT system. The chapter presents different types of
attacks for specific as well as for enterprise IoT with appropriate threat
modeling demonstration. The chapter illustration is summarized as follows:
Information Assurance deals with the execution of methods and
techniques that protects and safeguards the information related to its
use, process, storage, and transmission
Information is assured by assuring:
Confidentiality: It ensures that sensitive information is secret and
is not disclosed to unwanted entities.
Integrity: It ensures the originality of information with no
alteration or modification either accidentally or intentionally.
Authentication: It ensures that authentic data is coming from
authentic users.
Non-repudiation: It ensures that communication parties cannot
deny the validity of the occurred action.
Availability: It ensures the presence of information whenever
needed by an authorized individual.
Resilience: It ensures the ability of the system to recover from
failure and attacks either deliberately or accidentally.
Safety: It ensures that the system is protected from harmful
situations.
Threat is a negative interference that exploits the weakness of the
system to breach security and harm the objects of interest by
negatively altering, stealing, or erasing the data or information.
Microsoft has classified threats as a STRIDE model:
Spoofing: An attacker gains illegitimate advantage by disguising its
identity
Tampering: An action of modification and alteration taken by
unauthorized user
Repudiation: A situation where the attacker denies the action already
taken
Information Disclosure: An act of performing data breaching and
leaking by an illegitimate user
Denial of Service: In this type of threat, an attacker disrupts the
network communication by flooding enormous data within the
network.
Elevation of Privilege: It is the act of taking unwanted advantage of
bugs and flaws present within the system, to gain uninvited access to
resources and application.
Vulnerabilities are weaknesses within a system that gives attackers the
opportunity to exploit the system related assets. It is classified into
four types: hardware vulnerability, software vulnerability, network
vulnerability, and procedural vulnerability.
Risk is the damage or destruction of assets or data caused by any threat
that makes use of existing vulnerabilities within the system. Risk can
be reduced by employing the risk management system.
Access control is a constraint on data security that states which user is
allowed to access which part of the system at what time.
There are three different ways to categories access control security
measure: List-based access control, role-based access control, and
capability-based access control
Access control threats are classified as internal threats and external
threats, privacy threats include digital profiling, cyber stalking and
recommendation systems and availability threats consisting of
infrastructure failure, infrastructure overload, malicious activity, data
inconsistency, and poor data quality.
Some common types of IoT attacks are:
Side channel attack: An attacker targets the implementation of
security measures and tries to recover the secret data.
Sniffing: An attacker illegally monitors and extract the unencrypted
data by invading the network traffic
Neighbor discovery attack: An attacker tends to disrupt the
working of neighbor discovery protocol.
Rogue Device: An attacker implants rogue devices, which tends to
launch the cyber-attack by exploiting the vulnerabilities of the
system.
Man-in-middle attack: An attacker secretly relays or spies the
communication between two parties, who think that they are
communicating directly with each other.
Eavesdropping: Attackers steal, delete, or alter the information
while in transit.
Attacks specific to IoT network
Physical Access attack: An attacker tries to disrupt the devices by
gaining physical access to them.
Local access attack over Wi-Fi: An attacker tries to disrupt the
devices remotely by gaining network or Wi-Fi access connected to
it.
Attack specific to IoT Enterprise
Wireless reconnaissance and mapping attack: In this, before
launching the attack; the attacker desires to collect all the
information related to the target like port, protocol, and so on and
then launch the final attack.
Security protocol attacks: An attacker aims to damage the
protocol design, implementation, and configuration.
Physical security attacks: An attacker physically gets control of
communication hosts, devices, and computing platforms.
Application security attacks: Attackers aim to damage the
application endpoints like web servers and mobile applications
Attack trees are the diagrammatic representation of showing how an
asset or target system can be attacked. It states the diagrammatic flow
of disruption caused by any malicious activity. The root node and
intermediary node are represented by AND and OR logical operators
while leaf nodes are represented by rectangular box symbols. The level
of the tree depends upon the complexity of the attack.
Fault trees are used to represent the safety measurements of the IoT
application. It presents the flow of natural occurrences of failures and
is illustrated by Fault Tree Analysis (FTA). FTA is the top-down
failure analysis where the risk of the system is analyzed using Boolean
logic AND and OR operators.
Threat modeling is the measurement to understand how an attack can
occur in any IoT application and what measures can be taken to
mitigate that attack. Threat modeling involves the following steps of
consideration:
Identification of assets
Architectural presentation of the system
Documentation
Architectural diagram with components and their interaction
Establishment of trust boundaries
Identification of technologies
Decomposition of the system

Identification and Documentation of data entry points
Stating the flow of data
Identification of high-profile targets
Identification of threats in accordance with the STRIDE model

Documentation and mapping of threats with their asset type.
Rating and prioritizing threats based on the DREAD model and then
finally mitigating it.
2.8 Questionnaire

1. What are the pillars of information assurance?
a. Confidentiality and integrity
b. Authentication and availability
c. Resilience and safety
d. None of the above

2. Individuals or group that acts on threats are known as:
a. threat source
b. threat actors
c. Threat system

3. Weakness in any device or application is known as:
a. threat
b. risk
c. attack
d. vulnerability
4. Privacy threat includes which of the following attack?
a. Digital profiling
b. cyber stalking
c. False Recommendation
d. All of the above

5. When an attacker illegally extracts or intercepts the unencrypted
data by invading the network traffic, it is known as:
a. sniffing
b. eavesdropping
c. jamming
d. man-in-middle attack
Answer key
1. (a) & (b) 2. (b) 3. (d) 4. (d) 5. (a)

1. Build a threat model for any IoT web-based application.

1. How are fault trees different from attack trees?
2. Draw an attack tree and a fault tree for a computer virus attacker.
3. What is the concept of fault tree analysis?
Keywords (†)
Secret code: It is the secret access code (combination of letters,
numbers, or special characters) that allows the user to access their
account and prevail their services.
Two-factor authentication: It is a security system that requires two
separate layers of identification for gaining access to accounts and
services.
Encryption: Conversion of data from readable format to encoded
format
Hashing: It is an algorithm performed on file or message to produce a
number called hash (also known as checksum), which is used to verify
that data within a file is not corrupted and modified.
One-Time-Password (OTP): It is the mechanism of logging into the
network by using a unique identification password that can be used
only once.
Digital signatures: It is the mathematical formulation of validating the
authenticity and integrity of the message.
Firewalls: It is the security device that monitors and filters incoming
and outgoing network traffic based on organization policies.
Antivirus: Software used to prevent, scan, detect and delete viruses
from the system
Intruder: They are attackers who attempt to breach the security of the
network.
Vulnerable: It is a weakness within the system that can be exploited
by an attacker
MAC address: Unique address which is used to track IoT devices.
References
[1] C. G. Rieger, D. I. Gertman, and M. A. McQueen, “Resilient control

systems: Next generation design research,” in 2009 2nd Conference on
Human System Interactions, May 2009, pp. 632–636, doi:
10.1109/HSI.2009.5091051.
[2] “Safety.” http://www.merriam-webster.com/dictionary/safety.
[3] T. Zillner, “ZigBee Exploited - The Good, the Bad and the Ugly,”
Cognosec, vol. 16, no. 2, p. 6, 2015.
[4] “Attack tree.”
https://www.schneier.com/academic/archives/1999/12/attack_trees.ht
ml.
[5] P. J. Brooke and R. F. Paige, “Fault trees for security system design and
analysis,” Comput. Secur., vol. 21, no. 8, pp. 256–264, May 2003, doi:
10.1002/9781119994053.ch8.
[6] W. E. Vesely, F. F. Goldberg, N. H. Roberts, and D. F. Haasl, Fault Tree
Handbook (NUREG-0492). 1981.
[7] K. S. Wilson, “Conflicts Among the Pillars of Information Assurance,”
IT Prof., vol. 15, no. 4, pp. 44–49, Jul. 2013, doi: 10.1109/MITP.2012.24.

Pillars of information assurance
Difference between threats, vulnerabilities, and risks
Access control and its type
Types of threats
Significance of the attack tree and its representation
Significance of the fault tree and its representation
Process of modeling threats

CHAPTER 3
Security Engineering for IoT Development
Introduction
Security engineering is a complicated issue that deals with building systems;
free from fault, error, or failure. As a subject of concern, it explores tools,
processes, and methods needed to design, implement and test the systems.
These systems struggle with a viable source of interruption extending from
natural to malicious disasters. In today’s technical industry security engineering
has taken back seats, which if not acknowledged and rectified; then can cave in
the following gloomy activities:
Crime, for example, burglar and car alarms
Undermining of the business, for example, false payment
Undermining of industrial economic infrastructure, for example,
falsifying machines and network systems
Endangering human life, for example, damaging defence and nuclear
power systems and their privacy, for example, damaging medical record
data or any personal details.
Engineering in any discipline generally involves a methodological approach
that includes prototyping, testing, refining, and then finalizing the architecture
before being deployed. However, in this attainable world; where security is of
prime concern, instead of following traditional approaches; researchers,
developers, and company holders have practised plenty of other models for
imparting security in an IoT domain. Concerning this, the chapter illustrates the
development of security engineering for the Internet of Things.
Structure
Secure development methodologies for IoT
Security designing in IoT systems and its compliance with others
Planning and development of the security process and agreements
Process of selecting suitable security products and services for IoT
3.1 Building Security into design and development

The section talks about the requirements and operations of securely
engineering IoT products and systems. For a system to be highly secure, it is
important to build security from the initial development of the product.
However, building security from scratch of the product demands a huge
investment both in time and money. Therefore, a suitable engineering
development methodology is needed that enhances the security of the system
with low investment costs.
Traditionally, introducing security requirements and controlling security
operations in every phase was considered to be sufficient for building security
into the design and development of IoT systems. However, later the Agile
development practice was adopted where a project is divided into several
phases and constant collaboration with surroundings is maintained with
continuous improvement in every phase.
In this part of the chapter, we will present the traditional method of securing an
IoT system, which involves the identification of security requirements and
management of securing operations in an IoT system. In the next section, we
will introduce the Agile development practice in the form of the IoT Security
Life Cycle.
3.1.1 Managing security requirement

Microsoft has developed an approach for handling security requirements in
every phase of development where the categorization of security requirements
is done at every stage. The requirement categories introduced are one-time
security requirement, Sprint (iteration) security requirement, Bucket security
requirement, and functional security requirement.
One Time requirement includes the requirements needed at the start of
the project that is during the project setup. It includes:
Secure coding guidelines to be followed throughout the project
development.
Establishment of an approved software list for third-party components
or libraries.
A Sprint or iteration requirement includes the security requirements
which are needed in each iteration. The number of hours required for
each requirement is estimated during the iteration planning phase. Sprint
requirement helps in:
Identifying bugs and performing peer reviews before integrating them
into base code.
Ensuring that code is executed through a static code analysis tool
within a continuous integration environment.
Bucket requirements are a list of security requirements that can be
applied and executed over the life of the project. These requirements can
be chosen and imported by the team during sprint planning as and when
required.
Functional security requirements are added to the product backlog and
are prioritized as per the need of the product owner. For example, as an
owner of the IoT product, I want to ensure that:
All-access passwords of my device and cloud are strong.
Data stored in my device and transmitted by my IoT device is
encrypted.
Keys stored in my device are protected from unwanted disclosure.
Unwanted software and services are disabled from my device.
My device collects and processes only relevant data.
3.1.2 Managing security in IoT when in operation

These days IoT has shifted its ways from conventional hardware purchases
towards the deployment of Product-As-A-Service (PaaS). In product-as-a-
service; instead of selling products; IoT vendors lease or sell their product’s
services (or outcomes) in a single transaction to customers and charge them for
their usage or performance. Some examples include jet engines, robot services,
water pumps service, smart lighting services, and many more. PaaS is an
agreement between three entities: first, the client is the one who purchases the
service, second the manufacturer is the one who delivers the product and its
associated service, and last is the PaaS platform provider whose function is to
take care of the infrastructure that includes data collection, transmission,
storage, security, and analytics (Figure 3.1):
Figure 3.1: IoT as PaaS

As we know security is of major concern, thus the aspect of security design is
embedded during the development phase. Security consideration includes:
Compliance landscape for the operational environment(s): It means
that product service development has to satisfy the approved consent
document which contains the laws, rules, regulations, and code of
conduct that protect and safeguard the operating procedures and ensure
that the operating environment is not being harmed.
Methods for safeguarding the device from the physical exposures: It
means protecting devices using physical entities such as locks, barbed
wire, fences, doors, or any visible security measures that reduce the
casual attempts carried out intentionally by criminals or accidentally by a
natural disaster like fire, flood, and so on.
Introduction of the additional system to support entitlement
management in a secure manner: Entitlement management is the
system that grants, revokes, resolves, enforces, and administers; access
rights, permissions, authorization, privileges, and rules. For efficient
management of IoT services, the PaaS provider should ensure the
support of the entitlement management system in a secure manner.
Introduction of additional systems to support device firmware
updates in a secured manner: For up-to-date features and services, the
devices and their firmware should be updated regularly with advanced
operational instructions. For effective communication and services, PaaS
should ensure the protection of firmware update-modules.
3.2 The IoT security life cycle: Secure design

Bruce Schneier, the security technologist, once said that “Security is not a
product but a continuous process that requires a series of continuous actions
for the reduction of hidden as well as exposed risks.” It indicates that even if
we are aware of the security requirements and its management services, we still
need to know about the security lifecycle of IoT. Security lifecycle is a course
of events that secure the products from their existence towards their
deployment and operation and eventually to their stabilization or ejection. The
IoT security lifecycle comprises four phases, including Secure Design, Secure
Implementation and Integration, Secure Operation, and Secure
Dispose/Ejection (Figure 3.2).
Phase 1 - Design: In this phase, the formal security requirements of the IoT
system are transformed into a security architectural structure considering all
further security implementation.
Phase 2 - Implementation and Integration: In this step, the architectural
design is implemented into executable form. Integration of security products
with existing enterprises is carried out in this phase.
Phase 3 - Operation: In this phase of the security lifecycle, the operation and
maintenance of the implemented system are done. This phase ensures the
smooth execution and maintenance of identities, roles, and attributes. Security
monitoring throughout the system is also managed in this phase.
Phase 4 – Dispose/Ejection: This phase is the last phase of the security life-
cycle, where the IoT devices; when used for a long-time are disposed of with
secured processes and procedures. The objective of this phase is to aid the
system against adversaries that aim to gain illegal physical access to obsolete
IoT devices.
Figure 3.2: IoT security lifecycle
Phase 1: Secure design

The design phase of the IoT system constitutes the set of actions where all the
requirements in their formal form are translated into an architectural structure
which is then directly implemented into executable form. Secure designing
demands injecting Security within the design phase that not only produces the
final product correctly but also of high quality. On the contrary, insecure
designing decisions are addressed while considering the perspective of an
attacker who is trying to breach and compromise the weakness of the system.
Secure designing in IoT systems comprises sub-phases that include safety and
security design, process and agreement design and technology selection which
are further sub-classified into sub-sub-phases, represented in Figure 3.3. The
rest of the chapter presents an in-depth consideration of the secure design.
Please refer to the following figure:
Figure 3.3: Classification of design phase
3.2.1 Safety and security design

In this stage of designing, we will learn to determine threats present in our IoT
system and what information and approvals are needed to mitigate them. We
will next extend our study of security engineering and will attempt to
incorporate it into our real-time development and integration efforts.
Threat Modeling
Ensuring safety and security at the beginning of the product development
requires the prior identification of threats so that necessary actions could
be taken beforehand. For the identification of threats, threat modeling is
taken into consideration. It is a systematic approach to identifying
sensitive assets, threats to those assets, and vulnerabilities present in the
system that makes the threats act upon. The objective of threat modeling
is to mitigate threats and in turn, protect all sensitive assets. A threat is
modeled at the beginning of the product design, which in turn is used to
guide the architecture and design of the product. Moreover, it reduces the
cost of the product during the development process and ensures that
valid security measures are mapped out before the product development.
The process of modeling threats is discussed in detail in Chapter 2, IoT
Security - Vulnerabilities, Attacks, and Countermeasures, with the help
of use cases. Threat models should always be maintained and updated as
per the system design, operation, and exposure. Therefore, an
organization should always assign a threat modeling team every quarter
that monitors the architectural modifications and introduces new
services, configurations, products, and supplier changes as per the
requirements.
Privacy Impact Assessment
Privacy Impact Assessment (PIA) is another important component of
the safety and security design phase where privacy risk is identified and
assessed throughout the development of the security lifecycle. In
addition, with privacy risk, PIA is also used to:
Determine whether the information collected acts according to the
privacy-related legal and regulatory requirements.
Protect and process the information that reduces the privacy risk.
Determine the risk of collecting, maintaining, and broadcasting
Personally Identifiable Information (PII).
Provide methods and options to every individual to give their consent
for the collection of their PII.
When any IoT system desires to collect, process, and store privacy-
related information, then PIA gets activated and it informs the designer
team to include the following details in their IoT system:
Include a sufficient amount of administrative approval power.
Conduct an internal audit to determine whether it is practical to
collect, process, and store PII or any personal information in the given
IoT system.
Stored personal data should be encrypted using a strong cryptographic
algorithm.
The device should be accessed, both physically and logically, by only
authorized personnel.
A positive consent should be taken from the end-user, in case its
information or PII is used, transferred, or disposed of.
Merely performing PIA is not sufficient, it is essential to link the outcome from
PIA to the system requirements and keep track of those requirements as soon
as it gets developed and implemented. The following Figure 3.4 represents the
actions of PIA on the IoT system that will be taken after its successful
execution on the IoT system. Actions that can be taken are:
Accept: The product will be accepted when the impact of risk and likelihood of
risk occurrence is low.
Manage: If the impact of risk in the product is high but the likelihood of
occurrence of risk is low, then the product can be manageable with some
precautionary measures.
Control: In case, when the impact of risk on the product is low but the
likelihood of occurrence is high, then the product should be used in a
controlled manner, that is, it should be used only when necessary.
Avoid: When both the impact as well as the likelihood of risk on the product, is
high, then it is advisable to avoid the usage of the product in the system. Please
refer to the following figure:
Figure 3.4: PIA action on IoT system
Safety Impact Assessment
Safety Impact Assessment (SIA) is a means of measuring the security
effectiveness of the IoT system and judging the significant changes
brought it by implementing those security measures. The need for SIA is
necessary for IoT systems, which if not implemented may have a fatal
result. For instance, a low-power pacemaker, if not safely assessed, then
can be easily compromised and may have an unwanted outcome.
Similarly, the electronic control unit, which controls the braking system
of the modern automobile, can get compromised by an attacker; if no
prior SIA is considered. It is encouraged to perform the SIA of every IoT
deployment be it home, transportation, medical, health, or any industrial
application.
SIA not only examines the complete breakdown of device or system
operation but also assesses the malfunctions and misbehaviors emerging
from device vulnerabilities and possible compromises. For example, the
unattended thermostat which is not crashed; if not assessed (calibrated)
timely, then due to existing vulnerabilities can easily violate its upper
and lower temperature threshold, which may at times result in serious
safety conditions.
Typically, the following factors are documented in SIA:
Is there anything dangerous that could happen, if the device or system
stopped working altogether? (For example, Denial of Service)
In case, if the device is not safety-critical, then, is there any other
safety-critical device or service that depends on an existing non-
critical device?
What are the methods and techniques for minimizing or avoiding
harmful activities caused due to device failure?
Are there any other similar system deployments that have shown
some safety results or may have shown some harmful results?
Compliance
Compliance is the means of establishing a process that adheres to its
respective principles and standards. From the perspective of the IoT
security lifecycle, IoT compliance is the establishment of a security
mechanism that completely follows industry standards and protocols,
both in commercial and government organizations. Since IoT systems
generate a huge amount of personal data, there is always a chance of
security breaches; therefore, government organizations from all over the
world are deploying regulatory guidelines for all companies developing
and selling IoT products, both software and hardware. For example, in
2019, the UK issued the IoT security guidelines which state that the
formation and maintenance of data security will be the responsibility of
the company selling the IoT product rather than the users who are using
it.
IoT security compliance is not common for all products but depends
upon the industry for which the product or service is being developed.
For instance, devices or systems developed for financial transactions
must follow Payment Card Industry (PCI) standards for their sales and
services. Similarly, Military and Banking systems, which are considered
to be critical applications, must adhere to their Certification and
Accreditation (C&A) standards because if not followed may result in
disastrous outcomes. Some examples of industry-specific compliance are
the Payment Card Industry (PCI † ), the North American Electric
Reliability Corporation (NERC † ), the US Postal Service (USPS), the
Society of Automotive Engineers (SAE † ), and the National Institutes
for Standards and Technology (NIST), and HIPAA†.
Unfortunately, following compliance for IoT is difficult because of its
complex data interactions among different parties as it becomes difficult
to identify from where all data is coming and to which party it is being
transmitted. It is advisable to confer compliance for a single industry and
use case; however, the growing trend of data aggregation and analysis
has asserted significant compliance requirements for IoT that follow
privacy laws and rules. Thus, we can state that the higher the complexity
of IoT, the greater the probability of violating compliance and legal
issues.
Given the multitude and complex structure of IoT, it is necessary to
explore early, what standards can be applied and to which organizational
elements and systems. It is important to integrate the compliance
requirements into the IoT system design and development, product and
data selection, and in-process sharing. In addition, some standards
require regulatory involvement in certification and accreditation. The
cost and timeline of these activities can be high and can act as a barrier
to the development of an IoT system. Therefore, compliance monitoring
is suggested.
However, compliance monitoring in an IoT system is a challenging task
as there is always a need for an organization to maintain a security state
for the significant number of devices and their types. Though limited
numbers of solutions are available to address this challenge, some
vendors are building the capabilities of monitoring compliance in an IoT
system. For instance, Pwine Express [1] provides compliance monitoring
and vulnerability scanning capabilities that can detect and report
unauthorized and suspicious devices. Another vendor for compliance
monitoring is Complinity [2]. Complinity is one of India’s leading
compliance software companies that ensures compliance with all
applicable laws, helps to avoid penalties, prosecutions, and litigation and
also helps to implement better processes and controls enabled by
technologies. These software vendors help security engineers to validate
their security policies, configurations and controls through standard
testing tools.
Security system integration
Implementing a security system integrated into the design phase ensures
that IoT devices are capable enough to be securely integrated into large
enterprises. In other words, devices with this ability can securely provide
identities, and their credentials can securely undergo testing, monitoring,
and auditing, and can be securely upgraded. For example, suppose in an
automated home network, we need to install a new IoT device, then
during bootstrapping, the security-critical process like default password,
technical controls for creation of a new password, keys, and so on. are
effectively handled and treated.
The characteristics of threat modeling, PIA, SIA, and compliance serves as the
inputs for embracing security while integrating a device within any
enterprise.
Security system integration includes the following subjects of concern

(Figure 3.5):
Secure bootstrap
Accounts and credentials
Patching and updates
Audit and monitoring.
Figure 3.5: Security System Integration
Secure bootstrap
Bootstrapping is the process where the state of a device, a subsystem, or an
application changes from a non-operational to an operational state. In an IoT
system, it refers to the process of assigning an identity to the device and
enables communication with an endpoint. Device bootstrapping of an IoT
system consists of three components, namely, the IoT device, Registration
authority, and server.
IoT device: It is a sensor-enabled device that wants to establish its
communication with other endpoints.
Registration Authority: It validates the received certificates, tokens, or
shared credentials from the device and then returns the validated credentials
to the device for further use.
Server: It includes the protocol endpoints to which the device wants to
establish its connection.
The process of bootstrapping is performed once the device is connected to
the power supply and can be explained with the help of the following steps
(Figure 3.6):
1. A device registers itself with the registration authority using its
credentials or tokens provided by the manufacturer.
2. The registration authority validates the authenticity of the received
credentials, registers the device, and returns the authenticated
certificate to the device.
3. Once the device receives its authenticated certificate, it
communicates with the server allows it to establish publish-subscribe
communication via the server’s protocol endpoint:
Figure 3.6: Bootstrapping process
For Secure bootstrapping, whenever a new device is incorporated into the

enterprise network, then it is important to know whether the device is
legitimate or illegitimate. Insecure bootstrapping may result in serious
security issues. For example, devices available just after manufacturing or
shipping are said to be in a highly insecure state because it may happen that
the manufacturer or any third person would have tampered with or made
changes to the devices as per their own need. Thus, it is necessary to
perform the secure bootstrap process.
Secure bootstrapping in a resource-constraint device is a crucial task which
demands that the device should securely get its default password,
credentials, network information, secret keys, and URLs for reaching the
necessary servers. It also includes secure rekeying†, upgrading security
schemes, and redirecting devices to other servers. It includes the following
security processes that any resource-constrained devices should undergo
before being incorporated into any enterprise:
Devices should be securely configured as per the security policy of the
enterprise.
Devices should have complete information on their network, subnet,
default gateway, ports, and protocols.
Devices should have complete information on the network, backend
system, and server identities.
Devices should register their identity to the network or backend systems
to which it connects.
Accounts and credentials
Security credentials are the piece of evidence that communicating parties
owns as a token of security and account for their identity. So, whenever a
new IoT device is integrated into a large enterprise, it is required that each
device should possess and maintain its own credentials for identity
management. Bootstrapping discussed above addresses the initial furnishing
of the certificates and passwords; however, once furnished, the system
maintains its identity and updates its credentials at periodic intervals.
Let us consider an example of a TLS† server, where the server provides an
X.509 TLS client certificate for authenticating devices that want to integrate
into the enterprise system. X.509 credentials are used to sign the TLS
handshake messages. These X.509 certificates contain the expiration date;
this date should be closely tracked before it expires or loses its identity.
Therefore, maintenance and accounting of these certificate credentials are
mandatory for identity management.
Patching and updates
Patching and updates present the interconnection of software and firmware
to IoT devices and systems. Generally, the devices and systems are
connected directly with the help of a USB, console, or Ethernet, which
updates the devices to their latest versions. However; the relocation of IoT
towards the cloud-based system has introduced some modern devices that
can update or patch their software or firmware over the network either from
the manufacturer or from a specific device/system manager.
Updating and patching system over the network induces several
vulnerabilities therefore it is required, that the update or patching process
should have the following capabilities:
Processes should ensure software/firmware’s end-to-end integrity,
authentication, and confidentiality.
Update/patching process should be performed only by a highly privileged
authenticated device or person like an administrator.
Updates or patches should not alter any privacy setting, security policy,
or device configuration without user notification. Examples: Vizio, Nest.
Audit and monitoring

Audit and monitoring represent the ability of enterprise security systems to
capture and analyze the anomalies of both host and network; specific to the
given IoT device/system. Earlier manual ticking off was done to audit the
system but the incorporation of IoT with AI technology had made audit an
easy task, where the documented pattern is effortlessly generated without
any human intervention.
For enterprise security, a regular audit facility should be provided by the
manufacturer or by a designated system designer to whom the owner has
given access and specific security zones should be established. These
security zones are monitored at the gateways by integrated firewall† and
SIEM† (Security information and event management) systems.
It is essential to know that privacy data is not published during the audit interface
without the explicit permission or agreement given by the device owner or user.
Such information is discovered and evaluated at the time of privacy impact
assessment.
Process of Auditing: An auditing process includes the following steps:

Step 1: Determine Audit Subject
In this step of auditing, we need to know, what are we auditing. For example,
operational auditing, quality auditing, security auditing, and so on.
Step 2: Define the Audit Objective
Once we get to know what we are auditing, the next step will be to discover
why are we auditing. From the auditor’s perspective, it is advisable to adopt a
risk-based view for defining the objective of the audit. Table 3.1, presents the
IoT risk category along with its example, which helps in anticipating the
objective of the audit:
Risk category Examples
Business Health and safety

Regulatory Compliance
User Privacy
Unexpected cost
Operational Inappropriate access to functionality
Shadow usage
Performance
Technical Device updates
Device management
Device vulnerabilities
Table 3.1: Categorization of IoT risk
Step 3: Set Audit Scope
Once the objective of the audit is defined, the next step is to find the scope of
the audit, which means we aim to identify the IoT devices that need to be
audited. Identified devices not only include sensors or actuators but also
include supporting infrastructures like networks, data collection methods, data
storage means, cloud, and algorithms for processing data. These entire
supporting infrastructures come under the scope of the audit.
Step 4: Determine Audit Procedures and Steps for Data Gathering
After knowing the subject, objective, and scope of the audit, the succeeding
step; taken by the audit team is to identify and select the approach or strategy
for developing and testing the audit program. The following aspect of IoT is
considered for reviewing the audit program as presented in Figure 3.7:
Figure 3.7: Audit IoT Framework

General baseline controls: These state the minimum controls that need to be
applied to all aspects of the technology.
Data-related controls: These include the controls that apply to the data
forming a key part of IoT.
Analysis and learning-related controls: This type of control ensures that the
analysis is ethical and enables trusted use of data and also appeals that the
outcome of analysis can be applied to business decision-making.
Business and process alignment-It expresses that the IoT implementation is
aligned with business needs and that business benefits are delivered as
required.
Applicable sources of assurance for each aspect of IoT are given in OWASP
IoT security guidelines, GSM association IoT security assessment document
[3], Future-Proofing the connected world document [4], COBIT enabling
information document [5], and many more [6].
3.2.2 Processes and Agreements

This level of system design includes the assignment and execution of security
processes and procedures at the right place and at the right time. This helps in
establishing a strong security foundation for IoT systems. This phase includes
the following plans and procedures:
Secure Acquisition Process
Every object that holds information is a valuable asset, therefore it is
essential to ensure that the IoT devices are acquired from trusted
vendors. Enterprises should set certain rules for acquiring new devices
that are free from any malicious software or malicious activity.
The process of acquisition is broken down into three main areas of
activity, which include:
Step1: Deciding what to acquire
This is the most important step where the security requirements are
analyzed and acquisition attributes are prioritized. Attributes are
prioritized according to the available policy documents, changing
environment, technological development, and modernization.
Step 2: How to acquire it?
Once the acquiring requirements are identified, an acquisition strategy is
prepared which contains a wide range of acquisition options (types of
vendors and manufacturers) that justifies the specific route of acquiring
that product.
Step 3: The acquisition process
The act of acquiring secured IoT devices or services is a complex
process that can be illustrated with the help of “The Acquisition Cycle”.
The Acquisition cycle is a procedure that helps large enterprises choose
the best IoT equipment or services free from threats and vulnerabilities.
The acquisition lifecycle is illustrated with the help of the following
diagram (Figure 3.8).
A walk-through acquisition cycle is given as:
Defining the IoT device or services to be acquired  Organizing the
acquisition strategy or competition to select the best device containing all
security measures  Obtaining the service/device  Employing the
device/service to the enterprise  ensure maintenance  Disposing of
devices and services when security facilities expire.
Figure 3.8: The Acquisition Cycle
Secure update process
Vulnerabilities in IoT devices have increased the demand for a reliable
and secure update process that is used to maintain patches, software, and
firmware with its latest version. Open Web Application Security
Project (OWASP) has identified the lack of a secure update mechanism
as one of the top ten IoT vulnerabilities. It includes a lack of firmware
validation, a lack of secure delivery, a lack of an anti-rollback
mechanism, and a lack of security notifications. Security gaps in the
update process result in the disclosure of code related to firmware
updates to attackers which then may help them to take control over
devices.
To protect the update process, various security measures are employed:
Enterprise needs to understand the update process of each vendor that
supports its commissioned IoT inventory, that is, its operating system
and its application code.
Enterprise needs to guard against the injection of malicious software
or firmware during the update process. This can be done using
cryptographic signatures that validate the update process before its
execution.
Enterprise should ensure the execution of the update process that does
not result in negative functional behavior. This can be assured by
considering operational testing before approval of any updates and
patches in an IoT device.
Enterprise should include authenticated machine identity to determine
the identity of the vendor and to know whether he is allowed to access
the device or not for the requested update or patch.
Enterprise should ensure the integrity of updates and patches, that is,
no unauthorized entity should be allowed to modify update process
code. This can be done with the use of code signatures applied to all
software components in firmware updates.
Venafi TLS Protect † and CodeSign Protect † are two of the organizations that
ensure that the IoT update processes are protected against attacks and
vulnerabilities.
Establishment of Service Level Agreements

As discussed in Section 3.1.2, the Internet of Things is nowadays
implemented as PaaS, where instead of selling IoT products, vendors
lease or sell product services to enterprises via a number of transactions
and charge them based on their usage and performance. However, for the
security of the network and services, it is required to establish SLAs
between enterprises and service providers.
A Service Level Agreement (SLA) is a documented agreement between
the enterprise and vendor that identifies both required services as well as
the expected level of services. Before subscribing to any of the IoT
services, the SLA should be carefully evaluated and designed to
introduce minimal additional risk into the enterprise. SLAs are flexible
and unique that is; they can be modified as per the agreement
requirements. IoT lease SLAs include the following:
Time to patch the IoT device after each new update
Time to respond whenever an incident takes place related to the
device
Incident response operation and collaboration agreement
A time when IoT devices can be available
How a vendor can handle the privacy and confidentiality of data
collected by the IoT device
Compliance, which makes sure that devices follow the rules as per the
agreement
Incorporation of IoT with cloud-based infrastructure provides the

establishment of cloud SLAs. Details can be found in Cloud Security
Alliance (CSA) [19].
Establishment of privacy agreements

Privacy agreements are established by organizations that generate and
share IoT data with each other. The objective of this mutual agreement is
to protect the disclosure or breaching of data and its flow across
organizational boundaries. Threat modeling discussed in Chapter 2, IoT
Security - Vulnerabilities, Attacks, and Countermeasures, is used to
acknowledge the secure flow of data across all organizations whose aim
is to generate and share their data. Mutual agreements signed by the
organization include the following information [7]:
How will the data be processed?
What regulations do the data transfers fall under?
The security measures applied to the data.
How systems processing the data will be monitored for intrusion?
How to breach notifications occurrence?
Whether data will be provided to other parties and if so, what
permissions or reporting must be put in place first?
How long data will be retained?
How and when data will be deleted?
Who is accountable for the safeguarding of data?
These are some of the agreement points, however, like SLA, privacy
agreements are also flexible, which means that agreement rules can be
changed as per the understanding and requirements of the organization
taking part in it.
Consideration of new liabilities and guard against risk exposure
Whenever an IoT system is integrated into an enterprise, it is likely to
introduce new liabilities and faults, which have not been studied earlier.
Enterprise organizations should take into account all newly introduced
liabilities and should guard the system against the new exposed risk and
attacks.
For example, Self-Driving Vehicles (SDVs) introduced by Tesla in 2008
have incorporated several modes of operation that allow vehicles to be
driven autonomously. They claimed to be the safe driving vehicle but
over the course of their usage in commonplace has introduced liabilities
like danger of fire due to the use of highly combustible Lithium-Ion
(LI) batteries, use of imperfect technologies, lack of self-driving
regulations, cyber-attacks, false sense of security and many more. So, an
enterprise needs to consider all factors with the perspective of taking
responsibility for newly exposed faults and risks.
Another aspect of liability can be studied in drones’ also known as
unmanned aircraft. Drones no doubt are providing capabilities that were
never possible before, but in addition to benefits, drones are also
responsible for potential risk and exposure. The Claims and Litigation
Management Alliance have identified privacy, property, and bodily
injury as the main issues along with technology risk that may result in
loss of control, spoofing attack, and breaching of data security. It is
required that the organization should facilitate prevention and protection
techniques against these attacks. Organizations are nowadays using Pay-
Per-Use (PPU)† drone insurance solutions as the model for diluting their
liabilities against exposed risk and attacks [8].
Establishment of an IoT physical security plan
When we talk about IoT security, professionals basically think about the
risk associated with software and networks. However, hackers are
resourceful and can use any necessary method to gain access to devices
and networks. Therefore, it is advisable that along with software security,
an organization must also ensure the physical security of devices. IoT
components, ports, pins, and circuitry act as an entry point into the
network, which if gets in control by hackers, then it can effortlessly gain
access to the entire network.
Regular review and maintenance of devices to protect them physically is
the highest priority of the organization. The following methods are
adapted to physically secure devices and networks before making any
further investment:
Deploy only authenticated devices
Secure the device in a tamper-resistant case
Enable only authenticated access to the secure devices
Disable the device upon tampering
Prevent access to any hardware components
Prevent probing of conductors
Prevent access to any hardware components
3.2.3 Technology selection: Security products and services

Once the security requirements have been identified and agreements have been
prepared, the next step to aid the secure design is to select the appropriate
technology. Technology can opt through IoT products and their services.
Selection of IoT Hardware
IoT device developers are expected to select those components that have
more security features and that can protect and safeguard customers’
information from threats and attacks. IoT products also known as IoT
node comprises embedded sensors, transceivers, and microcontrollers
(MCUs) with external memory and a power source. The block diagram
of the IoT node is illustrated in Figure 3.9. Out of all these components,
the microcontroller is the principal component that consists of CPUs
along with memory and programmable input/output peripherals in a
single chip. The possibility of threats is highest in microcontrollers;
therefore, they should be selected with caution and care.
Figure 3.9: Architecture of Node
Selection of Microcontrollers (MCUs)
The extraordinary feature of consuming low-power has made
microcontrollers preferable for resource-constraint IoT applications. The
selection of MCU depends on the functional requirements of the IoT
device; for example, a 32-bit microcontroller is used in automated
applications like in industries and healthcare, Intel-8096: a 16-bit MCU
is used in application where higher accuracy and performance is
required, similarly Intel-8031 & 8051 are used for applications where
accuracy is not a prime concern.
The complex nature of IoT systems requires the selection of MCUs with
higher security considerations. While selecting the MCU, the following
features are needed for consideration:
Integrated secure element functionality
Tamper resistance
Unlimited secure key storage
Hardware cryptographic acceleration
SPA (Simple Power Analysis)/DPA (Differential Power Analysis)
resistance
Isolation technologies, including Arm® TrustZone®
Device Lifecycle Management
Selecting a real-time operating system
Along with the secured MCUs, an IoT device also needs a secured
operating system. The operating system used in MCUs is the Real-Time
Operating System (RTOS) that have the capability to perform multiple
tasks simultaneously with low memory utilization. These days, there is a
broad choice of open source and commercial RTOSs for IoT devices in
the market, however, when choosing RTOS for secured IoT systems
following key points should be considered:
Strict access controls
Trusted execution environments
High-security microkernels
Kernel separation
Performance
Scalability
Connectivity
Modularity
Like MCU, the choice of RTOS also depends on the type of IoT
application. As depicted in Figure 3.10; the selected RTOS should meet
the required industry-specific standards. Some examples of industry
standards are listed below:
DO-178B: Standard for airborne and avionics systems
IEC 61508: Functional safety standard for industrial control systems
ISO 62304: Standard for Medical device software
SIL3/SIL4: Safety integrity standard for transportation and nuclear
systems
Figure 3.10: RTOS Categorization
IoT relationship platforms
In this era of the IoT world, IoT platforms are emerging as the finest
technology for building IoT applications. These platforms provide users
with functional capabilities such as building, testing, and deployment; in
addition, to supporting security features. These platforms also help in
building asset management functions, authentication and authorization
functions, and monitoring functions. They allow developers to build an
organization’s IoT devices through Software Development Kits
(SDKs), APIs, and adapters. There are large numbers of IoT platforms
available in the market to name a few are:
Cisco IoT cloud connect
Cisco IoT cloud connect platform provides IoT solutions to mobile
operators in the context of networking, security, and data
management. Cisco IoT provides centralized operational security
controls that protect the control system from human error and attacks.
In addition, it also provides increased visibility and control by
safeguarding it against malware and intrusion.
IBM Watson IoT
IBM Watson’s platform captures and investigates the data for devices,
machines, and equipment to acknowledge the understanding of
stronger decision-making components. This platform facilitates AI,
analytics, and domain expertise, captures real-time data, and provides
security at an affordable cost. IBM Cloud Pak library is used for
providing security solutions that integrate security applications,
services, customizable extensions, dashboards, and news feeds. For
enhanced security capabilities, extension add-ons are provided that
support dashboard security, enable a threat intelligence module that
identifies and prioritizes threats, explore security rule use cases from
security tools and platforms, and provide security insights with data
explorer.
Google Xively
Google-owned Xively facilitates product companies to connect
products and manage connected devices and the produced data. They
also help them to integrate that data into other systems through
Xively’s cloud services. Xively IoT platform uses Identity Manager to
map the identities of devices, people, and applications to the
privileged Xively cloud. It supports the use of TLS over different
channels to provide end-to-end security.
ThingWorx
ThingWorx manages the development lifecycle for industrial IoT
applications. They are used to connect IoT devices, analyze data, and
build and deploy solutions. They allow secure access to data from on-
premise web servers and off-premise cloud applications. It helps
enterprises that make use of third-party vendors and provides them
with the functionality to verify that the IoT devices have undergone
sufficient security testing. In addition, ThingWorx also provides the
facility of secure remote management, where cryptographic libraries
are used to deliver software updates securely to end devices.
Cryptographic security APIs
Security APIs that is, Application Programming Interfaces, is another
way of securing IoT systems. It is implemented using cryptographic
libraries which include protection of system management, networking,
and data application. Both application data and network data are
protected using encryption, authentication, and integrity protection.
These libraries are embedded in metallic chips and can be linked
statically or dynamically as per the needs of the caller and its system.
The use of cryptographic APIs in IoT hardware reduces memory
consumption and processor lifecycles.
Before the selection of cryptographic API, the security designer must
take into account:
Whether there is a need to protect end-to-end application data
Whether intermediate systems need access to data
Where security is needed, either in internal storage or in external
storage
The potential and sensitivity of vulnerabilities as well as their impact
on IoT application data
Variety of cryptographic security libraries are available in market today, to

name few are mbedTLS, BouncyCastle, OpenSSL, WolfCrypt (wolfSSL),
Libgcrypt and Crypto++.
Authentication/Authorization
Authentication and authorization are the most important areas of IoT
security that require careful selection of technology. Authentication is
establishing trust for the identity of IoT devices and protecting generated
data against insecure access when information travels via an unsecured
network and Authorization is the process of validating the identity of
each endpoint within the IoT system. The certificate process is used to
validate the identity of the system.
Software-based authentication:
There are several methods of achieving authentication, some of them are:
One-way authentication: In this case, out of the two communicating
parties, only one party will authenticate itself for communication. For
example, in SSL authentication, only the client needs to validate itself
to the server, the server does not verify itself to the client application
but shares its public certificate with the client.
Two-way authentication: It is also referred to as mutual
authentication. In this type of authentication, both entities authenticate
each other. For example, authentication in point-to-point
communication between two parties.
Three-way authentication: In this authentication, the central
authority authenticates the two parties and helps them to authenticate
each other. For example, in Kerberos, the two communicating parties
implicitly trust the Kerberos server, which then helps in authenticating
each other.
Distributed Authentication: In distributed authentication, direct
authentication between the communicating parties takes place.
Centralized Authentication: In this authentication, a centralized
server or a trusted third party is used to distribute and manage the
authentication certificates.
Hardware-based authentication
Correct implementation of authentication and authorization has
beneficial effects on IoT security. However, choosing the right method is
challenging and if the wrong choice is done then the risk may increase
tenfold. It has been observed that the actual choice of solution depends
on the deployment design of the IoT infrastructure, which includes
hardware capacity, energy resources, security expertise, security
requirements, connectivity, and financial budgets.
As an example, public key infrastructure (PKI) certificates are used
for authenticating the functionality of the organization that does not use
cloud-based IoT services. PKIs are structured trees, that contain servers
and devices and maintain a list of trusted root certificates. Each
certificate has the device’s public key and is signed with the certificate
authority’s (CA) private key. A unique “thumbprint” provided by PKI is
then validated by running the cryptographic RSA algorithm.
On the contrary, organizations that make use of cloud-based services can
use web services like Amazon Web Services (AWS) IoT cloud platform
for building authentication and authorization solutions. AWS provides
X.509 certificates and SigV4 (Signature version4) certificates for
authentication. X.509 certificate is the most secure digital authentication
and is based on the chain of trust model. It is the best way to scale up
production and simplify service delivery. The SigV4 initiates
authentication information to AWS by generating a signature and then
adding it to the HTTP request [9]. In addition, AWS provides Identity
and Access Management (IAM) service to manage certificates and
authorization support [10].
In case, the organization has its own infrastructure, then in that case,
authentication and authorization support follow the build-your-own
approach. It is advisable for an organization to build its own support if
and only if it has considerable experience in designing and securely
deploying its infrastructure, as there are always high chances that
Registration Authority (RA) may get compromised.
Vehicle-based organizations follow IEEE 1609.2 standard for building
authentication certificates for resource-constrained devices. Brivo [11],
ForgeRock [12], Nexus [13] and OAuth2.0 [14] are some of the vendors
that offer IoT-specific authentication and authorization support.
Details of PKI, X.509 and IAM will be discussed later in this book.
Edge computing, Fog computing, and Software Defined Networks

(SDN)
As discussed in Chapter 1, Internet of Things and its Security
Requirements, edge computing and fog computing are other ways of
supporting IoT infrastructure. Since IoT devices are resource constraints
and do not have enough energy to communicate and process data To and
FRO from device to cloud. To make it useful, edge computing or edge
computer infrastructure is used. Edge computers are processors that
instead of sending data to the cloud for processing; whenever possible
process it on its own; and then communicate it back to the device or the
cloud for storage. In this way, useful information is obtained speedily
and at a lower cost. However, before installing and deploying Edge
computers, security architects should examine their safety. One of the
ways to secure edge infrastructure is boundary defense. In boundary-
defense, the flow of traffic is controlled at network borders, and the
content is protected by analyzing the attacks and evidence of
compromised devices. Firewalls, proxies and secured gateways can be
used in manifesting boundary defense. For example, a product such as
Lantronix’s IoT gateway includes SSL encryption and AWS’s IoT
gateway includes TLS encryption for securing data and services related
to the edge framework [15].
In edge computing, edge devices process all the captured or generated
data irrespective of its importance. Processing incompetent data without
any significant meaning makes the system heavy and processing costs.
To contemplate this, fog computing is introduced which applies the
concept of data filtering. The fog nodes receive and analyze the data and
send only the important data to the cloud for storage while rejecting or
deleting unimportant data. In this way, it saves a lot of cloud space.
However, before or during the positioning of fog nodes; the security
architect should solve the issues such as virtualization issues, web
security issues, communication issues, and data security issues. This can
be done by executing effective encryption techniques, intrusion detection
systems, or by periodically auditing anti-virus programs.
Next, for the robust security and flexibility of the IoT network, Software
Defined Networking (SDN) is used for clear visibility into the whole
network that provides a comprehensive and holistic view of security
threats. It is a networking approach that uses software-based controllers
and APIs to communicate and control hardware infrastructure and traffic
within the network. SDN dynamically creates and controls a virtual
network and traditional hardware network through software, for
example, OpenFlow. During its installation, security architects should
adopt authenticated, integrity, and confidentiality-protected protocols to
secure SDN execution between IoT devices and SDN controllers, and
SDN networking applications that provide networking business logic.
Ignoring these security measures can allow attackers to reconfigure and
reroute data to their illegitimate devices.
Security monitoring
Monitoring security in IoT systems acquires an important angle in
ensuring safety in IoT devices and systems. Traditionally, the Security
Information and Event Management (SIEM) † tool was used to
provide real-time visibility across the enterprise information security
systems. However, the implication of traditional SIEM in IoT is not a
good choice for an IoT security engineer. Therefore, it is suggested to
integrate existing SIEM architecture into existing IoT solutions with
proper planning and execution during the IoT design phase. IoT cloud
vendors like MS Azure, AWS, IBM Watson, and so on are provided with
a robust set of APIs and external data repository which integrates SIEM
solutions within it and then monitors security in IoT systems in a cost-
effective manner.
Extraction and evaluation of the security log files is another drawback in
IoT systems since these devices are resource constraints and have a
limited ability to collect a huge amount of data and do things in a timely
manner. As a remedial solution, the Splunk tool is used. It is a software
platform that monitors, searches, analyzes, and visualizes machine-
generated data in real time. It monitors data in different formats such as
JSON, XML, and TXT and then normalizes it into a universal format for
further evaluation. It captures, indexes, and correlates data in a
searchable container and then produces alerts, graphs, dashboards, and
visualizations. It provides easy access to data over the whole
organization for elementary diagnosis and solutions to various business
problems [16].
Like the Splunk tool, AWS too offers security analysis in IoT systems.
The AWS CloudWatch services are used for logging events from IoT
devices enabled with MQTT and REST protocol. Log entries are
provided with Event (action name), Timestamp, TraceId (Random
identifier), ClientId, ThingId, LogLevel, and many more [17].
Behavioral-based monitoring is another aspect of IoT monitoring. The
best example of behavioral monitoring is provided by Dojo Labs. They
have initiated a user-friendly security monitoring tool for detecting and
resolving security issues in home-based IoT devices. These products
contain the color-coded signaling system that locates and identifies the
behavioral characteristics of home-based IoT devices.
Bastille is another product that offers radio security solutions for
monitoring the airspace and providing alerts whenever any new device is
attached to an enterprise network [18].
The rest of the phases of IoT security lifecycle will be discussed in next chapter.
Conclusion
The chapter illustrates the exploration of security engineering principles for the
Internet of Things. It states the need for building security throughout the design
and development of the system. The chapter introduces the concept of the IoT
security lifecycle and presents an in-depth exploration of the design phase. The
comprehensive picture of the existing chapter is summarized below:
Security engineering is the principle that involves the methodological
approach of securing IoT systems from the beginning till the final
deployment of the product.
Conventionally security requirements and security management during
the entire operational phase were used as the means of securing IoT
systems from threats and attacks.
Security requirements are categorized into four types:
One-time requirement: Requirements that are needed once at the
start of the project.
Iteration requirement: Requirements that are needed again and
again after every specific interval of time.
Bucket requirement: Requirements that are collected and can be
used over the life of the project.
Functional requirement: Requirements that are required as per the
need of the product owner.
Product-as-a-service (PaaS) is used to maintain security during the
operational phase.
In PaaS instead of selling products to customers, vendors lease or sell
their product’s services based on the pay-per-use method.
Managing and controlling the requirements and services during the
operational phase was not enough to secure the complex IoT system.
Thus, the IoT security lifecycle was introduced for the protection of the
IoT system.
IoT security life-cycle is a course of events that secure the IoT products
from their existence to their deployment and eventually to their
stabilization.
IoT secure lifecycle constitutes four different phases viz. Design,
Implementation & Integration, Operation, and Displacement.
In the designing phase, the architectural structure of the system is
prepared, next in the implementation and integration phase the structural
design is implemented and the security feature is integrated with existing
components of an enterprise.
Following this, the operation and maintenance of the system are
executed, and last of all after the successful usage the system is disposed
of with appropriate security features.
The secure design phase is classified into three subclasses:
Safety and security design
Process and agreements
Technology Selection
Safety and security design constitute threat modeling, PIA, SIA,
Compliance engineering, and secure system design
Process and agreements constitute the Secure acquisition process, secure
update process, service level agreement, privacy agreement, risk
planning, and physical security planning.
Technological selection includes a section of appropriate IoT hardware,
microcontrollers, RTOS, IoT relationship platforms, cryptographic APIs,
security monitoring and authentication/authorization techniques, and
selection of edge/fog/SDN networks.
The rest of the phases will be discussed in Chapter 4, IoT Security
Lifecycle.
3.3 Questionnaire

1. Setting up the guidelines, comes under _________ requirement.
a. One-time requirement
b. Iteration requirement
c. Functional requirement
d. Bucket requirement
2. Actions included in the PIA assessment are:
a. Accept
b. Control
c. Manage
d. All of the above

3. Establishing a process that adheres to its respective principles and
standards is known as:
a. PIA
b. SIA
c. Protocols
d. Compliance
4. A documented agreement between the enterprise and vendor that
identifies both required services as well as the expected level of
services:
a. PIA
b. SIA
c. SLA
d. All of the above

5. Kerberos is an example of which type of authentication:
a. One-way authentication
b. Two-way authentication
c. Three-way authentication
d. Distributed authentication
Answer key
1. (a) 2. (d) 3. (d) 4. (c) 5. (c)

1. Detail out the implementation of secure designing in IoT systems.

1. How to secure the Acquisition process? Explain with the help of a
diagram.
2. State the procedure to select appropriate products and services
3. How to do edge computing and fog computing help in the secure design
of an IoT system?
Keywords (†)
Payment Card Industry (PCI): It is an organization that processes all
types of payment cards such as debit cards, credit cards, prepaid cards,
and ATM cards.
North American Electric Reliability Corporation (NERC): It is a
non-profit regulatory authority that assures the effective and efficient
reduction of risk to the reliability and security of the electrical grid.
Society of Automotive Engineers (SAE): It connects and educates
mobility professionals to enable safe, clean, and accessible mobility
solutions.
HIPAA: It aims to protect the patient’s health information from being
disclosed without the patient’s consent
Rekeying: It is the process used in cryptography to change the session
key and encryption in ongoing communication and limits the amount of
data being encrypted with the same key.
TLS: It is a Transport Layer Security protocol that is designed to
facilitate privacy and data security in communication networks over the
Internet.
Firewall: Network security device that monitors and filters the incoming
and outgoing network traffic.
Security Information and Event Management (SIEM): It provides
security by combining security products and services with security
information management and security event management.
TLS Protect: It provides automated key and certificate management and
security across multiple cloud providers and operating environments.
CodeSign: It secures the code signing private key, automates the
approval workflows, and maintains the irrefutable record of all code
signing activities.
Pay-per-use: It is a payment method where the customer pays for using
the product instead of buying it.
References
[1] “Pwnie.” http://m.marketwired.com/press-release/

pwnie_express_unveils_industrys_first_internet_of_everything_threat_
detection_system-2010032.htm.
[2] “Complinity.” https://www.complinity.com/compliance-software?
utm_source=Google+Ads&utm_medium=Search&utm_term=complia
nce+tool&gclid=CjwKCAiApfeQBhAUEiwA7K_UH0ZC4sLjctajU0F7
W60PK55apCE1CnbsIc33wW78Jl-
yEN3pSbV8CBoC768QAvD_BwE#headerscroll.
[3] “GSMA.” https://www.gsma.com/iot/iot-security/iot-security-
guidelines/.
[4] P. Kuber, B. Russell, and D. S. Sundaram, “Future-proofing the Connected
World,” Cloud Security Alliance, no. IoT Working Group, p. 76, 2016.
[5] “Cobit.” https://www.simplilearn.com/what-is-cobit-significance-and-
framework-rar309-article.
[6] “ISACA.” https://www.isaca.org/resources/isaca-
journal/issues/2018/volume-5/is-audit-basics-auditing-the-iot.
[7] P. Level and A. Working, “Privacy Level Agreement Outline for the Sale of
Cloud Services in the European Union,” Cloud Security Alliance, no.
February 2013.
[8] “Transport Risk.”
http://www.transportrisk.com/unmaticspayperuse.html.
[9] “Singnature version.”
https://docs.aws.amazon.com/general/latest/gr/signature-version-
4.html.
[10] “IoT working.” https://aws.amazon.com/iot/how-it-works/.
[11] “Brivo.” http://www.brivo.com/.
[12] “Forgerock.” https://www.forgerock.com/solutions/devices-things/.
[13] “Nexusgroup.” https://www.nexusgroup.com/en/solutions/internet-of-
things/.
[14] “OAuth.” http://prodea.com/2017/07/13/understand-iot-
authentication-authorization-need-know-oauth-2-0/.
[15] “Lantronix.” http://www.lantronix.com/products-class/iotgateways/.
[16] “Splunk.” https://www.guru99.com/splunktutorial.html.
[17] “Cloud Watch.”
http://docs.aws.amazon.com/iot/latest/developerguide/cloud-watch-
logs.html.
[18] “Bastille.” https://www.bastille.io/.
[19] “Cloud Security.” www.cloudsecurityalliance.

Need of security Engineering
Traditional and modern methods of engineering security in IoT systems
IoT security lifecycle
Need for Secure Designing
Components and sub-components of designing

Join the book's Discord Workspace for Latest updates, Offers, Tech happenings
around the world, New Release and Sessions with the Authors:
CHAPTER 4
IoT Security Lifecycle
As discussed, security is not a static calculation or a finished product, that

once computed does not require any further consideration. Rather it is a
continuous process that needs regular attention and continual enhancement.
Therefore, there is a need to model a lifecycle that ensures continuous
security and builds the quality foundation of security programs throughout
the enterprise. Considering this, the chapter discusses the security lifecycle
of the IoT system, which consolidates the secure development, integration,
and deployment processes of IoT enterprises. It addresses the technical
policy standards and iterative life cycle concepts that enable robust security.
Further, the chapter emphasizes the remarkable operating needs of the
system that continuously adds and updates new IoT security capabilities
across the enterprise.
Structure
The significance of security lifecycle in IoT system
Knowledge of various phases of the IoT security lifecycle
Implementation, operation and maintenance of a secure IoT system in
an organization
The secure procedure of dismantling (if needed) the IoT devices and
its related features.
4.1 Introduction
The security engineer must characterize the IoT system and define a
suitable security lifecycle for each component so as to maintain a secure
state across the enterprise. Together with the security, the corresponding
lifecycle should support the IoT enterprise with the following features:
Privacy: The security lifecycle should be able to maintain the privacy
of sensitive information or metadata from a third-party relationship
that is allowed to take part in communication for some prescribed
tasks.
Protection against new attack vectors: A defined lifecycle should
be able to guard the enterprise against new attack vectors triggered
due to the configuration and installation of multiple new devices.
Risk: The security lifecycle should feature the provision of providing
safety to the unexposed risk, to preserve the IoT system from any
physical harm.
Data analytics: The lifecycle should support the application and the
security of preprocessing initial data analytics at the edge as well as
at the cloud for additional analytics.
In Chapter 3, Security Engineering for IoT Development, we have already
identified the four phases of the IoT security lifecycle, namely, secure
design, implementation and integration, operations and maintenance, and
secure ejection (Figure 3.2). In addition, we have addressed only the in-
depth explanation of phase 1: security design within the IoT system
lifecycle. Thus, in this current chapter, we will explore the other critical
aspects and phases of the IoT security lifecycle.
4.2 Phase 2: Implementation and Integration

Once the conceptual designing (as discussed in Chapter 3, Security
Engineering for IoT Development), of the IoT system concerning security is
done and a satisfactory policy and compliance is prepared with an in-depth
analysis of its hardware and software infrastructure (real-time operating
system). The next phase, towards the security lifecycle, is the practical
implementation of the designing outcome along with secure network
integration and configuration.
The implementation of the security lifecycle is further classified into sub-
phases as illustrated in Figure 4.1:
Figure 4.1: Sub-phases of Phase 2
4.2.1 IoT Security CONOPS document

The first step towards the implementation of a secured IoT system is the
creation of Concept of Operations (CONOPS) documents. The CONOPS
is a security document that reflects the operation of the system, its security
needs, and the way to satisfy them. It is a tool that is written and maintained
by IoT system operators that provide a guideline to system implementers
during the implementation and integration phase. The document contains
each and every facet of security, which if missed; may result in chaos and
confusion for implementers. Different organizations have different
templates of security CONOPS documents; one of the examples is
illustrated in the US-based National Institute of Standard and Technology
named SP-800-64 [1]. This CONOPS document guides organizations to
build security into their IT development processes in a cost-effective
manner.
An IoT security CONOPS document contains details of many security
services depending on the type of organization. However, the following
points list some of the basic services which are always included in every
CONOPS document:
Confidentiality and integrity: For maintaining confidentiality and
integrity in the IoT system, the CONOPS document includes the
provision of granting and managing cryptographic keys, certificates,
and cipher suites. The strong privacy policy is designed to save the
intentional or unintentional leakage of sensitive information.
Authentication: To continue with secure authentication services,
CONOPS states that a central directory authentication system like
Kerberos should be integrated with the organization’s support system.
Access control: For secured access control, CONOPS include the
implementation of access control systems like attribute-based access
control, role-based access control, or both. For example, time access
restriction, designation access restriction, and so on.
Monitoring: The CONOPS document contains the procedure for
monitoring security and mining data from IoT device logs. It states
the rules of the event that generates the SIEM † alert. It also states
whether the gateways can serve as log aggregators or not.
Compliance and reporting: The document incorporates the detailed
compliance regulation that should be followed during the lifecycle of
the IoT system. In addition, it declares all the modules and systems
where reporting is needed.
Incident response and forensics: The CONOPS document
highlights the mapping of a business function to IoT systems and
analyzes the impact of failed or compromised systems. It also states
the person or module who is responsible for defining and executing
incident response activities.
Operations and maintenance: For maintaining the stability of the
system, CONOPS comprises a list of additional security that is
needed to secure IoT operations. It includes a configuration
management plan, contingency plan, and regular monitoring plan. It
also registers the frequency and type of security training that should
be made available to stakeholders.
Disposal: In the case of ejecting IoT systems from the organization,
CONOPS states the secure procedure of disposing and verifying IoT
system assets from the organization.
4.2.2 Network implementation and security integration

Once the CONOPS documentation is prepared by the system operator, the
next step is the installation of an IoT network with the enabled security
features. It incorporates the following features:
Network implementation with inbuilt security characteristics
Once the CONOPS documentation is prepared by the system
operator, the next step is the installation of an IoT network with the
enabled security features. The IoT network is installed using low-
power protocols like the MQTT-SN protocol and DSRC protocol.
MQTT-SN is a publish/subscribe messaging protocol for low-power
IoT networks and can deploy IoT devices without being connected to
the IP system. These networks take advantage of the inbuilt security
capabilities of the underlying communication protocol between
sensors and gateway. Similarly, the DSRC is a communication
protocol that is used in the deployment of connected vehicles. Here,
vehicles send messages to each other and roadside equipment (RSE)
and then depending on the proximity, communicate with each other.
DSRC provides secure communication with the capability of
authenticating data at the origin.
The deployment and communication in IoT networks are already discussed in

Chapter 1, Internet of Things and its Security Requirements and the deployment
and architecture of the vehicular network will be discussed in Chapter 5, IoT as
Interconnection of Threats.
A practical illustration of an IoT network using MQTT-SN is supported by AWS

IoT. Amazon Web Service provides a cloud-based MQTT gateway that supports
the direct connection to the services and devices. The connection to the system is
protected using the Transport Layer Security (TLS) channel that protects the
movement of data between AWS IoT and other services. In addition, AWS IoT
with MQTT-SN incorporates authentication, authorization, identity and access
management, monitoring, and resilience [9].
Toyota is the world’s first and largest automobile manufacturer that builds cars
using dedicated short-range communication (DSRC) technology over Wi-Fi.
DSRC in Toyota is favored by security and privacy between vehicles and
infrastructures, which is strongly authenticated before any communication [10].
Integrating network implementation with security systems

After the deployment of the IoT network, IoT systems are needed to
integrate themselves with the existing enterprise security systems.
Interfaces and Glue-code† to these systems are developed to integrate
additional security features into the deployed network. Some of the
enterprise security systems which deployed IoT need to integrate are
as follows:
Directory systems
Identity and access management systems
Security information and event management systems
Asset management and configuration management systems
Boundary defense systems (for example, firewalls and intrusion
detection systems)
Cryptographic key management systems
Wireless access control systems
Existing analytics systems
Planning the updates of the existing network and its security
infrastructures
Installing and implementing the security network within the
enterprise is not enough, it is the responsibility of the security
manager to maintain and update the requirements and legacy of the
installed network throughout the service. Initially, the focus of the
IoT system is to only collect data from the surroundings but as the
functioning proceeds; the processing and usefulness of data is paid
much attention to because it depicts the maintenance and up-
gradation of the security requirements of the IoT system. For
instance, if an attack has taken place and perfect data analytics are
performed, then the security manager will be able to depict that there
is a need to update the existing security infrastructure. In other words,
skilled data analytics assist the system manager to plan and update
the system and its security infrastructure. Skilled data analytics is
possible by accepting quantified decentralized data processing.
Decentralization enhances the reliability, scalability, and fault
tolerance of IoT systems.
As per the Cisco System; decentralized data processing can be
attained by utilizing the concept of fog computing. In fog computing,
the nodes termed fog nodes filter out the irrelevant data and transmit
only the valid data to the cloud; for storage and processing [2]. An
increase in irrelevant data signifies the need to update the existing
IoT system and its security infrastructure. Required updates and
services are easily obtained from the cloud and deployed through the
fog nodes. Maintaining and updating the IoT services and its
infrastructure by decentralization provides an excellent opportunity
for the existing IoT system to improve its services and resilience.
Planning for provisioning mechanisms
Provisioning is the process of preparing and facilitating a network to
provide new services to its users. In terms of security, provisioning is
a method of providing the network with monitoring access rights and
privileges to ensure the safety and security of the enterprise and its
users. It also minimizes the penetration of vulnerabilities and abuses
within the system.
In an IoT system, the protocols such as 6LoWPAN require the
provisioning of an IPV6 address for each and every device. The
organizations providing the provisioning of IPV6 addresses should be
facilitated with additional security engineering tasks and should
ensure the security of IPV6 routing infrastructure.
4.2.3 System security verification and validation (V&V)

Once the implementation and integration of the IoT system with security
requirements are conducted, the next pace is towards the verification and
validation of the system.
Verification assures that the system is operating as per the requirements
directed by the enterprise stakeholders. It is the assessment to judge if the
product, service, or system is following the rules, regulations, requirements,
specifications, and market-imposed constraints. In other words, verification
ensures that the IoT system is following the security guidelines and its
capabilities according to the discussed design.
On the contrary, validation assures that an IoT product, service, and system
that meets the needs of end-users can be customers or any other third-party
stakeholders. It states that the system design and definition are efficient
enough to safeguard itself against threats [3].
Ideally verification and validation are done throughput the security lifecycle.
The functionality of the IoT system can be verified using test drivers or
emulators†. It provides confidence in implementers that each device is
operating as per the defined security requirements. Testing performed on
these emulators records all types of issues, which can be positive as well as
negative. Identified issues are documented in Discrepancy Reports (DRs),
which are tracked by the development teams as and whenever the system is
updated or new releases are made available. Henceforth, the verification
and validation of the system are performed.
4.2.4 Security training

Providing security training to enterprise employees and security
administrators is another aspect of implementing a secured IoT system.
Anyone interacting with the enterprise IoT system or its IoT-generated data
is required to take proper training. Employees must be able to differentiate
between valid and invalid devices. They should be capable of identifying
the associated risk and should be prepared enough to rectify it. Together
with this; security administrators should be priorly provided with technical
and procedural information that needs to secure the operation of IoT
systems.
Training requires regular review and the possible creation of new security
policies that are needed for different IoT paradigms. Policies are the source
of material for end-users as well as security administrators. Subjects
addressed under security training include the following as illustrated in
Table 4.1:
Security Subjects of concern

Training for
Users ● Users should be aware of the type of data, network, and

physical risk associated with IoT devices.
● They should be aware of the privacy protection requirements
related to the data collected by IoT sensors.
● Users should be aware of the policies related to the
configuration of personal IoT devices in the organization.
● Security administrators should be trained for:
Security
● Technologies used in new IoT assets and sensitive data that are
Administrators
supported by the new IoT system.
● Procedures for including new IoT devices and detecting
unauthorized IoT devices.
● Procedures for monitoring security features of IoT devices.
● Procedures for updating the device software and firmware
● The Procedure of securely administrating and disposing of IoT
assets
● Procedure for responding to the incidents that involve IoT
devices
Table 4.1: Subjects considered under security Training
4.2.5 Secure configurations

IoT systems involve different types of components at different stages.
These components are needed to be configured within the system or with
other interfaces in a secure manner. Secured configuration is generally
attained using a security configuration guide, which lets the security
administrator know how to securely lock down the IoT system and its
communication services. Table 4.2 state the secured configuration of
various IoT components:
IoT Components Features for Secure

Configuration
IoT Software Configuration ● IoT’s RTOS boot loading

Devices should be reviewed and updated,
so that it allows only
authenticated and integrity-
protected updates.
● Open ports and protocol
settings should be reviewed and
only authenticated devices should
be connected.
Hardware Configuration ● Open test interfaces should be
locked if not used to prevent
attackers from gaining
unauthorized access.
● Security features such as active
tamper detection, critical
blocking interfaces, and so on can
be included.
IoT Components Features for Secure
Configuration
Gateway Configuration ● Secured configuration of

Network
gateways can be provided over
configuration (Gateways are aggregation
the use of the latest version of
points of various IoT devices
TLS like TLS 1.3 or a VPN
and they include both
connection like IPSec.
upstream and downstream
● Gateways should include two-
communication of assets)
way mutual certificate-based
authentication so that legitimate
access control can be provided.
● Gateway endpoints should be
supported by the strongest cipher-
suites.
● Gateways that communicate
with application servers other
than enterprise servers should
ensure that services are
associated with the PKI
certificate.
● DANE security protocol is used
to allow X.509 certificate for
TLS. It mitigates PKI deployment
threats with the IoT gateways.
Table 4.2: List of secured IoT components with their configuration
4.3 Phase 3: Operations and maintenance

This phase of an IoT security life-cycle includes the management of roles,
keys, and credentials. It supports the active and passive monitoring of the
security posture of the system. The objective of this phase is to maintain the
availability and performance of the secured IoT system; for which it is
designed and implemented. The phase extends its operation till the
termination or the disposition of the system. It includes several other sub-
phases as illustrated in Figure 4.2:
Figure 4.2: Sub-phases of Phase 3
4.3.1 Managing identities, roles, and credentials

Management of IoT devices within the IoT enterprise system includes:
Identities
The most important issue in an enterprise IoT system is the creation
and operation of identifiers for IoT devices. Ideally, a registration
process is adopted for the fabrication of IoT namespace (or
identifiers). The registration of security-critical devices requires an
in-person registration along with the administrator/group of
administrators whereas registration of less-critical devices is satisfied
with the organizational identities based on pre-configured trusted
information. Care must be taken while setting and sharing the
username and password of the IoT infrastructure.
Roles
IoT devices are provided with different types of security-related
functions that must be administered before mapping them to the
designated user within the IoT environments. The security functions
include view/delete audit logs, add/delete/modify device user
accounts or privileged accounts, start/stop/view current device
services, loading/unloading of updates and firmware, modification of
device configuration/access control, management of device
keys/certificates and pairing of devices or updating of paired devices.
These functions, once administered; are then assigned to the
individuals based on their role within the organization, known as
Role-Based Access Control (RABC) (discussed in 2.5.2). RABC
decreases the threat of insecure access control and provides leverage
in an identity and access control system where only authenticated
users, devices or services are allowed to access a particular part of the
system. The following Table 4.3 illustrates the mapping of security-
relevant roles with their respective services within the enterprise:
Roles Services / Responsibilities
IoT Enterprise Security ● Add/delete/modify device-privileged

Administrator accounts
IoT Device Security ● View audit logs
Administrator ● Add/delete/modify device user
accounts
● Start/stop device services
● Load new firmware to a device
● Access physical device
interfaces/ports
● Modify device access controls
● Manage device keys
IoT Network Administrator ● Modify device configurations
● Manage device certificates
● Pair devices or update pairing
configurations
IoT Audit Administrator ● Delete (rotate off) audit logs
Table 4.3: Mapping of security-relevant roles with their services
Credentials
IoT enterprise systems including healthcare, transportation,
industries, and so on., are highly robust and have scalable PKI system
that generates about 17 million keys and certificates per year, scaling
up to 350 billion and more. The management and understanding of
these IoT credentials (keys & certificates) are complex tasks, so to
facilitate it, the following points of consideration are taken into
account:
The US Department of Transportation has provided the standard
protocol called Security Credential Management System
(SCMS) [4]. The SCMS is a Proof-Of-Concept (POC) † security
solution that is based on PKI design to secure the operation of
enterprise messages such as in vehicle-to-everything
communication or any other IoT system. It comprises a three-step
process: certificate issuance, encryption, and certificate-based
authentication.
Since keys and certificates enable the secure transition of data
between devices and gateways, special attention should be paid to
the third-party PKI providers that supply IoT certificates to the
organization.
A secure bootstrapping of keys/certificates with IoT devices is
handled.
Account of a number of certificates per device and the validity
period per certificate is logged in.
It is watched that the price-per-certificate offered by third-party
providers is meeting the deployment cost of the IoT enterprise.
4.3.2 Security monitoring

Detection and mitigation of abnormality is another point of focus in this
phase. Assets in IoT systems are rigorously monitored for unusual behavior
to mitigate existing and upcoming potential security incidents. The
traditional method of SIEM monitoring is found to be insufficient for IoT
systems because of the following reasons:
IoT devices sometimes fail to generate security audit logs
IoT devices do not support typical format such as Syslog and thus
needs custom connectors
The integrity of the audit log generated by IoT devices is limited and
last; so, attaining timely access to the audit logs is sometimes difficult
in several IoT scenarios
Thus, to make SIEM monitoring feasible for IoT systems, a rule-based
SIEM is developed which consists of an inventory of available data from
each surrounding IoT device/sensor, gateway, and service; which is then
correlated to identify the suspicious events. This correlation of the available
data provides the strict foundation for defining the monitoring rules that can
be implemented within the IoT enterprise.
In addition, with rule-based SIEM, security engineers can make use of data
analytics in the IoT messaging system, which helps in identifying the
anomalies within the operation of the IoT system, even if the audit logs are
not currently available. Each IoT device is needed to be individually
examined for a proper understanding of the operations and their anomalous
behavior. Examples of some of the anomalies within the IoT systems are:
Unreachable Device
Authentication and Time-based anomalies
Unusual spikes in device activity
New protocols issue on IoT device
Variances in collected data past a threshold
Attempted elevation of privilege
Fall in activity
Speedy changes in the device’s physical state like rapid changes in
temperature, vibration and so on.
Communications with unexpected destinations that may indicate
attempted lateral movements
Receipt of corrupted data
Unexpected audit volume and its results
Repeated connection attempts
Abnormal disconnections
Splunk is the latest IoT monitoring tool that processes machine-generated data
and supports data collection, indexing, search and analysis. It supports various
IoT protocols like MQTT, AMQP, and REST; through add-on applications.
4.3.3 Penetration testing
Penetration testing is another development for operating and maintaining
security in IoT systems. It is a simulated fake attack that is performed to
investigate the exploitable vulnerabilities within the system. It is used to
validate IoT networks, devices, its existing security controls and identify
gaps within the implemented security controls. Penetration testing includes
five steps and is illustrated in Figure 4.3:
Figure 4.3: Stages of penetration testing

Stage 1 - Planning and Reconnaissance: The scope and goal of the test are
addressed in this phase.
Stage 2-Scanning: In this step, the tester understands how the target
application responds to the intrusion attempt.
Stage 3 - Gaining Access: In this phase, the tester uses the tools such as
scripting, SQL injection, and backdoor entries to uncover and understand
the damages caused by the target vulnerabilities.
Stage 4 - Maintaining Access: In this phase, the tester tries to exploit the
existing vulnerabilities and aims to maintain the system threat free.
Stage 5 - Analysis: The result of penetration testing is compiled and
reported in this phase, it states the vulnerabilities that were exploited,
sensitive data that was accessed and the time interval till when the system
was undetected.
The testing performed is analyzed by the security personnel which helps in
configuring the security settings and solutions. Penetration testing patches
up the vulnerabilities and protects the system against future attacks. Some
of the IoT penetration testing tools are BlueMaho [5], WireShark [6],
Bluelog [7], Crackle [8], and so on.
Evaluating common security measures
Penetration testing generally detects the low-hanging items that are
frequently left open; for example, default passwords and default
cryptographic keys of IoT devices, gateways, servers, and other
networks, default configuration ports, insecure pairing, insecure
firmware updates, and non-secure RF (Radio Frequency)
configuration such as of Bluetooth, ZigBee, and Z-Wave.
Evaluating hardware security
Testing performed in an IoT enterprise should ensure that the IoT
devices connected within the system are safe and secured. Tester
needs to understand and protect the system assets and data from the
induction of any new weakness within the system due to the
integration of any new hardware device. The penetration tester
evaluates the IoT hardware by fake simulating the following
activities:
Identifying whether the devices are in protected or unprotected
locations
Attempting to dump the memory and try to steal the sensitive data
Try to download the existing IoT firmware for analysis
Aims to upload the new firmware and make them operational.
Aim to tamper with the protection of devices and systems.
After simulating these activities tester evaluates and concludes the
security of devices within the enterprise system.
Evaluating wireless communication
Wireless communication is another important component of the IoT
system that needs protection from intentional and unintentional
intruders. The tester needs to determine and identify the backdoor
entries and aim to assess whether it is possible to leave the
mischievous devices and data within the IoT environment without
any failure or if it is required to remove them from the environment.
Once the decision is made; the appropriate action of retaining and
dismissing is considered.
4.3.4 Asset and configuration management

The management of IoT assets is another point of consideration in this
phase of the IoT security lifecycle. It includes the mechanism of Predictive
analysis; where the identification and real-time detection of assets that have
gone in offline/failure mode or are going to be in offline/failure mode is
performed. It helps in building IoT with its new capabilities to
automatically respond to failures and exchange broken components with
new ones.
This can be explained with the help of an example, let us consider a set of
drones used in security and surveillance applications. Each drone within an
IoT system is like an asset whose entry is made on an asset database with
various attributes like its registration number, tail number, sensor payloads,
manufacturer, firmware version, maintenance logs, and flight performance
characteristics such as its temperature and pressure. The asset database is
monitored and predictive analytics is performed by measuring data such as
temperature, strain, and torque which predicts the past failures of the
individual component within the system. And once the failure part is
detected, it is replaced with the new component.
For the proper assessment of an asset and its database, IoT system
deployers are needed to configure two types of management models: first,
IoT asset components like its firmware should be fully integrated and
updated by the IoT device vendor in a single update. Second, all modules of
IoT assets developed with different technologies must be maintained and
updated regularly. Xively and Axeda are the two most popular vendors that
provide IoT asset and configuration management solutions.
4.3.5 Incident management

IoT can be used in various types of applications ranging from simple smart
homes, buildings, offices, and agriculture, to complex industries and
businesses. The impact of failure in these applications may result in
financial loss, reputation loss, personal safety loss, or even loss of life. To
overcome these incidents, security staff must have a better understanding of
how the compromised and disrupted IoT system is affecting the industry or
business. Security staff should be priorly familiar with the Business
Continuity Plans; which determines the appropriate steps that can be taken
during an incident.
The application of incident management; can be explained with the help of
a microgrid example. Microgrids are self-contained energy generation,
distribution, and management systems that consist of various
Programmable Logic Controllers (PLCs). In case; for an instant, any one
of the PLCs goes offline then it is the responsibility of the security manager
to get hold of it. He must understand the impact of taking out that PLC and
then arrange its substitute as soon as possible. It is the duty of security staff
to maintain an up-to-date database for the emergency PLC as well as should
have good knowledge of the critical assets and its business functions.
4.3.6 Forensics
IoT forensics is digital forensics that deals with IoT-related crimes and
includes the deep investigation of connected devices, sensors, and data
stored on all possible platforms such as in-home sensors, wearable devices,
and the cloud. It uses the multi-faceted approach to collect data from
various sources, for example, smart devices and sensors (it includes smart
gadgets at the crime scene like a smartwatch, weather control devices, home
automation appliances, and so on.), hardware and software (it includes
communication link between devices and external world like mobile,
firewall, and so on.), external sources (it includes network like cloud,
social network, ISPs, and mobile network providers).
Once the evidence or data is successfully collected from various sources no
matter what the IoT operating system is or on what platform it is based, it is
directly logged and monitored by the security staff to investigate and
analyze the related disruption.
4.4 Phase 4: Dispose

Disposal or ejection is the last phase of the IoT security lifecycle, which can
be applied to the system as a whole or to its component. Though IoT
generates a huge amount of data however it stores only a minimal set of
data which can be secret data. So, it is required that a proper disposal
procedure is followed in case of scrapping the devices or system after
certain use of time. This is done to prevent the adversaries, which can easily
gain physical access to devices through the minimal set of data stored in the
devices; for an instant, in dumpster diving of old electronics, if electronics
are not disposed of properly then adversaries can easily gain access to
confidential data via it. This phase constitutes the following subphases as
illustrated in Figure 4.4:
Figure 4.4: Sub-processes of phase 4
4.4.1 Secure device disposal and zeroization

As it is known that IoT devices and systems are configured with
cryptographic material that permits them to join and authenticate the
network; which; in turn allows them to communicate securely with all other
devices and systems. Now it is the responsibility of the security manager to
see that all cryptographic materials used within the systems are deleted and
wiped off prior to their disposal. They should formulate policies and
procedures for the secure removal of keys, certificates, and other sensitive
data present within the device. They should also assure the secure deletion
of the device account credentials to prevent it from being hijacked.
Summarizing the above, security staff should attain the zeroization of all
cryptographic materials and credentials before being disposed of.
4.4.2 Data purging

Along with the credentials, security staff should also ensure the purging
(removal) of all sensitive data within the devices and gateways. All devices
and gateways should be rigorously inspected when being decommissioned
from the system.
4.4.3 Inventory control

Management of assets is another point of concern in maintaining security in
IoT systems (discussed in Section 4.3.4). Relating to this, the Security
manager should ensure that the data related to the disposed of device is
completely removed from the asset database. In case; of replacement of
devices; an inventory management system should be set up to keep track of
all the IoT assets and should ensure that the security processes are followed
in removing and replacing devices from the inventory databases.
4.4.4 Data archiving and records management

It may happen that after some time of device ejection, there may be some
requirements for the credentials by the system. In such a situation; instead
of completely removing the data; enterprises should keep the data in a data
warehouse or any other storage media for some extended period. If required
data can be reused within that time or else; after the time extension, it can
be completely removed. Apache and Amazon Data Warehouse offer such
capabilities to the enterprise where the management of assets is maintained.
Conclusion
This chapter is the continuation of Chapter 3 and discusses the rest of the
phases that is, Phase 2, phase 3, and Phase 4 of the IoT security life cycle. It
provides an in-depth discussion of implementing, operating, and disposing
of IoT devices and systems in a secure manner. A broad spectrum of the
chapter is illustrated as follows:
Once the secure designing of the IoT system is done, the next phase
includes the implementation of those designs and the integration of
the enterprise system with security training and configuration
mechanisms.
Implementation and integration of the IoT system include the
following sub-phases:
Formation of security CONOPS document: It is a document
that contains the operation of the system, its security needs, and
the method to satisfy those needs.
Implementation of the designed network with its integrated
security features: In this phase, the IoT network is implemented
with its security characteristics.
Security verification and validation: The implemented security
is verified and validated in this step.
Security training: Once implemented users and security
administrators are trained to operate the IoT system securely.
Secure configuration: In this step, the secure configuration of IoT
devices and networks is done.
After the implementation and integration of the IoT security system,
the next phase includes the operation and maintenance of these
security features. It includes the following sub-processes:
Credential management: Here identities, roles, cryptographic
keys, and credentials are managed.
Security monitoring: Detection and mitigation of abnormalities
are done by monitoring the devices and systems.
Penetration Testing: Simulation of fake attacks is done to
investigate the exploitable vulnerabilities within the system.
Asset and configuration management: It includes the
management of IoT assets and their databases within the system.
Incident Management: In this step, the system is trained in
dealing with the occurrence of the futuristic incident.
Forensics: It includes the deep investigation of IoT-related crimes
associated with any part of the system or platforms.
After sufficient use of the IoT system, after some time it may happen
that the organization wants to dispose of the IoT device or system,
then, in that case, the IoT system enters the disposing phase. The
organization should ensure the secure disposal of the IoT device and
system. It includes the following sub-phases:
Device disposal and zeroization: It states that whenever the IoT
system is disposed of, all cryptographic materials related to it
should be first securely removed and then should be disposed of.
Data purging: Data purging includes the secure removal of
sensitive data within the system and devices.
Inventory Control: All data related to the disposal of devices
should be removed from the inventory database.
Data archiving and records management: It includes the secure
retrieval of confidential data whenever needed.
4.5 Questionnaire

1. A document that contains the operation of the system with their
security needs and the way it can be satisfied is known as:
a. CONPOS document
b. Security document
c. Security Guide

2. _________ assures that the system is operating as per the
requirements directed by the enterprise stakeholders and
_______ assures that the product meets the need of the end-users.
a. Validation & verification
b. Verification & validation
c. Security

3. Testing where the fake attack is simulated for the investigation of
crimes is known as _______.
a. validation testing
b. unit Testing
c. penetration testing
d. system testing
4. In depth investigation of IoT-related crimes is known as ______.
a. forensics
b. crime analysis
c. crime examination

5. Secure removal of data before disposing of the IoT device is
known as:
a. data archiving
b. data deletion
c. control and management
d. secure data purging
Answer key
1. (a) 2. (b) 3. (c) 4. (a) 5. (d)

1. Describe and illustrate the IoT security lifecycle.

1. How does IoT network can be implemented in an enterprise
securely?
2. What are the different mechanisms of maintaining and operating
security in an IoT system?
3. State the secured procedure of disposing of IoT devices when once
used.
Keywords (†)
SIEM (Security Information and Event Management): It is a
security approach that combines security information and security
event management functions into a single security management
system.
Glue-code: It is an executable code that adapts different parts of code
that are incompatible with each other
Emulators: It is the hardware or software that enables dummy
systems to behave as an original IoT system.
Proof-of-concept: It is an understanding of a certain idea that
demonstrate its feasibility or its practicability.
References
[1] R. Kissel, K. Stine, M. Scholl, H. Rossman, J. Fahlsing, and J. Gulick,

“NIST Special Publication 800-64, Security Considerations in the
Information System Development Life Cycle,” October, Retrieved on,
vol. 26, no. October, pp. 800–864, 2008, [Online]. Available:
http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication80
0-64r2.pdf.
[2] “Cloud-fog-computing.” http://blogs.cisco.com/perspectives/iot-from-
cloud-to-fog-computing.
[3] “Verification & Validation.”
https://en.wikipedia.org/wiki/Verification_and_validation.
[4] U.S. Department of Transportation, “SECURITY CREDENTIAL
SECURITY CREDENTIAL MANAGEMENT SYSTEM ( SCMS ).”
[5] “BlueMaho.” http://git.kali.org/gitweb/?
p=packages/bluemaho.git;a=summary.
[6] “Wireshark.” https://www.wireshark.org/.
[7] “BlueLog.” http://www.digifail.com/software/bluelog.shtml.
[8] “Crackle.” https://github.com/%0Amikeryan/crackle.
[9] “IoT security.”
https://docs.aws.amazon.com/iot/latest/developerguide/iot-
security.html.
[10] “DSRC.” https://www.data-alliance.net/blog/cv2x-and-dsrc-
connected-car-autonomous-vehicle-technologies/).

Formation of CONOPS
Secure implementation of IoT system within the enterprise
Need for security training
Management of system operation and its maintenance in a secure
manner
Need to dispose of the IoT device in a secure way

CHAPTER 5
IoT as Interconnection of Threats
Ideally, IoT is addressed as an interconnection of things or objects. However, due

to its resource constraint features, it is not yet mature and hence, vulnerable to
various threats and attacks. Therefore, sometimes it is also labeled as an
interconnection of threats. In Chapter 2, IoT Security - Vulnerabilities, Attacks,
and Countermeasures, we already discussed some common types of threats,
attacks, and their classification. However, there are still some more aspects and
dimensions of threats that need further discussion. Contemplating this, the chapter
illustrates the malware propagation facet of threats in an IoT system along with its
detection and controlling schemes. Moreover, it also presents the attack detection
methods and their solution-based analysis on two of the most popular IoT systems;
entitled smart vehicular systems and smart home systems.
The ability to withstand threats and attacks is robustness. Considering this factor,
the chapter also illustrates the concept of network robustness and the schemes that
increase the performance of network robustness.
Structure
The chapter covers the following topics:
The Sybil attacks and their detection scheme in a vehicular network
Malware propagation and its optimal controlling schemes
The concept of Smart Home Systems and the solutions for protecting them
from various attacks
Robustness in the IoT network and the technique of increasing its
performance
5.1 Sybil attack detection in vehicular network

A vehicular network is a subclass of the mobile-ad-hoc network that establishes
communication between vehicles and people, vehicles and roads, vehicles and
vehicles, cars and other transport facilities. This is done to achieve effective
monitoring; ensuring a safe and efficient flow of traffic. However, it is being
observed that the open-ended nature, high mobility factor, and dynamic topological
aspect of the vehicular network towards the wireless communication had attracted
various types of attacks such as DoS attacks, malware attacks, black hole attacks,
Sybil attacks, and so on. Out of all these, the Sybil attack seems to be the most
threatening attack. Considering this factor, this section discusses the effect of the
Sybil attack on vehicular networks and the various methods for its detection and
prevention.
5.1.1 Concept of a Vehicular Network or a Vehicular Ad-Hoc

Network (VANET)
The vehicular network considers vehicles as mobile nodes and supports
communication to the nearby stationary vehicles and moving vehicles. They also
support communication to the nearby Roadside Equipment (RSU) such as towers
or any isolated roadside unit; which are considered as stationery access points
located on roads. Nodes in VANET make use of topology of road, so while
moving, if the road information is available to the network, then easily the future
location of vehicles can be predicted and accidents can be avoided. Moreover,
vehicles in VANET provide continuous power transmission within themselves that
supports significant computing, communication, and sensing capabilities.
The concept of the vehicular network became popular in 1990 when the scientific-
community supported computing and telecommunication within the global positioning
system (GPS).
Projects such as PATH (California partners for advanced traffic and highways), ASV
(Advanced Safety Vehicles), and CHAUFFEUR (Europe) at that time were promoted
and favored in different areas of vehicular networks such as communication, application,
architecture, design, and security.
Architecture and Working of VANET

The VANET architecture comprises two components named vehicle
components and infrastructure components. The vehicle component is
equipped with an On-Board Communication unit (OBU) and the
applications that enable OBU to communicate with other vehicles or with
any stationery access point located on the road. In addition, the infrastructure
component comprises Roadside Units (RSUs) connected to the Internet
through a drone or GPS. The architecture of VANET is shown in Figure 5.1:
Figure 5.1: The architecture of VANET

Communication between the vehicles is known as Vehicle To Vehicle (V2V)
communication and communication between vehicles and infrastructure such as
with RSUs is known as Vehicle To Infrastructure (V2I) communication. Along
with OBU and RSUs, VANET also comprises the Vehicular Sensor Network
(VSN) that communicates via wireless broadband mechanisms such as 3G/4G.
Sensors are placed at a different location which can be fixed as well as mobiles.
The sensors monitor the real-time data related to traffic (such as speed and location
of the vehicle) and environmental conditions (such as pollution, temperature,
vibration, pressure, movement, and so on.) which is included in the broadband
cloud for storage and processing. Once the processing is done, the message is
generated and disseminated for active driver assistance and vehicle tracking.
In-depth details of the VANET are out of the scope of this book, however, if readers wish,
they can refer to the following research papers [9]–[11]
5.1.2 Challenges and attacks in vehicular network

VANET is an outstanding self-organizing network for future intelligent transport
systems. Its unique features such as high mobility, time criticality, high
computational ability, and dynamic topology have made VANET gain an upper
hand when compared to other wireless networks. However, besides its excellent
features and applications, it suffers from various issues and challenges like
security, scalability, power control, and quality of service. Out of all these issues,
security in VANET is one of the most critical issues that needs utter attention
because the information in VANET is transmitted in an open-access environment.
Therefore, careful attention is required in designing the security architecture of the
VANET that guards the system against malicious attacks.
Attacks on VANET can be categorized into three classes and are illustrated in
Table 5.1:
VANET Attacks Explanation

attack classes
DoS attack An attacker jams the channel by generating high

frequency so that no vehicle can communicate with
each other.
Attack on
Availability DDoS attack An attacker jams the network by flooding crashed
services at different locations and at different time
slots. The behavior of the jam launched by the
attacker depends on V2V and V2I.
Spamming An attacker aims to consume the bandwidth of the
network and increases the transmission latency by
sending huge spam advertisement messages to the
vehicle’s applications.
Blackhole An attacker node tends to drop all the incoming
traffic data, thus causing a disturbance in VANET.
Malware This attack exists whenever the software in VANET
units like OBU and RSUs is updated.
Attack on Sybil attack An attacker transmits multiple messages with
authenticity different IDs to the vehicle making it feel that
messages are coming from different vehicles but in
actuality, it has been sent by a single malicious user.
An attacker changes his/her identity and acts like a
Node
real originator of the message.
Impersonation
attack
VANET Attacks Explanation
attack classes
Attackers selectively drop the packets from the

Message
network which may contain critical information.
suppression
An attacker modifies or alters the existing
Alteration
information.
attack
Attack on Eavesdropping An attacker collects the information about the
confidentiality vehicles and road without the user’s knowledge and
uses them at a time when the user in not aware of the
collection.
Timing Time is a critical parameter in VANET safety
applications. In this attack, the attacker damages the
actual time content of the vehicle and results in a
delay in the messages due to which accidents could
take place.
Home attack An attacker takes control of the user vehicle by
Miscellaneous
connecting itself to the open Internet and may
attacks
damage the OBU or may change the behavior
sensors according to their own need.
Social attack The attacker confuses or gets hold of the victim by
sending unethical and abnormal messages so as to
disturb the driving of the driver and create problems
within the network.
Table 5.1: VANET attack classification
Out of all these discussed attacks, the Sybil attack is the most common and critical in the
VANET network. Therefore, in the upcoming section, we will discuss the mechanism of
detection and mitigation of this attack.
5.1.3 Consequences of a Sybil attack

A Sybil attack is a serious attack that can result in a large-scale DoS attack or other
security risks in the VANET network. Sybil attackers attempt to create an illusion
of a traffic jam or accident so that vehicles get disturbed and change their routing
path for the benefit of the attacker, as shown in Figure 5.2. In this attack, a single
entity (that is, an attacker) gains control over a fraction of the system by presenting
multiple identities. It violates the basic assumption of one-to-one correspondence†
of a node with its identity. It can take two different forms:
First, a single attacker node can present multiple identities.
Second, an attacker node can use the identity of another node for launching
the attack.
Figure 5.2: Sybil Attack illustration

Sybil attacks can have adverse effects in a VANET environment and therefore, it is
necessary to design a scheme or a mechanism that detects and mitigates the Sybil
node from the VANET environment. The following are some of the veto
consequences caused by the Sybil node in the VANET network:
Disturbance in VANET routing: By using multiple identities or by using
another’s identity, the Sybil attacker sends a large number of messages
within the same channel and affects the performance of geographical
routing, which may, in turn, leads to a large-scale DoS threat.
Tampering of trust and reputation of the system: Since the reputation and
trust management system depends on the unique ID and authenticity of the
node. Sybil attackers may violate the identity and may result in incorrect
computation of reputation or trust values.
Damage to the fairness of the Resource Allocation System: A node with
multiple identities exploits the network by using more bandwidth and
network time.
Manipulating Data Aggregation System: It is the nature of a wireless
network to aggregate the values from sensor nodes; however, the presence of
a Sybil node may manipulate these values and can result in misleading
aggregate values.
Disseminating of false messages: A Sybil node creates and inserts bogus
information using its all-fake identities simultaneously within the network so
as to create an illusion of a non-existent event.
5.1.4 Sybil attack detection schemes in a VANET network

The presence of the Sybil attack in VANET leads to the corruption of networks and
provokes losses of time, money, and sometimes even the lives of an individual.
Sybil attacks generally occur in the absence of the Central Authority (CA) and
aim to disturb the coordination of entities within the network. Different techniques
have been proposed by researchers for its detection. Some of them are as follows:
Detection of a Sybil attack using neighboring nodes
This scheme includes two phases. In the first phase, RSU verifies the
credentials of the vehicle, if the verification is successful, and then the
second phase starts where RSU allocates the identification parameters to the
vehicles. RSU is responsible for collecting the information from the
neighboring nodes and defining the threshold speed limit for them. Once the
neighboring information is collected by the central authority (CA), it is
analyzed for its consistent similarity and fake identities are localized which
are then mitigated.
Functioning
Whenever a vehicle joins the network, it sends a HELLO message to RSU.
The RSU, in turn, verifies the credentials of the vehicle and stores the node’s
(vehicle’s) information along with the information of its neighboring nodes.
It then also allocates a unique identity to the joined vehicle.
In case the node is a Sybil node and tends to send HELLO messages again
and again with its changed identity to RSU for joining the network. Then,
the RSU will check the neighboring node information and if the information
is the same, then it will send monitor mode messages within the network and
will alert all the adjacent nodes, which in return will isolate the detected
Sybil node.
In case the neighboring nodes do not have any information related to the
Sybil node, then the speed of the vehicle is compared with the fixed
threshold value. If the speed of the node is more than the threshold value, the
node is said to be a Sybil node and is isolated from the network. If the speed
of the node is not more than the threshold value, then the node is considered
a legitimate node, and the communication proceeds in the network. The
proposed scheme avoids collision, reduces the percentage of Sybil attacks,
and increases the possibilities of Sybil detection [1].
Platoon dispersion detection techniques
A platoon is a group of vehicles that travel close to each other. It optimizes
the number of signals sent between vehicles, helps in avoiding congestion,
and improves the safety of the road. However, platoon dispersion like human
factors, changes of lanes, and friction of road prevents the formation of a
smooth platoon.
This technique constitutes two protocols that are executed simultaneously.
The first protocol is executed by each vehicle within the platoon, which
stores the identities of all vehicles it has communicated with when it had
traveled between two RSUs. After that, it forwards the stored identities to
the upcoming RSU. The second protocol is executed by RSU, which
receives the identities of all vehicles in the platoon and then waits for the
minimum travel time. After that, it receives the forwarded identities from
each vehicle and calculates the Cumulative Distribution Function (CDF) † ,
that is, the likelihood of each vehicle in the platoon. The likelihood of
vehicles determines any kind of anomalies in the platoon and detects
whether there is a Sybil attack or not[2].
Timestamp series approach
This approach is based on RSU support and is suitable for the small VANET
network which involves only a small fraction of vehicles equipped with
wireless communication devices. GPS is used for location detection and the
digital map is used for including the geographical road information. Each
RSU is required to establish a temporary relation with each vehicle passing
by it and by issuing a certified timestamp to it. It is assumed that no two
vehicles pass multiple RSUs at the same time. In case two messages with the
same timestamp series by the same RSU are received by the system, that
message is considered a Sybil message sent by a particular vehicle and the
vehicle is considered a Sybil node.
The proposed method minimizes the security overhead by aggregating the
previous timestamps with the current timestamp and displays only the
newest aggregated timestamp. This approach is also economical in nature as
it neither needs vehicular based public-key infrastructure nor internet-
accessible RSUs [3]
Received Signal Strength detection approach
Sybil attacks can also be detected by using the received single strength
(RSS). RSS is the difference between the single attenuation power † and the
transmission power. In this scheme, each RSU is responsible for analyzing
the RSS of each vehicle on the road. Every vehicle periodically sends
beacon packets to the other nodes/vehicles within its communication range.
The packet contains the sender’s identity and the time of sending the packet.
RSU analyzes these packets and groups similar RSS signals into one group.
After that, when the vehicle starts moving, its RSS value is observed by
various RSUs after every certain interval of time. The honest node/vehicle
will tend to change its RSS value depending on the group it is in, while the
Sybil node keeps sending the same RSS value, which is easily detected by
RSU [4].
Location Certificate-Based approach
This is a semi-centralized detection approach where instead of Central
Authority (CA); Roadside Units (RSUs) are used along with a
cryptographic certificate together with position verification. The position
verification is used for capturing the dynamic context of a vehicle and the
RSU is used to verify the authenticity of a vehicle by using the information
of the nearby RSUs in the network. The basic idea of this approach is the
utilization of RSUs, which can contact nearby RSUs more quickly as
compared to a CA. Therefore, here, the function performed by CA is
distributed through the RSUs.
Properties of the Location-certificate approach
Independent of specialized hardware: This approach makes use of the already
existing RSU infrastructure for the detection of attacks.
Both CA and RSU take part in detection: Basically, all other approaches use
only CA for the detection of attacks. However, in this approach, both CA and
RSU detect the attacks, thus avoiding the central bottleneck in communication.
Authentication of a node depends on geolocation information: The location
of the node is verified using RSS signals and its geographic location.
Isolates the Sybil nodes: The Sybil node is isolated and prevented from further
engaging with the network.
Structure of the Location-certificate approach
The whole network is viewed as a three-level tree rooted in CA, which maintains
the information about all vehicles in the VANET. The second level or layer
consists of a set of all RSUs which are generally the fixed infrastructure. Unlike
normal tree structures, here RSUs are linked with each other. The last level of the
tree contains the mobile nodes (vehicles), where each vehicle has a unique ID and
certificate registered with the CA.
Assumption
Each RSU and each vehicle should know its geographical location using any
GPS device.
RSUs are considered as trusted entities.
Each vehicle should be registered with CA with a unique ID and public key
certificate.
Sybil node detection mechanism
Let’s consider for each vehicle ‘j’, the CA stores the vehicle ID ‘j’ and its
corresponding public key ‘PKVj’. Each RSU continuously broadcasts its own
public key ‘PKRS’ using a beacon signal†. Notations used in this scheme are
illustrated in Table 5.2:
Notation Meaning Notation Meaning
PKCA Public key of CA PKCA-1 Private key of CA

PKRS Public key of RSU PKRS-1 Private key of RSU
PKVj Public key of vehicle ‘j’ PKVj-1 Private key of vehicle ‘j’
Table 5.2: Notations used in sybil node detection scheme
The steps involved are discussed as follows:
1. This is a one-time process for each session and occurs when the vehicle
does not have a valid location certificate.
Let’s suppose that the vehicle ‘Vj’ enters the range of RSU ‘RSUi’ (Figure
5.3). Then, the vehicle will create the location-certificate request in the
format: {vehicle ID, position, timestamp}. As discussed, ‘position’ is taken
from the GPS sensor. For communication security, a message is signed
using the vehicle’s private key ‘PKVj-1’and encrypted by the ‘RSUi’ public
key ‘PKRSi’ (equation 1).
encrypt (M = {VehicleID, position, timestamp, sign(M, PKVj-1)}, PKRSi) (1)

2. When RSU receives the request from the vehicle ‘Vj’, it first verifies the
claimed position using the RSS signal. If the position is valid, then RSU
forwards the encrypted request to the CA using the public key of the CA
that is, ‘PKCA’ (equation 2 Figure 5.3). If the vehicle is invalid, the RSU
notifies the vehicle ID to adjacent RSUs.
encrypt (M = {VehicleID, position, timestamp, sign(M, PKVj-1)}, PKCA) (2)

3. In this step, the CA verifies the received request using the public key of
vehicle ‘Vj’ that is, ‘PKVj’ and checks whether the vehicle ‘Vj’ is
registered anywhere in the network. If not, then it registers the vehicle
location with the RSU and notifies the corresponding RSU using the
vehicle’s public key Public ‘PKVj’ (equation 3, Figure 5.3).
encrypt (M = {PKVj, VehicleID}, PKRSi) (3)
Since CA knows the public key of all RSUs, hence can communicate securely
with RSU.
4. Once the confirmation from CA is received, the RSU issues a location

certificate {RSU_ID, RSU_Shared_Key,VehicleID, expiry_time} to the
vehicle ‘Vj’, encrypted with the vehicle’s public key (equation 4 , Figure
5.3).If the CA detects it to be a Sybil attack, then it will inform the
concerned RSU, which in turn will not issue a certificate to the vehicle.
encrypt (M = {RSU_ID, RSU_Shared_Key, VehicleID, expiry_time}, PKVj)

(4)
Figure 5.3: Sybil node detection mechanism (Step 1 to Step 4)

5. The valid location certificate act as a key for the vehicle’s vehicle-to-vehicle
communication in VANET. Each vehicle continuously checks the expiry
time of the location certificate and sends its request before the expiration of
the previously issued certificate.
6. In case of the vehicle enters the range of the next RSU, it will again send a
location certificate request to that RSU but will include the position
certificate of the previous RSU. Refer Figure 5.4 and equation 5. Whenever
the ‘kth’ RSU gets a request with a position certificate from the ’ith’ RSU, it
will check the validity of the certificate from the ith RSU and acquires the
public key of the corresponding vehicle. The next RSU that is, the ‘kth’
RSU will issue the certificate and notify the CA of the vehicle ID and
RSU_id. Finally, the ith RSU will remove the corresponding vehicle from
its storage.
encrypt (M = {VehicleID, position, timestamp, loc_certificate, sign(M, PKVj-1)},

PKRSk) (5)
Figure 5.4: Sybil node detection mechanism (Step 6)
Some Dimensions of Sybil Node Detection
Sybil node detection takes place at RSU as well a1s at CA levels. This can be
explained as:
a. For instance, each RSU is responsible for the verification of a node (vehicle)
based on the location information whereas the CA is responsible for checking
whether the node registration had occurred anywhere in the network using a
unique ID or not. Incase an attacker sends a legitimate request (twice or
more) to the CA, then CA can easily check the validity of the message using
the vehicle’s public key. If validity exists, then it means that message is sent
by the attacker; else it means that message is not sent by attacker and can be
registered for communication.
b. Secondly, in this scheme, the location certificate issued by RSU; allows the
vehicles to communicate with each other. This prevents a Sybil node from
taking part in further communication because RSU stores the information of
only those vehicles which are within its range and erases the details of a
vehicle once it moves to the next RSU. Thus, it does not give any chance to a
single vehicle to behave with a different identity.
c. Finally, if an RSU or the CA has detected the Sybil attack, it informs the
nearby RSUs, which then further rejects the vehicle’s request without going
through the remaining process.
The modeling and verification of this scheme is implemented in Promela, process

specification language and can be studied as per the reader’s interest in research [12]
To name some important and common techniques; these are only a few schemes that
detect Sybil attacks in a VANET network. However, if readers wish they can explore
other schemes also in the following research papers [13]–[17]considering the integration
and communication between vehicles, sensors and fixed road-side components (routers,
gateways and services.
5.2 Malware Propagation and control in Internet of Things
As discussed in previous chapters; the resource constraint feature of IoT devices,
intriguing complexity of IoT network, and limited computational capability have
exposed the Internet of Things to a high risk of malware infiltration. Malware such
as Trojan, viruses, and worms are intrusive software that is designed for
performing criminal and hostile activities like spying, threatening, or controlling.
As per the Cisco threat reports, thousands of malware attacks occur every year
around the world, and each incident affects the production and economy greatly.
Therefore, it is necessary to model and study the behavior of malware propagation
and frame out the techniques for controlling its explosive growth. In this section,
we will explore the analytical model of malware propagation on the Internet of
Things.
5.2.1 Malware in Internet of Things

There are two different paths through which malware can propagate in the IoT
network. One is via infrastructure-based communication technologies like
GPRS/GSM/LTE and so on., and the other is via proximity-based wireless media
like BLE, Wi-Fi, NFC, and so on. Malware propagation through these two
mediums has a significant effect on the dynamics of the network as the infected
nodes aim to infect the other neighboring nodes via these two mediums, as can be
seen in Figure 5.5:
Figure 5.5: Propagation of IoT Malware
It can be studied with the help of mathematical analysis. Therefore, an analytical
model is considered for illustrating the malware propagation characteristics and
planning the protection strategies. Malware dynamics in IoT can be modeled by
assuming that each individual node in the network behaves differently and have a
varying infection rate.
5.2.1 Modeling of malware propagation

This is a microscopic view, where all nodes in a network are assumed to be
different from each other and possess a different rate of malware propagation. The
malware propagation is studied with the help of the Markov Chain and the
Impulse Free Model (IFM), which is discussed further, but before proceeding, let
us get to know the Markov Chain Model.
A Markov chain is a probabilistic model that describes a sequence of possible events in

which the probability of each event depends only on the state of just the previous event.
For instance, Figure 5.6 states that the probability of an event moving from state ‘E’ to
state ‘A’ is 0.7, while the probability of remaining in the same state ‘E’ is 0.3. Similarly,
the probability of changing an event from ‘A’ to ‘E’ is 0.4, and remaining in the same
state ‘A’ is 0.6.
Figure 5.6: The Markov model
Markov Chain is of two types Discrete-Markov-Chain and Continuous-Markov-Chain. In

Discrete-Markov-Chain change in the state depends on the discrete set of times while in
Continuous-Markov-Chain; change in state is due to the continuous set of times.
In-depth illustration of Markov chain is out of scope of this book.
Impulse Free Model

To model the dynamics of malware, the IFM model considers the following
assumptions (initially incubation period† is not considered):
1. The dynamics of individual malware due to its contact with infected
individuals and its infection rate are considered a homogeneous Poisson
process† with exposure rate ‘λ’ (contacts/time).
2. The recovery dynamics of an individual who is already infected by malware
due to firewall or antivirus software is exponentially given with a mean ‘1/
µ’ unit time.
The dynamics of malware without an incubation period are modeled as a finite
ergodic† Continuous-Time Markov Chain (CTMC) with states representing the
level of malware quantized by ‘N’ degrees. Hence, having total ‘N+1’ states, as
Figure 5.7: State transition without the incubation period

Studying malware dynamics without an incubation period is not realistic in nature
because generally, the spread of malware depends on both the exposure rate and
the self-immunity ability of the individual. Therefore, to make IFM realistic, an
incubation time period ‘T’ is defined from state ‘0’ to some threshold state ‘δ’ for
an individual and the probability ‘P0δ(t)’that an individual is initially safe, and will
eventually be infected at a time ‘t’, as illustrated in Figure 5.8:
Figure 5.8: Continuous-time Markov chain with an incubation period

The status of the expected level of the malware ‘E[X(t)]’, the incubation period
‘T’, the remaining lifetime ‘R’ of an individual, and the status probability (Pij(t))
of an individual changing from safe to infected state at a time ‘t’ for an individual
malware is shown as follows:
Equations derived in this model are from the Markov-Model. Readers are requested to
have in depth study of the Markov model before proceeding.
Expected Malware Level E[X(t)]

Let’s assume that ‘N’ is relatively large so as to expect that fatal level is very
difficult to achieve; refer article [5]. According to the CTMC model, for a
very small interval ’h’, given X(t) and X(0) = i ,we have:
Thus,
Denoting M(t) = E[X(t)], then
and,
Incubation Period ‘T’ and Remaining Lifetime ‘R’

Incubation period ‘T’ is the time from state 0 to threshold δ for any
individual. Let’s assume for a birth and death process † , with constant
parameters λ and μ, the time taken for an event to transit from state ‘x’ for
state ‘x+1’ be Zx, then the expected time and variance of Zx can be evaluated
as:
And ,
Where,
The expected time to go from state ‘k’ to state ‘j’ is given as:
Hence,
And,
Remaining Lifetime (R)

Let’s assume that the system breaks and the malware reaches the fatal state
‘N’, then the remaining lifetime of the individual malware can be defined as
the time from the emergence of the malware to state ‘N’ and can be derived
as follows:
And,
Transition Probability Pij(t)

The transition probability ‘ ’ in the Markov Model is defined by the
expression . As per the transition diagram
in Figure 5.8, it is observed that an individual malware; initially was at safe
state and then was infected at time ‘t’. The transition probability matrix P(t)
is given by the equation , where ‘R’ is the rate of transition
matrix with elements:
Thus, we can write the rate transition matrix R for the model presented in
Figure 5.8 as follows:
From this ‘R’ matrix, the transition probability matrix ‘P(t)’ can be obtained.
5.2.3 Malware control strategy

Local Routing Depth (LRD) is one of the basic strategies that deal with the
malware vulnerabilities in IoT devices and networks. LRD is used to mitigate the
infection in ranges of the networks instead of mitigating an individual infected
device. The basic idea of this defence system is to centralize the mitigation action
in the IoT network which is identified as an infected individual. Once the
centralized infected point is identified, the action of mitigation is speeded into all
the neighboring networks as per the desired depth of action. The desired depth of
action is equivalent to the specified number of hops of routers between the central
infected point and the edge of the range of targeted networks.
Let’s consider an infected IoT network (Here, the network is considered a binary
tree network model). Once the network is identified to be infected the control
server comes into action and performs the mitigation action to that network and all
its neighboring networks according to the defined LRD. For instance, if the LRD is
0, only the infected network will be mitigated by the malware infection. If the LRD
is 1, the control server will make one hop from the router of the identified network
and will hop the mitigation action in all possible directions. These directions can
be to the parent and the two children of the initial router, thus in total three
directions are there. Similarly, if the LRD is 2, the control server will make two
hops to the router and will target all the local IoT networks along the way till the
end of the hops.
Figure 5.9 illustrates a network of 63 routers with three cases of LRD centered at
router number 10. Figure 5.9 (a) presents the LRD of 0, where only the central
router that is, router 10 is mitigated. Next, in Figure 5.9 (b), LRD of 1 is presented,
where the control server takes one-hop and mitigates the infected routers. In this
case along with router 10, router 5, 20 and 21 will also come under the mitigation
scheme. Finally, Figure 5.9 (c) illustrates the LRD of 2, and mitigates the malware-
infected in routers 2, 5, 10, 11, 20, 21, 40, 41, 42 and 43:
(a)
(b)
(c)
Figure 5.9: Illustration of LRD defense Scheme
There are several other methods of representing malware propagation and its defence
mechanism. Readers can refer to the following research if interested [6]–[8].
5.3 Solution-based analysis of attack vectors on smart home systems

The increasing demand for automation technology in the form of a Smart Home
System (SHS) leads not only to the need for more functionality but also for a safe,
secure, and functional environment. It has been observed that the ongoing battle
for smart security in smart homes is a difficult task. The purpose of this section is
to deal with the security and privacy measurement of the Smart Home System
(SHS) that comprises automated systems such as digitalSTROM (dS). The aim of
digitalSTROM is to revolutionize the living space and make living more
comfortable, safer, and sustainable for everyone, be it for a single-family, an
apartment, or a commercialized building. Technically, it is a wired or wireless
topological system that has a powerline-based bus and embedded central server.
The details are discussed further.
5.3.1 Concept of a Smart Home System with an example of

digitalSTROM
The digitalSTROM is a Smart Home System designed for personal home use. It
provides control over all home technical aspects such as lighting, device shading,
heating, cooling, and even security with optimized electricity usage, humidity
levels, and energy consumption. It can operate, automate, individualize, and
interconnect every feature of the home using a smart pushbutton, smartphone
application, touchscreen interface, or the voice control mechanism. The design of
dS is flexible and scalable and can be implemented at any time or later for its
extensions. Figure 5.10 provides an overview of the Smart Home System (SHS)
using dS.
Image in Figure 5.10 is directly taken from the digitalSTROM website

(https://www.digitalstrom.com/en/technology/)
Figure 5.10: Overview of a SHS system using digitalSTROM
Technical structure of digitalSTROM(dS)

DigitalSTROM is a wired or wireless topological system used in multiple
apartment building, but each apartment requires its own installation. The
installation of digitalSTROM consists of one digitalSTROM server (dSS),
one meter (dSM), one filter (dSF) per circuit and numerous terminal blocks
that is, small clamps with digitalSTROM chip (dSC) for each device.
The dSF filters out all dS messages on the power bus and prevents them
from reaching the outside world. This is generally done to prevent the cross-
talk in the case when multiple dS installations are present close to each other.
DigitalSTROM meter (dSM) communicates with other dSMand handles
around 128 clamps.
The dSS server uses ds485 two-wire protocol and spans up to 100m that is
confined within a single cabinet. It is an embedded Linux platform with a
400MHz ARM9 CPU, 64Mb RAM, TGb flash memory, 2 USB ports, and an
RJ45 100Mbit ethernet port. It also consists of an onboard RS-232 serial port
for recovery purposes.
The dSC chip is integrated into a clamp and is connected directly to a power
switch or an appliance or onto any socket that is listed by a licensed
manufacturer.
The devices communicate over the power wire using a closed protocol as
shown in Figure 5.11 (dash-dotted line). For instance, it consists of three
separate power circuits (one per floor), two dS appliances (TV, light), and a
non-dS charging electric vehicle on an outdoor plug.
The dSM is connected to the dSS which in turn is then connected to the
home network using a wireless router. The dSS provides a web interface for
configuration and an AJAX/JSON API for control, via a control device like
a smartphone or tablet which is connected to the router. Please refer to the
following figure:
Figure 5.11: Technical structure of SHS using digitalSTROM
5.3.2 Attack vectors on SHS

Attack vectors on Smart Home Systems are basically classified into four categories
and are illustrated in Figure 5.12 (a). Each attack vector is associated with a
certain level of risk and the risk is estimated on the basis of how likely and how
severely a given attack is, as shown in Figure 5.12 (b).
The attack vectors, based on the four categories, are as follows:
The server that manages and controls the interface or API.
A bus that communicates with the appliances.
A control device that switches the individual appliances via smartphone.
A third-party remote service that extends the system’s core functionality.
Figure 5.12: Attack Vectors and their risk-level on SHS system

DigitalSTROM (dSS) server is an important component that has entire access
privilege to the SHS system, that is, it reads out a metering value, manages APIs
on the home network, and can even virtually run the entire system. Due to several
interfaces, dSS if compromised will compromise the entire SHS system. The
possibilities of attack in the dSS server are as follows:
a. The first possibility is by gaining physical access and compromising the root
system password. It can be done by using the debug ports that gain access to
the boot loader via the serial console. In the case of a low memory server; SD
cards are used as the main storage device. Which acts as the possibility of
maliciously switching SD cards to one with added or modified credentials.
Because of high impact but local constraint, this attack is rated at risk level 4.
b. The second possibility of attack is by gaining access to the local wired or
wireless network. The attacker exploits the TCP/IP vulnerability in the case
of wired LAN and WLAN dongle in the case of wireless LAN. They also
exploit the service vulnerability of services running with system privileges.
Moreover, the attacker also exploits the API vulnerability within the dSS
process. API can be exploited due to the weak router/firewall rules that may
pose a potential flaw in the SHS system. The severity of this attack is at risk
level 7.
c. The third possibility of the attack is targeting the server via the dS485 bus
interconnected with dSM. The attacker can directly gain access to the wire or
can indirectly gain access by a rogue dSC that injects events that trigger a
given message by the dSM on this bus. The severity of this attack is at risk
level 2.
d. The fourth possibility of the attack is to redirect or abuse the digitalSTROM
app store by injecting rogue updates with open backdoors or by rogue
applications, that are installed either by mistakes or by misguiding the user
that is installing it. This attack vector is assigned the risk level 5.
Smart control devices

Smart control devices such as smartphones or control stations are other
components that compromise the SHS system. The JSON-API used in dS smart
control devices is accessible by a secure HTTPS connection and requires a token
that is obtained only after successful authentication. Generally, smartphones are
connected to the Internet and thus are exposed to third-party applications, viruses,
and worms, which may in turn compromise the whole SHS system, including the
API support which also gets compromised till the token is revoked or expires. The
risk level of this attack vector is nine.
Smart home communication bus

The risk of a compromised communication bus is analyzed in this section.
Generally, an unencrypted communication medium is used in the SHS system.
Since the messages received through the communication medium, that is, BUS is
neither encrypted nor authenticated, they are always assumed to be valid. This
opens the possibility for attackers to:
a. Inject the control signals that aim to directly control appliances or disrupt the
system.
b. Inject the invalid power readings to falsify the reporting system on power
consumption.
c. Jam the SHS system thereby creating a denial-of-service (DoS) attack. This
can be done by continuously sending system-wide events such as alarms and
then is broadcasted by dSM into the SHS circuits.
d. To attach a rogue appliance like a TV, lamp, or a computer; anywhere in the
system and then gain the physical plugging access by tricking other
appliances for instant by gifting or lending.
The risk level in this attack vector is 4.
Remote third-party services

This section analyzes the results of connecting third-party services with the SHS
system. Third-party services provide additional functionalities to the SHS which
can be classified into two categories: monitoring services and control-delegation
services.
Monitoring services: These services accept consumption statistics, system events,
or other collected data, and, in turn, provide analytical services based on the data
interpretation. Attackers in these services impose a privacy risk by identifying
events such as leakage of home presence and other activities. The risk level in this
attack vector is 3 but can increase if the leaked information remains unnoticed for a
very long time.
Control-delegation services: These services require control permission and token
to access API, which may be revoked individually. These services act as an
alternative to an Internet-based user interface. Attackers in these services tend to
install rogue applications and take control of the SHS system. The risk level in this
attack vector is 9.
5.3.3 SHS hardening

Hardening is the practice of reducing a system’s vulnerability by decelerating its
attack surfaces. SHS hardening includes the following security suggestions in
different attack vectors that reflect the usability of the system.
Hardening of Central digitalSTROM server

As discussed earlier, the dSS server is the crucial component of the SHS system
and requires immediate protection. To protect the dSS server against attackers, the
following procedures are adopted:
To protect the server against physical server breaches, locking of the cabinet
is suggested if it is located in public or semi-public space; since the risk
within private space is low. It should be recommended through the
installation document.
For additional security, a tamper-evident case can be used to stop the
attackers. This prevents the integrity of the system.
To protect the server against network-based attacks; it is required to make
the user to change the default access password, preferably during the initial
setup.
To prevent the man-in-middle attack, dS servers should be updated to an
encrypted HTTPS connection with a valid SSL certificate.
To reduce the risk of a totally compromised SHS, a permission-based access
control system for API is included. Permissions such as reading out meter
values, usage of controllable rooms or appliances, or events should be
registered as per the allowable permissions.
Hardening of Smart Control Devices

As discussed, Smart Control Devices (SCD) like smartphones have full control
over the SHS system, which if compromised will be disastrous. So, it is important
to educate all users about the applications and devices that control the SHS system.
The manufacturers of the SHS system are advised to prepare a white list of
registered applications that run on the Android OS which are updated upon the
request. Users are asked to verify every application from the list before its
installation. In this way, users feel more secure because they know which
application can or is trying to control their SHS.
Hardening of Smart Communication Bus

A communication protocol in digitalSTROM; most importantly between dSC and
dSM is the most critical component and requires the utmost care. Since the
communication in SHS is unencrypted; it can lead to a DoS attack. Thus, it is
recommended to add a low-power encryption layer within the communication
protocol, so that only reliable messages are circulated within the communication
bus.
It is also suggested to add an option of disabling Plug-n-Play (PnP) functionality.
The PnP functionality automatically registers new devices within the semi-private
environment such as offices. For instance, in offices plugging the devices enable
the auto-registration function; however, in case the attached device is
compromised; it could lead to the disturbance of the system. Disabling the PnP
functionality could disturb the ease of use; therefore, it is recommended to allow
PnP connection but registration should be allowed only when permission is
granted.
Hardening of remote third-party services

Third-party services generally lead to privacy leakage. To prevent the system from
leaking any data; the following is recommended:
Implement the configurable time-resolution limit permission to the already
proposed permission system, this would maximize privacy to a certain
extent.
To harden against compromised third-party services, a restricted set of
permissions should be applied to remotely controlled API accesses.
All API accesses and transactions should be logged for future audits.
Any third-party application should only be accepted into the dSstore; if
sufficient, clear, and unambiguous documentation is available. The
document contains the details of data that is being processed and sent off
remotely. It also has the details of control events raised by the application.
Before installing the application, users should have the possibility to accept
or reject the requested functionality.
5.3.4 Attack scenario and its solution analysis

In this section, we will discuss some attack scenarios in the SHS system and their
solution analysis.
Attack 1
In this attack, the attacker uses the dS Android Smartphone Application as the
entry point and switches ON the light when the homeowners are sleeping. It is
created by installing a rogue application on the homeowner’s Android smartphone,
which is unrelated to the SHS system. Once this rogue application is installed, it
launches a background service that sends a cross-application message using the dS
application public interface to the actual dS application system; anytime during the
night. The actual application then performs the action using stored credentials and
allows the rogue application to know the inner details. This attack seems to be
more dangerous and frightening if not investigated properly.
Solution analysis of attack 1: This attack can be avoided by preparing the white
list of applications that are allowed to send control events through the dS Android
application. Any installed application should have the request permission before
being granted access. In this way, this type of attack can be prevented from the
SHS system. Users should keep in mind that any application which has nothing to
do with SHS and is exposed to Android should not be installed.
Attack 2
In this attack, the attacker uploads the power readings of the SHS to a remote
server and allows the attacker to know when the home is empty or is likely to be
empty. It is created by illegally entering the dS application store and collecting all
the data from the dSM. This data is then periodically uploaded by the attacker to a
remote location. The attacker then uses this collected data to know when the
residence is likely to be empty.
Solution analysis of attack 2: This attack can be controlled, by observing that the
applications that send consumption events to the remote server, should declare
their purpose of sending readings to any remote service in the documentation and
should request those specific permissions during installation. If any of the sending
is against the purpose of the application, then the user should recognize the threat
and should take appropriate action like logging or reporting.
5.4. Network robustness of the Internet of Things

Robustness is the ability to withstand failure and disturbance within the network
and is a critical attribute of complex systems and networks. Robustness in
networks is quantified using various spectral graphs. In this section, we aim to
analyze the network robustness using the Game-Theoretic concept, in which it is
aimed to maximize the network’s payoff in terms of network connectivity.
Game Theory is the study of mathematical models of conflict and cooperation between
two or more intelligent decision-makers. Here, the model is defined as a Game with
competitive activities, where each competitor interacts with other employers and
employs a strategy to maximize their utility payoff under a certain set of rules. The
detailed concept of Game-Theory is discussed in detail in Chapter 22, The Game-theory
foundations.
5.4.1 Network Robustness using Game-Theoretic analysis
Before analyzing the robustness of the IoT network, we need to understand the
scenario of the network which has been attacked and the defense mechanism which
is been used to detect the presence of an attack.
Let’s consider an IoT network where a Fusion-Based Defense Mechanism is used
to detect the presence of an attack. This mechanism is based on the feedback
received from each node. The feedback data is binary data that reflects whether the
node within the network is under attack or not as per the node-level detection
scheme. Then, the feedback is aggregated at the fusion center and the final
inference is carried out, that is, it will be concluded whether the network is under
attack or not.
Figure 5.13: Fusion-based defense scheme in IoT network

Figure 5.13 illustrates the attack and fusion-based defense model for IoT. It
consists of two players an adversary (attacker) and the defender (fusion center).
Adversary tends to attack the subset of nodes within the network (indicated by a
red arrow) and the defender concludes the inference of attack on the basis of
feedback received from another subset of nodes such as its neighboring nodes
(indicated by a green arrow). It can be observed that a two-player game is
automatically formed between the attacker and the defender.
The critical (or threshold) value of the network resilience such as the largest component
of the network affected by the attacker should always be less than 50% then only the
network will be said to be free of attack and the node-level detection scheme is already
given.
From the adversary’s viewpoint, the removal of a few nodes from the network does
not cause any harm to the network connectivity. However, if too many nodes are
removed without being noticed by the fusion center, then the objective of the
adversary is successful.
From the defender’s view, inferring attacks using all the feedback may sometimes
be time-consuming, high-energy consuming, and may act as a false alarm since it
may happen that only a few nodes are attacked. On the other side, concluding
attacks using only feedback might suffer from information deficiency and may fail
to detect the presence of attacks.
As a consequence, there should be a balance point at which both attacker and
defender should satisfy their own strategies. This point is known as Nash
Equilibrium or Game Equilibrium point in the game theory. At this point, no
player’s payoff that is, its objective; can be increased by changing the strategy. As
a result, we can infer that the game payoff at Nash equilibrium; can be used to
study the robustness of a network. In other words, the equilibrium point denotes
the robustness of the network.
Example: This can be explained with the help of the Game scenario as discussed
earlier:
Let’s consider Table 5.3:
Two Adversary (He is the attacker.) and Defender (He is the person who detects
players: the attack.)
Actions Sabotage (in case of attacker)/Detect (in case of defender) number of
taken by nodes either less than 50% (LT) or more than 50% (MT)
players:
Set of If number of nodes sabotaged are more than 50% than network-level
rules: attack has occurred. Otherwise, no attack has occurred.
Cost at the C = 1 (attack occur), if #sabotaged nodes > 50% of total nodes within the
network network or #detected nodes < 50% of total nodes within the network
level: C = -1 (no attack occur), if #sabotaged nodes <= 50% of total nodes within
the network or #detected nodes > 50% of total nodes within the network
PD It is the detection probability of the defender
Table 5.3: A game scenario between two players
Pay-off Matrix of the given game:
The probabilities of the possible payoffs for this game are illustrated in the
following matrix. Here, red implies an attack occurring, while green implies that
no attack has occurred (false alarm):
1,1 Attack occurs and is detected -1 ,-1 No attack occurs and no false alarm
generated.
In this game, there exists two Nash equilibrium (1,1) and (-1, -1), that is, two best
responses. In this situation, the Defender’s pay-off quantifies the capability of the
defense mechanism subject to attacker, who is always attacking and can be used as
a performance benchmark for network robustness. It is given by the equation 19 as
is represented by symbol v* :
v* = PD (1) + (1-PD)(-1) = 2PD - 1 (19)
If readers are facing any confusion, please refer to Chapter 22 The Game-theory
foundations.
Figure 5.14 represents the plot of equation 19. From the graph, it can be deduced
that as the detection probability increases the network robustness approaches to 1,
which suggests that the adversary gradually losses its advantage in disrupting the
network and the damage caused by the attack has been alleviated by the fusion-
based defense mechanism.
Figure 5.14: Network Robustness in terms of defender’s payoff
Conclusion
This chapter set forth the new aspects and dimensions of threats in an IoT network
which are cited as an Interconnection of Threats. It illustrates the theory of
malware propagation and its defense mechanism along with the solution-based
analysis of the attacks in smart home and vehicular systems. The comprehensive
details of the chapter are as follows:
A smart vehicular network is the subclass of mobile ad-hoc networks where
vehicles, roadside units, and people communicate with each other through
sensors and other internet-connected devices.
The open-ended behavior of vehicular networks towards the Internet has
made them vulnerable to various types of attacks such as malware attacks,
Sybil attacks, DoS attacks, and so on.
Out of various attacks, it has been observed that the Sybil attack is the most
threatening and may result in disturbing the routing, tampering trust and
reputation of the system, disseminating false messages, and tending to
damage the fairness of the resource allocation system. Therefore, it becomes
necessary to detect and mitigate this attack from VANET systems.
There are various Sybil attack detection schemes in the VANET network,
which are stated as follows:
Detection of Sybil Attack Using Neighboring Nodes: In this scheme,
information from the neighboring nodes is collected by the central
authority of the VANET network, which is then analyzed for its
consistent similarity and fake identities. If fake details are observed, then
nodes sending fake information are mitigated from the VANET network.
Platoon Dispersion Detection Techniques: In this technique, the
likelihood of Sybil anomalies present in the platoon (group of vehicles) is
discovered using the Cumulative Distribution Function of vehicle’s
identities.
Timestamp Series Approach: In this approach, RSU is given the
responsibility of identifying Sybil nodes. Each RSU issues a certified
timestamp to each vehicle passing by it. In case two messages with the
same timestamp series issued by the same RSU are noticed then that
message is considered a Sybil message and the node that has sent this
message is regarded as a Sybil node.
RSS Detection Approach: In this approach, an RSS signal is utilized to
detect the Sybil attack. RSS signal of each vehicle is captured and
analyzed. Since the vehicle is moving the observed RSS value should
always change but in case if the observed RSS values send by the vehicle
are the same every time, then that vehicle is said to be Sybil in nature
Location Certificate-Based Approach: In this approach, RSUs are used
along with cryptographic certificates together with the position
verification process. The dynamic position of the vehicle is captured and
the authenticity of the vehicle is determined by the nearby RSU using a
cryptographic method.
Other than the Sybil attack, Malwares such as trojans, viruses, and worms
are another point of concern in IoT networks. Since malware is the intrusive
software that has the ability to double itself and spread with twice the speed
as compared to other malicious attacks. Therefore, it is mandatory to study
its propagation mechanism and its defense strategies.
Malware in IoT can be propagated by infrastructure-based communication
and proximity-based communication.
The propagation of malware can be studied in the Impulse Free Model
(IFM). IFM is a microscopic model, where instead of considering the whole
network; an individual object is considered for the propagation of malware.
The Markov Model theory is used for studying and analyzing its internal
propagating feature.
For controlling the spread of malware throughout the network Local
Routing Depth (LRD) strategy is used. In LRD, malware infection is
mitigated in ranges instead of individually.
Smart Home Technology is one of the most common technologies that is
used in day-to-day life and have made our lives smarter and easier than ever
before. Protecting this system is one of the most challenging tasks that users
have to deal with it now and then.
DigitalSTROM (dS) is one of the most popular examples of the Smart
Home System (SHS). SHS has four vulnerable points where attack
generally takes place. They are clamping appliances, servers,
communicating BUS, control devices, and remote services.
Network Robustness is a performance parameter of the IoT network. It is the
measure of the ability to withstand the failure and disturbance within the
network.
The game-theoretic concept along with a fusion-based defense scheme is
used to evaluate the robustness of the IoT network.
5.5 Questionnaire

1. VANET networks are the subclass of ________ types of networks.
a. IoT network
b. Internet
c. MANET
d. Wireless network
2. Attack which violates the one-to-one correspondence of a node with its
identity is known as:
a. DoS attack
b. Malware
c. Alteration attack
d. Sybil attack
3. Which detection scheme detects the sybil node by verifying the position
of node along with cryptographic techniques?
a. Location certificate-based approach
b. Timestamp-based approach
c. Platoon dispersion approach

4. Probability of moving from one state to other is termed as:
a. steady probability
b. transition probability
c. incubation Probability

5. LRD of 2, mitigates infection from how many devices, if the network is
represented in binary tree form:
a. 2
b. 5
c. 10
d. 20
6. DigitalSTROM comprises of following components:
a. DSS
b. DSM
c. DSC
d. All of the above

7. Model of conflicts and cooperation between two or more intelligent
players is known as:
a. Markov model
b. Game-theory model
c. Chain model
Answer key
1. (c) 2. (d) 3. (a) 4. (b) 5. (c) 6. (d) 7. (b)

1. How can malware be controlled in an IoT network? Explain with help of
examples.
2. How Smart Home Systems can be protected from the attacks? Explain with
help of considering any attack scenario along with its solution analysis.

1. Explain the architecture of VANET network and how it is vulnerable to
various attacks.
2. Why it is necessary to disseminate sybil attack from the vehicular network?
3. Derive the expression for malware propagation in an IoT network.
4. Illustrate fusion-based defense scheme in an IoT network.
Keywords (†)
One-to-one correspondence: It is the act of counting each object in a set
once and only once per object.
Cumulative Distribution Function (CDF): It is the probability distribution
function of any random variable ‘X’, whose probability is will be less than
or equal to ‘x’. It can be expressed by equation: FX (x) = P(X ≤ x), where
FX(x) is the function of X, X is random variable, P is the probability
Attenuation power: It is the reduction of signal strength during
transmission. It is represented by decibels(dB).
Beacon signal: These are the types of signals that represent the proximity or
location of a device.
Incubation period: It is the time period between when you are infected with
something and when you might see symptoms.
Poisson process: It is a model for a series of discrete events where the
average time between events is known, but the exact timing of events is
random.
Ergodic: It is the idea that a point of moving system in stochastic process
eventually visits all parts of the space that the system moves in, in a uniform
or in random manner.
Birth and death process: It is type of Markov process where the state
transitions are only of two types, either ‘births’ that increases the state
variable by one and ‘deaths’ , that decreases the state by one.
References
[1] M. K. Saggi and R. Kaur, “Isolation of Sybil attack in VANET using

neighboring information,” in 2015 IEEE International Advance Computing
Conference (IACC), Jun. 2015, no. December, pp. 46–51, doi:
10.1109/IADCC.2015.7154666.
[2] M. Al-Mutaz, L. Malott, and S. Chellappan, “Detecting Sybil attacks in
vehicular networks,” J. Trust Manag., vol. 1, no. 1, p. 4, Dec. 2014, doi:
10.1186/2196-064X-1-4.
[3] S. Park, B. Aslam, D. Turgut, and C. C. Zou, “Defense against Sybil attack in
vehicular ad hoc network based on roadside unit support,” in MILCOM 2009 -
2009 IEEE Military Communications Conference, Oct. 2009, pp. 1–7, doi:
10.1109/MILCOM.2009.5379844.
[4] J. Grover, M. S. Gaur, and V. Laxmi, “RSS-based Sybil Attack Detection in
VANETs,” Ieee J. Sel. Areas Commun., no. December 2015, pp. 2278–2283,
2010.
[5] “Markov Chain.” https://en.wikipedia.org/wiki/Continuous-
time_Markov_chain#Infinitesimal_definition.
[6] S. M. Pudukotai Dinakarrao, H. Sayadi, H. M. Makrani, C. Nowzari, S.
Rafatirad, and H. Homayoun, “Lightweight Node-level Malware Detection and
Network-level Malware Confinement in IoT Networks,” in 2019 Design,
Automation & Test in Europe Conference & Exhibition (DATE), Mar. 2019, pp.
776–781, doi: 10.23919/DATE.2019.8715057.
[7] M. N. Aman, U. Javaid, and B. Sikdar, “IoT-Proctor: A Secure and Lightweight
Device Patching Framework for Mitigating Malware Spread in IoT Networks,”
IEEE Syst. J., pp. 1–12, 2021, doi: 10.1109/JSYST.2021.3070404.
[8] S. M. P. Dinakarrao et al., “Cognitive and Scalable Technique for Securing IoT
Networks Against Malware Epidemics,” IEEE Access, vol. 8, pp. 138508–
138528, 2020, doi: 10.1109/ACCESS.2020.3011919.
[9] W. Liang, Z. Li, H. Zhang, S. Wang, and R. Bie, “Vehicular Ad Hoc Networks:
Architectures, Research Issues, Methodologies, Challenges, and Trends,” Int. J.
Distrib. Sens. Networks, vol. 11, no. 8, p. 745303, Aug. 2015, doi:
10.1155/2015/745303.
[10] M. Rizwan Ghori, A. Safa Sadiq, and A. Ghani, “VANET Routing Protocols:
Review, Implementation and Analysis,” J. Phys. Conf. Ser., vol. 1049, no. 1, p.
012064, Jul. 2018, doi: 10.1088/1742-6596/1049/1/012064.
[11] Sandeep N. Kugali and S. Kadadevar, “Vehicular ADHOC Network
(VANET):-A Brief Knowledge,” Int. J. Eng. Res., vol. V9, no. 06, pp. 1026–
1029, Jun. 2020, doi: 10.17577/IJERTV9IS060784.
[12] B. Jayaraman, J. M. Kannimoola, and K. Achuthan, “Sybil Attack Detection
in Vehicular Networks,” in Taylor & Francis Group, LLC, vol. 2, no. 4, 2014,
pp. 35–50.
[13] C. H. O. O. Quevedo, A. M. B. C. Quevedo, G. A. Campos, R. L. Gomes, J.
Celestino, and A. Serhrouchni, “An Intelligent Mechanism for Sybil Attacks
Detection in VANETs,” in ICC 2020 - 2020 IEEE International Conference on
Communications (ICC), Jun. 2020, vol. 2020-June, pp. 1–6, doi:
10.1109/ICC40277.2020.9149371.
[14] M. Ayaida, N. Messai, S. Najeh, and K. Boris Ndjore, “A Macroscopic Traffic
Model-based Approach for Sybil Attack Detection in VANETs,” Ad Hoc
Networks, vol. 90, p. 101845, Jul. 2019, doi: 10.1016/j.adhoc.2019.01.010.
[15] Y. Yao et al., “Multi-Channel Based Sybil Attack Detection in Vehicular Ad
Hoc Networks Using RSSI,” IEEE Trans. Mob. Comput., vol. 18, no. 2, pp.
362–375, Feb. 2019, doi: 10.1109/TMC.2018.2833849.
[16] L. E. Funderburg and I.-Y. Lee, “A Privacy-Preserving Key Management
Scheme with Support for Sybil Attack Detection in VANETs,” Sensors, vol. 21,
no. 4, p. 1063, Feb. 2021, doi: 10.3390/s21041063.
[17] H. Hamed, A. Keshavarz-Haddad, and S. G. Haghighi, “Sybil Attack
Detection in Urban VANETs Based on RSU Support,” in Electrical
Engineering (ICEE), Iranian Conference on, May 2018, pp. 602–606, doi:
10.1109/ICEE.2018.8472629.

Structure of a vehicular network
How a vehicular network is vulnerable to various attacks
Sybil Attack Detection techniques in a vehicular network
Concept of Malware Propagation and its controlling strategy
Structure of Smart Home Systems
Hardening of Smart Home Systems
Network robustness
Game theoretic method for the measurement of network robustness

CHAPTER 6
Crypto Foundations I
Cryptography is a science of achieving security by encoding messages into a non-

readable form. This chapter addresses the foundation of cryptography and its usage in
securing IoT systems. It is directly associated with IoT developers (consumers or
industrialists), implementers and enterprises dealing with IoT communication. The
chapter introduces the basic concepts of encryption and decryption along with all the
classical and modern techniques. Besides, it also introduces the concept of secret key
and its related capacity in the Internet of Things.
Structure
Cryptography and its role in securing the IoT
Cryptographic primitives along with authentication and integration details
Meaning of secrecy and capacity of secret-key in IoT system
Symmetric key Encryption Algorithm with classical and modern techniques
Asymmetric key Encryption Algorithm
6.1 Cryptography and its role in securing the IoT

The world is witnessing a revolutionary growth of machine connectivity over the
Internet as well as private networks. The fast-growing use of IoT devices for
everything from consumers to industries has offered several benefits to individuals,
businesses, and enterprises. However, this connectivity is reported more for their
personal, governmental, and corporate security breaches. Hacktivists and nation-wide
criminals play a never-ending game of Tom and Jerry with the security industry,
making us all the victims of this inconvenience. This can be either by incurred cost
which is used in improving security services or by its illegal usage by cyber criminals.
Since IoT devices exchange huge volumes of data, every second, that is often
sensitive and private. If not protected properly, they can be easily siphoned off by the
hackers. Therefore, there is a huge demand for providing enough security and privacy
to the corporate, governmental as well as business enterprises.
Cryptography is an ever-growing technology that plays a pivotal role in securing the
IoT. It uses its encryption and decryption techniques in securing IoT devices as well
as the transferred data. It is used for encrypting wireless edge networks and gateway
traffic, backend cloud databases, software/firmware images, and much more. It
provides an essential tool for securing data, transactions, and personal privacy. If
appropriately implemented, then cryptography alone can provide the following
features to any data from IoT whether in transit or at rest:
Confidentiality: It is defined as the protection of secret information from
unauthorized disclosure. The Encryption technique of cryptography is used to
ensure confidentiality (Section 6.4).
Authentication: It is the assurance and confirmation of a user’s identity. Digital
Signatures and Message Authentication Code (MAC) can be used to confirm
authentication (Chapter 7, Crypto Foundations II, Section 7.2).
Integrity: Protection of data from being modified or deleted by unauthorized
parties is termed as integrity. Digital Signatures and Message Authentication
Code (MAC) are used to ensure integrity (Chapter 7, Crypto Foundations II,
Section 7.1)
Non-Repudiation: It is the assurance that someone cannot deny the validity of
something. Digital Signatures are used to maintain the non-repudiation
(Chapter 7, Crypto Foundations II, Section 7.5).
Selection of right cryptographic tool in designing security for the IoT system is
always based on risk and should, thus, be carefully applied by security practitioners.
6.2 Cryptography and its primitives in the IoT

As we all know cryptography is the art of securing messages by converting it from a
readable format to a non-readable format using any systematic process. This readable
message, which is understood by all, is known as the plain text and the non-readable
format to which the message is codified using certain scheme is termed as cipher text
(or secret text).
It can be well explained with the help of Figure 6.1(a), where a readable message (or
plain text) is converted into unreadable message (or cipher text) with the help of a
systematic process known as a cryptographic system.
On the other hand, the science of changing messages from a non-readable format (or
cipher text) to a readable format (or plain text) is termed as cryptanalysis. In this
scenario, it does not matter how this code was initially converted from readable to
non-readable format. This concept of breaking code is explained in Figure 6.1(b).
The combination of both explained cryptography and cryptanalysis is termed as
cryptology. This is shown in Figure 6.1:
Figure 6.1: The process of cryptology
Cryptographic primitives
Cryptographic primitives in IoT are the well-established, low-level cryptographic
algorithms, which are generally used to build high-level cryptographic protocols for
IoT security systems. Some commonly used cryptographic primitives are:
Encryption and Decryption: Encryption is a systematic process that translates
plain text to cipher text, whereas decryption is the reverse of encryption and so
on; it translates cipher text back to plain text. It includes symmetric key
cryptography and asymmetric key cryptography.
Key (or secret key): The key can be any unique value or variable different
from plaintext, which is known to both the sender and receiver. The sender
encodes the plain text to cipher text with the help of the encryption algorithm
and key. On the other hand, the receiver decrypts the cipher text to plain text by
using a decryption algorithm and the known key (can be the same or different).
The actual transformation of the message depends on the key used.
Hashing: It is a cryptographic technique that transforms any form of message
(or plain text) into fixed size value or string. It includes one-way hash function
that computes the reduced hash value for a message like SHA256.
Digital Signatures: It is a cryptographic technique that confirms the author of
the message by using the MAC code.
Random Number Generators: It is used to generate random numbers that are
difficult for any third party to predict.
Details of these primitives will be discussed in the upcoming sections.
From the preceding discussion, we can infer that all cryptographic systems are
characterized by three independent dimensions:
a. The type of operation that is used for transforming plaintext to ciphertext.
Generally, transformation is performed by the substitution operation and
transposition operation. In substitution, each element in the plain text (bits or
letters) is replaced by another element; for example: ‘o’ in plain text is replaced
by ‘i’ in cipher text while in transposition, each element in the plain text is
transposed according to the location (Section 6.4.1).
b. Strength of the cryptographic system also depends on the number of keys used
for encryption. For symmetric encryption, a single key is used for encryption
and decryption while for asymmetric encryption, two different keys are used for
encryption and decryption (Section 6.4).
c. Cryptographic system is also characterized by the way in which plaintext is
processed. For example, a block cipher processes the input as one block of
elements at a time, yielding one block of output for every input. In Stream
Cipher, the input elements are processed continuously, producing the output one
element at a time (Section 6.4.1).
6.3 Secrecy and secret-key capacity in IoT

Keys (or a secret key) play a pivotal role in strengthening the security aspect of the
IoT network. Maintaining the secrecy of the key in wireless communication is a
primitive task and is characterized by the amount of information that is not leaked. It
can be measured by the equivocation rate, which defines the remaining uncertainty
of the message by the eavesdropper and so on, amount of information that is not yet
leaked to the eavesdropper. The secrecy of the key is generally analyzed using a
wiretap channel.
The wiretap channel is a model that consists of a transmitter, named Alice, who wants
to communicate reliably with Bob (another node) while keeping the transmitted
message secret from an eavesdropper, named Eve, since Eve can overhear the
communication through another channel. Take a look at Figure 6.2 for an illustration
of this example. If the transmitted messages are kept away from Eve, then we can say
that the secrecy of the channel is maintained.
Maintaining secrecy is out of the scope of book. If the readers wish, they can refer the
following research papers [2], [3].
Figure 6.2: Wiretap channel
Secret key capacity

The secrecy capacity of any wiretap channel is defined as the maximum transmission
rate that can be attained with zero leakage. It means that this secrecy capacity is the
rate at which the eavesdropper is unable to properly decode any information.
Mathematically, secrecy capacity is the difference between the two channel capacities
and is possible in maintaining communication confidentiality, only when the Gaussian
main channel has a better Signal-Noise-Rate (SNR) than the Gaussian wiretap
channel. Figure 6.3 represents the example of secret capacity over a wireless
communication with help of the wiretap model:
Figure 6.3: Wiretap channel for secret-key capacity
It is assumed that Alice wants to send information ‘w’ to Bob. The information block
wk is encoded into code word xn = [x(1), x(2), x(3)…..x(n)], which is required to be
transmitted over a channel with output: yM (i) = hM(i) x (i) + nM(i), where hM(i) is
the channel side information measured as time varying complex fading coefficient
and nM(i) is the zero-mean circular complex Gaussian noise.
Let’s assume that Eve is successful in eavesdropping. Then, Eve herself will receive
the output in the form: yW (i) = hW (i) x (i) + nW (i).
Let ‘P’ be the average of transmitted signal power. Then, the power of channel is
limited to:
Since we have already assumed the power of noise in the main channel to be and
the power of noise in eavesdrop channel as , then the SNR at BOB will be:
and the SNR at Alice will be:

From both the SNRs, we can evaluate the average SNR value and can derive the
transmission rate ‘R’ and error probability between Alice and Bob. Both the
transmission rate and error probabilities are defined as:
and
Thus, the secret capacity of the main channel is the maximum transmission rate R at ∆
equals to 1.
6.4 Encryption and decryption

Encryption is a cryptographic service that masks the information with the help of a
cryptographic key. In other words, it converts the information into coded form so that
only intended parties can read and interpret it. By doing so, encryption helps in
attaining the confidentiality of the information. On the other end, when intended
parties decrypt the coded code into readable information using the same (or different)
cryptographic key, then it is known as decryption. The process of encryption and
decryption can be explained with the help of Figure 6.4:
Figure 6.4: Encryption decryption in an IoT network

Figure 6.4 illustrates the two IoT devices, ‘A’ & ‘B’, where the IoT device ‘A’ wishes
to send data to the IoT device ‘B’. If Device ‘A’ directly sends data to device ‘B’,
without using cryptographic services, it can be easily caught by the eavesdroppers.
So, in order to protect data from eavesdropping, Device ‘A’ should first encrypt the
information using the encryption algorithm and key and then send it in the in the form
of cipher text through the communication channel to device ‘B’. While the
information in the form of cipher text is transmitting; it will always be protected from
eavesdroppers because eavesdroppers will never know what the actual content is. As
soon as the cipher information is received by Device ‘B’, it will be decrypted using
key and decryption algorithm and the original data will be received.
It is clear from the preceding procedure that if data is ever decrypted prior to reaching IoT
device ‘B’, then it is always vulnerable to the eavesdropper. Thus, it is the duty of security
engineer to ensure that the encryption is performed at the right position of communication
stack with the right (and so on, strong) encryption algorithm.
Encryption algorithms are classified into two types:

Symmetric key encryption algorithm
Asymmetric key encryption algorithm
6.4.1 Symmetric key encryption algorithm

In symmetric key encryption also known as conventional encryption, both the sender
and receiver use an identical key (also called a secret key), for encrypting and
decrypting information. This can be understood as shown in Figure 6.5:
Figure 6.5: Symmetric Key Encryption Algorithm

In the figure, we can see both sender (IoT device ‘A’) and receiver (IoT device ‘B’)
use the same key ‘K’ for encrypting and decrypting the data. In addition to it, the
diagram also infers the need of a strong key ‘K’ which is known only to the sender
and receiver and so on; the key should be securely shared via a secure channel
between the sender and receiver.
Classical symmetric encryption techniques
The basic building blocks of all encryption techniques comprises substitution
and transposition.
Substitution technique
In the substitution technique, each letter of the plain text is replaced by another letter
or number or symbol. The types of substitution techniques are as follows:
Caesar Cipher
In Caesar Cipher, each letter of the alphabet is replaced with the letter standing
‘k’ places further down the alphabet. For example, if the value of k = 3, then
each letter in plain text will be shifted three times down the alphabet. Like for
‘m’ in the plain text will be ‘m + 3’ = ‘p’ in the cipher text. Similarly, ‘e’ in the
plain text will be ‘e + 3’ = ‘h’ in the cipher text and so on…
Plain Text: meet me after the party
Cipher Text: phhw ph diwhu wkh sduwb
The alphabet is wrapped around and so on; the letter following Z is A.

There is no difference in uppercase and lowercase letters; both are treated equally.
Mathematical representation of Caesar Cipher: To present Caesar cipher

mathematically, an equivalent numerical value is provided to each letter of the
alphabet.
A B C D E F G H I J K L M
0 1 2 3 4 5 6 7 8 9 10 11 12
U V W X Y Z
20 21 22 23 24 25
For each plain text letter ‘p’, the cipher text letter ‘c’ is expressed as:
C = E(k, p) = (p + k) mod26
where ‘E’ is an encryption algorithm and ‘k’ is a ‘key’ or letter standing down
the alphabet.
Example: For p = ‘A’ and k =’4’; C = (0+4)mod26 = 4 and letter for 4 is ‘E’ ,
thus ‘A’ in plain text will be replaced by ‘E’ in cipher text.
On the contrary, for decrypting:
P = D(k, c) = (c – k) mod26, where ‘D’ is the decryption algorithm and ‘k’ is a
‘key’ or letter standing up the alphabet.
Limitations of the Caesar cipher:
Encryption and decryption algorithms are very simple and known to everyone.
The value of ‘k’ can vary only between 0 to 25, so can be easily predicted by
the brute force attack and so on, ‘k’ can be obtained correctly by trial-and-error
for a maximum of 26 times only.
Plain text having only alphabets can be used in this type of technique.
Monoalphabetic Ciphers
As discussed with only 25 keys, Caesar cipher is not secure and is always
vulnerable to brute-force attacks. To solve this issue, a dramatic increase in
key-space is needed, which is attained in Monoalphabetic Cipher.
In monoalphabetic cipher, instead of using a single key in all elements of the
plain text, we use any permutation of the 26 alphabetic characters. This
mapping from plain alphabet to a wide-range of single cipher alphabet
eliminates the brute-force attacks. This can be explained with the help of the
following example:
Plain text: “Attack postponed”
Secret Key: “The quick brown fox”
*Ignore the second and latter occurrence of alphabets in the key.
Encryption:
Cipher Text: “ThhTeq uichuikbr”

Procedure: Map every element in plain text with any single element in the key.
Repeated letters will have the same map. For instance, if ‘t’ in plain text is
mapped to ‘h’ of the key, then for every ‘t’ in plain text, ‘h’ will be its cipher
text.
Problem:
Though monoalphabetic ciphers have solved the problem of brute-force attacks,
the encrypted files are still not free from other attacks. Firstly, this attack
considers only text having alphabets as their elements, text having symbols and
other special characters cannot be encrypted. Secondly, the relative frequency
of alphabets in the text can help attackers in decoding the cipher text.
For example: Figure 6.6 presents the standard relative frequency of alphabets
that can occur in English Language:
Figure 6.6: Standard relative frequency of alphabets

Suppose cipher text obtained by attacker is:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZVUE
PHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPDZSZU
FPOMBZWPFUPZHMDJUDTMOHMQ
Let’s prepare the frequency distribution table of the preceding cipher text. Refer
to Table 6.1:
P 13.33 H 5.83 F 3.33 B 1.67 C 0.00
Z 11.67 D 5.00 W 3.33 G 1.67 K 0.00
S 8.33 E 5.00 Q 2.50 Y 1.67 L 0.00
U 8.33 V 4.17 T 2.50 I 0.83 N 0.00
O 7.50 X 4.17 A 1.67 J 0.83 R 0.00

M 6.67
Table 6.1: Frequency Distribution Table

By mapping the frequency table to the standard frequency chart, we can infer
that ‘P’ in cipher text relates to ‘E’, as both have the highest frequency. Next,
for the second highest, ‘Z’ in cipher text relates to ‘T’ for plain text, ‘S’ relates
to ‘A’, ‘W’ relates to ‘H’, and so on …
Cipher:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZVUE
PHZHMDZSHZOW
Plain:
T A E TE A THAT E E A A T E T TA T H
Cipher:
SFPAPPDTSVPQUZWYMXUZUHSXEPYEPOPDZSZUFPOMBZWPFUPZ
HMDJUDTMOHMQPlain:
AE EE A E TH T A E E E TAT E THE
ET
From the above, we can see that the cipher text can be decoded and the original
text can be predicted by the attackers.
Playfair Cipher
Playfair cipher is also known as Playfair square or Wheatstone-Playfair
cipher, since it was invented by Charles Wheatstone. It is a manual multi-letter
encryption † cipher which treats plain text as a single unit diagram and then
translates these units into cipher text diagrams. The algorithm is based on a 5 x
5 matrix of letters constructed using keywords.
For example: Let’s consider “MONARCHY” as the keyword. First, we will
place each letter of the keyword in a matrix (repeated letters will be written
once). Then, the remaining cells will be filled by other letters of the alphabets
that had not appeared in the keyword.
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
I/J are written in a single cell. This is done to adjust 26 alphabets into 25 matrix cells.
Rules for encryption

1. Form the diagrams of the plain text.
2. If letters are repeating in the diagram, then include filler letter.
For example:
Plaintext: attack
Diagrams: at ta ck (all letters in diagram are different, and so they are
written as they are.)
Plaintext: Gandhi academy
Diagrams: Ga nd hi ac ad em yx (‘y’ was alone so filled with letter
‘x’)
Plaintext: balloon
Diagrams: ba ll oo n (‘ll’ has same element so include ‘x’ in
between , like ‘lx’ and then shift next ‘l’ to the next letter ‘o’)
Diagrams: ba lx lo on
If letters of the diagrams appear in the same column, then they move down (↓)
or wrap around in case the column finishes.
If letters of the diagrams appear in the same row, then they move right (→) or
wrap around incase row finishes.
If letters of the diagram are neither in same row nor in same column, then they
form a rectangle and swap the corners with the appeared letters in the matrix.
Example: Plaintext: ATTACK
Diagrams: AT TA CK
AT TA CK
RS SR DE
Since ‘A’ and ‘T’ are neither in the same row nor in the same column, the
corners will be swapped and so on, in cipher text ‘A’ will be replaced with ‘R’
and ‘T’ will be replaced with ‘S’. Similarly, ‘C’ and ‘K’ also appear in a
different row and column, and so will be interpreted as ‘D’ and ‘E’,
respectively.
Thus , the cipher text obtained is ‘RSSRDE’.
Example: Plaintext: MOSQUE
Diagrams: MO SQ UE
MO SQ UE
ON TS ML
Since, ’M’ and ‘O’ appear in the same row, they will be moved right and so on;
replace ‘M’ with ‘O’ and ‘O’ with ‘N’. Similarly, since ‘S’ and ‘Q’ are also in
the same row, move right and replace the letter with the right letter, and so on;
‘S’ with ‘T’ and ‘Q’ with ‘S’. ‘U and ‘E’ appear in the same column, so now
move down. However, sinc ‘U’ appears in the last cell of the column, it will
wrap around and so on; replace ‘U’ with ‘M’. For ‘E’, move down and replace
‘E’ with ‘L’.
Cipher Text: ONTSML
Decryption of playfair is just the reverse of the encryption rules (1 to 5) studied

above.
Hill Cipher
Hill Cipher is yet another form of a multi-letter cipher, developed by the
mathematician Lester Hill in 1929. The encryption algorithm can encrypt a
group of letters at a time, which can be a digraph (two letters at a time), a
trigraph (three letters at a time), or a polygraph (multiple letters at a time) based
on the key value. The key in the Hill cipher is represented by a square matrix. It
can be 2x2 matrix (encrypts two letters at a time), 3x3 matrix (encrypts three
letters at a time) and so on.
Before studying Hill cipher, readers should be aware of the following mathematical concepts:
1. Matrix arithmetic modulo 26

2. Square Matrix
3. Determinant
4. Multiplicative inverse
In encryption, we need to know matrix arithmetic modulo 26 and square matrix but for
decryption, we should know all the above four concepts.
Encryption algorithm
Mathematically, the Hill Cipher Encryption Algorithm is represented as (equation 1):
where ‘C’ is the cipher text, ‘E’ is the encryption algorithm, ‘K’ is the key, and ’P’ is
the plain text.
Expanding equation 1:
Here, in equation 2, the key matrix is of size 3x3. Thus, we can translate 3 letters at a time.
Similarly, if the key matrix is of size 2x2, we can translate only 2 letters at a time and so on.
Example:
Encrypt “PAY MORE MONEY” using Hill cipher with key
Solution:
Step 1: Translate the plain text into the numerical form (index of English alphabets).
P A Y M O R E M O N E Y
15 0 24 12 14 17 4 12 14 13 4 24
Step 2: The key is a 3x3 matrix, so partition the plain text into groups of three letters.
In case, letters are less in the last group, fill it with the filler ‘x’ and remove it in
decryption.
Plain Text = PAY MOR EMO NEY
Step 3: Encrypting PAY.
= (15×17+0×21+24×2 15×17+0×18+24×2 15×5+0×21+24×19) mod26

= (303 303 531))mod 26 = (17 17 11) = (R R L)
Encrypting MOR
= (12×17+14×21+17×2 12×17+14×18+17×2 12×5+14×21+17×19)) mod26

= (532 490 677))mod 26 = (12 22 1) = (M W B)
Encrypting EMO
= (4×17+12×21+14×2 4×17+12×18+14×2 4×5+12×21+14×19)) mod26

= (348 312 538) mod 26 = (10 0 18) = (K A S)
Encrypting NEY
= (13×17+4×21+24×2 13×17+4×18+24×2 13×5+4×21+24×19)) mod26

= (353 341 605) mod 26 = (15 3 7) = (P D H)
Step 4: Represent the plain text by cipher text.
PT P A Y M O R E M O N E Y
CT R R L M W B K A S P D H
Decryption Algorithm
Mathematically, The Hill Cipher Decryption Algorithm is represented in equation 6:
where, ’P’ is the plain text, ‘D’ is the decryption algorithm, ‘K’ is the key, ‘ ‘ is
the key inverse, and ‘C’ is the cipher text.
Key inverse is calculated by equation 7:
Explanation of mathematical concepts are out of scope of this book. Readers are advised to
study determinants and inverse of matrix before dealing with decryption. They are also
requested to learn how to take the inverse of a modulo number.
Example:
Decrypt “RRLMWBKASPDH” using Hill cipher with key
Solution:
Step1: Translate the cipher text into the numerical form (index of English alphabets).
R R L M W B K A S P D H
17 17 11 12 22 1 10 0 18 15 3 7
Step 2: The key is a 3x3 matrix, so partition the cipher text into group of three letters.
Cipher Text = RRL MWB KAS PDH
Step 3: Calculate
a-1 × a = 1 mod26, so here 17 × 23 = 1 mod26. Therefore, 23-1 = 17
Step 4: Decrypting - RRL
= (17×4+17×15+11×24 17×9+17×17+11×0 17×15+17×6+11×17)) mod26

= (587 442 544))mod 26 = (15 0 24) = (P A Y)
Decrypting – MWB
= (12×4+22×15+1×24 12×9+22×17+1×0 12×15+22×6+1×17)) mod26
= (402 482 329) mod 26 = (12 14 7) = (M O R)
Decrypting - KAS
= (10×4+0×15+18×24 10×9+0×17+18×0 10×15+0×6+18×17) mod26

= (472 90 456) mod 26 = (4 12 14) = (E M O)
Decrypting – PDH will result in (13 4 24) = (N E Y)
Step 5: Represent the cipher text by the plain text.
CT R R L M W B K A S P D H
PT P A Y M O R E M O N E Y
Polyalphabetic Ciphers
The polyalphabetic cipher is introduced to improve the monoalphabetic
technique because in the monoalphabetic technique, a letter is encrypted to the
same cipher for all its occurrence in plain text. For instance, if a letter ‘a’ in
plain text is mapped to the letter ‘z’ in cipher text, then for all occurrences of
‘a’ in plain text, it will be mapped to ’z’ in cipher text, resulting in great
vulnerability. Thus, to improve this issue the polyalphabetic technique is used
where the same letters in different occurrences can be mapped to different
cipher letters.
Polyalphabetic cipher uses monoalphabetic substitution rules and a key within
it, determines which particular rule is chosen for a given transformation. It is of
two types: Vigenere Cipher and Vernam Cipher:
Vigenere Cipher: It consists of the 26 Caesar Cipher with shifts of 0 through
25. The encryption and decryption process are defined as in the following
equations:
Encryption Process:
(8)
Decryption Process:
(9)
Example:
Given: Plain text: We are discovered save yourself.
Key: deceptive
Solution:
Step 1: If the size of key is smaller than Plain Text (PT), then repeat the key
(K) till it covers the length of plain text.
PT w e a r e d i s c o v e r e
K d e c e p t i v e d e c e p
Step 2: Convert both PT and CT into numerical forms:
PT 22 4 0 17 4 3 8 18 2 14 21 4 17 4
Key 3 4 2 4 15 19 8 21 4 3 4 2 4 15
PT 4 24 14 20 17 18 4 11 5
Key 3 4 2 4 15 19 8 21 4
Step 3: Encrypt using the formula
PT 22 4 0 17 4 3 8 18 2 14 21 4
Key 3 4 2 4 15 19 8 21 4 3 4 2
CT 25 8 2 21 19 22 16 13 6 17 25 6
PT 4 24 14 20 17 18 4 11 5
Key 3 4 2 4 15 19 8 21 4
CT 7 2 16 24 6 11 12 6 9
Step 4: Translate CT in numerals to the text form using the index of alphabets:
PT 22 4 0 17 4 3 8 18 2 14 21 4 17
Key 3 4 2 4 15 19 8 21 4 3 4 2 4
CT 25 8 2 21 19 22 16 13 6 17 25 6 21
CT(text) z i c v t w q n g r z g v
PT 4 24 14 20 17 18 4 11 5
Key 3 4 2 4 15 19 8 21 4
CT 7 2 16 24 6 11 12 6 9
CT(text) h c q y g l m G j
Cryptanalysis of the Vigenere Cipher: Though this cipher technique is better

than the monoalphabetic technique, it is still vulnerable to attackers because in
case the length of the keyword is known to the attacker, then by applying the
statistical technique in the frequency distribution of letters, the attacker will
easily get to known about the key and the plain text. Moreover, the key is
periodic, so it will be easily available.
Autokey system: The periodic nature of the Vigenere Cipher can be eliminated
by using a non-repeating keyword that is as long as the message itself. This can
be done by concatenating a keyword with the plain text itself to provide a
running key.
Example: Plain text: wearediscoveredsaveyourself
Key: deceptive
Auto key: deceptivewearediscoveredsav
Vernam cipher: As discussed, the Vigenere cipher uses repeated keywords
with smaller key size, which results in cryptanalytic issues. To resolve this
issue, the length of keyword is kept equal to the length of the plain text so that
there is no repeating keyword. Moreover, a key with the same length of the
plain text will establish no statistical relationship with the cipher text, hence
making it difficult for an attacker to predict it.
Considering these aspects, AT & T engineer named Gilbet Vernam in 1918 had
proposed a system that unlike a previous system, works on binary bits rather
than letters or alphabets. The proposed system is expressed as ,
where is ith binary of the plain text, is the ith binary of the key and is
the ith binary of the cyber text, and is the XOR operator.
The working of Vernam Cipher can be explained with the help of Figure 6.7:
Figure 6.7: Vernam Cipher

In the encryption process, the cryptographic stream generator is the key
generator which will generate the key in the bit stream form. One by one key
bit will be XORed with a plain text bit and will generate a cipher text bit.
Similarly, in the Decryption process, the cipher text bit will be XORed with the
same key bit stream value to get the plain text bits back.
Cryptanalysis of the Vernam Cipher: The main security aspect in this cipher
is the generation of key bit streams. It should always be acknowledged that
whatever key sequence is generated in the encryption side, the same key bit
sequence should be generated in the decryption side as well. It is easy to
manage if there is a fixed keyword, but then it will get repetitive as it will not
match the length of plain text. In addition, it will be vulnerable to attacks. On
the contrary, for random key sequence (no repeating key), although secure, the
maintenance and sharing of the same key bit sequence in encryption and
decryption ends will be difficult. Thus, to solve this issue, the one-time pad
technique is used.
One-time pad
In the polyalphabetic cipher, repeated keywords are used. However, when this
happens, there is a lack of a security as codes can be easily broken. Therefore,
to resolve these issues the one-time pad technique is used, where the keyword is
not repeated but is truly random in nature. Here, the length of the key can be as
long as the length of the message. Thus, offers better security as compared to
previous cipher techniques. In addition to it, for a single message, a single key
is used for its encryption and decryption, and then is discarded. In other words,
for all different messages different keys are generated and used. Thus, it yields
the ultimate strong security and since keys are used only once it is known as
one-time pad technique.
Importance of the one-time pad: One-time pad produces random output
because for every plain text, a random key is used, thus producing a random
output. So, no statistical relationship between plain text and cipher text can be
established. Moreover, even if the attacker has known the key, it will be of no
use because next time the discovered key cannot be used. Thus, there is no way
to break the code and so on, the code is unbreakable.
Fundamental difficulties with the one-time pad technique
Though one-time pad offers the best security, it still suffers from the following
problems:
Problem of making large quantities of random keys: Since, for every new
message, a new key should be created and this key should be random in nature
so it becomes practically impossible to create large quantities of keys.
Key distribution and protection: Since it is a symmetric encryption technique,
so it requires that the same key should be shared between the sender and
receiver. Thus, the distribution and protection of this key again makes it
difficult.
Because of the above discussed difficulties, the one-time pad is of limited
utility and is useful primarily for low-bandwidth channels requiring very high
security. Thus, we can say that the one-time pad offers perfect secrecy, even
though it has limited utility.
“Perfect Secrecy is the notion that states that; given an encrypted message (or
cipher text) from a perfectly secure encryption system (or cipher), absolutely
nothing will be revealed about the unencrypted message (or plaintext) by the
ciphertext.” taken from research paper [1].
Transposition technique
In the transposition technique, the position of the plain text character is changed. This
implies that instead of replacement, there occurs some sorts of permutation on the
plaintext letters. Types of transposition cipher are as follows:
Rail fence technique
In this technique, the plain text letters will be written down as a sequence of
diagonals of given depth and then read off as a sequence of rows.
Example: Encipher the message “Our academy is the best” with a rail fence of
depth 2.
Solution: Plaintext – our academy is the best
Depth – 2
Step 1: Write the plain text diagonally in two rows as depth of the rail fence is
given 2.
o r c d m i t e e t
u a a e y s h b s
Step 2: Read the letters in a sequence of rows to get the cipher text.
Ciphertext: Orcdmiteet uaaeyshbs

1st row 2nd row
Example: Encipher the message “Thank you very much” with a rail fence of
depth 3.
Solution: Plain text – Thank you very much
Depth – 3
Step 1: Write the plain text diagonally in two rows as depth of the rail fence is
given 2.
t k v m
h n y u e y u h
a o r c
Step 2: Read the letters in a sequence of rows to get the cipher text.
Ciphertext: tkvm hnyueyuh aorc

1st row 2nd row 3rd row
Row column transportation

This technique is more complex as compared to the rail fence transposition
technique. In this technique, a rectangle of plain text is created as decided by
the sender and receiver. Once the rectangle is created, plain text is written row-
by-row by the sender. After that, a cipher text is read column-by-column as per
the order of the column, which acts as the key.
Example: Encrypt the plain text “Kill Corona Virus at twelve am tomorrow”,
using the row-column technique with a 5 X 7 rectangle and key as 4321567.
Solution: Plain text: Kill Corona Virus at twelve am tomorrow
Rectangle size: 5x7
Key: 4321567
Step 1: Create a rectangle of size 5 x 7 and enter the plain text row-by-row and
if the cell is left empty, then fill it by the filler letter.
k i l l c o r
o n a v i r u
s a t t w e l
v e a m t o m
o r r o w y z
*Last two cells were empty so they were filled with filler letter ‘y’ & ‘z’.
Step 2: Arrange the key at the top of the created rectangle.
4 3 1 2 5 6 7
k i l l c o r
o n a v i r u
s a t t w e l
v e a m t o m
o r r o w y z
Step 3: Read the cipher text column-by-column as per the order of key, which
means the column with key 1 will be written first, then the column with key 2,
then 3 and so on…
Cipher Text:
l a t a r l v t m o i n a e r
Column with key 1 Column with key 2 Column with key 3
o r e o y r u l m z
Column with key 6 Column with key 7
Cipher Text: latar lvtmo inaer kosvo ciwtw oreoy rulmz

To make this technique more complex, it can be further extended by using the
above generated cipher text in multiple stages which will be considered as input
and then the new cipher text will be created as per the same procedure. This
will create a more complex cipher which will be difficult for attackers to break.
Extended Example: 2nd stage row column transposition cipher.
4 3 1 2 5 6 7
l a t a r l v
t m o i n a e
r k o s v o c
i w t w o r e
o y r u l m z
New Cipher Text Generated: tootraiswuamkwyltriornvollaormvecez (More

complex cipher text)
To increase more complexity, it further can be extended till the n-stage row-column
transposition cipher. The number of stages acts as the key factor, which means both
the sender and receiver should know about it.
Modern symmetric encryption techniques

It has been known that digital data is represented in low-level language, that is,
in string of binary digits (bits) unlike alphabets. Thus, most of the classical
symmetric encryption techniques were not found to be efficient in encrypting
digital data. Thus, researchers came up with another form of symmetric
encryption techniques also known as modern symmetric encryption. In modern
symmetric cryptosystems, binary strings are processed and converted into
another binary string. Modern symmetric encryption is classified into two
categories based on the processing of these binary strings. They are the Block
cipher and Stream Cipher.
Block Cipher: In block cipher, a block of plain text is considered a whole and
is processed to produce a cipher block of equal length. The number of bits with
the blocks are fixed and processed using some modes of operations like Cipher
Block Chaining (CBC), Electronic Code Book (EBC), and so on. Generally,
a block size of 64 or 128 bits is used as shown in Figure 6.8:
Modes of operations is discussed later in this section.

Figure 6.8: Block Cipher
Stream Cipher: In stream cipher, the plaintext, in the form of digital data is
processed one bit at a time, resulting into one-bit cipher text. The Vigenere
Cipher and Vernam Cipher in the digital data format are the examples of a
stream cipher. Technically, stream ciphers are block ciphers with block size of
one bit as shown in Figure 6.9:
Figure 6.9: Stream Cipher
A majority of cryptographic applications make use of a block cipher because the

processing time taken by the block is less as compared to a stream cipher. Therefore,
our major focus is on the block cipher.
Block Ciphers
As mentioned previously, in a block cipher, a block of plain text bits is
processed to generate a block of cipher text bits, usually of the same size.
Although the size of block does not directly affect the strength of the encryption
scheme, the block following aspect should still be considered:
Avoid considering very small sizes of blocks because if the attacker has in
case discovered some previous block, then there are chances of launching
‘dictionary attack’, through which the plain text can be predicted. Thus,
large size blocks when opted as dictionary will be difficult to break, thus
making it difficult for the attacker.
Avoid using very large size blocks also, as the operation of cipher text
becomes inefficient.
A preferred block size is a multiple of 8 bits as it is very easy to implement
the processor that handles data in multiple of 8 bits. Basically, we take block
size of 64 bits or 128 bits. However, the size of plain text is not in the
multiple of block size. For instance, if we consider the block size of 64 bits
and plain text of 150 bits, then 2 blocks of 64 bits will be created but the last
block will be of size 22 bits, which is not applicable. So, in this case, we add
an additional 42 redundant bits in order to complete the 64 bits block-size.
The process of adding these additional bits is known as padding.
Too much padding sometimes make the system inefficient and insecure.
Feistel block cipher: The design model of block cipher

Feistel cipher is a design model developed by the cryptographer Horst Feistel. It is a
design structure from which various block ciphers are derived and it also uses the
same algorithm for both encryption and decryption. Figure 6.10 depicts the structure
of the Feistel Cipher. It consists of multiple rounds of processing and each round
consists of a substitution step followed by a permutation step:
Figure 6.10: Feistel Block Cipher
Feistel encryption algorithm
The input to the encryption algorithm is a plain text block of length 2w bits and
a key K.
The input block is divided into two halves and is denoted as L0 and R0.
The two halves of the data are allowed to pass through ‘n’ rounds of processing,
which is then combined to produce the cipher text block.
Each round ‘i’ has inputs Li-1 and Ri-1, which are derived from the previous
round and from the subkey Ki (which is derived from the overall key K).
All rounds of the Feistel have the same structure, where a substitution is
performed on left half of the data. By applying a round function F to the right
half of the data and then taking exclusive-OR of the output of that function F
and left half of the data. Mathematically, it is expressed as
.
The round function is the same for each round and is a function of the subkey
Ki and the right half of the data Ri-1 and so on, .
Once the substitution is performed, a permutation is done next by interchanging
the two halves of the data and so on, the value of Li will be Ri-1 and the value of
Ri will be .
The above substitution and permutation steps form a round and are repeated till
‘n’ rounds are completed.
Once the last round is reached and completed, the two halves are concatenated
to form a ciphertext block.
The security and complexity of the Feistel structure depends on the block size,
key size, number of rounds, subkey generation algorithm, and the substitution
round function ‘F’. The more complex is the value of these parameters, the
more secure the system is; however, at the same time, it leads to slow
encryption and decryption.
Feistel decryption algorithm
The decryption process of the Feistel cipher is similar to the encryption process. The
rules include:
Use the cipher text as the input to the algorithm.
Use the subkeys Ki in the reverse order, which means use the Kn key for the
first round, Kn-1 in the second round and so on, till key K1 for the last round.
Figure 6.11 illustrates the Feistel decryption structure:
Figure 6.11: Feistel Decryption Algorithm
Block cipher schemes
The block cipher comprises various schemes and some of the most popular and
prominent schemes are explained as follows:
Data Encryption Standard
Data Encryption Standard (DES) is a symmetric key Feistel block cipher.
It includes 16 rounds of the Feistel structure with 64 bits block size and 56
bits key size. Basically, the key size is 64 bits but out of 64 bits, the key size
8 bits are used for parity check. Therefore, technically, the 56 bits key is
used for DES encryption and decryption. The general structure of DES
cipher is illustrated in Figure 6.12. The figure infers two parts:
Figure 6.12: Structure of DES cipher
The left-part of the figure demonstrates the processing of the plain text which
proceeds in three phases. In the first phase, 64-bit plaintext is passed through Initial
Permutation (IP) that rearranges the bits to produce permuted input. This is followed
by the second phase, which consists of 16 rounds of the same function involving both
permutation and substitution functions. In the last phase, the pre-output is passed
through a permutation that is the inverse of the initial permutation function and
produces the 64-bit cipher text. The pre-output is an output of the 16th round
consisting of 64 bits that are function of input plain text and the key.
The right part of the figure presents the way in which 56-bit key is used. Initially,
the key is permuted and then for each 16 rounds, a 48-bit subkey is produced by
combining left circular shift and a permutation†.
Except initial and final permutation, DES has the exact structure of a Feistel cipher.
In key-generator (right-side), the permutation function is same foreach round but since
repeated shifts of key bits is performed, so it produces different subkeys in each round.
Studying the above DES structure, we can deduce that DES consists of three parts
named as initial & final permutation, round function, and key generation. They are
explained as follows:
Initial and final permutation
These are simple permutation boxes (P-boxes) having no cryptographic significance
but are used in inverse of each other during initial and final permutation. It can be
explained in Figure 6.13, where we can see that the permutations are done randomly
but the final permutation is just the inverse of the initial permutation:
Figure 6.13: DES Permutation

Key generator and round function
The single round function with the key generator is illustrated in Figure 6.14.
According to the figure, the left part of the diagram represents the 64-bit plain text
which is divided into two-halves of 32 bits each and named as Left (L) and Right ( R).
As per the Feistel cipher, the processing of each round is summarized as Li = Ri-1 and
Ri = .
Figure 6.14: DES Round Function with Key generator

Key-Generator
The right-part of the diagram deals with the key generator function. The key is also
divided into two-halves (C & D) each of 28 bits and the left shift is performed on each
C and D. Out of 56 bits, only 48 bits are chosen from the permuted block (P-box) and
is passed to the round-function .
Explanation of round-function
The function , first expands the right-half of the plaintext (R) into 48
bits using Expansion-box (E-box). This is because the R half of the plaintext is of 32
bits only. Next, the 48 bits obtained is XORed with 48 bits key, which is then passed
through substitution-box (S-box) and is then converted into 32 bits text, which is
again permuted in P-box. The resultant 32 bits text obtained is said to be the pre-
output of the round-function .
The pre-output obtained from the round function then follows the Feistel processing
(Ri = and is XORed with the left-half of the plaintext, to get
the next right-half of the plain text.
The description and working of S-box, P-box and Expansion-box is not provided in this
book. If readers wish to have its details, they can refer to the book “Cryptography and
Network Security” by William Stallings
Advanced Encryption Standard

Advanced Encryption Standard (AES) is the most popular algorithm and is the
replacement of the DES algorithm. As the key size of DES algorithm was too
small due to which it was vulnerable to key search attacks. In addition, it requires
higher computational power and was found to be slow. All these drawbacks of the
DES algorithm have resulted into the development of another algorithm known as
AES, which is found to be six times faster than DES algorithm.
The AES is a symmetric block cipher that inputs 128-bit data with varying size of
the key such as key size can be 128/192/256-bit keys. Inculcation of large key-size
has made AES stronger and faster than DES. Besides, the implementation of AES
is simple and can be easily implemented in the most popular languages and so on,
C and Java.
The number of AES parameters depend on the length of the key and are
characterized in Table 6.2:
Key size (words/bytes/bits) 4/16/128 6/24/192 8/32/256

Plaintext block size (words/bytes/bits) 4/16/128 4/16/128 4/16/128
Number of rounds 10 12 14
Round key size (words/bytes/bits) 4/16/128 4/16/128 4/16/128
Expanded key size (words/bytes) 44/176 52/208 60/240
Table 6.2: AES Parameters
Structure of AES
AES is a cipher that performs operations on bytes rather than bits and so on, 128
bits input is treated as 16 bytes input and then is operated. The 16 bytes input is
arranged in 4x4 matrix for processing. This cipher is based on the “substitution-
permutation network”. Its round-function includes a series of linked operations,
which involves replacing inputs by specific outputs known as substitution and
shuffling of bits known as permutation. The key length decides the number of AES
rounds, in other words 10 rounds are used for 128-bit keys,12 rounds are used for
192-bit keys and 14 rounds are used for 256-bit keys. The encryption and
decryption processes are illustrated in Figure 6.15:
Figure 6.15: Structure of AES

It can be observed that each round in AES includes four other subprocesses which are
illustrated as follows:
a. Substitute Bytes: It uses an S-box to perform a byte-by-byte substitution of the
block. The result is in form of 4 x 4 matrix.
b. Shift Rows: It includes simple permutation, where each of the four rows of the
matrix are shifted to the left. In case of any fall off, entries are re-inserted on the
right side of the row. The following rules are implemented in this subprocess:
1. First row is not shifted.
2. Second row is shifted one (byte) position to the left.
3. Third row is shifted two positions to the left.
4. Fourth row is shifted three positions to the left.
5. The result is a new matrix consisting of the same 16 bytes but shifted with
respect to each other.
c. Mix column: This sub-process includes a substitution mathematical function.
Each column of four bytes is transferred using this function and the resultant
output of the new four bytes is replaced with the original column. This goes on
for all the columns of matrix and a new matrix of 16 bytes entries is obtained.
The last round of the AES does not include this sub-process.
d. Add round keys: In this sub-process, the 16 bytes of the matrix are interpreted
into 128 bits and are XORed with 128 bits of the round key. If it is the last
round, then the result obtained is the cipher text and if not then, the resulting 128
bits are interpreted as 16 bytes and serves as the input for the next round.
The details of S-box and mathematical function of the AES are out of scope and can be
referred to in the book “Cryptography and Network Security” by William Stallings.
The decryption process of AES is similar to the encryption process, except the
sub-processes are performed in reverse order (Figure 6.15 (b)). First, the inverse
shift rows is performed followed by inverse sub-bytes, and then the add-round
key is carried out followed by inverse mix column.
Block cipher modes of operation
As we know a block cipher algorithm is the basic building block needed to
provide security to a variety of applications. NIST has defined various modes of
operation for enhancing the effect of block-cipher based cryptographic
algorithm. The various modes of operations defined are explained as follows:
Electronic Code Book

Electronic Code Book (ECB) is the simplest mode of operation in which each block
of plain text is handled one at a time and is encrypted using the same key. The most
significant characteristic of ECB is that if the same bits appear in the block more than
once, then it produces the same cipher text bits. Figure 6.16 illustrates the encryption
and decryption process in the ECB mode:
Figure 6.16: Electronic Code Book (ECB)

Though ECB is secure and simple but is ideal only for a short amount of data for
example transmission of key. For lengthy messages, the ECB mode is not secured and
in case if the message is highly structured, then it can be easily captured by attackers.
For instance, if it is known that the message always starts with certain predefined
fields or certain repetitive elements occur in it, then it is very easy for the cryptanalyst
to decode it.
Cipher Block Chaining Mode

Cipher Block Chaining Mode (CBC) is introduced to overcome the insecurities of
the ECB mode like the production of the same cipher text for the same plain text. In
this mode of operation, the input to the encryption algorithm is the XOR of the
current plain text block and the preceding cipher text block using the same key for
each block. As shown in Figure 6.17, we have chained together the processing of the
sequence of plain text blocks. For decryption, each cipher block is passed through the
decryption algorithm and the result is XORed with the preceding cipher text block to
produce the plain text block.
In order to produce the first block of cipher text, an Initial Vector (IV) is XORed
with the first block of plain text. Similarly, on decryption, the Initial Vector (IV) is
XORed with the output of the decryption algorithm to recover the first plain text. The
Initial Vector is a data block of the same size as that of the cipher block and should be
known to both the sender and receiver. For maximum security, IV should be protected
from unauthorized access, or else the attacker would fool the receiver and will know
the plain text.
CBC is the best mode of operation used for dealing with large plain text. Refer to
Figure 6.17 for an illustration of the CBC mode:
Figure 6.17: Cipher Block Chaining Mode (CBC)
Cipher Feedback Mode

The block cipher technique eases the process of encryption and decryption; however,
the method of padding, sometimes wastes the transmission capacity of the system. So,
to solve this issue, the use of stream cipher is the only solution. Cipher Feedback
Mode (CFB), converts the scheme like DES that uses a block cipher into a stream
cipher. It eliminates the need of padding and encrypts the message character by a
character using the character-oriented stream cipher. Another lead of using a stream
cipher is that the length of cipher text is the same as that of plain text, whereas this is
rarely in a block cipher because the length of the plain text is not as that of size of a
block. Thus, this results in wastage of transmission capacity. Refer to Figure 6.18 for
an illustration of the CFB mode:
Figure 6.18: Cipher Feedback Mode (CFB)
Figure 6.18 illustrates the CFB mode of operation. As per the figure, the plain text is
assumed to be in segments of ‘s’ bits, which will be considered as the transmission
bits. Initially, some initialization vector (IV) of the size 64 bits is used (in this figure),
such that 1< s < 64. In case of encryption, the input to the encryption function is a 64-
bit shift register that is initially set to IV. The left most (most significant) ‘s’ bits of
the encryption output are XORed with the first ‘s’ segment of plain text to produce
the cipher text, which is then transmitted to the next CFB block. In addition, the
contents of the shift register are shifted left by ‘s’ bits and the cipher text produced is
placed in the right most (least significant) ‘s’ bits of the shift register. This continues
till all the units of plain text are encrypted.
In case of decryption, the same scheme is used, except that the received ciphertext
unit is XORed with the output of the encryption function that produces the plaintext
unit.
Output Feedback Mode
The Output Feedback (OFB) mode is similar to the Cipher Feedback Mode
(CFB). From Figure 6.19, it can be inferred that in the OFB mode, the output of the
encryption function is fed back to the shift register, whereas in CFB, the cipher text is
fed back to the shift register:
Figure 6.19: Output Feedback Mode
Counter Mode
In Counter Mode (Figure 6.20), a reliable counter, equal to the size of the plain text
block is considered. The value of the counter is incremented by 1 for each subsequent
plain text block. In case of encryption, the counter is encrypted and then XORed with
the plain text block to produce a cipher text block, with no chaining mechanism. In
decryption, the same sequence of counter values is encrypted and then counter
XORed with the cipher text block to recover the corresponding plain text block:
Figure 6.20: Counter Mode
The discussed modes of operations are summarized in Table 6.3:
Mode Description Application
Electronic Each block of 64 plain text bits is encoded Secure transmission of

independently using the same key. single values (for
Codebook
example, an
(ECB)
encryption key)
Cipher The input to the encryption algorithm is the XOR of ● General-purpose
Block the next 64 bits of plain text and the preceding 64 block-oriented
bits of cipher text. transmission
Chaining
● Authentication
(CBC)
Cipher Input is processed j bits at a time. Preceding cipher ● General-purpose
Feedback text is used as input to the encryption algorithm to stream-oriented
produce pseudorandom output, which is XORed with transmission
(CFB)
plain text to produce next unit of ciphertext. ● Authentication
Mode Description Application
Output Similar to CFB, except that the input to the ● Stream-oriented

Feedback encryption algorithm is the preceding DES output. transmission over
noisy channel (for
(OFB)
example, satellite
communication)
Counter Each block of plain text is XORed with an encrypted ● General-purpose
(CTR) counter. The counter is incremented for each block-oriented
subsequent block. transmission
● Useful for high-
speed requirements
Table 6.3: Block Cipher Modes of operations
6.4.2 Asymmetric key encryption algorithm

Asymmetric key encryption also known as public key encryption uses two different
keys for encryption and decryption. Unlike the symmetric key encryption technique,
where only a single key is shared between the sender and receiver. Each
communicating device has two keys, one is a public key and the other is a private key.
The public key is the key which is known to everyone and is generally used for
encryption purposes. On the other hand, the private key is the key which is known
only to the owner of the device.
This method can be explained with the help of Figure 6.21. As per the figure, IoT
devices A and B are devices that want to communicate with each other. IoT device A
uses the public key of device B to encrypt the information since public keys are
known to everyone. The encrypted data is then forwarded to the receiver B, where the
receiver device ‘B’ decrypts and perceives the information using its own private key;
since private keys are known only to the owner of the device. In this way, this method
of communication takes place which is much more secure as compared to symmetric
key encryption technique, since there is no problem of distributing keys among the
sender and receiver.
Figure 6.21: Asymmetric Key Encryption
RSA asymmetric cryptosystem
RSA is the most popular asymmetric cryptosystem technique and was invented
by three scholars Ron Rivest, Adi Shamir, and Len Adleman, hence acronym as
RSA. The RSA is a block cipher scheme in which both plain text and cipher
text are integers between 1and ‘n-1’ for some ‘n’. Generally, the size for ‘n’ is
1024 bits and so on, value of n < 21024. It comprises two procedures, firstly the
generation of key pair and secondly the encryption-decryption algorithms.
Generation of RSA key pair
Each person who wants to communicate generates a pair of keys known as the public
key and the private key. The process of key generation is as follows:
Step 1: Generation of RSA modulus (n).
Select two large prime number ‘p’ & ‘q’ such that p ≠ q.
Calculate .
Step 2: Selection of derived number (e).
Calculate .
Select integer ‘e’ such that in other words both
‘e’ & should be coprime.
Step 3: Formation of a public key.
The pair of number {e,n} form the RSA public key and is made publicly available.
Step 4: Formation of a private key.
Calculate the unique integer ‘d’, such that ; this is the
extended Euclidean algorithm.
The pair of number {d,n} forms the RSA private key.
The calculation and derivation of the Euclidean Algorithm is out of the scope of this book.
Readers are advised to refer to Discrete Mathematics.
Example: The following example presents the generation of the RSA key pair. For
simplicity, we have considered small values of prime numbers ‘p’ & ‘q’ , but
practically they are very high numbers.
1. Let two primes be p= 7 & q=13 , thus n = p*q = 91.
2. Calculate =
3. Select ‘e’ s.t , thus e = 5.
4. Public Key = {e,n} = { 5,91}
5. Calculate ‘d’ by using = on
solving the extended Euclidean equation, the value of ‘d’ is derived to be 29.
6. Private Key = {d,n} = {29,91}
Encryption-Decryption algorithm
Once the public and private keys are obtained, the next step is the process of
encryption and decryption. Since RSA does not operate on bits, it only operates on
numbers modulo ‘n’. Thus, it is necessary to represent the plain text as a series of
numbers less than ‘n’.
Encryption: Let Plain text: M < n, public key {e,n}
Then, Cipher text:
Decryption: Let Cipher text Received: C, private key {d,n}
Then, Plain text:
Example: Let M = 10
Encryption:
Decryption: = 10
Conclusion
The chapter establishes the foundation of cryptography in securing the IoT network. It
guides the IoT developers and implementers and helps them in dealing and securing
network communication. The comprehensive outlines of the chapter are summarized
as follows:
Cryptography is a tool for designing security for network systems. The data is
converted and transmitted in unreadable form by the sender so that any
unwanted user is not able to read it. It is then again converted to the readable
form by the receiver at the receiver end.
Cryptography ensures confidentiality, authentication, integrity, and non-
repudiation.
Confidentiality is attained by encryption and decryption. In encryption, plain
text is converted into cipher text with the help of a key. While in decryption,
cipher text is converted into plain text with the help of the same or different
key.
Encryption algorithms are classified into two types: Symmetric and
Asymmetric key encryption algorithms.
In a symmetric algorithm, the same key is used for encryption and decryption,
while in asymmetric, different keys and so on; public and private keys are used
for encryption and decryption.
Symmetric encryption is further classified into classical and modern ciphers.
Where classical cipher comprises substitution and transposition ciphers.
The substitution cipher includes the replacement of letters by other letters.
Examples of substitution cipher include Caesar cipher, monoalphabetic cipher,
polyalphabetic cipher, Playfair cipher and so on.
Transposition cipher includes the change in position of letters within the
plaintext. It inculcates rail-fence and row-column cipher.
Modern cipher inculcates block cipher and stream cipher. In Block cipher, plain
text is divided into chunks and is then processed, while in stream cipher
plaintext is processed in bit format. Each bit in the plaintext is processed one by
one.
6.5 Questionnaire

1. In asymmetric key cryptography, the private key is kept by __________
a. sender
b. receiver
c. sender and receiver
d. all the connected devices to the network

2. What is data encryption standard (DES)?
a. block cipher
b. stream cipher
c. bit cipher
d. byte cipher
3. How many rounds does the AES-192 perform?
a. 10
b. 12
c. 14
d. 16
4. Which are the most frequently found letters in the English language ?
a. e,a
b. e,o
c. e,t
d. e,i
5. On Encrypting “thepepsiisintherefrigerator” using Vigenere Cipher
System using the keyword “HUMOR” we get cipher text-
a. abqdnwewuwjphfvrrtrfznsdokvl
b. abqdvmwuwjphfvvyyrfznydokvl
c. tbqyrvmwuwjphfvvyyrfznydokvl
d. baiuvmwuwjphfoeiyrfznydokvl
6. DES follows
a. Hash Algorithm
b. Caesars Cipher
c. Feistel Cipher Structure
d. SP Networks
7. Which mode requires the implementation of only the encryption
algorithm?
a. ECB
b. CBC
c. CTR
d. OFB
Answer key
1. (b) 2. (a) 3. (b) 4. (c) 5. (b) 6. (c) 7. (c)

1. What is cryptography and how does it help in securing IoT?
2. Define secrecy and derive secret-key capacity in IoT system.

1. What kinds of threats exist for a cryptographic system?
2. What are the key differences between asymmetric and symmetric
cryptography?
3. What are the mathematical algorithms used in asymmetric cryptography?
Keywords (†)
Permutation: Permutation of a finite set of elements ‘S’ is an ordered sequence
of all elements of ‘S’, with each element appearing exactly once. For instance,
if S = {a,b,c} then there exist 6 permutation abc, acb, bca, bac, cab, and cba.
Multi-letter encryption: It means that the same letter can have different cipher
elements. For example, at one point letter ‘E’ can have cipher element ‘G’ and
at other point the same letter ‘E’ can have a cipher element ‘T’. Thus, this
ensures more security as an attacker can get confused in obtaining the correct
element.
References
[1] M. Ramezani Mayiami, B. Seyfe, and H. G. Bafghi, “Perfect secrecy via
compressed sensing,” in 2013 Iran Workshop on Communication and Information
Theory, May 2013, no. 91, pp. 1–5, doi: 10.1109/IWCIT.2013.6555751.
[2] V. Y. F. Tan and M. Hayashi, “Analysis of Remaining Uncertainties and
Exponents Under Various Conditional Rényi Entropies,” IEEE Trans. Inf. Theory,
vol. 64, no. 5, pp. 3734–3755, May 2018, doi: 10.1109/TIT.2018.2792495.
[3] J. Pfister, M. A. C. Gomes, J. P. Vilela, and W. K. Harrison, “Quantifying
equivocation for finite blocklength wiretap codes,” in 2017 IEEE International
Conference on Communications (ICC), May 2017, pp. 1–6, doi:
10.1109/ICC.2017.7996925.

CHAPTER 7
Crypto Foundations II
This chapter is in continuation of the previous Chapter 6, Crypto Foundations I. It

extends the concept of cryptography with a hash function and digital signature. It
provides an in-depth illustration of how cryptography can be used to protect IoT
communications and its messaging protocols. It also guides and advises the users
in providing additional cryptographic protections to different layers of the IoT
stack. The chapter builds the foundations of upcoming topics discussed in the
book such as identity management, trust management, and privacy preservation
for IoT systems. Besides this, it outlines the cryptographic controls for IoT
communication and messaging protocols, along with the IoT node authentication
mechanisms.
Structure
Concepts and techniques of cryptography in maintaining the integrity of
messages.
Cryptographic authentication and its role in nurturing IoT node
authentication
Cryptography key management fundamentals and various signature
algorithms
Cryptographic controls over IoT protocols
7.1 Message integrity- Hash functions and their security

Till now, we studied various methods of encrypting and decrypting messages. No
doubt encryption maintains the confidentiality of the message but encryption
alone cannot guarantee the privacy of the message because it cannot ensure its
integrity. Attaining message integrity means that the message received has not
been tampered with or manipulated. There are several situations where we want to
attain message integrity without any encryption. For instance, we can refer to the
protection of public data, where instead of confidentiality maintaining integrity is
given much more importance. The most common approach to maintaining
integrity is through the use of the HASH function. The Hash function accepts a
variable-size message and produces a fixed-size output known as hash-value or
message digest value, which is very difficult for the attacker to decode.
7.1.1 Properties and applications of Hash functions

A Hash function is a function that produces a fixed-sized unique hash value by
considering variable-size messages as its input. Diagrammatically the hash
function is shown in Figure 7.1, and mathematically, it is represented as h = H(M),
where ‘H’ is the hash function, ‘h’ is the hash-value and ‘M’ is the variable input
message. Hash functions have the following properties:
Hash function ‘H’ can be applied to input data of any size but produces only
fixed-length output.
H(M) is relatively easy to compute for any given ‘M’, thus making both
hardware and software implementations to be practical in nature.
They are designed in such a way that they cannot disclose any information
about the original data that was hashed. This is a one-way property and is
called pre-image resistance.
They are designed so that no two different messages have the same hash
value. This is called second-preimage resistance or strong collision
resistance.
They can produce any random value, that is known as a hash value or
message digest.
They provide the error-detection capability. It means a change in any bit or
bits of the message may result in a change in its hash code. Please refer to
the following figure:
Figure 7.1: Hash Function
Applications of the Hash function

The hash value is appended to the message at the sender’s end when the message
is considered to be correct. The receiver on receiving the message, checks its
integrity by recomputing the hash value. If the obtained hash value by the sender
and the recomputed hash value by the receiver are the same, then the message is
said to be authentic with maintained integrity.
The hash function itself is not secret, so some means to protect the hash value should be
provided.
The main purpose of the Hash function is to ensure message integrity. However,
apart from that, hash functions can also be used for the following purposes:
Maintaining confidentiality with integrity: This can be achieved by first
concatenating the message with the hash code and then encrypting it using
symmetric encryption. Figure 7.2 illustrates that only A and B have shared
the same secret key. This means that the message is confidential as it is
coming from A and has not been disclosed to any third party, since keys are
shared between A and B only. It also ensures the integrity of the message by
comparing its sender’s hash value with recomputed receiver’s hash value.
Figure 7.2: Hash Function for maintaing confidentiality and integrity
Maintaining integrity: It may happen that certain applications demand
only integrity of data and are not concerned with confidentiality. In that
case, only the generated hash code is encrypted and is then concatenated
with a message. This is then shared with the receiver. Refer to Figure 7.3
for illustration:
Figure 7.3: Hash function for integrity

Generation of asymmetric digtal signatures: A digital signature is
generated by encrypting the hash code using public-key encryption and
using the sender’s private key. Refer to Figure 7.4:
Digital signatures are studied in the next section.

Figure 7.4: Hash Function for Digital Signature
Ensuring confidentiality with digital signature: This can be attained by
symmetrically encrypting the concatenated message and the private key
encrypted hash code using the secret key. Refer to Figure 7.5:
Figure 7.5: Confidentiality with Digital Signature

Ensuring integrity without encryption: This can be achieved by sharing
the common secret value ‘S’ between two communicating parties. ‘A’
computes the hash value over the concatenation of ‘M’ and ‘S’, which is
then appended with the message ‘M’. Since ‘B’ possesses ‘S’, it can
recompute its hash value and verify its integrity. Refer to Figure 7.6 for an
explanatory illustration:
Figure 7.6: Hash Function for integrity without encryption
7.1.2 Popular Hash function

Cryptography uses several Hash functions. Some of the prominent and most
popular hash functions are as follows:
Message Digest-version5 (MD5)
MD5 was the most popular hash function that was adopted as the Internet
standard RFC1321. It consists of a 128-bit hash function and was used to
provide assurance about the integrity of the transferred file. For instance,
the file servers consisting of MD5 hash functions provide pre-computed
MD5 checksum to the files. This checksum helps the user to compare and
verify the downloaded file. However, in 2004, a collision attack was
reported in a computer cluster which resulted in a compromised MD5 and
hence, thereafter MD5 was no longer recommended for use.
Secure Hash Algorithm
The Secure Hash Algorithm (SHA) was developed by NIST in 1993 and
was referred to as the SHA-1. It is based on the hash function MD4 and
produces a 160-bit hash value. With time, its revised versions were
developed with the hash values of lengths 256 bits, 384 bits and 512 bits
and were known as SHA-256, SHA-384 and SHA286-512. All these
versions are almost similar to each other and use the same structure and
logical functions. In this section, we will discuss the logic and working of
SHA-512.
The algorithm takes a variable-length message as the input which is of
maximum length of 2128 bits and produces 512-bit output as a message
digest. The input is divided into chunks of 1024-bits and then each chunk is
processed as shown in Figure 7.7:
Figure 7.7: Structure of SHA

Step 1: Append length: A block of 128 bits is always appended to the message
and is treated as an unsigned 128-bit integer.
Step 2: Appending padding bits: Let us consider a message of length ‘L’, which
is divided into chunks of 1024 bits. In case, any chunk is left with less than 1024
bits, then the last chunk is padded with additional remaining bits which follows
the format of a single 1-bit followed by the remaining number of 0 bits.
The outcome of the first two steps is a message of length that is a multiple of 1024
bits. It can be represented as the chunks M1, M2….MN, such that each M is 1024
bits and the final message is N x 1024 bits.
Step 3: Initialize the Hash buffer: A 512-bit buffer is used to hold the
intermediate and the final results of the hash function. The buffer is represented as
eight 64-bit registers ‘a, b, c, d, e, f, g, h’. These registers are initialized as follows
(in hexadecimal values):
a =6A09E667F3BCC908
b =BB67AE8584CAA73B
c = 3C6EF372FE94F82B
c =A54FF53A5F1D36F1
e =510E527FADE682D1
f =9B05688C2B3E6C1F
g =1F83D9ABFB41BD6B
h =5BE0CDI9137E2179
Step 4: Processing of message in 1024-bit blocks: Processing is the heart of the
SHA algorithm and consists of 80 rounds which are labeled as ‘F’ as shown in
Figure 7.7. The actual logic of ‘F’ is illustrated in Figure 7.8:
Figure 7.8: Processing of message block in SHA
Each round takes as input the 512-bit buffer value ‘a b c d e f g h’ and then
updates the contents of the buffer with a newly generated value after every round.
At the input of the first round, the buffer has the intermediate hash value, Hi-1.
Each round ‘t’ makes use of a 64-bit value Wt and an additive constant Kt. The
output of the 80th round is added to the input to the first round ‘Hi-1’ to produce
Hi. The addition is done independently for each of the eight words in the buffer
with each of the corresponding words in Hi-1 using addition modulo 264.
The derivation of Wt and Kt is not discussed in this book. Readers can refer to the Book
“Cryptography and Network Security” by William Stallings.
Step 5: Output: When all ‘N’ 1024-bit blocks are processed, the output from the
Nth stage is the 512-bit message digest, which is considered the final hash value.
The behavior of SHA-512 can be summarized as follows:
H0 = IV (Initial Vector)
Hi = SUM64 (Hi-1 , ‘a b c d e f g h’i)
MD = HN
Where,
IV = initial value of the ‘a b c d e f g h’ buffer, as defined in step 3
‘a b c d e f g h’ i = the output of the last round of processing of the ith message
block
N = the number of blocks in the message (including padding and length fields)
SUM64 = Addition modulo 264 performed separately on each word of the pair of
inputs
MD = final message digest value
7.1.3 Merkle tree

In cryptography, the Merkle tree is also known as the hash tree. It is a tree
structure in which each leaf node is a hash of a block of data and each non-leaf
node is a hash of its children. This results in a single hash node termed the Merkle
root. A Merkle tree is a tree of the hash value and is a generalization of a hash list
or hash chain and allows efficient and secure verification of contents of a large
data structure.
Figure 7.9 represents a Merkle Tree. Let there be a data m0, m1, m2, and m3. Data
can be any file or some private key or any other sensitive content. In the Merkle
tree, each data is hashed to M0, M1, M2, and M3 represented as hashed leaf nodes.
As we move up the tree; child node hashed values are appended and hashed again
to form another level of the tree. For instance; M0 & M1 are hashed to M01 and
M2 & M3 are hashed to M02. These nodes are again hashed to the next higher
level. It continues till the Merkle root is achieved. Here, the Merkle root achieved
is M10 as represented in Figure 7.9. If every node of a Merkle tree has two
children, then the tree is said to be a binary Merkle tree.
Data (m) is not considered as the part of the Merkle tree but the Hashed Data(m) is a part
of Merkle tree.
Figure 7.9: The Merkle Tree
Significance of the Merkle tree

The first question that comes to our mind is “Why use the Merkle tree? Why not
hash all messages and then hash the result to get one root hash value?” (As shown
in Figure 7.10)
The answer to this is explained with the help of the following example. Let’s
assume Bob gets the root hash from a trusted source. Suppose if Alice wants to
prove to Bob that message m6 is not tampered with, then she needs to:
1. Send a message m6.
2. And, all other hashed messages, that is, M0, M1, M2…M5, M7……M15 to
Bob.
Bob in return will:
1. Hash the message m6 to M’6.
2. Append all the hashes (M0, M1, M2…M5, M7……M15), including M’6 to a
single string and hash this resultant string to get one root hash.
3. He will then compare this new root hash with the received trusted source
root hash to check if the message m6 is tampered or not.
In this example , Alice has to send message m6 and the other 15 hash values to
Bob to prove that the message is not tampered with. Refer to Figure 7.10:
Figure 7.10: Hashing without the Merkle Tree

A much better solution can be obtained by using the Merkle Tree as shown in
Figure 7.11. Again, just as before Bob gets the root hash from a trusted source.
Suppose Alice wants to prove that m6 is tampered with or not, then instead of
sending all the hash values. In this case, Alice needs to send only the message m6
and the four other hash values (represented by a green box).
Bob, in turn, will hash the message m6 and then with the help of the received four
hash values will evaluate the root hash value. Following that Bob will compare it
with the root hash from the trusted source, to find whether m6 is tampered with or
not.
In this example, Alice needs to send only the message m6 and the four hash
values to see whether m6 is tampered with or not, in comparison to the earlier
method where Alice has to provide 16 hash values and message m6 to Bob. Thus,
using the Merkle tree the integrity and validity of the data is maintained by using a
small amount of data that a trusted authority has to maintain. Hence, little memory
and disk space are needed.
Figure 7.11: Usage of the Merkle Tree
If a Merkle tree has more leaves, less hashed values are needed, in comparison to the
number of leaves, to validate whether the message is tempered or not. Figure 7.12
presents the large number of leaves but if we have to check whether particular data is
tampered or not, then the message and the only 5 hashed values are required to be sent
(represented by green).
Figure 7.12: Another example of a Merkle Tree
7.2 Message authentication

Message authentication is a procedure to verify that the received message is
coming from the originator of the message itself and that it has not been modified.
It also verifies the sequencing and timeliness. This mechanism has two-levels of
functionality; in the first level, some function is used, which produces a value to
the authenticator to authenticate a message. In the next level, the produced value
is used by the receiver as a primitive to verify the authenticity of a message.
This function just discussed is a Message Authentication Code or MAC. MAC
is a function of the message and a secret key that produces a fixed-length value to
the authenticator for authenticating the messages.
7.2.1 Message Authentication Code

A message authentication is a symmetric cryptographic technique that provides
the authentication of a message. Messages are authenticated by establishing the
Message Authentication Code (MAC) algorithm between the sender and the
receiver using a secret key. Here, the sender is the signer and the receiver is the
verifier of the message.
The MAC algorithm generates a fixed-size block of data known as cryptographic
checksum or MAC code, which is appended to the message for authentication.
Whenever a sender wishes to send a message to the receiver, it calculates the
fixed-size MAC code as a function of the message (M) and the shared key (K) of
the form MAC = C(K, M). This MAC code is served as the authenticator and is
appended to the message at the source at a time when the message is assumed or
known to be correct. On the other end, the receiver authenticates that message by
recomputing the MAC code. This is illustrated with the help of the following
figure:
Figure 7.13: Illustration of MAC code
MACs can be used in a variety of protocols, such as SSL, TLS, IPSec, and many
others. Some examples of MAC are HMAC-SHA1, HMAC-SHA256, CMAC,
GMAC, and so on.
A detailed description of these examples is out of the scope of the book. Readers can
refer to the book “Cryptography and Network Security” by William Stallings.
MAC codes have the following two limitations:

Since it is a symmetric key cryptographic algorithm, the authentication can
only be provided between the pre-defined legitimate users.
MAC techniques cannot provide non-repudiation services because if both
sender and receiver get miffed over message originator, then the MAC code
cannot provide a proof that a message was indeed sent by sender.
7.2.2 Authenticated encryption

The discussed Message Authentication Codes (MAC) were only capable of
providing authentication of data. However, ensuring confidentiality is another
important measure for ensuring the secrecy of the data. Integrating both
authentication and confidentiality separately within the particular data was found
to be error prone and difficult because it requires two passes over the data.
Therefore, a new concept was introduced by cryptographers known as
Authenticated Encryption (AE). In Authenticated Encryption, MAC algorithms
are integrated with encryption ciphers to provide confidentiality and
authentication in a single step. Actually, both the operations are performed in
parallel.
The idea of authenticated encryption is illustrated in Figure 7.14. It consists of the
Secret Key as the input which is known only to the sender and receiver. Plain text,
Nonce (a random number) and some associated data (may or may not) are also
considered as input which are not secret in nature. The associated data is the data
which needs only authentication but no encryption; this can be processed before
decryption of the entire message. If AE includes associated data, then it is termed
as Authenticated Encryption with Associated Data (AEAD). The AE algorithm
generates ciphertext and a Tag as output, where ciphertext ensures confidentiality
and a Tag ensures authentication of the plaintext. Refer to Figure 7.14 for an
understanding of the authenticated encryption:
Figure 7.14: Illustration of Authenticated Encryption

Approaches to authenticated encryption
There are three most popular approaches that are adopted to obtain the
authenticated encryption:
Encrypt-and-MAC (E&M)
In this approach, MAC is produced based on the plaintext, and the plaintext
is encrypted using an encryption algorithm. A key used for encryption and
hashing can be shared in this approach of authenticated encryption. Both the
plaintext’s MAC and ciphertext are sent together to the receiver. This
approach is adopted by SSH protocol but is not proved to be strongly
unforgeable since the same key is shared for both hashing and encryption.
Refer to Figure 7.15:
Figure 7.15: Encrypt-and-MAC

MAC-then-Encrypt (MtE)
In this approach, a MAC code is produced by hashing the plaintext, and
then both the plaintext and MAC are encrypted to produce a ciphertext. The
ciphertext is then forwarded to the receiver for authentication and
confidentiality. This approach is supported by TLS 1.2 protocol. Despite the
provision of security, this approach is not fully unforgeable because the
concept of encrypting MAC and plaintext includes padding in MAC code,
which often results in padding errors on recipient side. Refer to Figure 7.16:
Figure 7.16: MAC-then-Encrypt
Encrypt-then-MAC (EtM)
In this approach, plaintext is first encrypted and then a MAC code is
produced by hashing the resulting ciphertext. The produced ciphertext and
MAC code are then together forwarded to the recipient. This approach
supports the separation of keys, that is, distinct keys are used for encryption
and for hashing. Due to its distinct use of keys this method has reached the
highest definition of security. This approach is generally used in IPSec
protocol. Refer to Figure 7.17 for illustration:
Figure 7.17: Encrypt-then-MAC
7.3 Random number generation

Random numbers play a pivotal role in cryptography and are basically used in
modern encryption techniques for various network security applications. Random
numbers are used for the following reasons:
Since encryption on the Internet works automatically without the use of
password. So, to have sufficient security; large cryptographic keys are
needed for generating ciphers. For example, 256-bit keys are needed for
AES-256. The generation of large random keys is done with the help of
random number generator.
For all encrypted connections, new and different keys are needed and are
required to be transmitted securely between sender and receiver. These new
and different keys are generated using random number generator.
Keys should be opted in such a way that it should be difficult for attackers
to guess it. Consecutive keys or keys forming some pattern can easily be
known to attackers. Therefore, random numbers are used as keys, so as to
make it difficult for an attacker to guess it.
Random Initial Vectors (IV) and nonces are arbitrary random numbers that
are used once in cryptographic communication. The generation of these
arbitrary numbers is done using the random number generator.
Therefore, it is necessary that the keys for cryptographic protocols or algorithms
should be securely and randomly generated, so that it is never in the reach of
attackers.
Random numbers are categorized into true random numbers and pseudo
random numbers. True random numbers are created by observing the real
physical phenomenon that are expected to be random. For example, atmospheric
voice or any electromagnetic and quantum phenomena. On the other hand,
pseudo-random numbers are created by using an algorithm. Algorithms generate
long sequences of random numbers, using some Seed value which forms the basis
of the generated sequence.
True random numbers are generally slow and depend on the occurrence of nature.
Thus, in cryptography, we use the pseudo random numbers, which are generated
using pseudo-random generators also known as Pseudo Random Number
Generators (PRNGs).
The most popular and widely used PRNGs is an algorithm that was first proposed
by cryptographer Lehmer and is known as Linear Congruential Generator
(LGR).
Linear Congruential Generator (LGR)
The Linear Congruential Generator is a deterministic algorithm that is
parameterized with four numbers and is represented by equation 10:
𝑦𝑖 = 𝑎.𝑦𝑖 − 1 + 𝑏𝑚𝑜𝑑 𝑚 (10)
Here, ‘m’ is the modulus & m>0, ‘a’ is the multiplier & 0 <a < m, ‘b’ is the
incrementor & 0 ≤ b < m, y0 is the starting value or seed & 0 ≤ y0 < m.
If m, a, b, and y0 are considered to be integers then this technique will produce a
sequence of random integers ranging 0 ≤ yi < m.
The selection of a, b, & m is very critical in the development of good random
numbers. For instance, if a = 7, b = 0, m = 32, and y0 = 1, then it generates the
sequence {7,17,23,1,7,17….}, from the generated sequence. It is clear that it is
unsatisfactory as only 4 numbers are used out of 32 possible values. If for
instance, we change a=5, b=0, m = 32 and = 1, then it generates the sequence
{5,25,29,17,21,9,13,1,5,25……}, from the generated sequence we can infer that
only 8 numbers are used out of 32 possible values, which is again unsatisfactory.
Now let’s assume a = 3, b = 5, m = 31, and y0 = 0, then the generated sequence is
{0, 5, 20, 3, 14, 16, 22, 9, 1, 8, 29, 30, 2, 11, 7, 26, 21, 6, 23, 12, 10, 4, 17, 25, 18,
28, 27, 24, 15, 19, 0, 5……}. From the generated sequence, we can infer that this
is the satisfactory sequence generator, with 30 generated random numbers out of
31 possible values.
From these examples, we can conclude that the appropriate choice of parameters
should be done so as to have the best possible random numbers. The rules for the
choice of parameters are as follows:
The increment b and the modulo m should be relatively prime.
Each prime factor of m divides a-1.
If m is divisible by 4, then m-1 should also be divisible by 4.
Significance of the SEED Value in PRNGs
SEED in PRNGs plays a pivot role in producing random numbers for
cryptographic keys, initialization vectors, nonces and padding. SEEDs emerge
from high entropy sources, and if they are poorly designed, have some sort of bias
or malfunction that can compromise the PRNG output and cryptographic
implementation. This may result in spoofing of the messages. A generalized
PRNGs entropy seeding process is illustrated by the Figure 7.18. In the figure, it
can be depicted that there are several arbitrary entropy sources that are pooled
together and when needed PRNG extracts the seed value from this pool:
Figure 7.18: Process of PRNGs

In connection to the IoT, the IoT device for instant smart cards that generates
cryptographic materials should be seeded with high entropy sources and should be
well protected from disclosure, tampering or any other type of malfunction. For
example, smart cards mitigate the attacks on its PRNGs by changing the
temperature of the chip. Since smart cards consists of electrical circuits that
change the temperature above threshold whenever some attack is detected. As
soon as the temperature exceeds the above threshold, an entropy gathering
function stops generating random numbers or keys.
In addition, IoT device vendors should take care to include high quality random
number generators during the design of device’s cryptographic architecture. This
incorporates production of high-quality entropy, protection of entropy state,
PRNG state, PRNGs inputs, PRNGs output, and so on.
Entropy, entropy sources, and entropy testing can be well understood by referring NIST
special publication 800-90B [3].
7.4 Cipher suites

Cipher suite is defined as the integration of various cryptographic algorithms into
a single algorithm; whose aim is to achieve the desired security properties. It is the
integration of a possible set of algorithms, its possible keys and its uses.
Cipher suites can be enumerated in several ways. For instance, in the Transport
Layer Security (TLS) protocol, a wide array of cipher algorithms is combined to
protect network sessions for web services, HTTP traffic, its real-time protocols
and many others. An example is as follows:
TLS_RSA_WITH_AES_128_GCM_SHA256, which interprets the use of the
following:
RSA algorithm for authenticating the server’s public key certificate.
AES-128 for encrypting all data through the TLS tunnel. Encryption is
performed using the Galois Counter Mode (GCM) that provides the
tunnel’s ciphertext and MACs for each TLS datagram.
SHA-256 is used for the hashing algorithm.
Once the TLS cipher suite is implemented, the following security properties are
set up for the TLS connection:
The client authenticates the server by validating an RSA-based signature
over the SHA-256 hash of the public key certificate.
Next, the client encrypts its large, randomly generated number called pre-
master secret; using the server’s public RSA key and directly forwarding it
to the server.
Both client and server use the pre-master secret to compute the master
secret. Key derivation is performed for both parties to generate an identical
key containing the AES key that will encrypt the traffic.
AES-GCM algorithm is used for AES encryption/decryption. In addition,
AES computes the MAC that is appended to each TLS data gram.
In this way, IoT and its cryptography algorithms are put together in different ways
to counter specific threats like MITM.
7.5 Signature algorithm means of IoT node authentication

A digital signature is a tool of modern cryptography and is used to ensure
integrity, authentication, data origin, and non-repudiation protection of IoT nodes
and systems. Just like, in the physical world, handwritten signatures are designed
by the signer and are used to bind the signatory to the message. Similarly, a digital
signature binds a person/entity to the digital data, which can be independently
verified by the receiver as well as any third party. Figure 7.19 illustrates the
functioning of digital signatures:
Figure 7.19: Illustration of a Signature Algorithm

In the diagram, the originator (or sender) takes his message and signs it using its
own private key; to produce the signature using a signature algorithm. The
signature along with the message, which is now called a signed message is
transmitted to the receiver, who with the use of the sender’s public key performs
the inverse of signature operations called signature verification.
If the signature verification is successful, then it can be claimed that the data was,
indeed, signed by a known or declared key or by a person and also that the data
has not been corrupted or tampered with. If in case, the signature verification
process fails, then the verifier (or receiver) should not trust the integrity and the
originator of the data.
The actual modeling of the digital signature algorithm will be discussed next. However,
for interest to the readers, digital signature includes three basic steps: generation of
private and public key pair, creation of digital signature, and verification of the
signature.
7.5.1 Types of signatures

Digital signatures come in two flavors, based on their communicating parties:
Direct digital signature and Arbitrated digital signature.
Direct digital signature
The direct digital signature involves only the communicating parties, that is,
the source and destination. It is assumed that the destination knows the
public key of the source and the signature is formed by encrypting the entire
message with the sender’s private key or by encrypting a hash code of the
message with the sender’s private key.
From the description, it can be inferred that the validity of the direct digital
signature depends on the security of the sender’s private key. This can be
done because if the sender wishes, then he can deny sending a particular
message, by stating that his private key was lost or stolen and someone else
has forged his or her signature.
Arbitrated digital signature
The problems associated with direct digital signatures are addressed in
arbitrated digital signatures, where a trusted third party or arbiter is
involved in the communication. Here, every signed message from sender to
receiver first goes to a third party known as an arbiter. The arbiter is
responsible for the verification of message originality and its content. The
message is stamped with date and time and is then sent to the receiver with
an indication that it has been verified to the satisfaction of the arbiter. This
has solved the problem associated with direct digital signature; where now;
the sender cannot disown the message.
All parties communicating in this scheme should have great deal of trust that the
arbitration mechanism is efficient and is working properly.
7.5.1 Digital signature schemes

As discussed, digital signatures are the power source of providing authentication,
integrity, and non-repudiation protection. In this section, we will discuss the three
widely used digital signature schemes, which are as follows:
Elgamal Digital Signature Scheme
Schnorr Digital Signature Scheme
Digital Signature Algorithm (DSA) based on Digital Signature Standard
(DSS)
Elgamal Digital Signature Scheme
The Elgamal digital signature scheme is based on the algebraic properties of
modular exponentiation along with the discrete logarithm problem. The
Elgamal digital signature is a pair of two complex values denoted by (S1,
S2). It consists of two global elements which are known to every member
taking part in the communication. These global elements are prime numbers
‘q’ and ‘α’ , where ‘α’ is a primitive root of ‘q’.
This scheme includes three major steps: Let ‘A’ be the sender and ‘B’ be the
recipient
1. Generation of a private-public key pair
a. Select a random number XA, such that 1 < XA < q-1
b. Compute
c. A’s private key is XA and A’s public key is {q, α, YA}
Example
Let global elements q = 19 and α =10.
a. Let’s assume sender selects value of XA = 16.

b.
c. A’s private key = 16 and A’s public key = {19,10,4}
2. Creation of a digital signature

Let’s consider that the sender wants to send the message ‘M’ whose hash
value is ‘m = 14’. For the creation of a digital signature, the following steps
are followed:
a. Choose a random integer ‘K’ such that 1< K < q-1 and gcd(K,q-1)= 1.
b. Compute
c. Compute
d. The digital signature is (S1, S2).
Example
a. Sender selects K = 5 , s.t gcd(5,18)=1

b. S1 = αK mod q = 105 mod 19 = 3
c. S2 = K-1 (m-XA S1) mod(q-1) = 5-1 (14-16*3)mod18 = 11*-34 mod18= -374 mod18
d. Digital signature=(3,4)
1. Verification of the signature

a. Calculate V1 = αm mod q.
b. Calculate V2 = (YA)S1 (S1)S2 mod q.
c. Compare V1 and V2, if V1 = = V2 , then the signature is verified else

not verified.
Example
a. V1=αm mod q = 1014 mod19 = 16

b. V2 = (YA)S1 (S1)S2 mod q = (4)3 (3)4 mod 19 = 5184mod19 = 16
c. Since V1=V2, hence signature is verified.
The problem associated with the Elgamal signature is that the value of ‘q’ should
be very large so that the signature generated becomes intractable. However, as a
result the size of the signature also becomes very large. This consumes a lot of
communication energy and bandwidth. In addition, in Elgamal there is a
possibility of forgery also. So, to solve this issue Schnorr proposed a new scheme
with reduced signature size.
Schnorr Digital Signature Scheme
The idea of the Schorr Digital Signature was proposed by cryptographer,
Claus Schnorr. It is a simple scheme that generates a six times shorter
signature than the Elgamal signature. Hence, it is also six times faster than
the Elgamal signature. The security of Schnorr Digital Signature is based on
intractability of discrete logarithm problems. The signature generated by
this scheme does not depend on the complete message, that is, only part of
the message is used for signature generation. The scheme uses prime
modulus ‘p’, such that (p-1) is a prime factor of ‘q’, that is, p = 1(mod q).
Generally, the value of ‘p’ and ‘q’ that we use are p = 2^1024 and q =
2^160.
The scheme includes three major steps:
1. Generation of a public-private key pair
a. Choose prime numbers ‘p’ & ‘q’, such that p = 1(mod q).
b. Choose an integer ‘α’, such that αq = 1mod p. The value of α, p & q

are global public keys that can be common to a group of users.
c. Choose a random integer ‘s’, s.t 0<s<q. ‘s’ is the user’s private key.
d. Calculate v = α-s mod p, where ‘α’ is the user’s public key.

2. Creation of a digital signature
a. Choose a random integer ‘r’, 0<r<q and compute x = αr mod p.
b. Concatenate the message and hash the result to compute the value e =
H(M ∥ x).
c. Compute y = (r + se) mod q. The signature includes the pair (e, y).
3. Verification of the signature
a. Compute x'= αy ve mod p, compare x' & x.
b. Compute e' = H(M ∥ x') and compare e' & e.
c. If x' = x and e' = e, then signature is verified and authenticated.
Digital Signature Standard Scheme

Digital Signature Standard (DSS) is published by the National Institute
of Standards and Technology (NIST) in its Federal Information
Processing Standard FIPS 186. The standard is developed for determining
the long-distance authenticity of the document using public key
cryptography.
DSS approach
The DSS approach is represented in Figure 7.20. The original message ‘m’
is passed onto the hash function ‘H’ and this creates a message digest
denoted by h. Next, it bundles the message together with the hash value and
then encrypts the resultant (M + H(M)) with the sender’s private key. Once
the encrypted message with hash (now known as a signed document) is
received by the recipient, it is decrypted using the sender’s public key. After
decryption, the hash value of ‘M’ is recomputed and the recomputed hash
value is compared with a received hash value. If both hashes are the same,
then the message is said to believe that it has been sent by the authentic
sender. Please refer to the following figure:
Figure 7.20: The DSS approach

Digital Signature Algorithm
Digital Signature Algorithm (DSA) is based on the Digital Signature
Standard and is an open-source digital signature algorithm that is available
royalty-free by NIST. It works on the framework of modular exponential
and discrete logarithmic problems which are difficult to be tracked by any
brute-force attack. This signature scheme provides all three benefits, that is,
message authentication, integrity verification, and non-repudiation.
In DSA, the signature is generated by signing only the message digest with
the private key of the originator. Since only the message digest is signed,
the signature is generally much smaller as compared to other signature
techniques. As a result, this signature imposes less load on processors at the
time of signing the execution and also uses a very small volume of
bandwidth.
Another feature of DSA is that it does not encrypt message digest using the
private key or decrypt message digest using the public key. Instead of this, it
uses mathematical functions to create a digital signature. It consists of two
160-bit numbers that are originated from the message digest and private
key. The public key is used for authenticating the signature:
Figure 7.21: The Digital Signature Algorithm

The actual processing of DSA is illustrated in Figure 7.21. A plain text ‘M’ is
passed onto the hash function ‘H’ and the message digest is generated. This is
then passed onto the signing function. The signing function includes parameters
like a global variable (G), random variable (K), and a private key of the sender.
The output of the signing function are two 160-bit numbers (s & r), which are then
bundled with the plaintext and forwarded to the receiver.
The receiver on the other end passes the plaintext to the same hash function ‘H’
and recomputes the message digest which is then passed onto the verification
function with other parameter requirements such as the public key of the sender,
global variable (G), and s & r. The value generated by the verification function is
compared to ‘r’, if they match, then the verification process is said to be complete
and data integrity is verified.
Mathematical formulation of DSA
As learned in other schemes, this scheme too includes three major steps:
a. Key generation
a. Select ‘q’ as a prime divisor.
b. Select a prime number ‘p’, such that .
c. Select any integer ‘g’, such that 1<g<p and
d. Select any random integer ‘x’ as a private key such that 0 < x < q.
e. Calculate a public key ‘y’ by using formula
f. Private key: {p,q,g,x}
g. Public key: {p,q,g,y}
b. Signature generation
a. A message is passed through the hash function to generate a message
digest ‘h’.
b. Choose any random integer ‘k’ such that 0 < k< q.
c. Calculate the value of ‘r’ by using formula
d. Calculate the value of ‘s’ by using formula
e. Digital signature created: {r,s}
c. Signature verification
a. Calculate the message digest using the same hash function as in the
signature generation and regenerate a message digest ‘h’.
b. Compute the value of ‘w’ such that
c. Compute the value of u1 as:
d. Compute the value of u2 as:
e. Compute verification component v as:
f. Compare ‘v’ and ‘r’, if v == r, the signature verification successful.

Advantages of DSA
When compared to other digital signatures, DSA is the most popular because of
the following advantages:
DSA is highly robust in security and stability aspect.
The key generation is much faster.
DSA requires less storage space to work its entire cycle.
DSA is patented but is worldwide freely available.
7.6 Cryptographic key management

The fundamentals of cryptography and its related modules had been addressed till
now. In each module, we have observed that the keys play a pivotal role in
processing and securing the process of cryptography. It is an accepted fact that the
benefits of using strong cryptographic schemes will be potentially lost if there are
no secure procedures available to handle the cryptographic keys. Therefore, in this
section, we will dive and explore the topic of cryptographic key management. Key
management is the art and science of protecting cryptographic keys within the
crypto device and across the enterprise, to secure the connected things of our
world. It is referred to as secure administration of cryptographic keys.
Electronic Key Management System (EKMS) also known as Key Management

Infrastructure (KMI) is an NSA’s key management system that is used protect US
national security, that is, the Navy and the Air Force.
7.6.1 Key management fundamentals

The Key Management System includes various activities that are pertinent to the
devices and systems in which they operate. It deals with the entire lifecycle and is
illustrated in the Figure 7.22:
Figure 7.22: Key Management Lifecycle
Key generation
Key generation is concerned with how, when, and on what devices
cryptographic keys are generated and what algorithms are they using. It is
recommended that every key should be generated using well evaluated
Random Generator that is seeded with sufficient min-entropy. They can be
generated directly on the IoT devices or in any IoT centralized system.
Key establishment
Key establishment includes the act of two parties communicating with each
other. It involves the activity of either agreeing on a specific cryptographic
key or transporting a key from a sender to a receiver. These can be more
specifically referred to as the key agreement and the key transportation
process:
Key agreement: It includes the act of creating the shared key, which is
created by contributing the algorithms or procedures by the two parties.
It is generally practiced in conventional cryptography.
Key transportation: It is the act of transmitting cryptographic keys by
first encrypting it with the key encryption key (KEK) and then
transmitting it to the other party. KEK can be symmetric (AES) as well
as asymmetric (RSA).
Key derivation
The Key derivation function is a function in which a device or a software
generates cryptographic keys from other input keys and variables, including
passwords. It is frequently performed in secure communication protocols
such as TLS ad IPsec by deriving the actual session keys from an
established shared secret, transported random numbers, or any available
current key. A generalized illustration of key derivation is presented in
Figure 7.23:
Figure 7.23: Generalized illustration of Key derivation

Cryptographic Keys derived using unique passwords are known as
Password based key derivation (PBKDF) and is shown in Figure 7.24:
Figure 7.24: Illustration of Password-based Key derivation

Key storage
Key storage refers to how securely the keys are stored and in which type of
device (s). Keys can be securely stored by encrypting a key database or the
types of key stores. In enterprise, key stores are encrypted using Hardware
Security Module (HSM), which are itself cryptographic modules and are
provided with extensive physical and logical security protection, thus are
difficult to hack. For instance, HSM possesses a tamper-responsive
enclosure, and so if it is tampered, then the HSM will automatically wipe all
sensitive security parameters, and cryptographic keys.
Key escrow
Key escrow means storage of keys and its related sensitive information in
some remote location as a backup. So if the key gets lost during decryption,
then entities can opt for the backup cryptographic keys from the offsite
location. Though escrow provides the availability of a key whenever
required, but the risk associated with key escrow is that it increases the
attack surface. A compromised, escrowed key is just as threatening as
compromising of the original key.
Key lifetime
Key lifetime states how long a key should be used before being destroyed.
Basically, asymmetric keys are used for longer periods of time until and
unless new fresh key is required. While symmetric keys have shorter key
lifetime. On key expiration, the following ways are opted for providing
keys:
Keys can be securely embedded in new software or firmware.
Keys can be transported by a central key management server or host.
Keys can be generated by the device.
Keys can be mutually derived by the device by using another entity. This
can be done using Diffe-Hellman (section 7.6.2) and Elliptic Curve
Cryptography (section 7.6.3).
Keys can be manually entered into a device.
Key zeroization
Key zeroization is the secure elimination of cryptographic keys from the
memory. Many cryptographic libraries are designed in such a way that they
provide zeroization routines to wipe off the keys from runtime memory as
well as from long-term static storage. Secure zeroization does not just refer
to the removal of a pointer from the key but it states the overwriting of the
memory location either with zeros or with randomly generated data.
Multiple overwrites ensure that the key and its related data are irretrievable
from memory attacks like freezing memory†.
Accounting and management
Accounting and management functions are required where the
identification, tracking, and accounting of key generation, key distribution,
and key destruction is needed. This phase of key-management cycle is
important because it refers to the maintenance of balance between security
and performance. For example, in case of key lifetime, the shorter key
lifetime has shorter impact of a compromise as less attack surface is
available. However, a shorter lifetime increases the relative overhead of
generating, establishing, distributing, and accounting of the key materials.
Therefore, the use of public key cryptography is preferred for forwarding
secrecy of data, as they have higher life time but in case of zeroization, they
have the ability to establish a new and fresh set of keys.
It is the responsibility of cryptographic-enabled IoT device manufacturers to carefully

design and document the key management process, procedure, and system.
7.6.2 Diffe-Hellman key exchange

Key-lifetime is one of the important acts in the lifecycle of key management. As
soon as the lifetime of the key expires, there is a need to establish new keys or
mutually derive any key from another entity. The derivation of a key is supposed
to be safe and secure, if they are established and exchanged between mutual
parties without being transmitted over public channel. This is known as Perfect
Forward Secrecy (PFS). This PFS is obtained by using the Diffe-Hellman Key-
Exchange Algorithm. The algorithm is limited to the exchange of secret values
without being transmitted over the network and uses public-key cryptography for
exchanging values. However, in actuality, it is not an encryption algorithm and is
rather used to enable two users to securely exchange a key that will then be used
for subsequent encryption of messages.
In true sense, it is a method of digital encryption that uses numbers raised to the
power to produce decryption keys on the basis of components that are never
directly transmitted; making the task difficult for the intruder. The step-by-step
illustration of the algorithm is given as follows:
Algorithm
Diffe-Hellman algorithm consists of the following steps:
1. Selection of global public elements
a. Consider a prime number ‘q’.
b. Select ‘α’, such that ‘α’ is the primitive root of ‘q’ and . There can be
more than one primitive of ‘q’. So, it is up to the user to choose any
value as the primitive in algorithm.
‘α’ is the primitive root of ‘q’ if the number α mod q, α2 mod q, α3 mod q……… αq-1
mod q , is distinct and consist of integers from 1 to q-1 in some permutation.
For example:
if α = 3 and q = 7, then 3 is said to be primitive root of 7 because
31 mod 7 = 3, 32 mod 7 = 2, 33 mod 7 = 6, 34 mod 7 = 4, 35 mod 7 = 5, 36 mod 7 = 1
And the result obtained is integers from 1 to 6 in varying permutation.
2. Key generation of user A

a. Select any random number as the private key of user A and let’s
denote it as XA such that XA < q.
b. Calculate the public key of ‘A’ denoted as YA and using formula
3. Key generation of user B

a. Select any random number as the private key of user B and let’s
denote it as XB such that XB < q.
b. Calculate the public key of ‘B’ denoted as YB and using formula
4. Calculation of the secret key ‘KA’ by user A

User A will evaluate the secret key using its own private key and the user
B’s public key, since the public key is available to all.
a. The formula used is
5. Calculation of the secret key ‘KB’ by user B
User B will evaluate the secret key by using its own private key and the
user A’s public key, since the public key is available to all.
a. The formula used is
6. Verification of the secret key
The secret key obtained by both users A & B will be the same. So, since
, so we say that the key is exchanged between two users without
being transmitted via the communication channel.
The understanding of the algorithm is presented with help of the following
example:
Example:
1. Selection of global public elements ‘q’ & ‘p’
Let’s consider q = 7 (prime) and α = 5
It’s a reader’s task to verify , whether 5 is primitive of 7 or not.

a. Let’s assume XA = 3.
b. Calculate the private key

a. Let’s assume XB = 4.
b. Calculate the private key

4. Calculation of the secret key ‘KA’ by user A
a. Calculation of the secret key by A using
5. Calculation of the secret key ‘KB’ by user B
a. Calculation of the secret key by user B using

1.
Since the secret key obtained by both users A & B are the same, thus we
can say that the key value = 1 is exchanged between the two users without
being actually transmitted.
7.6.3 Elliptic Curve Cryptography

As discussed earlier, Diffe-Hellman is useful only in exchanging the key values
without being transmitted. It is not applicable for encryption algorithms.
Moreover, the most popularly used encryption algorithm, RSA, was found to be
inefficient since it used a key of very large size. So, to provide a method that can
securely exchange keys as well as provide efficient encryption algorithm with
similar security, an Elliptic Curve Cryptography (ECC) is developed. The
principal attraction of ECC, when compared with the RSA (which is considered to
be the most efficient technique) is that it provides equal security with smaller key
size, thereby reducing the processing overhead. This can be demonstrated with the
help of the Table 7.1, where the key comparison is done with same security
measurement:
ECC based Scheme RSA/DSA based Scheme
112 512
160 1024
224 2048
256 3072
384 7680
512 15360
Table 7.1: Comparable Key Sizes in Terms of Computational Effort for

Cryptanalysis
Background explanation of ECC

ECC makes use of elliptic curves and is defined by a cubical mathematical
function of the form where ‘a’ & ‘b’ are constant. When
this equation is plotted on a graph, it gives a curve which is symmetric about X
axis (y = 0) and is represented in Figure 7.25.
Another property of this curve is that whenever we draw a line, it will touch
maximum of three points only. As shown in Figure 7.25, the line is cutting points
P, Q, and R only. Besides the curve is an infinite curve; but for simplicity we have
limited this curve at ‘x = n’ and is shown by dotted vertical line. The algorithm
based on this elliptic curve is given as follows:
Figure 7.25: ECC Curve
ECC algorithm for key-exchange

The ECC key-exchange consists of the following steps:
1. Defining global public elements
a. Let’s consider to be an elliptic curve with parameters ‘a’,
‘b’, & ‘q’. Where ‘a’ & ‘b’ are constant and ‘q’ is a prime number or
an integer of the form 2m.
b. Let’s consider the equation , where ‘Q’ & ‘P’ are points on
curve and k < n (limit).
Here, the equation is regarded as Trapdoor function†, which
means if ‘k’ and ‘P’ are given, then it will be very easy to compute
value of ‘Q’ but if we know value of ‘Q’ and ‘P’, then it will be
extremely difficult to find ‘k’. This is called the discreet logarithmic
problem for elliptic curves.
c. Let’s consider point ‘G’; it is point on the curve whose order is greater
than ‘n’.
a. Select a random value nA as the private key, such that nA < n.
b. Calculate the public key PA using

a. Select a random value nB as the private key, such that nB < n.
b. Calculate the public key PB using
4. Computation of the secret key by user A

a. Use the equation
5. Computation of the secret key by user B
a. Use the equation
The secret key obtained by both users A & B will be the same. So, since
, we can say that the key is exchanged between two users without
being transmitted via the communication channel.
ECC Algorithm for encryption and decryption

Since ECC is also used in public-key cryptosystem, the clarification of its
encryption and decryption is presented below:
Encryption
Encryption in ECC is performed by first encoding the plaintext message ‘m’ into a
point on elliptic curve that in x-y plane denoted as Pm. Now, this point Pm will be
encrypted into a cipher-text.
There are several approaches of encoding of message ‘m’ into a point on curve. Readers
are advised to refer [4] for the straightforward approach.
The cipher text for the encoded point will also be a point on curve and is
represented as follows:
where ‘k’ is a random positive integer chosen by A, ‘G’ is the global element (as
discussed earlier), is the encoded plain text and is the public key of B. This
Cipher point will be transmitted to the receiver end.
Decryption
As soon as the receiver receives , he decrypts the
ciphertext using the following steps:
1. Multiply the first coordinate of the cipher point by receiver’s private
key that is, .
2. Subtract the obtained equation (step a) from the second coordinate of the
that is,
3. But since we know from the key-exchange of ECC that , so
substitute in the above Step b.
4.
5. From this, we can deduce that after decryption, the same plaintext point
is received by the receiver, which when decoded will get the original plain
text message ‘m’.
7.6.4 Public Key Infrastructure

So far, we discussed various methods of cryptographic systems, still the
management, storage and distribution of these methods along with security
communication between the server and client is left behind. To cover these
aspects, a framework of Public Key Infrastructure is designed.
Public Key Infrastructure (PKI) is a standard and a set of hardware, software,
people, policies, and procedures that are needed to create, manage, store,
distribute, and revoke digital certificates based on asymmetric cryptography. The
principal objective of PKI is to enable secure, convenient, and efficient acquisition
of public keys. The infrastructure includes all security services such as message
digest for maintaining integrity, digital-signature for authentication, and non-
repudiation and encryption services for maintaining the confidentiality. The
Public Key Infrastructure X.509 (PKIX) model is the most widely used PKI
that is suitable for deploying a certificate-based architecture on Internet.
PKIX Model
The PKIX model is illustrated in Figure 7.26 and includes the following elements:
End Entity: End entities are the users, devices (servers or routers) or any
other entity that consumes or support PKI-related services.
Certification Authority (CA): CA is the issuer of certificates and
Certificate Revocation Lists (CRLs). The CA supports all types of
administrative services and assigns work Registration Authorities.
Registration Authority (RA): The main function of RA is to perform the
registration of end-entity and is usually used to assist CA.
CRL issuer: It is an optional element that CA uses to publish CRLs.
Repository: It is a storage that stores certificates and CRLs so that they can
be retrieved as and when required by end-entities.
Figure 7.26: PKIX Model
PKIX Management function

PKIX includes the following functions:
Registration: It is the process through which the user makes itself known
to CA either directly or through RA. It is a process of enrolling the end
entity in a PKI after which a certificate is issued by CA. The entity is issued
with one or more shared secret keys that will be used in future for
authentication.
Initialization: Before the actual operation of client, the key materials and
its related information is installed in the client system. They are initialized
and are made aware of the public key and other assured information of the
trusted CA.
Certification: In this process, CA issues a certificate for a user’s public key
and returns that certificate to the user’s client system and posts that
certificate in a repository.
Key-pair Recovery: Key pairs are used to support creation and verification
of digital signatures, encryption, and decryption, or both. Key-pair recovery
allows end entities to restore their encryption/decryption key pair from an
authorized key backup facility.
Key-pair Update: This function updates the key regularly or replaces it
with new key-pair and then issues a new certificate. Updating is done when
certificate lifetime expires or certificates are revoked.
Revocation Request: In case of any abnormality like compromise private
keys, name change or change in affiliation, an authorized person advises
CA to revoke the certificate.
Cross Certification: It is a certificate issued by one CA to another CA that
contains a CA signature key used for issuing certificates.
7.7. Examining cryptographic controls for IoT protocols

Cryptographic controls are a set of security practices that are used to ensure
proper and effective use of cryptography to protect all kinds of information.
Devices used in IoT network are resource-constrained and have limited power and
memory. Thus, are vulnerable to attacks. Therefore, to secure its end-to-end and
point-to-point communications, it is mandatory to include cryptographic controls
into various IoT protocols, since protocols are the means of communication and
message transmission. Concerning this, the sections examine cryptographic
controls in IoT protocols.
7.7.1. Cryptographic controls built into IoT communication

protocols
One of the primary challenges for IoT device developers is to layer security across
IoT protocols with optimal cost. Generally, IoT communication protocols provide
a layer of authentication and encryption at the link layer. Communication
protocols like ZigBee, ZWave, and BLE have the facility of including protections
such as authentication, data integrity, and confidentiality. Above these
communication protocols, there are some IoT data-centric protocols like REST,
MQTT, and CoAP. All these protocols are publish/subscribe protocols that include
access control facility to the topics that are published by IoT resources. Besides,
these protocols ensure that attackers cannot publish unauthorized information on
any particular topic. This is done by applying unique keys to each topic that is
published. Some of the communication protocols are explained as follows:
ZigBee
ZigBee takes advantage of IEEE 802.15.4 MAC layer security services. The IEEE
802.15.4 MAC layer supports the AES algorithm with 128-bit key for both
encryption/decryption and data integrity. ZigBee devices can avail multiple
security options as stated in Table 7.2:
ZigBee Security Description

configuration
AES-CBC-MAC-32 Data authentication using a 32-bit MAC; no encryption

AES-CTR Data is encrypted using AES-CTR with 128-bit key; no
authentication
AES-CCM-32 Data is encrypted and data authentication using 32-bit
MAC
MAC
MAC
Table 7.2: Security options available in ZigBee protocol
In addition, with IEEE 802.15.4 MAC security, ZigBee is supported with
additional security features which relies on three different types of keys:
Master keys: They are pre-installed by the vendor and are used to protect a
key exchange transaction between two ZigBee nodes.
Link keys: They are unique keys per nodes and allow secure node-to-node
communications.
Network keys: These keys are shared across all ZigBee nodes in a network
and are provisioned by the ZigBee trust center which support broadcast
communications. These keys are then transmitted in an encrypted APS
transport command from the trust center.
Any ZigBee node can obtain these keys in either of the ways:
Nodes can be pre-installed with keys.
Nodes can have keys by transporting them from ZigBee Trust Center.
Nodes can establish keys using Symmetric Key Establishment (SKKE)
and Certificate-Based Key Establishment (CBKE). It is based on Elliptic
Curve Qu-Vanstone implicit certificate, which is much smaller than X.509
certificate.
Bluetooth-LE
Bluetooth-LE or BLE comprises a number of modes that provides options for
authentication and un-authentication pairing, data integrity protections, as well as
link encryption. BLE supports the following security concepts:
Pairing: BLE devices are able to create more than one secret keys.
Bonding: It is the act of forming trusted device pair by storing keys created
during pairing for subsequent connections.
Device Authentication: It is the verification of paired devices having
trusted keys.
Encryption: It is the conversion of the plaintext message into the ciphertext
message.
Message Integrity: It is the act of protecting data against tampering.
BLE device association or bonding
BLE includes four different types of bonding options:
Numeric Comparison: In this type of BLE model, the user is shown a 6-
digit number and it bonds with it by entering YES if the number is the same
on both devices.
Just Works: It is designed for devices that do not include a display and is
the same as the numeric comparison without showing a number.
Out of band: This model combines with Near Field Communication (NFC)
to bond with secure pairing. Here, the NFC protocol is used to exchange the
device Bluetooth address and cryptographic information.
Passkey Entry: This model uses a six-character passkey to be entered on
one device and displayed on another for confirmation.
Keys used in Bluetooth for providing security services
BLE use the following keys for providing security services:
Temporary Key (TK): TK can be of different lengths and is used as an
input to the cipher-based derivation of the short-term key.
Short-term Key (STK): It is used for secure distribution of key material
and is based on the TK, which sets a random value provided by each device
that participates in Bluetooth paring process.
Long-term Key (LTK): It is a 128-bit key employed for link-layer
encryption.
Connection signature resolving key (CSRK): This key is used for signing
data at the ATT layer (Attribute Protocol Layer).
Identity resolving key (IRK): It is used to generate a private address based
on the device public address. It helps in device identity and privacy
protection.
Near Field Communication

The NFC protocol provides endpoint authentication but it is not suitable for
cryptographic protection. It supports short-range communication and is used to
establish out-of-band pairing for other protocols such as Bluetooth.
7.7.2 Cryptographic controls built into IoT messaging protocols

Messaging protocols are a structured way for applications, where information is
exchanged in a structured manner. To protect the exchange of messages, it is
necessary to include a set of rules and policies in the form of the cryptographic
control in IoT messaging protocols. This section includes the cryptographic
controls on IoT messaging protocols. It includes the following messaging
headings:
MQTT
MQTT is generally used for sending the username and password. To
prevent attacks such as MITM on the password, TLS is employed. An end-
to-end TLS connectivity is used along with certificates for mutual
authentication.
CoAP
CoAP is used to support various authentication options for device-to-device
communication. It is paired with Datagram TLS (D-TLS) for higher-level
confidentiality and authentication services. Various security modes defined
by CoAP are as follows:
PreSharedKey: These are group-keys and are used for nodal
communication, where DTLS is enabled.
RawPublicKey: In this security mode also DTLS is enabled and an
asymmetric key-pair is used without a certificate that is validated using
out-of-band mechanism. The device includes an identity derived from
the public key.
Certificate: DTLS is enabled and the device has an asymmetric key-pair
with an X.509 certificate that binds it to its subject and is signed by some
common trust root.
DDS
Data Distribution Standard (DDS) security provides endpoint
authentication and key establishment to enable message data origin
authentication. It supports digital certificates and various identity or
authorization tokens.
REST
HTTP/REST requires the support of the TLS protocol for authentication
and confidentiality services. A token-based authentication approach such as
OpenID over OAuth 2 is used to provide security controls [1] [2].
7.8 Transport encryption
In Section 7.2, 7.4, and 7.6, we studied about TLS and SSL cryptographic
protocols that provide communication security over network. Both these protocols
come under transport encryption which inculcates Transport Layer Security
(TLS), certificates, and identity verification.
In this section, we will elaborate on these communication protocols with their
encryption methods. Transport encryption methods include the following:
7.8.1 Transport Layer Security

Transport Layer Security (TLS) is a standard protocol that provides
authentication, privacy, and data integrity between two the communicating parties
over the internet. It ensures that no third party eavesdrop or tamper with any
communicating message, which can be any sensitive information like password,
card number, and so on. or can be any normal information.
TLS provides an excellent solution for encryption but the very process which
makes it secure, is the handshake. Handshake requires high bandwidth, thus
implementing TLS in IoT devices is bit difficult but still some IoT devices with
sufficient energy and power use this method of encryption such as a smart meter,
which uses a means of gateway as third party to encrypt and forward the
transmission to the server.
In TLS communication, a connection between a user and a server is established as
shown in Figure 7.27. The TLS handshaking includes the following steps:
1. The user or client request the server.
2. After receiving the request, the server sends its certificate to the user.
3. The user then ensures that the HTTP server’s identity is correct by
encrypting a “premaster secret key”. If the server can decrypt it correctly,
then the user knows that the server has the private key matching the public
key in the HTTP server’s certificate.
4. Finally, both the user and the server send a final finish message to verify
that the other side is using the same session key.
Figure 7.27: Handshaking in TLS
7.8.2 Secure Sockets Layer

Secure Socket Layer (SSL) is a secure mode of communication between the
client and the server. Communication is done by means of SSL certificates that
ensure security, identity, and integrity of IoT devices. These certificates are
publicly-trusted certificates. The SSL protocol uses asymmetric encryption to
secure data that is shared between two devices on the network. Security in IoT;
with the use of SSL can be improved in the following ways:
1. Since the SSL certificate is a publicly trusted certificate, it can be used in
IoT devices as a means to connect users to it (via their smartphone). Users
will not have to go through any security warning or they do not need to add
any exception on their devices.
2. Contrarily, an IoT device can also request a client SSL certificate from a
user’s device to perform particular task. For example, we can refer to smart
locks, where the SSL certificate from the user’s phone is needed to unlock
a door.
3. The SSL protocol states that after the exchange of SSL certificates, the
connection between communicating IoT devices is encrypted. This
prevents the interception of passwords and other critical information.
In the coming days, it is expected that all IoT devices will use SSL as a means of
communication protection. Thus, there is a need to know the establishment of SSL
connection, which involves the following four basic steps (Figure 7.28):
1. User (client) secure connection request
2. Server response to secure request
3. User (client) response
4. Secure channel setup
Figure 7.28: Handshaking in SSL
7.8.3 HTTPS
The Hypertext Transfer Protocol Secure (HTTPS) is used to secure
communication over the Internet. IoT manufacturers often use the local web pages
as front-ends for IoT devices. These web pages use HTTPS protocol as a means of
communication. It prevents communication sniffing (means, it maintains privacy),
prevents data manipulation (means, it maintains integrity), and offers verification
of the peer or server (means, it maintains authentication). All of this means that,
even if our router is compromised, our bank account login details are safe.
Diagrammatically, HTTPS protocol works as shown in Figure 7.29. It uses bi-
direction encryption and is able to protect against attacks such as MITM,
eavesdropping, tampering, and forging:
Figure 7.29: The HTTPS Protocol
Conclusion
The chapter extends the foundation of cryptography with message integrity and
authentication. Important points from the chapter are as follows:
Integrity of data is attained by the Hash function. MD5 and SHA are the
most popular hash functions.
Hashing includes the concept of the Merkle Tree, where the data and its
hash values are represented in a tree format. It is useful in detecting the
tampered or spoofed data in optimal time.
Message Authentication is attained by using Message Authentication Code
or MAC code.
Authenticated Encryption is another technique that ensures confidentiality
and authentication of data.
A digital signature is an asymmetric form of attaining authentication of IoT
node within the network.
Keys are the most important elements of cryptology. Therefore,
management of key within the network is the most vital job. This includes
key generation, establishment, derivation, storage, usage, escrow, and
destruction.
The manual designing of cryptographic tools for each application are not
enough to ensure security. Therefore, security measures are inbuilt in
various IoT communication and messaging protocols. Like ZigBee, BLE,
MQTT, CoAP and so on., have various security options, which can be
switched ON or OFF as per the requirements.
7.9 Questionnaire

1. Which one of the following is a cryptographic protocol used to secure
HTTP connection?
a. stream control transmission protocol (SCTP)
b. transport layer security (TLS)
c. explicit congestion notification (ECN)
d. resource reservation protocol

2. Cryptographic hash function takes an arbitrary block of data and
returns:
a. fixed size bit string
b. variable size bit string
c. both fixed size bit string and variable size bit string
d. variable sized byte string

3. PRNG stands for:
a. Personal Random Number Generation
b. Pseudo Random Number Generation

c. Primitive Number Generators
d. Private Number Generators

4. Hash Trees are also known as:
a. Binary tree
b. Rooted tree
c. Merkle tree
d. Full tree
5. Which one of the following is not a public key distribution means?
a. Public-Key Certificates
b. Hashing Certificates
c. Publicly available directories
d. Public-Key authority
Answer key
1. (b) 2. (a) 3. (b) 4. (c) 5. (b)

1. Explain the difference between Hashing and Encryption algorithms.
2. What are the differences between MD5, SHA, and RSA?
3. What is a Merkle tree and its importance in cryptography?
4. What is the Secure Hash Algorithm (sha And Sha-1)?
5. What is Digital Signature Algorithm?

1. What is the Public Key Infrastructure (PKI)? What are its components?
Keywords (†)
Trapdoor function: It is a one-way function, with which it is easy to
compute in one direction, yet difficult to compute in opposite (inverse)
direction, without special information called the trapdoor value. This means
that the inverse can be computed if we know the trapdoor value; otherwise,
it is not possible.
Freezing Memory: In this attack, attackers spray liquid like liquid nitrogen,
onto the RAM module, so as to freeze it immediately. As the temperature
lowers, the RAM is able to hold the information for longer duration. After
freezing, they perform the cold boot attack by hard resetting the target
machine and copying the maximum data.
References
[1] “REST.” http://www.oauthsecurity.com.

[2] “REST.” https://www.sans.org/reading-room/whitepapers/application/attacks-
oauth-secure-oauth-implementation-33644.
[3] E. Barker, “Recommendation for the Entropy Sources Used for Random Bit
Generation,” Nist Sp800-90B, no. August, 2012.
[4] B. Padma, D. Chandravathi, and P. P. Roja, “Encoding And Decoding of a
Message in the Implementation of Elliptic Curve Cryptography using
Koblitz’s Method,” Int. J. Comput. Sci. Eng., vol. 02, no. 05, pp. 1904–1907,
2010.

Message integrity and message authentication techniques
Signature algorithms
Cryptographic key management and controls for IoT protocols
Concept of transport encryption

CHAPTER 8
Privacy Preservation for the Internet of Things
The Internet of Things (IoT) incorporates billions of interconnected

devices such as sensors, cameras, displays, smartphones, and so on.
Together with the interconnection, IoT harnesses their data and
functionality, to provide smart services and products to our society. Just like
other web-based information systems, IoT also deals with a plethora of
cyber security and privacy threats. It is being observed that the disclosure of
sensitive information or impairment of privacy creates opportunities for
criminal activities and may result in serious injuries or even death.
Therefore, it is necessary to provide solutions for the preservation of
privacy-sensitive data in IoT development. With this perspective, this
chapter addresses data privacy issues. It explores the existing solutions and
presents new ones for preserving data privacy within the IoT network.
Besides, for better understanding, an example of a smart building is
explored and surveyed with various approaches to preserving privacy.
Structure
Understanding of privacy preservation and their threats
Existing solutions and their drawbacks in the Internet of Things
Privacy preservation approaches and their benefits in IoT network
Privacy preservation in smart buildings
8.1. Privacy preservation

The expansion of various Internet of Things (IoT) devices has led to a
number of innovative applications including smart homes, buildings,
agriculture, defense, healthcare and much more. The employment of these
IoT devices has brought forth a lot of advantages in terms of efficiency,
convenience, and cost. However, their extensive usage has also given rise to
several privacy concerns regarding the users and their activities in these
applications. For instance, in smart homes-the leakage of information, can
inform intruders about the usage, habit and preferences of the
users/homeowners. The intruders can then exploit this information with the
intention of trolling or extortion. Similarly, a sensor-enabled defense
system, if not preserved from privacy issues, can leak the internal and
confidential details of the organization or government. In healthcare,
privacy concerns are mostly about the user’s health detail, if health reports
are obtained by the burglar; then he can exploit them to any extent- from
rendering slight pain to even taking away the victim’s life. Besides these
applications, sensor enabled IoT networks create vast quantities of
information that are left unattended, with occasional human visits, and are
vulnerable to a variety of network dynamics and attacks including node
capture, node failure, node compromise, packet injection, jamming and
many more. As a consequence, an adversary can breach data privacy by
acquiring sensitive data stored in the network through compromising nodes
and may further affect the data availability by permanently removing data
by disabling the network nodes. Thus, the protection of this sensitive
information is important and should be treated with great caution.
Protection and conservation of sensitive information against burglars or
intruders are termed Privacy Preservation. Though there are many
definitions of privacy, the most basic and simple definition can be
considered as “the authorized, fair and legitimate processing of personal
information”. Authorized processing states that only the particular person is
authenticated to process the required information. Fair and legitimate
criteria state that the information is processed using laws, regulations, and
enterprise privacy policies. Interference or damage in any of these cases
results in the vandalizing of privacy. To preserve the tinkering of privacy,
the following privacy requirements are required to be reviewed by IoT
developers throughout their system development life cycle:
Purpose: Personal information should not be collected or used for
purposes that are materially different from the original purpose for
which said data is primarily used.
Notice: The system creator, developers, and owners should explain to
users how their personal data will be collected, used, protected,
retained, or processed before any processing occurs.
Choice/Consent: The collected data should be used and processed
only with the consent of the users.
Transfer: Any personal data cannot be transferred to a third party
without the permission of the users.
Security: The collected personal information should ensure security
in terms of authorized assessment.
Retention: Any personal data should be retained only for as long as it
is required.
8.2. Classification of privacy threats in IoT

Sensor-enabled IoT applications and networks are designed to enhance user
comfort, to provide better access control, as well as security and efficient
service management. Together with these enhancing features, sensor
networks are also subjected to privacy threats. Broadly classified, privacy
threats are categorized into content-oriented privacy threats and contextual-
oriented privacy threats.
8.2.1. Content-oriented privacy threats

Content-oriented threats are issues that arise due to the ability of the
adversary to observe and manipulate the content of packets that are being
sent over the sensor network. These packets can be either actual data that is
sensed such as heart rate in healthcare, temperature in room etc. or can be
any sensitive control information such as credit card pin, account number,
etc. Content-oriented privacy not only includes the protection of fixed
content but also includes the preservation of data during data aggregation
and data querying.
Data Aggregation Threat: Privacy is generally at threat during the
data aggregation process. In data aggregation, different data from
various data sources are aggregated and operated as sum, average,
maximum, and minimum to provide useful information that is
durable and efficient to sensor networks.
Data Querying Threat: In a data-driven query process, the user
queries the network or nodes for satisfying sets of conditions to
ensure that data is intact and confidential. In this threat, users are
afraid that their query (which can be personal) is kept private or not.
8.2.2. Contextual-oriented privacy threats

Contextual-oriented privacy threats are issues that are associated with
sensor communication. These issues are concerned with protecting the
context associated with the measurement; like size and number of messages
being transmitted, the time and rate at which messages are being sent, the
source and destination of transmission, and the frequency spectrum used for
the transmission of sensed data. For example, the location of the message
sender, in the case when the sender monitors the valuable and critical assets.
Context-oriented privacy threat includes:
Identity Privacy Threat: In this threat, the persistent identifier aims
to ensure the services offered from initiation to completion without
revealing the identity and location of the user.
Privacy Policy and Access Control Threat: In this threat, the
disclosure of policies and procedures containing user’s rights, access
to information, amendment of data and breach notifications, are
protected from external and internal threats.
Location-Based Privacy Threat: In this threat, the location of an
IoT user is protected from being exposed as it reveals the living
habits of the user. For instance, a person suffering from dementia
(loss of memory) disease, would never wish their privacy to be
breached by any third party.
8.3. Privacy preservation techniques

Privacy is not any autonomous measure but is divided into the Respondent
Privacy, Data Owner Privacy, and User Privacy. Respondent privacy is a
privacy of the person to whom the records correspond, Data Owner
privacy is the privacy of the information owned by a corporation or any
person, and the User privacy is the privacy of the records that each
individual creates as part of everyday data trail of their activities. Various
approaches can be employed to assure privacy under different conditions as
shown in Table 8.1:
Privacy Privacy Method Description

Dimension
Statistical Modification of the data by recording

Respondent
Disclosure variables or by perturbing (damaging) the
Privacy
Control (SDC) data by changing sensitive values.
Record Pseudonymize the most identifying fields in
Pseudonymization order to maintain the anonymity of the
respondent and retain structure in the
database.
Data Privacy PPDM preserves data privacy for the owner
Owner Preserving Data while maintaining the utility of data for the
Privacy Mining (PPDM) production of information and insight that is
of general use.
Private PIR mechanisms allow a user to retrieve
User
Information information from a database while
Privacy
Retrieval (PIR) maintaining the privacy of the queries from
the database.
Database Roles Configuring the database to ensure that
individuals can access their own records and
data administrators cannot easily access
sensitive information.
Table 8.1: Privacy preservation approaches
However, the presence of three privacy dimensions makes the applicability
of the correct privacy control; difficult, as it cannot define the boundaries of
acceptable data disclosure such as in healthcare where both respondent and
data owner privacy are needed for hiding the records from unwanted
disclosure. Therefore, a cross-context privacy control is used where more
than one privacy dimensions can be applied, while transmitting the sensitive
data. Table 8.2 illustrates the context privacy controls:
Protection Method Drawbacks

Level
Highest Cryptography Key matching; Processing overhead; Key

(Symmetric or management
asymmetric)
Moderate Anonymization Not applicable to all data sets; re-
identification risk; need to know data shape
Pseudonymization Pseudonym service needed; quality
assurance; user management
Lowest Masking or Key Matching; reusability in large/ complex
Dynamic Data sets
Masking
Table 8.2: Privacy control level
8.3.1. Cryptographic techniques

In cryptographic techniques, the data is encrypted with the help of a key
before being transmitted to the other end (various cryptographic techniques
have been discussed in Chapter 6, Crypto Foundation I and Chapter 7,
Crypto Foundation II). Cryptographic techniques, though provide a strong
level of protection, are highly difficult to apply in IoT devices and networks
due to their complexity, and power-hungry behavior. Moreover,
cryptography-based strategies are based on robust key management
schemes, which impose the extra storage costs and complicates the network
deployment and operation system. Thus, it can be concluded that
cryptographic schemes are inadequate in privacy preservation.
8.3.2. Anonymization techniques

Several privacy preservation techniques have been developed and
maximum of them are based on anonymization of data. Anonymization
defines the removal of identifying information so that the original source is
not known. Some of the anonymization-based privacy preservation schemes
are as follows:
K-anonymity
In K-anonymity technique, the privacy of data is preserved by modifying
(or anonymizing) data before it is being transmitted, so that the
identification of data becomes difficult. This technique will lead to K-
indistinguishable records; if an attempt is made to steal data by mapping the
anonymized data with external data sources. Although it provides security,
this technique is still prone to two attacks named homogeneity attack and
background knowledge attack. These attacks are illustrated with the help
of following examples:
Let us consider a patient’s data as shown in Table 8.3. This is the original
data without any modification. Let the value of ‘k= 3’, and the algorithm is
applied to two attributes viz Zip and age. This means that there will be 3
indistinguishable records whose ‘zip’ and ‘age’ will be anonymized; out of
which, an attempt will be made to identify a particular person’s data as
shown in the following table:
S. No Zip Age Disease
1 57677 29 Cardiac Problem
4 57905 43 Skin Allergy
6 57906 47 Cancer
8 57673 36 Cancer
9 57607 32 Cancer
Table 8.3: Patient data before anonymization

After anonymization on ‘Zip’ and ‘age’, the Table 8.4 is formed. Suppose if
an attacker knows that Joe is 27 years old and lives in 57677 zip codes, then
from Table 8.4, which is been transmitted or circulated, he can conclude
that Joe has a cardiac problem even after applying the anonymization
algorithm. This attack is known as Homogeneity attack, i.e., similar data
can be easily identified even after preservation technique is applied.
For instance, Joe is 36-year-old and it is known that Joe does not have
cancer. Then, from Table 8.4, it is again known that Joe is having a cardiac
problem. This is called a background knowledge attack.
Thus, from the above examples, it can be said that privacy threat, i.e.,
identity disclosure cannot be guaranteed by K-anonymity technique:
1 576** 2* Cardiac Problem
4 5790* >40 Skin Allergy
5 5790* >40 Cardiac Problem
6 5790* >40 Cancer
7 5790* 3* Cardiac Problem
8 576** 3* Cancer
9 576** 3* Cancer
Table 8.4: After applying anonymization on zip and age
L diversity
To address the homogeneity attack, a new technique known as L-diversity
was proposed, where ‘L’ represents the values for the sensitive attributes
(here salary) in each equivalent classes. For instance, in Table 8.5, if the
algorithm is applied to the salary attribute; meaning salary is kept
confidential and value of ‘L= 3’, there are three equivalence classes named
as “low salary”, “medium salary” and “High salary”.
Now, if the intruder knows that Joe is 27 years old and lives in zip code
576, then definitely his salary would be under the low-income group. This
is called a similarity attack as all three persons in 576 zips have low
salaries as compared to others in the table. Though L-diversity does not
provide the exact salary details, it is still prone to similarity attacks, where
the outlook of the sensitive information can be revealed:
S. No Zip Age Salary Disease
1 576** 2* 5k Cardiac Problem
4 5790* >40 20k Skin Allergy
5 5790* >40 22k Cardiac Problem
6 5790* >40 24k Cancer
Table 8.5: L-diversity privacy preservation technique
8.3.3. Dynamic data masking

Dynamic data masking limits the exposure of sensitive data by masking it
for non-privileged users. It prevents unauthorized access to sensitive data
by enabling customers to specify how much masking is needed, and how
sensitive the data is. For instance; in Figure 8.1, we can see that the first
seven digits of account numbers are masked, i.e., even if the data is
disclosed the complete account number would not be known to the intruder.
Though this technique is most popular, it has a very low protection level
because the intruder can easily judge the account number if he knows the
name of the branch and the year when account was opened. Moreover, this
technique cannot be applied in IoT networking as it is only preferred for
data privacy and cannot deal with data availability, which is also one of the
important aspects of communication:
Figure 8.1: Illustration of dynamic data masking
The best example of masking available nowadays is the masking of the e-

Aadhaar card. E-Aadhaar cards are linked to accounts and are needed every now
and then for identification. So instead of transmitting the original e-Aadhaar
copy, users are advised to send masked e-Aadhaar so that even if it gets into the
hand of any unwanted person; they cannot exploit it.
8.4. Futuristic approach of privacy preservation data

dissemination
The discussed privacy preservation schemes in Section 8.3, though provide
a certain level of privacy; are not efficient for Internet of Things (IoT)
networks and devices because IoT devices are resource constrained and
have low computational power. The schemes discussed in Section 8.3,
accounts for high storage, high computational power, and high energy
consumption. Moreover, the discussed schemes account only for data
privacy and are not suitable for data availability when the available nodes
are destroyed by attackers. For ensuring the data availability, the replication
of data in other available nodes is introduced. However, the replication
process introduces a risk of data privacy leakage and requirement of energy
efficiency complicates the solution.
To strike a balance among these three goals, i.e., data privacy, data
availability, and energy efficiency; in this section, a latest approach is
discussed that mitigates threats against data privacy and data availability
with minimum energy consumption. The discussed method exploits the
sensor location diversity of the sensor enabled IoT network and constructs
the Spatial Privacy Graph (SPG) to guide data dissemination. Data
dissemination is a distribution or transmission of statistical or any other
type of data to the end user.
8.4.1. Pre-requirements of the approach

In this section, the process of interacting with different modules and the
operations of these modules will be discussed. The objective of the
approach is to track the target (or attacker) in an IoT network. Initially, all
nodes within the network are considered as trusted nodes. All trusted nodes
collect messages by every sensor and then aim to derive the location
information of the target from the received messages.
Before proceeding towards the actual flow of implementation, the
background understanding of the approach is explored as follows:
Network model
The network model is illustrated in Figure 8.2 and it consists of three
different types of nodes. These are as sensor nodes, storage nodes, and
mobile sinks:
Figure 8.2: An illustration of the Network Model
a. Sensor nodes
Sensor nodes are responsible for continuously sensing the occurrence
of events from the surrounding and forwards the event messages to
storage nodes, whenever an event of interest is sensed. The following
are the point of assumptions that are taken under consideration:
Statistically, let a network consists of ‘ ’ static sensor nodes at
positions and let
They are identical nodes and have the same sensing range (rs) and
the same communication range (rc).
These nodes do not store data but always forward data to the
storage nodes.
Each sensor node is aware of the relative location of its neighbors.
Nodes are capable of sensing only coarse data. That is, they are
able to sense only whether or not the target has been detected (in
Boolean terms), and no other information about the target. Once
detected, the reported measurements are circled with radius ‘rs’.
Each sensor is equipped with a long-range proximity sensor that
detects target whenever is the
position of target at time ‘t’.
b. Storage nodes
Storage nodes are the nodes that have a large memory and huge
battery capacity. They are responsible for storing data before mobile
sinks offload the data. Storage nodes can be compromised by injecting
faulty packets. Thus, to prevent storage nodes from malicious usage;
the sterilizing of the data is done by filtering it.
Statistically, let us consider a network consists of ‘ ’ storage nodes at
positions and let
c. Mobile sink
Mobile sinks are used to offload the data present in the storage nodes.
They are very small in number and are equipped with tamper proof
hardware that are very difficult or nearly impossible to be
compromised by any adversary. Mobile sinks are reliable and
trustworthy.
Threat model
All possible types of threats that breach the data privacy and harm the data
availability are considered in this threat model. The following assumptions
are considered about the damage caused intentionally by adversaries or
unintentionally, i.e., automatically by network dynamics:
Sensor nodes and storage nodes are considered to be untrustworthy
and are subjected to be compromised, since they are left unattended
in the field.
It is assumed that an adversary can compromise only up to ‘g’ storage
nodes, sensor nodes or any of their combinations.
Initially, g = 1 and the first target of the adversary is the storage nodes
as they have higher payoff than sensor node.
Adversaries do not have any global view of the network, i.e., they are
unaware of the locations of sensor and storage nodes. Once
compromised, the adversary can obtain all the stored data including
secret key and sensed data.
Nodes can themselves be failed or jammed during the lifetime of the
network. This can be due to hardware issues which can result in
disturbance of communication channel, or incapability of sending and
receiving data or permanent data loss. In every case, the storage
nodes will not be available to mobile sink, thus resulting in the
breaching of data privacy and harming of data availability.
Resolution of uncertainty
Generally, preserving privacy guarantees that the data is observable only to
those who are supposed to access it. However, if we closely look at privacy;
it is perceived that privacy is linked to its resolution of uncertainty.
Resolution of uncertainty can be explained with the help of the following
Location privacy example: we generally do not wish to reveal the location
of ‘where we are’ to any third person. Now, the definition of ‘where we are’
determines the boundary of the tolerance level of privacy, which can be
different in several cases. Suppose, Joe wishes to reveal his location on the
granularity of the city but does not wish to reveal his current street address.
This means the tolerance level of privacy for Joe is limited to only the city
but for others it may vary to state or country or even house address;
depending upon their privacy resolution. Thus, from this example, we can
say that privacy should quantify the level of information uncertainty, i.e., its
resolution of uncertainty.
This can be similar for uncertainty in data availability, where it should be
ensured that the complete data should not be visible; and only the required
information about the target with acceptable levels of resolution should be
available. Here, the acceptable level of resolution states the uncertainty of
data availability.
a) Modeling the uncertainty

The concept of information states (I-States) is used to capture the
tolerance level of uncertainty for both privacy and availability of the
data. States define the instantaneous description of the target node (or
attacker) at any given time. In a target tracking system, the information
states can be referred to as the set of possible states that provide
consistent measurement, which are calculated from the content of the
messages received by the tracker. The tracker then computes its
information state, and uses it to choose its motions.
The advantage of using I-States is that no prior knowledge of the target is needed
except the content of the message.
Statistically, let us consider that the target tracker, consisting of a proximity

sensor has received ‘m’ messages before time , denoted as
, where is a circle known to
contain the true state, is the timestamp at which this information was
valid, is the timestamp at which the target position is measured, and is
the time of mth message.
Now, the target position is said to be consistent with those messages
if and only if there exists a
continuous trajectory within the defined IoT network (discussed in
network model), such that
. Here, is the target’s maximum speed. The
discussed definition is illustrated in Figure 8.3 and from this definition, we
will compute the Information state (I-States) of the discussed IoT network:
Figure 8.3: A target position is said to be consistent with a set of messages, if there
exists a starting target position and a feasible target trajectory that pass through each
message’s circle at the appropriate time reaching that target position
b) Computing the information state in the IoT network

As discussed earlier, information states are consistent target positions of
the messages prior to a certain timestamp. Considering this factor:
Let’s consider to be the I-state at time ‘t’, where the set of target
positions are consistent with the messages at timestamp prior to
time ’t’.
Let be the area of the I-state , which quantifies the
level of uncertainty. A larger value of defines that the
target is anywhere inside a larger area, which corresponds to a
higher level of uncertainty. This can be illustrated with the help
of the diagram as shown in Figure 8.4, let us assume at time ‘t =
0’ nodes A, B, and C generate three messages. Then, the I-state
associated with all three messages are the points at the
intersection of three circles centered at nodes A, B, and C,
respectively, and is the area of that intersecting region,
represented as a dark shaded region.
Figure 8.4: The area of the I-state
The computation of I-States is explained with the help of Figure 8.5. It
starts with the initial state within the defined network (Figure 8.5 (a)),
and is updated as the time passes or new messages are received:
If the time passes from t1 to t2 without receiving any messages, then
the information state at t2; ( ) is computed by performing a
Minkowski sum of with a ball of radius . This
will expand the region of I-State, reflecting the fact that the state may
have changed because of the previous messages, resulting in
(Figure 8.5 (b).
When a message (O, t) is received, the existing I-state is updated to
the subsequent by intersecting the current I-sate with O (Figure
8.5 (c)).
In geometry, the Minkowski sum of two sets of position vectors A and B in any
Euclidean space is obtained by adding each vector in A to each vector in B.
Mathematically, it is A + B = {a + b|a ε A , b ε B}
Example: Let A = {(1,0),(0,1),(0,-1)} and B = {(0,0) , (1,1), (1,-1)}, then
Minkowski sum A+B = { (1,0), (2,1),(2,-1),(0,1),(1,2),(1,0),(0,-1),(1,0),(1,-2)}
Figure 8.5: Computation of the I-state: (a) an initial information state; (b) expansion
to account for the passage of time, and intersection with received message disks; (c)
the resulting updated I-state
The description discussed earlier, when is applied to the defined network
model (Section 8.4.1), then for a network with storage nodes, each
storage node will calculate its I-state based on its received
messages. In addition, there also exist a “master I-state ’ which is
derived from all messages received across all storage nodes and
. Thus, there exist total I-
states within the network.
Generally, when no attack or any hardware failure occurs, the mobile sink
will be easily able to collect all the stored data at each storage node which is
. But incase if some storage nodes fail, then it will prevent the mobile
sink from obtaining , thus reducing the information available in
mobile sink. A similar situation will occur, if any adversary has breached
the network privacy and has compromised any one of the storage nodes
resulting into the acquisition of its I-state .
The objective of the FDD approach

The objective of this futuristic data dissemination approach is to let sensor
nodes decide to which storage nodes they should deliver their observation,
with well-maintained privacy (P), availability (A) and energy consumption
(‘E’; which should be small). Before the actual implementation of the
approach (Section 8.4.2), we should understand the evaluation of P, A and
E, which are as follows:
a) Privacy
Privacy can be defined as the quantity of information that is protected in
spite of being compromised. Let’s assume that the network is
compromised and the adversary is able to compromise one storage node
‘i’. Now, the privacy breach can be the ratio of area in which
adversary can access the area in , which is the knowledge of the
entire network. In light of this, privacy-level at time ‘t’ can be evaluated
as in the following equation 1:
(1)
Where, is the area of the entire network and

is the area of that storage node which when compromised; this provides the
minimum payoff among all the compromised storage nodes.
When P=0, it means that the privacy is not preserved and a single storage node
has access to the full knowledge of the network which can be also compromised.
When P = 1, means it is the “perfect” privacy, which is nearly impossible to
attain.
b) Availability
Availability can be defined across all possible nodes that are not
compromised. If a storage node fails, then the knowledge can be
reconstructed from the remaining storage nodes that is the
intersection of their I-States. Mathematically, availability can be defined
as the ratio of the entire knowledge of the network to the intersection of
all storage nodes that are not compromised and is represented as in
equation 2:
(2)
When A = 0, it means that the network has a single point of failure and all
messages are sent only to a single storage node.
When A = 1, it means that each message is sent to at least two distinct
storage nodes, this is the case of ‘perfect’ availability as no single failure
can result in data loss.
c) Energy Consumption
Let denote the amount of energy consumed by delivering a
message or generating a message per unit time by sensor node ‘i’. Let
‘N’ be the number of messages forwarded or generated by sensor node
‘i’ between ‘t=0’ to ‘t = T’. Then, the energy consumed by the whole
system or network is given as in equation 3:
(3)
8.4.2. Implementation of the privacy preservation data

dissemination approach
The objective of preserving privacy and availability is equivalent to finding
a color assignment function ‘C’ that maximizes the privacy and availability
of the network at minimum energy cost. Here, each storage node is labeled
with a unique color ID (similar to node ID) and the assigned colors are
mapped to each sensor which further indicates which sensor will deliver its
data to which storage node. It is defined as mapping function
, where is the power set of .
SPG-based data dissemination

The color assignment function for privacy preservation data dissemination
is discussed using Spatial Privacy Graph (SPG).
a) Spatial Privacy Graph

Spatial Privacy Graph (SPG) is constructed to identify the pairs of
sensor nodes that, in combination, determine the position of the target
within a small region. Graphically, SPG graph is represented as
, where S represents the position of set of sensor nodes
and represents the set of edges , if and only
if they form a privacy pair. A pair of sensor nodes will say to form a
privacy pair if distance between the pair lies between ,
where ‘a’ is the scalar parameter privacy factor, i.e., S1 and S2 form the
privacy pair if is satisfied.
Figure 8.6 illustrates this process. Figure 8.6 (a), represents an IoT
network with seven nodes, where edges represent the communication
links, while Figure 8.6 (b) represents the spatial privacy graph, where
edges represent the privacy links. From the graph in Figure 8.6 (b),
though G and D are within the communication range; they still do not
form a privacy pair because distance between them is too low for
privacy to be preserved.
Figure 8.6: (a) Communication Topology (b) Spatial Privacy Graph
Once the SPG graph is constructed; the next objective is to include the
privacy and availability of the network with minimum energy
consumption, which is explained in the next section.
b) Enhancing privacy via a distributed coloring algorithm
The SPG identifies the privacy pairs of the sensor nodes, which in turn
now has to select the different storage nodes for saving their sensed
data. Storage node is determined by executing a distributed graph
coloring scheme.
If an n-vertex SPG, is served as input to the coloring the
scheme, then the graph will be produced as the
output, where ‘C’ denotes the color assignment function of each sensor
node such that . Ideally, should
satisfy the requirements of validity and feasibility:
Validity: It means that for every edge , its vertices and
will have different colors i.e.,
Feasibility: It means that the color assigned to each vertex or sensor
node should be of one of the storage node’s colors. This means that
every sensor node will impart its data to any one of the storage nodes.
A valid and feasible coloring directs the network to disseminate
messages that belong to the same privacy pairs but to different nodes. In
this way, privacy is achieved.
For every SPG and storage nodes, it is always not possible to get valid yet
feasible colored graph. For example, if there are only two storage nodes
available to color the SPG, as shown in Figure 8.7, then it is impossible to
obtain a valid coloring among nodes A, C, and D. To address this issue, the
distributed coloring algorithm first generates a valid coloring and then changes
the infeasibility of colors to feasibility.
Figure 8.7: Spatial Privacy Graph
Algorithm
The distributed coloring algorithms work in the following way. Before
coloring the sensor nodes, each storage node is mapped with a unique color
numbered from 1 to . Once the storage node is assigned with color
number, then each sensor node is assigned a unique color based on its
neighbor color in SPG using algorithm 8.1.
Here, color is considered inform of the color number, for example, color 1, color
2, color 3, and so on.
Algorithm 8.1: Distributed_Coloring

Require: INPUT:
Nbr: neighbor set
: local sensor ID
PROCEDURES:
1:
2: repeat
3: Announce( );
4: = ReceiveAnnounce();
5: if and > max then
6: = UpdateColor( );
7: end if
8: until NoChange( ) and NoChange( )
Explanation of algorithm
Initially, each sensor node is assigned with unique infeasible color by
adding its own ID to (step 1 in algorithm 8.1) and then each sensor
node is allowed to participate in an iterative coloring procedure until there
is no color update between two consecutive iterations. A step-by-step
explanation is provided as follows:
Step 1. Sensor Node announces its current color with its ID to all its
neighboring nodes by broadcasting a message ( ) (Step 3 in
algorithm). Here, the current color is and is the identity
of the node.
Step 2. At the same moment, it records its neighbor’s current colors into
(Step 4 in algorithm).
Step 3. In every iteration, each sensor nodes that satisfies the following
conditions are allowed to update its color: (Step 5 in algorithm).
It has not been assigned a feasible color yet.
Its color number is larger than those of all its neighbors.
Step 4. The function UpdateColor() will find new color that satisfies the
following listed conditions: (Step 6 in algorithm)
Feasibility: The new color should belong to one of the storage nodes
colors, i.e.,
Validity: None of the neighbor nodes must have chosen this color,
i.e.,
Nearest: Among all feasible and valid color, the nearest storage node
that is separated by few numbers of counts is selected.
Step 5. The algorithm terminates when none of the nodes can update its
color (Step 8 in algorithm).
As discussed above, if no feasible and valid color is available then in those cases
UpdateColor() returns negative color i.e.,
c) Enhancing availability via message replication

Availability of data in a network can be maintained when the
intersection of the information state of available storage nodes,
is close to . This can be attained by replication,
where the sender node wishes to deliver the same copy of the data to
another storage node. However, this can result in increasing energy cost.
So, to replicate efficiently, the coloring algorithm should solve these
three issues:
1. Who should duplicate its messages?
Solution: It is recommended that only privacy pairs should
duplicate their messages, so that consumption of energy is
worked out only for valuable messages and in the most
valuable manner.
2. How should the messages be duplicated?

Solution: Since availability and privacy are conflicting in
nature. It is recommended to use the duplication
probability ‘p’ for keeping a balance between the two
goals. Each node in a privacy pair will replicate the
message with probability ‘p’. Actually, during data
reporting time, a node generates a random number in range
[0,1], and if the random number is smaller than ‘p’, then
the message will be replicated to a second storage node
else not. If p = 0, then the privacy is given higher priority
and if p=1 then availability is favored.
3. Where to deliver the duplicated messages?

Solution: To avoid the situation where the duplicated
messages from the same region are delivered to same
storage node. The privacy pair itself chooses another
randomly deployed second storage node to which
duplicated messages are delivered.
d) Experimental analysis of the approach
While implementing the above algorithm; the following assumptions
were taken under consideration: , the target speed =
25 m/s, network area = 2000 m x 2000 m, privacy factor a = 15 m. The
impact of duplication probability ‘p’ on privacy, availability and energy
are studied.
Figure 8.8 illustrates the energy cost of the SPG-based algorithm with
respect to duplication probability ‘p’. The figure depicts the slow rise in
energy-cost with respect to probability ‘p’. This is because the SPG
algorithm only allows privacy pairs to duplicate messages, instead of all
nodes:
Figure 8.8: Relationship between Energy and Duplication probability

Figure 8.9 shows privacy & availability of the SPG algorithm with
respect to Energy cost. The maximum privacy achieved is 0.5 when p=0
and the energy cost is minimum. When ‘p’ increases to 1, then the
privacy lowers down to approximately 0.1 with increasing energy-cost.
While the reverse is in case of availability, when p=0, availability is
minimum with minimum energy-cost. However, when p=1, the
availability as well as energy-cost of the algorithm increases. Therefore,
a mid-value of ‘p’ is always preferred so that a balance between privacy
and availability is maintained with limited energy-cost:
Figure 8.9: Relationship between Privacy, availability, and Energy
If readers wish to dive into the detailed description of SPG-based Data

Dissemination algorithm and procedure, they can refer research paper [2].
8.5. Privacy preservation for IoT used in smart buildings- A

case study
In today’s era, the issues of privacy are not only in social media but also in
IoT applications such as in smart buildings and smart homes. It is the talk of
the town which requires the first priority in preventing and protecting
privacy. For instance, the smart meters used in smart buildings and homes,
if analyzed by attackers, can give them access to the user’s personal details
such as their finances, occupation, credit, health, and other personal
elements. Thus, it is important to handle privacy with great attention. In this
section, we will study the concept of smart building, its privacy issues as
well as their preservation approaches.
8.5.1. The concept of smart buildings

Buildings are the heart of our lives and we spend almost 90% of our lives in
them. Buildings; if provided with human-centric technologies, can meet
everyday expectations and reality of human lives. In this context, a concept
of smart buildings is experienced nowadays, where digital transformation is
easy, fast and scaled. A smart building uses technologies that enable
efficient and economical use of resources along with creating a safe and
comfortable environment for occupants.
Although there is no fixed definition of smart building; the Institute of
Building Efficiency defines it as “Buildings that provide low cost and
environment friendly building services that make residents productive
through the use of information technology (IT) in building operations”[1].
IT connects various independent subsystems equipped with IoT sensors,
actuators and micro-chips. They enable information sharing among building
operators and residents with actionable information. Smart buildings are
supposed to have their own renewable power generation systems and smart
meter systems that serves as the gateway to the smart grid system as
illustrated in (Figure 8.10). From the figure we can see that buildings that
are smart have their own smart parking, their own power and energy plant,
their own electrical storage and distribution system and much more.
Figure 8.10: Smart buildings and smart grid systems

Smart Building Subsystems
Recapitulating the elements of smart buildings, the following subsystem
classification of smart buildings can be devised consisting of Building
Automation System (BAS), Building Energy Management and Grid
interaction System (BEMGS), and Building Management Information
Technology (IT) System (BMITS); as depicted in Figure 8.11:
Figure 8.11: Smart building sub-systems
a. Building Automation System

Building Automation System (BAS) is a centralized automation
system that consists of various IoT devices and is compatible with
commonly used Internet and Intranet communication. It includes a
number of monitoring and controlling applications such as security
and access, fire and safety, lightning, heating, ventilation, air-
conditioning, and many more.
b. Building Energy Management and Grid Interaction System
BEMG system provides the building services related to energy
generation and distribution. It is responsible for internal energy-related
operations and its external interaction with the smart grid.
c. Building Management Information Technology (IT) System
This system establishes a two-way communication with BAS and
BEMGS system in order to achieve a building’s functional and
performance goals. It establishes a presentational view of the building
status through video and voice applications. It increases the awareness
and involvement of the building manager and residents in controlling
its performance. It interacts with BEMGS by collecting power
consumption data for further modeling and analysis. This modeling
and analysis helps in building energy policies for residents as well as
for interacting with smart grid. These policies are implemented by
BAS and building energy management.
IoT Technologies used in smart buildings

Buildings that comprise of various smart devices, tools and technologies are
said to be smart buildings. Generally, IoT devices used in smart building
environment are classified into following types as shown in Table 8.6:
Types of Description Examples

Devices
Monitoring These building devices are used to Smart metering devices,

and monitor and control applications Video surveillance
controlling such as security and access control, devices, etc.
devices consumption of energy, water, and
gas.
Mobile and These devices are personally or Smartphones, personal
fixed publicly used by the occupants of notebooks, body sensors,
Wireless the buildings digital cameras, wearable
devices devices, smart televisions,
washing machines,
refrigerators etc.
Networking These are the devices that are used WSN, RFID, NFC
devices to connect different type sensors devices, ZigBee devices,
automatically so as to form a Wi-Fi, Bluetooth, LTE etc.
network of different topology for
establishing communication within
the building.
Table 8.6: IoT technologies used in smart buildings
8.5.2. Privacy threats in smart buildings
Buildings are designed smartly for enhancing the comfort of users,
delivering efficient building management, providing better access control,
and security. These smart processes tend to gather information related to the
presence of occupants, their behaviors and the rhythm of their movements.
However, this collected information, if once compromised, may pose
various privacy issues such as identification of personal details, detection of
physical location, etc. These privacy threats can be grouped into following
types and is shown in Table 8.7:
Privacy Description Threat Source

Threat
This can happen due to the use of smart meter in

User This privacy
residential building. It gives rise to Non-Intrusive
Behavior issue
Load Monitoring (NILM) technique. This technique is
Privacy includes the
used to analyze and extract information from power
leakage of an
consumption in a non-intrusive fashion i.e., without
occupant’s
any interference in a regular routine. This can be
identity and
illustrated in Figure 8.12, where attacker can get the
their
regular regime of user pattern.
behavioral
activities.
• Location can be leaked by devices and technologies
Location It is the
such as sensors, RFID readers, Wi-Fi access points etc.
privacy ability to
• The wireless LAN, if not protected can easily
prevent
disclose the content of communication, sender and
unauthorized
receiver of data (User’s identity), time of
parties from
communication and the place of communication
learning
(location).
someone’s
• Location can be known using access point (AP) and
current or
by measuring the strength of the transmitted signal
past location.
from multiple APs.
• Location can also be known by an unauthorized
RFID reader, who at a distance or beyond may try to
steal access of the tag information.
• Video privacy issue can take place by getting an
Visual Leakage of
unauthorized hold of video equipment’s such as
privacy private
information surveillance cameras and other vision-based intelligent
in the form systems.
of image or • Videos and images are the major source of one’s
video. privacy. It not only provides the related information
about person but also his/her surrounding
environment. It reveals a person’s sensitive details
such as face, clothes, posture, gait, time, and
environment in which he/she is living.
Table 8.7: Privacy Threats
Figure 8.12 illustrates the NILM technique mentioned under the User
Behavior Privacy threat:
Figure 8.12: An illustration of NILM technique
8.5.3 Privacy-preserving approaches in smart buildings

There are several approaches to preserving privacy in smart buildings; some
of them are mentioned as follows:
Wireless LAN privacy-preserving approaches

As discussed above in location privacy; the Wireless LAN is one of the
major sources of privacy leakage in smart building applications. Therefore,
preserving privacy in WLAN is one of the major concerns, which should be
paid utmost attention.
The visible solution of preserving privacy is to simply break the link
between the user’s identity, its time of action and its location information.
This can be achieved by anonymizing the user or node information with
frequently changing pseudonyms (or names or addresses).
The techniques of anonymizations are already discussed in section 8.3.2. Thus,

here we will only discuss the conditions, factors and challenges of
anonymization in WLAN.
One major issue of using anonymization in WLAN is “how to unlink MAC

addresses (or pseudonyms) of the same user when frequent address changes
are employed”. In other words, how to reduce the correlation of two
addresses of the same user and increase the entropy in address selection.
The solution to this problem is discussed as follows:
a) Silent Period: MAC addresses can be easily unlinked by using silent

period after performing address changes. It means, as the address
change occurs, the users intentionally do not transmit data for a certain
period of time i.e., it hides its address from the other users or clients. In
this way, privacy of the user taking part in anonymization can be
preserved.
b) Mix-Zone Area: Use of mix-zone area is another solution of unlinking
MAC addresses. It is the spatial version of the silent period approach
where clients are not allowed to transmit data in a predefined area. The
physical location of the user is set in such a way that all users within the
mix-zone area are indiscernible. Thus, in this way the information of the
user or identifier can be preserved.
Anonymization in WLAN should hold the following three conditions:

The identifier should be unthinkable i.e., new and old identifiers from
the same client should be dissociated.
Anonymization should cause minimum network disruption i.e.;
proper timing is needed for switching addresses in real-time
application (like VoIP) or in long communication (like streaming
data).
The provided solution should be readily applicable to the current
IEEE 802.11 standard.
The factors that affect the anonymization of user or node information in
WLAN are as follows:
1. The Type of Environment: In an open environment, where there is
high fluctuation of users such as in airports or shopping centers, it is
difficult to detect the changes in identifiers. Whereas, if the user is
located in a closed environment such as within a company network,
then it is very easy to detect the identifiers with their changing
pseudonyms.
2. Location Resolution: It signifies the accuracy of the locating user.
In case of single access point (AP), a rough estimation of the user
location is determined, which may or may not be correct. However,
multiple APs provide more accurate location details of the user.
Therefore, it is preferred to have a single AP for preserving privacy.
This can be done by limiting the transmitted signal strength from the
device.
3. Prior Knowledge of the System or User by the Attacker: If the
attacker or any third person has the prior information about the
environment such as the building layout or working schedule, then
they can easily use this information for identifying the user.
The Key Challenges of anonymization in WLAN are:
1. Address Selection: The selected address (even if it is a fake address)
for anonymization in WLAN should be valid, so that it is not rejected
or ignored due to incompatibility reasons. The valid address should
follow the standard of 48-bit MAC addressing, where 24-bits are the
organization’s unique identifier and other 24-bits are assigned by the
NIC vendor.
2. Address Uniqueness: All nodes or users sharing the network should
have a unique address i.e., duplicate addresses should be detected
and prevented.
3. Integration with Port Authentication: Other identifiers besides
MAC addresses should also be considered so that the eavesdropper
cannot use them to track the user.
RFID privacy-preserving approaches

Privacy issues caused by RFID devices can be resolved by following
approaches:
1. Hiding and blocking: In this approach, the RFID tag is put to
silence by jamming the radio channel used in RFID communication
and reply is provided only to the readers having proper credentials.
2. Rewriting and encryption: In this approach, the access to the tag is
provided by using anonymization through hash-based approaches.
The unauthorized reader cannot open the tag, because it is opened
only when the correct key is introduced to it. In order to open the tag,
the authorized reader requests the hashedId and tries to get the key
and ID from the back-end server. The back-end server, after
authenticating the reader; returns the information (key, ID) to it and
then the reader sends the key to the RFID tag. The tag hashes the key
and compares it with hashID. If a match occurs, then the tag is
unlocked else not.
Same as hashing technique which we have studied in Chapter 7 “The

Crypto Foundation -II”
3. Hash-Locking Scheme: Randomized hash-locking scheme is

another approach to preserving privacy due to RFID tag. In this
approach, the tag output is changed every time it is accessed.
Whenever a reader accesses the tag, the tag replies with a random
string along with the hash of the concatenated tagID. It means that
the pseudonym is changed in every access i.e., every time the tag is
accessed and will prevent the unauthorized readers from tracking the
user. Though tags in this randomized scheme ensure full privacy;
however, it is not scalable for a large number of tags; since huge hash
operations are performed at the back-end server, which may result in
delay. In addition, this approach does not guarantee forward privacy;
since stored information in a compromised tag will reveal all
information related to previous communication of that tag.
4. Hash-Chain Scheme: To overcome the forward security issue, a
hash-chain scheme proposed, where the tag identifier is refreshed
each time, the tag is queried by a reader. The scheme is achieved
using a low-cost hash-chain mechanism.
Video surveillance privacy-preserving approaches

Video surveillance and its associated monitoring systems are the richest
source of privacy issues, and so they should be handled with care. The
complete picture of video surveillance should not be provided to every user.
Certain bifurcation should be done, as illustrated in Figure 8.13:
Figure 8.13: A layered approach of video Surveillance
The figure illustrates the layered approach, providing the capability of the
type of user who can view what data under what circumstances. It illustrates
three different types of users having access at different levels:
1. Ordinary Users: They can view and access only the statistical
information about the video like number of people, amount of traffic
etc.
2. Privileged Users: These users can access rendered and limited
information.
3. Law Enforcement Agencies: Users in these agencies have full
access to the video including raw video and its related individual
identity details. These agencies are allowed for video analysis,
encoding/decoding, storage and security functions such as
authentication and encryption.
Visual privacy preservation mechanism includes the following solutions:
1. Use of IR and RGB Camera: Visual privacy preservation includes
two different types of cameras known as Infrared (IR) camera and
RGB camera. Both cameras capture videos simultaneously. The
thermal IR camera discriminates the face region from other parts of
the human body, based on the fact that the human body radiates
shorter wavelengths.
The thermal imaging generates a masked pattern that corresponds to
the position of the face of the subject. Then a Spatial Light
Modulator (SLM), e.g., LCD is inserted in front of the CCD/CMOS
image sensor † of the RGB camera. This applies the thermal imaging
mask and prevents the unwanted recording of the subject’s face. This
approach only protects the subject’s face but clothing and other
environments are still under privacy threat.
2. Intervention Methods: Privacy of data being captured from the
environment is prevented by physically interfering with the camera
devices.
3. Blind Vision: In this method images or videos are processed in an
anonymous way by using cryptographic techniques. For instant use
of Secure Multiparty Communication (SMC), where contributing
parties can use the algorithm of other parties without even knowing
the details of it.
4. Data Hiding: It includes the hiding of the original image data inside
a cover message which can be retrieved as and when required.
5. Redaction Methods: These methods include image filtering,
encryption, k-same family, object/people removal and visual
abstraction for reserving privacy.
a. Image Filtering: In this filtering technique, the Gaussian
smoothing filter is used to modify each pixel in the image by
using neighboring pixels. For example, if an image is divided
into 8 x 8-pixel blocks, then the average color of the pixels
calculated will be the new color for all pixels in that block.
b. Encryption: Encryption of videos and images include DES,

AES and RSA algorithms. These techniques scramble the
region of interest by pseudo randomly flipping bits. It can also
be used for compressing video/image domain, spatial domain
and frequency domain.
c. k-same family: This technique utilizes the concept of k-

anonymity. It computes the average of k-images in a set and
replaces the cluster with the average image obtained.
d. Object/people removal: It removes the private object or people

from the original image and the void area after removal is filled
by using inpainting † methods. Still images include spatial
consistencies for inpainting and video requires both spatial and
temporal consistencies for inpainting.
e. Visual abstraction: It is the replacement of the object to protect

privacy while maintaining object activity such as position, pose
and orientation.
Conclusion
Privacy preservation is one of the major issues in the Internet of Things.
Concerning this, the chapter discusses the various privacy preservation
techniques with help of smart buildings as the case study. Brief insights of
the chapter are listed below:
Protection and conservation of sensitive information against burglar
or intruder is termed as Privacy Preservation.
There are six major requirements of preserving privacy named as
purpose, notice, choice, transfer, security and retention.
Threats regarding privacy are categorized as content-oriented and
context-oriented threat.
Content-oriented threat refers to manipulation of content of the
packet transmitting over the network, while Context-oriented threat
accounts for the measurement like the size and number of messages
being transmitted, the time and rate at which messages are being sent,
the source and destination of transmission and the frequency
spectrum used for the transmission of sensed data.
There are several privacy preservation techniques. Some of the most
popular techniques are cryptographic techniques, dynamic data
masking technique and anonymization technique.
Along with the privacy issue, the availability of data at the right time
with minimum energy-cost is also a serious issue as it affects the
dissemination of data within the network.
Disseminating data within the network securely such that the privacy
is preserved along with the availability is implemented with the help
of Spatial Privacy Graph.
Spatial Privacy Graph is a graph where data is transmitted only
through the nodes that tend to preserve privacy and availability with
minimum energy-cost.
Smart Building is one of the most popular examples of Internet of
Things where preserving privacy is the most desirable need.
Smart buildings can suffer from user privacy threat, location-privacy
threat and visual privacy threat.
These privacy threats in smart buildings can be avoided by protecting
Wireless LAN, RFID reader and video surveillance equipment.
8.6 Questionnaire

1. Which of the following is not the requirement of privacy
preservations are:
a. Choice
b. Retention
c. Purpose
d. Content
2. Which of the following are the dimensions of privacy?
a. User privacy
b. Respondent Privacy
c. Data owner privacy
d. All of the above

3. Homogeneity attack and background attacks are the issues of:
a. L-diversity anonymization
b. K-anonymity
c. Cryptographic techniques
d. Data masking techniques

4. Privacy preservation in smart buildings due to WLAN can be
controlled by using:
a. Silent period
b. Mix-zone area
c. None of the above
d. All of the above

5. Privileged users are those users who can access the:
a. Limited information
b. All information
c. No information
d. More than limited but less than all information
Answer key
1. (d) 2. (d) 3. (b) 4. (d) 5. (d)

1. Explain the privacy preservation data dissemination with Spatial
Privacy Graph technique with valid assumptions and results.

1. Why is preserving privacy important in the Internet of Things?
2. Explain the concept of layered approach of preserving privacy in
smart building.
3. How privacy can be preserved using anonymization technique.
Explain with help of an example.
Keywords (†)
Inpainting: It is a preservation process where damaged, deteriorated
or missing parts of the image are filled to present a complete image.
CCD/CMOS image sensor: These are the high speed, low sensitivity
image light sensors that converts light into electrons.
References
[1] “Institute for Building Efficiency. What is a smart building.,”

Http://www.Institutebe.com/smart-grid-smart-building/What-is-a-
Smart-Building.aspx., 2017. .
[2] M. Xu, W. Xu, and M. O. K. Jason, “Privacy Preservation Data
Dissemination,” in Security and Privacy in Internet of Things (IoTs),
CRC Press, 2016, pp. 129–154.

Importance of Privacy in Internet of Things
Privacy threats and their preservation techniques
Concept of Smart Buildings and how it is an application of IoT
Smart buildings threats and their preservation approaches

CHAPTER 9
Location Privacy Enhancement in the Internet
of Vehicles
As discussed in Chapter 8, Privacy Preservation for the Internet of Things,

the privacy preservation is the utmost requirement of securing the Internet
of Things. Moving on the same platform, in this chapter, we will discuss
privacy preservation in one of the promising branches of the IoT, the
Internet of Vehicles (IoV). The IoV is intended to serve as an essential
data sensing, exchanging, and processing platform for future Intelligent
Transportation Systems (ITS). The chapter addresses the location privacy
issue in the IoV because if the current position, speed, and acceleration
information get in hand of unauthenticated persons or burglars, then it may
cause damage to vehicles, persons, and even to the entire real-time traffic
environment. With this perspective, the traditional as well as futuristic
location-privacy preservation schemes are explored with their pros and
cons.
Structure
Understanding the concept of location-privacy
Existing location privacy solutions and their drawbacks in IoV
Futuristic or research-based privacy preservation approaches and
their analysis
Importance of MixZone and group signature in preserving location-
privacy
9.1. Location privacy and its requirements in IoV
The Internet of Vehicles consists of vehicles having advanced sensing and
communication capability with smart roadside infrastructures that provide
computation and storage facility. IoV when equipped with vehicular
onboard units (OBUs) and roadside units (RSUs) is regarded as a
vehicle-to-vehicle and a vehicle-to-infrastructure network or Vehicular Ad-
hoc Network (VANET).
The concept of a vehicular network is already discussed in Chapter 5, IoT as

Interconnection of Threats, Section 5.1. Readers are advised to go through
Section 5.1 before proceeding.
In this chapter, our main focus will be on privacy preservation in IoV.
It is explored that though IoV has significantly facilitated the realization of

intelligent transport systems, it is an expendable data transmission platform,
which has considerable challenging technical issues. These issues account
for the security and privacy of IoV-related cyber-physical systems. For
instance, for the sake of safety, vehicles are recommended to periodically
broadcast their current position, speed, acceleration, and other details in the
form of authenticated messages. Though the circulation of messages
increases the awareness about their neighbors and may warn drivers about
accidental situations, since messages are circulated openly. So, if someone
gets captured by burglars, then it may pose potential threats to the location
privacy of vehicles, which, in turn, may also result in identity privacy as
well as access control threat. To address the problem, efficient schemes
have been proposed such as mix-zone, pseudonyms and so on.
Details of these schemes are discussed in Sections 9.2 and 9.3.
9.1.1. Location-privacy requirements

To preserve location privacy of vehicles in the IoV network against
adversaries, the following requirements should be satisfied:
Identity privacy: Identity privacy is the pre-requirement for the
success of location privacy. It is always recommended that for
broadcasting safety messages, every vehicle should use its
pseudonyms (or alias) instead of its real identity.
Pseudonyms: To avoid adversary tracking, every vehicle should
periodically change its pseudonyms to weaken the relationship
between the former and latter locations of a vehicle.
Conditional Tracking: The location privacy should be conditional
and pseudonyms of vehicles should be trackable only by the trusted
Registering Authority (RA). RA is the trusted authority, who is
capable of disclosing the real identity as well as location of any in the
vehicular network.
9.2. Traditional location-privacy preservation solutions

The section details the location-privacy preservation schemes in the Internet
of Vehicles and summarizes the associated challenges with available
explanations. Researchers and developers have designed the following
schemes:
9.2.1. Pseudonyms
For driving safely on the road, vehicles are required to broadcast periodic
messages that generally consist of 4-tuple information named as {Time,
Location, Velocity, Content}. If the real identities of vehicles are used in the
safety messages, then there is a possibility that their location privacy will be
easily eavesdropped. Therefore, vehicles are instructed to use pseudonyms
instead of their real identities. Moreover, they are recommended to
randomly change their pseudonyms while driving because changing
pseudonyms will result in irrelevant identities and will guarantee the
location privacy of the vehicles. However, under continuous adversary
tracking, the pseudonyms schemes will be vulnerable to threat, if vehicles
keep using identical pseudonyms for a long time or change their pseudonym
on an improper occasion.
For instance, let us consider Figure 9.1, where three vehicles P1, P2, and P3
run on a road. If instead of all vehicles only one vehicle; for example, ‘P3’
changes its pseudonym from P3 to A1, then an adversary can easily link A1
to P3 because P1 and P2 are unchanged. Even if all three vehicles P1, P2,
and P3 change their pseudonym simultaneously, then too the location and
velocity details in safety messages will provide clue to adversaries where
they will be easily able to link the respective pseudonyms. In these
conditions, pseudonyms fail to protect the location privacy. To address these
issues, other schemes are proposed such as mix-zone, group signature, and
so on. These schemes tend to obscure the mapping relationship between
vehicle’s real identities and their pseudo identities.
Figure 9.1: The linkable pseudonym
If readers wish, they can explore [2], [3] for further details.
9.2.2. Mix-Zone
The continuous overhearing of the neighboring vehicles and the changing
pseudonyms at inappropriate timing fails to protect the location’s privacy.
Therefore, to resolve this issue; the mix-zone strategy is adopted, where the
road is divided into the observed zone and the unobserved zone (Figure
9.2). An unobserved zone is considered the mix-zone region, where the
vehicles are asked to change and mix their pseudonyms at an appropriate
time and location, making it difficult for the adversaries to track and
identify vehicles. An unobserved region is actually an intersection of
multiple entries (for example parking), where the vehicles are allowed to
change their pseudonyms and depart separately from different exits so that
pseudonyms cannot be linked to their original identity.
Figure 9.2 illustrates the road with the observed and unobserved region
(Mix-zone), such that the unobserved region has three entry points (A, B,
C) and three exit points (D, E, F). Let the vehicle enter the Mix-zone
coverage through ‘A’ and broadcast its safety messages with the help of
RSUs. The vehicle changes its pseudonyms in the coverage and then
departs from any one of the exits, which ensures the unlink-ability of
pseudonyms. Thus, it preserves the location and privacy of the vehicles.
However, the concurrent occurrence of vehicles in the same mix-zone
region and the presence of minimal traffic limits the preservation of
location privacy:
Figure 9.2: The Mix-zone scheme
If readers wish, they can explore research papers [4], [5] for further details.
9.2.3. Group signature
The group signature scheme solves the issue of mix-zone, where the
location privacy fails in small traffic. In the group signature technique,
location privacy is protected by signing the messages using group identity.
Group identity is a respective secret key of each member of a group. As
soon as the vehicle joins the group, it becomes its member and then tends to
sign the message using its own secret key. The resulting signature obtained
is verified by anyone who knows the common public key. The person who
knows the common public key is regarded as the group leader and is the
trusted entity. He knows the true identity of vehicles, and is capable of
tracking down any of the group members, whenever necessary. The
signature does not reveal any information about the signer; except that they
are a member of the group. This scheme fails to perform better when the
group is too large, as it is very difficult to manage all group members
efficiently.
If readers wish, they can explore research paper [6] for further details.
9.2.4. Silent period

In the silent period scheme, a target vehicle enters a region of interest,
where initially it broadcasts the safety messages, then keeps silent and
updates its pseudonyms from P1 to P2 for a random silent period, while
moving from locations L1 to L2, as shown in Figure 9.3:
Figure 9.3: The silent period scheme
When the vehicle reaches L2, it broadcasts its message using P2. At the
same time, if one of its neighbouring vehicles also happens to update its
pseudonym from P3 to P4 while changing their proximity locations from L3
to L4, then the adversary will be misled to treat neighbouring vehicle as the
target. In this way, a random silent period scheme will resist the adversary
tracking. However, the maximum silent period is limited by the safety
message broadcast period, with maximum silent period limited to only
100ths of milliseconds. Thus, vehicles can be tracked by inferring the
temporal and spatial relationship of the vehicles.
If readers wish, they can explore research papers [7], [8] for further details.
9.3. A new location-privacy preservation scheme: A MixGroup

approach
The preservation schemes discussed in Section 9.2 are not compatible with
traffic size. For instance, in minimal traffic, a mix-zone does not work. On
the other hand, in huge traffic, group signatures fail to preserve privacy.
Similarly, pseudonyms and silent-period schemes too cannot protect privacy
as adversaries can easily gain information using the temporal and spatial
relationship of the vehicles. To resolve these issues, a new scheme is
proposed by researchers and developers of vehicular networks known as
MixGroup.
In the MixGroup technique, the social features of mobility are exploited to
preserve the location privacy of vehicles. It is observed that an individual
vehicle has several chances of meeting a lot of other vehicles. However, in
most meetings, only a few vehicles appear concurrently. This implies that
vehicles could cumulatively aggregate these meetings and can create
sufficient opportunities for pseudonym mixture. Otherwise, if a vehicle
performs pseudonym change at a place of crowded neighbors, then a large
number of opportunities will be wasted. Considering these factors
MixGroup strategy is developed which utilizes the following:
1. Location privacy is preserved by exploiting the meeting
opportunities where pseudonym exchange takes place.
2. An extended pseudonym-changing region, known as a group region
is created where vehicles use their group identities (or group
signature) for exchanging their pseudonym with each other. The use
of group signatures in the form of group identity covers the
procedure of pseudonym exchange.
3. The operation of pseudonym exchange is performed by using an
entropy † -optimal negotiation procedure. In this procedure, each
vehicle evaluates its benefit and risk while taking part in pseudonym
exchange.
9.3.1. Pre-requirements of the MixGroup approach

Before proceeding towards the actual implementation of privacy
preservation, the surrounding environment of the approach is explored and
the assumptions in the form of the network model, threat model, social
model, and so on are presented.
Network model
For the true illustration of a vehicular network, we are considering Vehicle
Social Network (VSN) deployed in an urban area. Vehicle Social Network
(VSN) is a vehicular network with social networking perspective. It
includes socially aware units such as On-Body Units (OBUs), Road Side
Units (RSUs), and driver’s, passengers’ and pedestrians’ smart devices,
which communicate and share their data. The network model of the
MixGroup approach is illustrated in Figure 9.4 and consists of a number of
vehicles, roadside infrastructures, an intelligent transportation system
(ITS), data center, which are explained as follows:
1. Vehicle
Vehicles run on roads and are equipped with OBUs that are used for
vehicle-to-vehicle and vehicle-to-infrastructure communication and data
exchange. For the purpose of safety, every vehicle periodically broadcasts
its location information by using its predefined pseudonym. This is done to
protect its location privacy.
In addition, the vehicle consists of two hardware modules that secure OBU
and they are known as Tamper-proof-device (TPD) and an Event-Data-
Recorder (EDR).
Tamper-proof device (TPD): This device is used for cryptographic
processing and is used to store and protect all cryptographic keys and
materials. TPD has its own clock and a rechargeable battery that is
periodically recharged by the vehicle.
Event-Data-Recorder (EDR): This device stores TDP and records
critical data of a vehicle during emergency events such as its speed,
location, time, and so on. It can be extended to record the safety
message broadcasts during driving.
2. Road-side infrastructure
Road-side infrastructure is sparsely deployed to collect data from vehicles
related to its Intelligent-Transportation System (ITS) such as the
condition of the traffic, vehicles, or roads. It consists of two main
components known as Road-Side-Unit (RSU) for wireless communication
interface and Front-Computing-Unit (FCU) for local data processing.
They provide internet connectivity to OBUs and run safety applications
such as accident warnings or blacklist broadcasting. They can extend their
communication by redistributing or sending the information to other
roadside infrastructure and are connected to the ITS data center by wired
backhauls.
3. Data Center
Data Center is used to aggregate all ITS-related data and is responsible for
global decision-making such as pseudonyms generation and revocation. It
consists of three main components; named as the registration authority, the
location server, and the pseudonym database. The registration authority is a
trusted third party that is operated by governmental organizations and is
responsible for managing the identities and credentials of all vehicles
registered within the VSN. The location server manages the location-related
details of vehicles and the pseudonym database comprises pseudonym-
related repository:
Figure 9.4: The architecture of VSN
Social model
For the successful implementation of location-privacy schemes, it is
essential to have knowledge related to VSN social features. The spatial
distribution of vehicles includes the features of Global social hot spots and
individual hot spots.
1. Global social hotspot: It is considered from the perspective of VSN
and is a place where a number of vehicles meet at a certain time. For
example, a Central Business District (CBD) or Crossroad where
many vehicles wait at red lights.
Global-social spots are usually selected as Mix-zones.
2. Individual social hotspot: It is from the perspective of a specific

vehicle and is a place that the vehicle frequently visits. For example,
a nearby supermarket parking lot. Generally, individual social spots
are shared by common individuals; for example, vehicles of people
working in the same company, use the same parking lot and thus
have common individual social spots.
Threat model
The threat model considered for this location-privacy scheme consists of
two categories of adversaries, one external adversary and the other internal
adversary. External adversaries are adversaries that exist outside the group
such as compromised roadside infrastructure and internal adversaries are
the adversaries existing within a group such as malicious group member.
Some of the existing adversaries in this threat model are as follows:
1. Global Passive Adversary (GPA): It comes under the category of
the external adversary and can locate and track any vehicle in a
region of interest by eavesdropping on its broadcasted safety
messages. For example, a surveillance camera covers a vast range.
2. Restricted Passive Adversary (RPA): It also comes under external
adversaries and is limited in its location tracking capability in a
region of interest. The tracking range of RPA is dependent on the
vehicle’s transmission range and the distance between any two
successive deployed RSUs. It can exploit the deployed RSUs for
eavesdropping and estimating the locations of vehicle broadcasts. A
compromised service provider is the best example of RPA.
3. Internal Betrayal Adversary (IBA): IBA is an example of an
internal adversary, which can be a compromised group member. IBA
aims to leak the information to GPA and RPA, as soon as privacy-
related information such as pseudonyms is exchanged with the target
vehicle. Leakage of identity or any privacy-related information will
result in the seizing or reconstruction of the vehicle’s information
which can be its location, velocity, or any location-privacy-related
details.
This can be explained with the help of the following example:
a. Let us suppose a vehicle V1 has pseudonym PID1 and it exchanges its

pseudonyms with an adversary IBA, who itself owns pseudonym PID2.
b. After exchanging, V1 has PID2 and adversary IBA has PID1. Now, since IBA
has obtained PID1, so it can exploit by leaking its related information to GPA or
RPA. Besides these, adversaries can restructure the historical trajectory of V1 by
eavesdropping on the recorded safety messages signed by PID1.
c. Besides, since V1 is using PID2 for broadcasting safety messages but in
actuality PID2 belongs to the adversary. Thus; adversary can easily infer the real
traces of the target vehicle by continuously monitoring the safety messages
signed by PID2.
4. Internal Tricking Adversary (ITA): ITA exploits pseudonyms,

which had been exchanged with others more than once. As a result,
the victim obtains useless pseudonyms and exchange with others
unknowingly. The number of victims depends on the number of
vehicles that exchange information with the ITA.
Characteristics of the vehicular social network

Vehicular social networks are the virtual communities where people travel
frequently in periodic interval or almost at the same time such as everyday
driving between home, workplaces, or commercial places. It is a fusion of
VANET and social network that comprises of human characteristics along
with vehicle-to-vehicle and vehicle-to-infrastructure communication. Since
vehicles are driven by humans, the mobility of vehicles directly reflects
humans’ intentions. Some of the social characteristics of VSNs are as
follows:
1. Shortest path-based movement: Vehicles in a road network adopt
the shortest path from source to destination. Commonly adopted
shortest-path algorithm is the Dijkstra’s algorithm.
Dijkstra’s algorithm is found to be the best algorithm because it finds the

shortest path to every single reachable node within the network.
2. Social hot spots: VSNs contain a number of social hot spots. Social
hot-spots are the places that have high social attractivity in a road,
meaning a large number of vehicles stopping on a particular spot, for
example, a supermarket.
3. Spatiotemporal mobility: The mobility in which vehicles travel to
different spots at different times every day, but almost in a periodic
manner is called spatiotemporal mobility. For instance, people going
to the office in the morning, restaurants, and home in the evening,
etc.
Some observations from the traces of vehicles

Before discussion of the actual MixGroup approach, the following
observations were inferred when vehicles move from one spot to another in
VSN.
1. First observation: Firstly, it was observed that only a few vehicles
meet in a global social spot, while most of the vehicles meet rarely or
infrequently. The mobility of vehicles depends on the shape and
distribution of the roads. For example, most vehicles gather in
parking lots or road intersections when traffic lights go red.
A sample of 40 social hot spots in San Francisco was considered and

number of vehicles in 250 min of time was recorded. It was observed that
13% of vehicles collectively pass by social hot spots and 87% vehicles
navigate sparsely.
2. Second observation: Next, it was observed that most vehicles

always visit their individual social spots; that is., fixed places at
about the same time. This infers that people’s social behavior pattern
generally remain stable within a relatively long interval.
From the above discussed San Francisco sample, it was observed that vehicles
tend to meet 64% of other vehicles at individual social spots.
From both observations, it is concluded that there are two hot spots known as the
global hot spot and individual hot spot. Out of 100% of vehicles, 13% meet at
global hot spots while from the remaining, 87% of vehicles, 64% meet at
individual hot spots.
Theory of MixGroup
The aim of MixGroup is to efficiently aggregate all the potential
opportunities together in order to change their pseudonyms along the
vehicle’s moving paths. This can be explained with the help of Figure 9.5.
The diagram illustrates a vehicle’s path Vi which consists of single global
spots and three individual spots. As per the traditional scheme, a vehicle is
supposed to change its pseudonyms in global spot S3 where there are eight
other vehicles. But as per the MixGroup strategy, there are three more spots
available where the vehicle can change its pseudonyms, that is, at S1, S2
and S4. So, to effectively leverage these other opportunities, the MixGroup
scheme combines the spots S1 to S4 to an extended social region R1, where
the target vehicle Vi can cumulatively exchange pseudonyms with other
vehicles within the region R1. For instance, it may exchange pseudonyms
with vehicle Vb in S1, and then vehicle Vc in S3 and so on. Theoretically,
in total, Vi can meet 18 other vehicles and can have 18 opportunities to
exchange pseudonyms. Thus, in the MixGroup scheme, the exchange
opportunities are increased from 8 to 18. As a result, the privacy
preservation is also increased. The discussed MixGroup includes four key
mechanisms, the pseudonym mechanism, the group signature, the in-group
identity, and the encryption and authentication mechanisms, which are
explained as follows:
Figure 9.5: The illustration of group-region
1. Pseudonym mechanism: The pseudonym is used for broadcasting

safety messages outside the group-region. Within a group-region,
only group identities are used instead of pseudonyms; however, the
exchange of pseudonyms among vehicles is done in a group-region.
Basically, a particular vehicle is allocated with a number of
pseudonyms. Let us assume a vehicle ‘ ’ have ‘w’ pseudonyms.
Then, statistically, we can represent pseudonyms as ‘ ’, where
‘i’ denotes the vehicle and ‘k’ (k=1,2,….w) specifies the ‘kth’
pseudonym number.
Beyond IoV, pseudonym techniques are also applicable to cloud data
security [9], to companies and organizations that hold a huge amount of
digital data [10] to health applications [11] and many more.
2. Group signature: MixGroup includes the pseudonym-mixing region

known as group region. Group-region is constructed by exploiting
the features of group signature. Each group has a group identity
’ and a group leader . Whenever the vehicle ‘ ’ enters a
group-region, the group leader delivers the group identity
’ and the corresponding group’s private key ’ and
certificate ’ to the vehicle after authentication. The vehicle
’ uses ( ) for broadcasting safety messages
and subsequently for changing pseudonyms.
The scope of group signature is also applicable in real-life examples; they

can be referred from research paper [12] such as submission of tender,
used in electronic cash, trusted computation, etc .
3. Temporary in-group identity: In the procedure of pseudonym

exchange, every vehicle requires a dedicated identity to indicate
itself and to exchange pseudonyms with others. To avoid the
adversary tracking and the association of the real identity with the
identity of pseudonym exchange, neither the real identity nor the
current pseudonym exchange can be set as the dedicated identity. So,
to avoid this, a new ID called a Temporary In-group Identity
(TID) is set for each vehicle. Whenever a vehicle ’ enters a group-
region, the group leader allocates a set of (TIDs, and (l=
1,2….L) ) to it . Once the TIDs are allocated, they are used for
sending requests and responses in the pseudonym exchanging
procedures.
Basically, each TID is used only once for pseudonym exchange. This
avoids the adversary to establish any mapping relationship between the
vehicle’s real identity and pseudonym exchanging identity.
4. Encryption and authentication mechanisms: To prevent the illegal
entry of vehicles in a group-region, MixGroup uses strong encryption
and authentication mechanisms. For every vehicle ‘ ’, there are
three different sets of (public keys, private keys and certificates) for
real identity, temporary identity, and pseudonym exchange.
Authentication of vehicle’s real identity is done by the Registering
Authority (RA) using ( ). Temporary ID uses (
) for sending requests and responses before
pseudonym exchange. Lastly, ( ) are used to
authenticate the validity of the two sides during pseudonym
exchange.
The scope of encryption and authentication can also be extended for user
identification, granular access control to limit what users can see and do,
auditing for accountability and protecting the confidentiality of the sensitive data
in transmission.
9.3.2. Process of MixGroup

The process of MixGroup in preserving location-privacy of the vehicular
network is illustrated in Figure 9.6. From the figure, it is illustrated that
MixGroup consists of six operations, namely, system initialization, key
generation, group join, pseudonym exchange, group leaving, and
revocation. The process of each and every operation is demonstrated as
follows:
Figure 9.6: State diagrams of vehicles
System initialization and key generation

Whenever the vehicle joins the vehicular network, the following
initialization and key generation takes place:
1. As soon as the vehicle with identity joins the systems, it gets
its public key, private key, and certificate represented as (
).
2. Registering Authority (RA) comes to action and performs
following functions:
It stores ( ) in its tracking list.
It provides a set of 'w' pseudonyms to the vehicle.
Similarly, it also provides public key, private key and certificate

set as ( ) to vehicle for each
pseudonym .
3. When the vehicular network is activated, a group is formed and
when vehicle enters the group it is allocated with group public
key, group private key and a certificate. Group private key and
certificate are allocated for vehicle , whereas the public key is for
the complete group. Summarizing the discussion, the vehicle is
allocated with ( ), when in a group.
4. When vehicle enters the MixGroup region, it is also assigned with
TIDs generated via RSUs, located at the boundary of the MixGroup
region.
TIDs are used only for sending requests and responses during the procedure
exchange of pseudonym exchange.
Here, the RSA algorithm is used for the generation of TIDs.
Group join
For a vehicle to join the group; the following steps are adopted:
1. Before entering the group-region and joining the group, each vehicle
periodically broadcast safety messages with its own pseudonyms
{ } given by the RA.
2. Nearby RSU, say , when hears the broadcast messages, then
will act as a mediator between a group and the vehicle . Where
vehicle , will request the group leader via to provide
membership of the group .
The group leader is elected by the nearby RSUs of the group Gj and is
responsible for distributing and managing Group Identity (GID) and the
associated keys and certificates.
3. The group leader will then verify the legality of the vehicle
with the help of RA.
4. After verification, leader provides parameters such as group
identity (GID), associated private key, certificate and parameters
related to TID to vehicle .
5. Finally, vehicle becomes the group member and will now
broadcast safety messages using instead of { } to prevent
the possible pseudonym tracking from the potential adversaries.
To ensure the liability of the message originator and the safety of the message
receiver, each vehicle signs its safety message with a timestamp to ensure
message freshness and include group private key and certificate to enable
verification.
Pseudonym exchange
Since the vehicle has entered a group and is now a group member of ,
thus it will periodically broadcast safety messages with the identity .
When vehicle meets other group members, then there will be an
opportunity for to exchange its pseudonyms. At this time, the vehicle
will initiate and broadcast a pseudonym exchange request. The steps to
exchange pseudonym are as follows:
1. As soon as vehicle discovers the presence of other vehicles in its
close proximity, by hearing safety messages, then it attempts to
exchange pseudonyms.
2. broadcast a pseudonym exchanging request message. The message is
associated with its public key of TID
3. When request messages from other vehicles is received by , then
instead of immediately exchanging pseudonym, will compute its
own exchange benefit and will decide whether to exchange at this
time or not.
The exchange benefit is evaluated by the pseudonym entropy, discussed in

Section 9.3.3.
4. If vehicle decides to exchange with others, it will randomly select

a neighbor vehicle and will then send a pseudonym exchange
proposal, which is encrypted with public key of TID i.e., .
5. If the proposal is accepted by , then will receive and verify the
response of including its exchanging public key and the
associated certificates.
RSU signing protocol

The exchanged pseudonyms and the associated certificates cannot be
directly used by vehicle Before using the exchanged pseudonyms, the
vehicle should first activate the pseudonyms issued by the RA through the
RSUs. This is done in the following way:
1. After the exchange with the vehicle , will try to listen to the
broadcast messages of the nearby RSUs.
2. When connected with the closed RSU (let ), will send a
signing request to it with Exchange data and Personal data, that are
encrypted by the public key of the RA.
The Exchanged data consists of exchanged pseudonyms and a dual

signature signed by Vi and Vj, to prevent forgery. Personal data includes
the identification detail of Vi
3. The RA verifies the identity of by validating the Personal data. It

distributes a new exchanging key pair for the next exchange and
renewed certificates of { } to . Both the RA and will keep
record of these data.
4. If during verification by RA, the Exchanged data is found to be
invalid, then RA will redistribute the valid pseudonyms and
certificates present in its backup list to .
Group leaving
When a vehicle moves out of the group-region, it will broadcast safety
messages using the newly changed pseudonyms. Group leaving includes the
following procedure:
1. Vehicle will leave the group, when it receives the message from
the RSU located at the boundary of the region. It will leave the group
by sending newly changed pseudonyms to the RA as the RSU
signing protocol.
2. Till the time vehicle is in the boundary of region and has not yet
received the signal from any RSU, it will use in its safety
broadcast messages instead of .
3. is believed to have left the group, when does not receive any
safety messages from with a certificate for a maximum
time . As a result, will delete the entry from the group
member list.
4. At last, after leaving the group, will determine by itself whether it
wants to join new group or not.
Revocation protocol
From the process and the procedure discussed till now, it can be inferred
that any violation of vehicles will be monitored and accused by
neighbouring vehicles or RSUs. For instance, if a compromised vehicle
is detected by vehicle , then:
1. If is within the group , then will record the violation actions of
and will report it to the group leader . The report will include
information such as type of violation by , the group certificates of
and , and the messages signed by .
2. After receiving the report, the group leader will check the
validity of the report and the identity of vehicle and then forward it
to the RA. (Go to Step 4).
3. But if has left the group , then the generated report will integrate
the pseudonym the public key and the certificate
. The report will be forwarded to the RA.
4. The RA will validate the report and will release the identity of by
its tracking list. If the violation is confirmed, the RA will add to
its blacklist and will broadcast the updated blacklist to all the RSUs
and vehicles in the VSN.
9.3.3. Security analysis

In this section, we will discuss the possible security provided by the
MixGroup approach and the improvement of pseudonym exchange against
location privacy tracking.
Conditional tracking
In the MixGroup approach, the location privacy and the true identity of
each vehicle is totally dependent on the trust of RA. However,
conditionally, it can be stated that it is private for the group leader and
unknown for the common vehicles. This can be proved by the following
instance:
1. When a vehicle is in a group it periodically broadcasts message
that includes safety related data and the group certificate .
The group members of can verify only the validity of safety
messages while RA can link all the messages with certificates to the
true identities of vehicles by checking their tracking list.
2. When a vehicle is out of any group and uses its own pseudonyms for
communication, it can be identified by the RA.
In both situations, it can be concluded that identities of vehicles are globally
linked by RA, and is dependent on its trust.
Attack and defense analysis

MixGroup scheme is capable of protecting VSN against security and
privacy attacks. Following are the essential attacks and the defense
measures of MixGroup:
1. Brute-Force cryptanalytic attacks: Time to time use of encryption
and authentication mechanism in the process of MixGroup prevents
the launching of brute-force cryptanalytic attacks on the encrypted
messages.
2. Replay attacks: The use of timestamps in safety messages prevents
the enforcement of replay attacks.
3. Forgery: The use of key controls prevents the simulation or forgery
of RSU messages.
4. GPA and RPA: GPA and RPA attackers track the vehicles by
eavesdropping the safety messages in the pseudonym-changing
place. In a general situation, there exists only a few vehicles in the
pseudonym-changing place, so it gives a high opportunistic
probability to attackers to track the vehicle. However, MixGroup is
not limited to one pseudonym-changing at one place. When vehicles
enter a group-zone, they meet several other vehicles during
navigation and are allowed to change pseudonyms sufficiently large
number of times with a large number of vehicles. As a result, GPA
and RPA lose their target vehicles.
5. Incorrect data attack: This attack is performed by the internal
adversaries who misbehave and broadcast incorrect data to
neighboring vehicles. However, the MixGroup approach avoids
incorrect data attack by signing the safety messages, because in
MixGroup the vehicle which has signed the incorrect data will only
be liable for the attack. Incorrect attack is detected by enabling each
vehicle to maintain its own neighborhood observations and check the
inconsistencies of the data received from neighbors.
6. Impersonation attack: The adversary can impersonate the target
vehicle by using one of its overheard pseudonyms and the associated
certificate. It can be avoided by making each vehicle sign on the
safety message and include a valid certificate from the RA according
to the pseudonym in usage.
7. Internal Tricking Adversary (ITA): The ITA adversary can be
avoided with the help of dual-signature and signed record . The
RA has the power to detect ITA attackers through , which
remains unchanged due to the use of encryption with RA public key.
As soon as the vehicles detect these adversaries, they report to RA,
who then put them into a blacklist for further punishment and penalty
processing.
8. Internal Betrayal Adversary (IBA): IBA can be avoided if the
target vehicle exchanges pseudonyms with one or more vehicles.
More is the exchange in vehicles, lower is the risk of adversary,
however higher is the overhead. The adversary can easily be detected
by group members and the group leader.
The details of IBA, ITA, GPA and RPA is discussed in Section 9.3.1: Threat
Model.
Entropy optimal pseudonym exchange

Till now, we have discussed the potential of exchanging pseudonym in
preserving location privacy of vehicles in VSN. However, the presence of
internal threats such as IBA and ITA have made the system vulnerable by
leaking or copying the pseudonym information of legitimate vehicles.
Therefore, it is not always advantageous for a vehicle to exchange its
pseudonyms. To counterfeit it, the concept of pseudonym entropy is
considered. Pseudonym entropy is the strength measurement of the location
privacy protection for vehicles. It can be measured as follows:
Let us consider a road intersection with collection of vehicles such as V = {
}, that exchanges pseudonyms with each other.
Let be the successful tracking probability of a vehicle after pseudonym
exchange. Then, the pseudonym entropy for vehicle is represented as in
equation 1
(1)
And the pseudonym entropy for set of vehicles V is given as in equation 2.
(2)
As discussed, the successful tracking probability depends on the number

of adversaries inside the collection ‘V’. Let us suppose there are total ‘N’
vehicles in the VSN of interest and ‘B’ of them are internal adversaries,
represented by collection . The probability that happens to select
which is an internal adversary for pseudonym exchange, is derived by
equation 3:
(3)
When pseudonym exchange is performed, the increase of pseudonym
entropy is given as in equation 4:
(4)
After the kth pseudonym exchange, the pseudonym entropy of is

represented by equation 5:
(5)
Using equation 5, each vehicle will be able to evaluate the associated

benefit and the risk in pseudonym exchange. Vehicles with high pseudonym
entropy will skip the pseudonym exchange process while the vehicles with
low pseudonym entropy, will take the opportunity to enhance their location
privacy. More specifically, a vehicle will exchange pseudonym in the
following condition represented by equation 6:
(6)
The negotiation procedure to facilitate the decision-making of pseudonym

exchange among vehicles is as follows:
1. To forward pseudonym exchange requests: Vehicles can broadcast
pseudonym exchange requests periodically and, in the meantime, can
listen to other vehicle’s requests. Negotiation may take several
rounds, depending on the number of vehicles at the intersection of
roads.
2. Evaluation of pseudonym exchange benefit: In every round of
negotiation, the vehicle first observes the number of candidate
vehicles for exchange and then evaluate the benefit using equation 6.
If the condition is satisfied, it will send out a pseudonym exchange
confirmation message; otherwise, it will broadcast a pseudonym
exchange ending message to indicate it will skip the opportunity.
3. Observing pseudonym exchanging candidates: A vehicle observes
the pseudonym exchanging candidates by listening to the pseudonym
exchange requests and confirmation/ending messages of its
neighboring vehicles. Initially, all vehicles are treated as candidates.
4. Selecting pseudonym exchanging candidates: When the
confirmation messages of all candidates are received, each vehicle
will randomly select one of the candidates for exchange. In case a
vehicle is selected by multiple vehicles, it has the right to choose one
from them. Then, the two vehicles will exchange public keys and
associated certificates to each other. During the procedure of
pseudonym exchange, vehicles are paired to exchange pseudonyms.
If there are odd number of vehicles, then

1. The unpaired vehicle may randomly select a paired vehicle for pseudonym
exchange. In this case, the selected vehicle will sequentially exchange
pseudonyms twice.
OR
2. The unpaired vehicle may skip the current exchange procedure until meeting
other vehicles.
9.3.4. Experimental analysis of the MixGroup approach

When the MixGroup approach was simulated in a network simulator based
on VSN; the following observations were realized [1]:
a) Figure 9.7 represents the global pseudonym entropy of the VSN; it is

observed that entropy increases rapidly as vehicles start to exchange
their pseudonyms within a group-regions. It is also observed that the
traffic conditions play a significant role in global pseudonym entropy.
The more vehicles on the roads presents more opportunities for
pseudonym exchange, which in other words states more global
pseudonym entropy.
Figure 9.7: Entropy of VSN with respect to traffic condition

b) Figure 9.8 represents the global pseudonym entropy in presence of
different adversaries. It is observed that the entropy under different
attack strengths initially have the same increasing rate but as the time
progresses, they converge to different values. This ensures that higher
adversaries have low global pseudonym entropy.
Figure 9.8: Entropy of VSN with respect to adversaries
c) Figure 9.9 represents the pseudonym entropy of a particular target
vehicle . Both the actual and expected pseudonym entropies are
evaluated and investigated, when the vehicle enters the group-regions
for pseudonym exchange. It is observed that vehicle will meet more
vehicles in heavy traffic, and as a result will increase its pseudonym
entropy. A gap between actual pseudonym and expected pseudonym is
observed; this is because of the presence of various adversaries that
poses a potential risk to the location privacy of the vehicle.
Figure 9.9: The excepted and actual entropy of target vehicle with respect to traffic
condition
d) Figure 9.10 illustrates that both the expected and actual pseudonym
entropy of the target vehicle decreases rapidly with the increase in
attack strength:
Figure 9.10: The excepted and actual entropy of target vehicle with respect to
adversaries
Conclusion
The Internet of Vehicles is one the most promising fields of Internet of
things, which requires utmost protection and privacy as it may lead to theft
and accidents. Concerning this factor, the chapter focuses on the privacy
issues of IoV with traditional and futuristic schemes. Brief insights of the
chapter are discussed as follows:
Location privacy is one of the major issues in IoV as it broadcasts
current position, speed, acceleration, and other private details of
vehicle and vehicle’s owner to the general public, which may include
burglars and attackers.
Location-privacy preservation requires identity protection,
conditional tracking, and pseudonym exchange.
Traditional location-privacy preservation schemes include
pseudonyms, mix-zone, group signature, and silent period.
In pseudonym scheme, location privacy is preserved by assigning and
exchanging a dummy name or pseudonym to vehicles, so as to
confuse attackers from getting any personal information.
Changing pseudonyms fails in case of continuous tracking of
vehicles. So, to compensate it a mix-zone scheme is adopted where
vehicle space is divided into two zones observed and unobserved. To
prevent continuous tracking, the exchange of pseudonyms is done on
unobserved zone.
Mix-zone fails in low traffic areas, to compensate; a group-signature
scheme is acquired. In the group signature technique, location privacy
is protected by signing the messages using group identity. Group
identity is a respective secret key of each member of a group.
Silent period is another scheme where vehicles change their
pseudonym in a region of interest during a silent period, where
nobody except the vehicle knows that pseudonym is being
exchanged.
These traditional schemes are not compatible with traffic size. To
atone their issues, a new modern technique is developed by
researchers known as the MixGroup scheme.
In MixGroup technique, the social features of mobility are exploited
to preserve the location-privacy of vehicles.
MixGroup strategy utilizes the following:
Location privacy is preserved by exploiting the meeting
opportunities where pseudonym exchange takes place.
An extended pseudonym-changing region, known as group-region
is created where vehicles use their group identities (or group
signature) for exchanging their pseudonym with each other. The
use of group signatures to inform of group identity covers the
procedure of pseudonym exchange.
The operation of pseudonym exchange is performed by using the
entropy-optimal negotiation procedure. In this procedure, each
vehicle evaluates its benefit and risk while taking part in
pseudonym exchange.
The experimental analysis performed proves the validity and
authenticity of the MixGroup approach in presence of varying traffic
and adversaries.
9.4. Questionnaire

1. Location privacy is the major issue in which field of IoT?
a. Smart Homes Systems
b. Smart Vehicular Management Systems
c. Health care systems
d. Agriculture System
2. In Mix-zone scheme, pseudonyms are exchanged in:
a. Observed region
b. Not exchanged
c. Unobserved region
d. All region
3. Silent period is the duration when the vehicle:
a. Broadcasts its safety messages
b. Updates pseudonyms
c. Communicates with other vehicles
d. Doesn’t do anything
4. In MixGroup approach, location privacy is preserved by:
a. Creating sufficient opportunities and then exchanging
pseudonyms
b. Exchanging pseudonyms in silent period
c. Using signature algorithms

5. Social hot-spot is a place of:
a. Low traffic
b. High traffic
c. High traffic where vehicles stop for particular work or any other
reason
d. All of the above
Answer key
1. (b) 2. (c) 3. (b) 4. (a) 5. (c)

1. Explain the MixGroup approach of preserving privacy in vehicular
sensor networks.

1. Explain the importance of preserving location-privacy in the
Vehicular network.
2. What is meant by entropy and how the concept of entropy is used in
preserving location privacy in VSN.
Keywords (†)
Entropy: It is the measurement of uncertainty.
References
[1] X. Huang, J. Kang, R. Yu, and X. Chen, “Exploiting Mobility Social
Features for Location Privacy Enhancement in Internet of Vehicles,” in
Security and Privacy in Internet of Things (IoTs), CRC Press, 2016, pp.
187–224.
[2] S. Wang, N. Yao, N. Gong, and Z. Gao, “A trigger-based pseudonym
exchange scheme for location privacy preserving in VANETs,” Peer-to-
Peer Netw. Appl., vol. 11, no. 3, pp. 548–560, 2018, doi:
10.1007/s12083-017-0557-5.
[3] J. Kang, R. Yu, X. Huang, and Y. Zhang, “Privacy-Preserved
pseudonym scheme for fog computing supported internet of vehicles,”
IEEE Trans. Intell. Transp. Syst., vol. 19, no. 8, pp. 2627–2637, 2018,
doi: 10.1109/TITS.2017.2764095.
[4] C. Kalaiarasy, N. Sreenath, and A. Amuthan, “Location Privacy
Preservation in VANET using Mix Zones - A survey,” 2019 Int. Conf.
Comput. Commun. Informatics, ICCCI 2019, pp. 1–5, 2019, doi:
10.1109/ICCCI.2019.8822028.
[5] L. Benarous, S. Bitam, and A. Mellouk, “CSLPPS: Concerted Silence-
Based Location Privacy Preserving Scheme for Internet of Vehicles,”
IEEE Trans. Veh. Technol., vol. 70, no. 7, pp. 7153–7160, 2021, doi:
10.1109/TVT.2021.3088762.
[6] C. Zhang, R. Lu, P. H. Ho, and A. Chen, “A location privacy preserving
authentication scheme in vehicular networks,” IEEE Wirel. Commun.
Netw. Conf. WCNC, pp. 2543–2548, 2008, doi: 10.1109/wcnc.2008.447.
[7] A. K. Tyagi and N. Sreenath, “Location privacy preserving techniques
for location based services over road networks,” 2015 Int. Conf.
Commun. Signal Process. ICCSP 2015, pp. 1319–1326, 2015, doi:
10.1109/ICCSP.2015.7322723.
[8] L. Benarous and B. Kadri, “Obfuscation-based location privacy-
preserving scheme in cloud-enabled internet of vehicles,” Peer-to-Peer
Netw. Appl., vol. 15, no. 1, pp. 461–472, 2022, doi: 10.1007/s12083-
021-01233-z.
[9] P. Rosy, “Pseudonym-Based Privacy Preserving Framework for
Facilitating Cloud Data Security,” Int. J. Recent Technol. Eng., vol. 8,
no. 2, pp. 6516–6526, Jul. 2019, doi: 10.35940/ijrte.B2514.078219.
[10] S. Abd Razak, N. H. Mohd Nazari, and A. Al-Dhaqm, “Data
Anonymization Using Pseudonym System to Preserve Data Privacy,”
IEEE Access, vol. 8, pp. 43256–43264, 2020, doi:
10.1109/ACCESS.2020.2977117.
[11] “Health Applications.”
https://www.chino.io/compliance/pseudonymization-for-health-
applications.
[12] A. Agarwal and R. Saraswat, “A Survey of Group Signature Technique
, its Applications and Attacks,” vol. 2, no. 10, pp. 28–35, 2013.

Importance of location-privacy in the Internet of Vehicles
Requirements of location privacy
Traditional and futuristic location privacy schemes

CHAPTER 10
Privacy Protection in Key Personal IoT
Applications
In continuation with Chapter 8, Privacy Preservation for IoT and Chapter 9,

Location Privacy Enhancement in the Internet of Vehicles, this chapter too
discusses the privacy protection schemes in the field of personal IoT. The world
of personal computing is the most accepted and promising application of IoT
execution. The chapter focuses on the protection of Mobile Wireless Body
Sensor Networks (Mobile WBSN) and participatory sensing network, which
are considered the two best instances of personal IoT implementation. Mobile
WBSN contains a number of sensor nodes that are implanted into the human
body to monitor health such as blood pressure, glucose, toxins and so on. The
health data is uploaded to a central database which is then accessed by a
healthcare provider for real-time diagnosis and emergency responses. In a
participatory sensing network, sensors act as participants that gather
surrounding information. The collected sensory data is reported via
smartphones and is uploaded to the central servers. After processing, the data is
shared among users. The chapter demonstrates lightweight privacy-preserving
schemes for Mobile WBSN and participatory sensors.
Structure
Understanding the concept of Mobile WBSN and participatory sensing
Attack models in the field of personal IoT
Schemes of protecting privacy in Mobile WBSN
Schemes for protecting privacy in participatory sensing
10.1. Concept of personal IoT
In this hyper-connected IoT world, the employment of a “Personal Network”
has enabled the simplification of network functionalities. Broadly stating the
proliferation of personal or consumer IoT is classified into two broad areas
known as IoT in surrounding (such as environmental monitoring, transportation
management, personal entertainment, and so on) also known as participatory
sensing and IoT in person (such as wearable devices, smartphones. cars,
handheld devices, and so on) known as WBSN. These are short-range devices
that communicate among themselves and with an external network via a local
gateway, resulting in the formation of a Personal IoT (PIoT) Network. For
instance; when a car user within a car connects his/her smartphone to the car
devices, then it leads to the formation of the PIoT network. For smooth
functionality, it requires a framework that enables the high-quality integration
of PIoT into the current mobile IoT standards or to the 5G standards.
The diagrammatic representation of the PIoT network is illustrated in Figure
10.1; it consists of communication between personal IoT and public IoT.
Theoretically, PIoT can be defined as “A group of connected IoT devices
related to surroundings as well as to the immediate proximity of an individual”
[1].
Figure 10.1: The architecture of Personal IoT
10.1.1. Mobile WBSN

WBSN is an emerging technology which can be applied to medical as well as
non-medical applications. Defense and E-health care systems are the most
accepted applications where mobile WBSN is administered. It consists of a
number of sensors that are placed in, around, or on the human body to sense
and monitor the parameters such as temperature, blood pressure, ECG, EEG
and so on. Besides regular tracking, it helps doctors in providing efficient
medical facilities for diagnosing chronic diseases such as cancer, obesity,
cardiovascular diseases, diabetes, diseases related to infant health, and so on.
The sensed data is processed and communicated to the medical server for
further analysis [2], [3].
Throughout this chapter, we will discuss E-health as an application of mobile WBSN.
Architecture of WBSN
Theoretically, WBSN consists of a central node which acts as a master and the
other sensors in the human body act as slave nodes. The quantitative and
qualitative parametric information is sensed and collected by sensors, which are
then transmitted to the medical staff whenever a life-threatening event occurs.
Deterministically, any mobile WBSN consists of four different entities named
WBSN, mobile gateway, cloud servers, and accessor as illustrated in Figure
10.2:
Figure 10.2: The architecture of WBSN network

WBSN: WBSN are the wearable sensors that are implanted and attached
to the human body. The sink node (or central node) in WBSN
periodically uploads the data into the mobile gateway via a secure
channel.
Mobile Gateway (MG): It is a smartphone with an Internet connection
that uploads the data received by the sink node to the cloud servers.
Cloud Servers (BC): Cloud servers serve as the back-end storage server
that stores huge amounts of data via the virtualization of storage
resources.
Accessor (MA): These are the mobile devices held by guardians and
medical staff for their analysis and decision making. They can access the
cloud server’s data in a ubiquitous manner.
For efficient data transmission in mobile WBSN applications, multi-channel lossless

compression is used; so that no or minimum data is lost during transmission.
Commonly, the ECC technique is used for decreased errors in transmission and for
the avoidance of stolen crisis, an asymmetric encryption technique is used.
Issues in mobile WBSN
WBSN basically includes critical health data that accounts for the leakage of
personal privacy. The privacy of the communication link between smartphones
and cloud servers is protected by MAC protocols such as IEEE 802.11 in
WLAN, IEEE 802.15.4 in WPAN, or WCDMA in 3G, etc. However, the
protection of cloud servers against maliciousness is always assumed to be the
point of concern. For defending against malicious cloud servers, a direct
solution is the application of data encryption techniques such as AES. However,
uploading the encrypted data is not suitable and applicable for smartphones as
they are resource constrained and have limited energy. Moreover, smartphones
can be misused, lost, stolen, or hacked by the attackers. Thus, privacy
protection itself should be robust and light weighted.
10.1.2. Participatory sensing

In mobile participatory sensing, participants gain insight into the environment
by sensing and processing the available data on mobile or smartphones. The
collected and processed information enables a wide range of innovative
applications, varying from people-centric to environmental-centric. People-
centric includes the participants that can monitor and document health-related
issues, such as diet behaviors, individual exposure and impact to air pollution,
depression, physical activities, sports experiences, and stress conditions.
Environment-centric applications consist of tracking the mobility of crowds
such as in concerts or festivals. Besides, it also includes the collection and
analysis of data related to air urban air pollution, noise pollution, weather
conditions, events in the city, bus arrival times, or thermal columns. The
reported data are uploaded into central servers (for example; cloud servers), and
central servers share the data with users after data processing [4]–[6].
Architecture of Participatory Sensing

The participatory sensing application includes three different entities classified
as participants’ mobile phones (or consumers), application servers and
administrators (or contributors). Participants’ mobile phones collect the
surrounding data. Contributors are responsible for uploading the sensed data to
the central application servers. The application server manages and analyzes the
uploaded data; and presents it to the consumer in an appealing form. The flow
of interaction in the participatory sensing system is as follows and is also
represented’ by Figure 10.3:
Level 1- Tasking: The contributors or administrators first determine the
sensing tasks that are to be executed and then distributed them to the
participant’s mobile phones.
Level 2-Sensing: The participants’ mobile phones collect the sensor readings
corresponding to the defined sensing tasks.
Level 3-Local processing and storage: The collected sensor readings can be
locally processed on the mobile phone for the extraction of interesting features.
The processed sensor readings may be temporarily stored on the participants
mobile phone before being transmitted to the application server.
Level 4-Reporting: The temporarily processed participants’ sensor readings
are reported to the application server for further analysis and display.
Level 5-Centralized storage and processing: The application server then
stores the reported data and analyzes them. It is responsible for removal of
incorrect readings, computation of summaries, or analysis of the reported
sensor readings etc.
Level 6-Presentation: End users can then access the results of the sensing
tasks. For example, they can query specific sensor modalities or results in a
region of interest.
Figure 10.3: The architecture and flow of interaction in participatory sensing

Issues in participatory sensing
To encourage the participatory sensing system, the increased accumulation of
sensory data is required to be uploaded and shared. Random volunteers are
motivated to register and enroll themselves as data contributors. There might be
a possibility that these volunteers can be potential attackers or malicious
contributors, which may pose several security issues, such as the following:
a. The presence of random contributors may upload incorrect data that can
be intentional or unintentional.
b. The privacy of data contributors such as location information, user
trajectory, and location can be leaked over time while uploading the data.
Hence, they should be protected.
c. The system should be robust and should defend the system against internal
attackers.
10.2. Security aspect of personal IoT

The threats in PIoT may lead to privacy issues and are categorized into device
level and communication level. Device-level threats include device capture,
device tampering, and device outage. Communication level threats lead to
network attacks such as selective forwarding attacks, blackhole attacks,
wormhole attacks, etc. The existing security solutions may be taken as a base
solution but are not relevant for resource constraint IoT devices employed in
WBSN and participatory applications. So, a need for lightweight robust
schemes in personal IoT is the demand of today. In the upcoming sections, we
will discuss the proposed lightweight and robust schemes for the protection of
WBSN and participatory sensing applications.
The major concern in this chapter is only the privacy protection of untrustworthy
cloud server (as in WBSN application) or central server (as in participatory sensing
application). Since, the communication among the entities is assumed to be protected
by the protocols at the MAC layers and link layer such as IEEE 802.11 or 3GPP.
Thus, the adversaries on the communication link are ignored.
10.2.1. Lightweight and robust schemes for protecting privacy in

Mobile WBSN
The actual concern in WBSN is the privacy protection of the data uploaded to
the untrustworthy cloud server. The security requirement is that the data
transferred from a mobile gateway or smartphone to the cloud server should not
be recovered by adversaries present in cloud. So, to counterfeit it, two schemes
are investigated in this section named the One Time Mask (OTM) scheme and
One Time Permutation (OTP) scheme. OTM is a one-time XOR-based
encryption and OTP is a permutation-based encryption. Both these schemes are
based on the characteristics of Mobile Gateway (MG) and the properties of the
uploaded data since it facilitates energy efficiency.
Characteristics of a mobile gateway and properties of uploaded data
The characteristics of a mobile gateway and properties of the uploaded data will
be used in the OTM and OTP schemes and are as follows:
a. A mobile gateway is an energy constraint device and there are three
sources that consume most of the energy; they are communication,
computation, and storage. Out of these, the maximum energy is consumed
in communication, so it is preferred that the length of the message should
be as short as possible.
The communication length in XOR-based encryption, i.e., in the OTM scheme

is the same as that of the original data and consumes less energy than any other
symmetric encryption methods.
b. The number of WBSN sensors for a single user, i.e., a Mobile Gateway is
small, which means that the amount of source data in each upload interval
is usually not very high.
Commonly, the number of sensors(n) for a single mobile gateway is less than or
equal to 16.
c. The range of the uploaded data is always short because the data sensed
from the person’s body rarely varies with an extremely abnormal
deviation. Mathematically, the range of data is expressed as
, where is the median value of the
sensed result, and is the maximal absolute offset, expressed as
Assumptions for the uploaded data:
i. D1, D2, ……..Dn are positive integers and in case if Di is negative, then
it can be expressed by sign mark Si = 0, 1, where ‘0’ is for negative
sign and ‘1’ is for positive sign.
ii. Di is an integer, and if it is a non-integer, then it can be changed to
integer by multiplying by 10pi, where pi is the distance of the decimal
point from the rightmost position.
For example,
If Di = 36.3, then in this scheme, we will denote it as 363,1,1; where
363 is the value, first ‘1’ is the decimal point position and second ‘1’ is
a sign of positive integer.
If Di = -36.3, then in this scheme, we will denote it as 363,1,0; where
363 is the value, first ‘1’ is the decimal point position and second ‘0’ is
a sign of negative integer.
d. The data is repetitive on most occasions, or the median value may persist
or recur most of the time. The reason is the same as that discussed in the
previous point (c), which states that the data sensed from the person’s
body rarely varies with an extremely abnormal deviation.
10.2.1.1. One Time Mask scheme

The discussed characteristics of the mobile gateway and uploaded data led to
the evolution of the One-Time Mask Scheme (OTM), which relies on the
XOR operation and consumes less energy in communication. The OTM scheme
is illustrated as follows:
a. The settings of the OTM scheme are the same as discussed above; it
includes ‘n’ sensors such that and each sensor is denoted by
. Each sensor ‘ uploads data ‘ to MG at each
interval. The range of ‘ is always and the interval
for each upload time is I s. The number of upload times is thus t = 60/I in
1 m.
b. The data structure includes three tables: Median Value Table (MVT),
Range Value Table (RVT), and Mask Value Table (KVT). For all the
sensed data; MVT and RVT are created by MG and is represented as
and , where SN is
a unique sequence number and is the median of the data generated and
is the range of the data generated from the ith sensor.
For facilitating encryption of each sensed data, a KVT table is also created
by MG and is denoted by , where is the
mask value for sensing data and ‘m’ is the amount of data generated by
sensor ‘i’. Figure 10.4 demonstrates the data structure MVT, RVT and
KVT:
A tuple in MVT and RVT is appended upon the adjustment of Mi and Ri but in
KVT, it is appended for each piece of uploaded data.
Figure 10.4: The Illustration of MVT, RVT and KVT table at Mobile Gateway
c. Data encryption and data uploading constitute the following steps:
Step 1: When the sensing data is received by a Mobile Gateway (MG), a
random number is generated ranging between ‘0’ and ‘1’ and is expressed
as , denoted by
Step 2: MG stores to MVT and
to KVT
Step 3: The data is encrypted with the generated mask value using:
(1)
The final encryption value is:
(2)
Where ‘S’ is a sign and

Step 4: Finally, MG uploads the encryption result to BC.
d. MA access: If MA wishes to access the uploaded data, then
It will be provided with MVT, RVT and KVT by MG which covers its
data of interest and the interested , is retrieved
from MVT and KVT via SN, respectively.
is decrypted using
Finally, every data recovered is
10.2.1.2. One Time Permutation scheme

Though the OTM scheme consumes less communication and computation
energy as compared to conventional encryption techniques. Still there is an
option to further decrease the energy consumption by replacing XOR
encryption by permutation encryption, known as One Time Permutation
(OTP) scheme. The idea of OTP is that the encryption secrecy relies on
permutation styles instead of keys. The permutation style determines the
arrangement of Oi in the uploaded data. The scheme is as follows:
a. The settings of the OTP scheme are similar to the OTM scheme as
discussed above. (Refer to section 10.2.1.1 (a)).
b. The data structure includes three tables: Median Value Table (MVT),
Range Value Table (RVT) and Permutation Value Table (PVT). PVT
table is created for every sensed data and is stored by MG. PVT is
represented as , where SN is a unique sequence
number and is the position of sensing data in ‘m’ positions. Figure
10.5 illustrates major data structures MVT, RVT, and PVT.
MVT and RVT tables are same as discussed above.
Figure 10.5: The Illustration of MVT, RVT and PVT table at Mobile Gateway
c. Data encryption and data uploading constitute the following steps:
Step 1: When the sensing data is received by a Mobile Gateway (MG), a
random permutation is generated ranging between ‘0’ and ‘n’ and is
expressed as
Step 2: MG stores to MVT and

to PVT.
Step 3: The data is encrypted as follows:
(3)
Where ‘S’ is a sign and
Step 4: Finally, MG uploads the encryption result to BC.
d. MA access: If MA wishes to access the uploaded data, then
It will be provided with MVT, RVT and PVT by MG which covers its
data of interest and the interest , is retrieved from
MVT and PVT via SN, respectively.
is decrypted using
Then, finally, every data recovered is
10.2.1.3. Comparative analysis of OTM and OTP

The performance of the discussed schemes is measured in terms of
communication overhead and computation overhead. Since, both OTM and
OTP upload only the encrypted data to the MG with the cipher text of the same
length as that of the original text, and thus the communication cost of both
OTM and OTP are the same.
OTM uses one-time XOR-based encryption while OTP utilizes the permutation
styles instead of keys for encrypting the data. Use of permutation significantly
decreases the energy consumption due to the avoidance of XOR computation,
with the same security maintenance. Thus, the computation cost of OTP is
resulted to be quite less than OTM.
Hence, it can be stated both OTM and OTP schemes are light weighted privacy
preserving schemes.
10.2.2. Lightweight and robust scheme for privacy protection in

Contributors and central servers are the major cause of concern in any
participatory sensing application. Faulty contributors aim to mislead the central
servers by uploading the forged data or they may intentionally bypass or breach
the employed defense scheme. Thus, it is necessary to propose a scheme that
can detect and defend the system against these malicious contributors. It may
also happen that central servers leak the contributor’s privacy data such as
location, trajectory, behaviors, and habits. So, for effective functioning, the real
identification of the contributors should be hidden from central servers.
Summarizing the sources of disruption; there is a need to develop a lightweight
and robust scheme for the trustworthiness and privacy of participatory sensing.
The scheme should firstly, confirm the trustworthiness of uploaded data in the
presence of malicious contributors. Secondly, it should be able to evaluate the
reputation of the contributor so that only reputed contributor is allowed to
upload data. Thirdly, it should protect the contributor’s privacy without
admission control, and lastly, it should be able to maintain the robustness of the
employed defense system to impede the malicious contributors.
10.2.2.1. The LRTP scheme

The scheme that fulfills the discussed security goals such as data
trustworthiness, reputation evaluation, privacy protection and robustness in one
solution and in a lightweight manner is known as Lightweight and Robust
scheme for maintaining Trustworthiness and Privacy (LRTP) scheme. The
scheme preserves the privacy of the participatory system, with discussed
security goals.
i. Data Trustworthiness
Data trustworthiness is the probability of uploaded data is accurate in nature
and is maintained by following the five inference policies, known as average,
median, distance average, time average and reputation weighted average of the
uploaded data.
Before the discussion of the policies; the following definitions should be
known:
Uploaded Data: It is the surrounding data sent from contributors to the
central servers.
Actual data on surroundings: It is the actual uploaded data that
includes the correct value of the surrounding.
Trusted contributors: These are the contributors that upload the correct
(actual) data on surroundings.
Bad-mouth contributors and Bad-mouth attacks: These contributors
upload inaccurate data about the surroundings and attacks launched by
bad-mouth contributors and are known as bad-mouth attacks.
Since the participatory sensing system is an open system and without admission
control. So, any type of contributor (trusted or malicious) can take part and upload
the data. The task of distinguishing the data has to rely on the observation of
contributors at central servers after uploading the subsequent information.
The task of distinguishing trusted contributors from bad-mouth contributors depends
on the establishment of reputation system by the central servers. The central servers
evaluate contributors’ reputation according to their observations.
Central servers’ observations: It is the series of uploaded data that is

sent by contributors and received by central servers.
Contributor reputation: Contributor reputation is defined as the
likelihood of the contributor to be trusted or untrusted. The reputation
value is stored by the reputation system at central servers.
Reputation system: It is the system that calculates and manages the
contributor’s reputation.
Inferred actual surrounding data: It is the likelihood of the actual
surrounding data that is inferred from the data uploaded by other
contributors at similar locations and timestamps. It can be explained with
the help of the following derivation:
Let us assume that there be the three contributors A, B, and C that upload data
, at similar locations and at similar timestamps. Such that
, where are locations of
A, B and C respectively and is the distance threshold value.
, where are the uploaded
timestamps of A, B and C, respectively and is the time threshold
value.
The central servers will aim to estimate the contributor A’s actual surrounding
data by using the inference function. The inferred actual surrounding data (D)
estimated by A will be the function of . Mathematically, it is
expressed as , where ‘inf’ is an inference function
considering as input and D as the output. In the generalized form,
the deduced inferred actual surrounding data is expressed as for
input parameters , where Di are uploaded data, Li is a location
id, Ti is a timestamp, and Ci is a contibutor's id.
Inference policies
For uploading the trustworthy data in central servers of the participatory
sensing system, the following five inference policies are adopted:
Inference-Policy I: Average
This policy is used for all types of the uploaded data and is evaluated as
, where Avg is the average value of all input parameters .
Inference-Policy II: Median
This policy is also used for all types of the uploaded data and is evaluated as
, where Med is the median value of all input parameters .
Inference-Policy III: Distance Average
This policy is used for uploaded data that degrade with distance, for example,
temperature or noise. Distance average is evaluated as follows:
First, the space Euclidean distance† between and L is computed, denoted as
, where ‘n’ is the total number of data uploaded, is the
th
location of i data, and L is the inferred location of the inferred actual
surrounding data.
Second, from all the obtained , select the minimum and maximum and
denote it as and .
Third, compute the summation of total distance as
Fourth, compute the summation of total uploaded data as
Fifth, the distance average is computed as
Inference-Policy IV: Time Average (4)
This policy is used for uploaded data that degrade with time, for example,
volumes of traffic or cloud. Time average is evaluated as follows:
First, the time span between and is computed, denoted as
,where ‘n’ is the total number of data uploaded, is the
time-span of ith data and is the inferred time of the inferred actual surrounding
data.
Second, from all the obtained , select the minimum and maximum and
denote it as and .
Third, compute the summation of total time as
Fourth, compute the summation of total uploaded data as
Fifth, the distance average is computed as
Inference-Policy V: Reputation weighted average (5)
This policy is used for all types of the uploaded data and is evaluated as
follows:
First, compute summation of all reputation values of contributors who upload
the data. It is denoted as , where is the reputation of ith
contributor.
Second, the weight of each reputation value is computed as
Third, the value of D is computed as

Finally, the reputation of inferred actual surrounding data is computed as
(6)
Creation of reputation system will be discussed in the next section.

With the help of these inference policies, trustworthiness of the uploaded data is
evaluated and good or bad uploading are judged as follows:
The uploaded data is said to be good if and only if the trustworthiness of the
uploaded data is within a threshold value; else the uploaded data is bad.
Trustworthiness of the uploaded data is defined as , where ‘U’ is the
uploaded data, and ‘D’ is the inferred actual surrounding data.
Statistically, if then the uploaded is good else bad, where, ‘Th’ is
a threshold value in system parameters.
ii. Reputation Evaluation
The reputation dynamics of the contributors is evaluated by pursuing the
following policies:
Evaluation Policy I: Threshold Bias Linear Adjustment
This policy states that if the bad upload occurs, then , else
,where ‘R ’is the reputation of the current contributor evaluated
using equation 6.
Evaluation Policy II: Exponential Bias Linear Adjustment
Compute , where ‘U’ is the uploaded data and ‘D’ is the
inferred actual surrounding data. Let ‘Th’ be the threshold value and
If and , then else
, here is the system parameter and , i = 1, 2….., n-1.
Evaluation Policy III: Exponential Bias Exponential Adjustment
Compute , where ‘U’ is the uploaded data and ‘D’ is the
inferred actual surrounding data. Let ‘Th’ be the threshold value and
If and , then else
, here is the system parameter and , i = 1,2….., n-
1 and a = 2.
iii. Contributor privacy protection
Contributor privacy is the probability that central servers correctly identify the
contributor’s actual identification after observing the uploaded data of the
contributor. Statistically, it is represented as in equation 7.
(7)
defines ID (contributor actual identification) and it is

derived by CS (central server), defines ‘CS’ i.e., central server
receives ‘d’, i.e., uploaded data of contributor.
The privacy of the contributor is said to be perfect if and only if .
Commonly contributors’ anonymous identity is used instead of contributor actual

identity in the participatory sensing for protection of contributor privacy.
The procedures for contributor privacy protection consist of the following

steps:
Step1: Initialization of the initial key
When a contributor uploads the data for the first time:
Its initial contributor reputation is set up as .
Its initial group is set up with identity .
Its initial group authentication key is set up as .
Both gid and gak have been deployed previously by the application software on
smartphones.
Step 2: Generation of the contributor’s anonymous identity

When each contributor sends the uploaded data to the central servers, then the
contributor’s anonymous identity is randomly generated which is of a fixed
length.
Step 3: Data uploading by contributors to central servers
The data uploaded by contributors to the central server has six tuples <cai, l, t,
d, h(gak||cai), gid>, where ‘cai’ is the contributor’s anonymous identity; l is the
location identity of the uploaded data; t is the timestamp of uploaded data; d is
the data of the surroundings; h(˙) is a one-way and collision-free function and
gid is a group ID.
Step 4: Verification of the validity of the contributor by central servers
Central servers search the group authentication key ‘gak’ by their group ID
‘gid’, and verify whether h(gak||cai) is correct or not. If it is correct, then
central servers consider that the contributor possesses the group ‘gid’, and thus
have the corresponding reputation value of that group.
Step 5: Updating reputation, gak, and gid by central servers
For maintaining the effective privacy of the contributors, central server updates
the reputation, gak, and gid after the periodical interval:
Reputation values of each contributor are updated using the reputation
evaluation policies; previously discussed in Section 10.2.2.1(a).
Group authentication keys and group identities are updated randomly by
central servers using random number generators. Central servers store <
gid,gak, r >, and send new gid and gak values to the corresponding
contributors confidentially.
Step 6: Updating gak and gid by contributors
As soon as the contributors in the same group receive the same group
authentication key (gak) and group identity (gid), the contributor replaces the
old values of gid and gak with the new ones.
iv. Robustness enhancement
The robustness of the participatory sensing can be enhanced by using the
following the two methods:
Method I: Counting group members
Commonly, at the end of each updating period, the central servers keep the
record of the total number of its group members. According to this method, in
the next period update, when a member with a different contributor’s
anonymous identity joins the group, the central servers will decrease the count.
Once the count reaches zero, newcomers who want to join the group will not be
permitted to do so. In this way, the suggested method can limit the influence of
the leaking of the group authentication key and can detect the key-leaking
attack. Thus, this increases the effective functioning of the system without
failure.
Method II: Traitor tracing
Traitors can be traced by changing the group authentication key. For instance, it
can be achieved by dividing the group authentication key into two parts: one is
the group authentication key generated by the central servers and the other is
the private key generated by the contributors. Finally, the traitor can be traced
through the distinct group authentication key.
Conclusion
The world of personal computing is one of the most accepted applications of
the IoT. The Mobile Wireless Body Sensor Network (Mobile WBSN) and
participatory sensing network are the most popular examples of personal IoT
implementation. The chapter focuses on the privacy protection of these
promising applications.
Personal IoT deals with all applications related to the personal networks
which are within the persons’ surrounding and within the persons’ body.
Surrounding IoT applications are known as participatory sensing
applications and IoT on persons deals with the wearable sensing network.
Mobile WBSN consists of a number of sensors that are placed in, around,
or on the human body to sense and monitor the parameters such as
temperature, blood pressure, ECG, EEG etc. They are useful in
diagnosing chronic diseases.
Any mobile WBSN consists of four different entities named WBSN,
mobile gateway, cloud servers, and accessor. WBSN are the sensors
implanted on the human body, mobile gateway are the smartphones that
upload the readings on the cloud servers for storage and analysis and
finally, accessors are the devices that access the cloud data and make
decisions accordingly.
In mobile participatory sensing, participants gain insight into the
environment by sensing and processing the available data in mobile or
smart phones. The collected and processed information enables wide
range of innovative applications.
The participatory sensing application includes participant’s mobile
phones (or consumers), application servers and administrators (or
contributors). The participant’s mobile phone collects the surrounding
data. Contributors are responsible for uploading the sensed data to the
central application servers. Application server manage and analyze the
uploaded data and present it to the consumer in an appealing form.
Both Mobile WBSN and participatory sensing are applicable in crucial
application. Therefore, the protection of privacy is the mandatory
requirement in these applications.
One-Time Mask (OTM) and One-Time Permutation (OTP) are the
two schemes that are developed to protect the privacy of the Mobile
WBSN.
OTM is a one-time XOR-based encryption and OTP is one-time
permutation-based encryption. Both these schemes are based on the
characteristics of Mobile Gateway (MG) and the properties of the
uploaded data, since it facilitates energy efficiency.
Privacy protection schemes in the participatory sensing includes:
Firstly, confirm the trustworthiness of uploaded data in presence of
malicious contributors.
Secondly, it should be able to evaluate the reputation of the
contributor; so that only a reputed contributor is allowed to upload
data.
Thirdly, it should protect the contributor’s privacy without admission
control.
Lastly, it should be able to maintain the robustness of the employed
defense system so as to impede the malicious contributors.
For the fulfillment of discussed security goals an scheme is developed
Lightweight and Robust scheme for maintaining Trustworthiness
and Privacy (LRTP). The scheme fulfills data trustworthiness,
reputation evaluation, privacy protection, and robustness in one solution
and in a lightweight manner.
10.3 Questionnaire

1. Personal IoT network deals with:
a. IoT on surrounding and IoT on person
b. IoT on cloud and IoT on mobile
c. IoT on home and IoT on office
d. None of these
2. OTM technique is based on:
a. Naive encryption
b. XoR encryption
c. Substitution encryption
d. Permutation encryption
3. PVT table is applicable in:
a. OTP
b. OTM
c. Both OTP and OTM
d. None of these
4. Privacy protection in the participatory sensing includes:
a. Data trustworthiness
b. Reputation
c. Robustness
d. None of these
Answer key
1. (a) 2. (b) 3. (a) 4. (a, b, c)

1. Explain privacy protection schemes in the WBSN network and
participatory sensing network.

1. Describe the architecture of the WBSN network with help of examples.
2. Describe the architecture of participatory sensing networks with help of
examples.
Keywords (†)
Euclidean distance: It is the length of a line segment between the two
points.
References
[1] B. P. S. Sahoo, S. P. Mohanty, D. Puthal, and P. Pillai, “Personal Internet of

Things (PIoT): What Is It Exactly?,” IEEE Consum. Electron. Mag., vol.
10, no. 6, pp. 58–60, Nov. 2021, doi: 10.1109/MCE.2021.3077721.
[2] S. G. Mavinkattimath, R. Khanai, and D. A. Torse, “A Survey on Secured
Wireless Body Sensor Networks,” in 2019 International Conference on
Communication and Signal Processing (ICCSP), Apr. 2019, pp. 0872–0875,
doi: 10.1109/ICCSP.2019.8698032.
[3] S. Chaudhary, A. Singh, and K. Chatterjee, “Wireless Body Sensor Network
(WBSN) Security and Privacy Issues: A Survey,” Int. J. …, pp. 515–521,
2019, [Online]. Available: https://papers.ssrn.com/sol3/papers.cfm?
abstract_id=3355560.
[4] F. Restuccia, S. K. Das, and J. Payton, “Incentive Mechanisms for
Participatory Sensing,” ACM Trans. Sens. Networks, vol. 12, no. 2, pp. 1–
40, May 2016, doi: 10.1145/2888398.
[5] D. Christin, “Privacy in mobile participatory sensing: Current trends and
future challenges,” J. Syst. Softw., vol. 116, pp. 57–68, Jun. 2016, doi:
10.1016/j.jss.2015.03.067.
[6] H. Gao et al., “A Survey of Incentive Mechanisms for Participatory
Sensing,” IEEE Commun. Surv. Tutorials, vol. 17, no. 2, pp. 918–943, 2015,
doi: 10.1109/COMST.2014.2387836.

Significance of the personal IoT network
Architecture of the WBSN network and its privacy protection schemes
Architecture of the participatory sensing network and its privacy
protection schemes

CHAPTER 11
Trust and Trust Models for the IoT
The privacy and security solutions discussed till now, though helpful for
Internet of Things (IoT) networks, are found to be complex and power-
hungry with low decision-making ability. Besides, these solutions demand
fixed infrastructure, which makes them less suitable for remotely deployed
IoT networks. The shortcomings of existing security measurements had
accelerated the development and investigation of trust-based design models.
In view of this, the chapter discusses trust-management frameworks. It
gives a classification of trust management domains as structural domains
and conceptual domains. It also highlights the security issues from an
architectural perspective with their assets and liabilities. A new
architectural model resolving the issue related to future ICT technologies
such as naming, identification, mobility, scalability, control, management,
and others is discussed. The presented model demonstrates the “swarms of
things”, which self-organizes themself to establish the required security,
privacy, and trust levels.
Structure
Understanding the concept of trust and its role in securing IoT
Overview of Trust Management System and its classification with
respect to IoT network
Security issues in existing trust architecture
Trustable fellowships of self-organizing “Things” and their
representatives
11.1. Concept of trust and its role in securing IoT

Trust is considered a mutual relationship between entities. It is a multi-facet
concept that spans numerous IoT domains. According to the author Cook
[1], trust is outlined as a “degree of subjective belief towards the behavior
of a particular entity.” Trust works hand-in-hand with communication
security. Trust ensures authentication and authorization, whereas
communication security provides the privacy and integrity of the data
exchanged between peers. Conventionally, the trust of the IoT is ensured
using public key cryptography, which includes the implementation of public
key infrastructure.
Detail Study of PKI is already discussed in Chapter 7: The Crypto Foundations -

II in Section 7.6.4.
Though the existing security techniques secure the IoT network, they are
not much fruitful. It is because of the following reasons:
The existing security techniques are complex and power-hungry, and
thus, not suitable for resource-constraint IoT networks that are having
low computational and operational capability.
Existing security demands fixed infrastructure, which is irrelevant for
remotely deployed IoT networks.
The conventional techniques are less preferred to the heterogeneous
environment, which is supported by IoT networks. Heterogeneity
includes diverse kinds of sensors that may lead to non-cooperation.
Thus, they should be controlled in an effective manner.
Finally, the conventional techniques demand excessive costs in terms
of energy, memory, and latency that further degrades the performance
of the network and state the impracticability of the sensor-enabled
IoT network.
The drawbacks of conventional security measurements and the
requirements of light-weighted and robust securing techniques had led to
the development of trust management systems that have low complexity
and higher resistance to attacks. In addition, they assist in analyzing the
behavior of nodes that provides true identification of nodes to be trusted or
compromised. Besides, the trust relationship plays a key role in addressing
the dynamic nature of the node and is deemed to be reliable and realistic
due to its exemplary decision-making ability.
The term peers, devices, and entities are used to describe IoT nodes.
11.2. A brief study on Trust Management System

Trust Management System (TMS) is a design and development of
strategies that evaluates and maintains the trust of different entities or
systems. For an IoT paradigm, TMS is documented as an intermediary layer
between requester and provider that facilitates trustworthy interactions and
serves the security services such as identification management (such as
identification of normal, malicious, and selfish behavior of nodes/devices),
resource management, access control, and so on. The deployment and
designing of TMS comprise different phases. Refer to Figure 11.1:
11.2.1. Information gathering

Information gathering is a primary requirement of designing trust-based
models. It includes the selection of input parameters (or attributes) based on
the system’s needs and application. Attributes can be related to the quality
of service such as the number of packets received, the number of packets
transmitted, the amount of energy consumed, action response time, and so
on, or can be from social interaction such as friendship, a community of
interest and cooperativeness, among others. These parameters can be
collected directly or can be recommended by other entities within the
system.
11.2.2. Trust computation

Once the information is gathered, various modeling techniques are applied
for the computation and evaluation of trust value. Widely used trust
techniques can be statistical †, Bayesian †, fuzzy logic †, game-theoretic
modeling, hybrid modeling, and so on. The type of technique used depends
upon the requirements and the collected data. For example, Bayesian
probability can be used for binary collected data, machine learning can be
used for a large set of data, and so on.
11.2.3. Trust propagation

The computed trust value is propagated to other nodes for taking effective
decisions. Trust can be propagated in a distributed, semi-distributed, and
centralized manner. In the distributed approach, each entity is responsible
for the employment of a trust management system. This means every entity
will collect trust-related data, compute trust, distribute trust, and will store
trust as and when needed. In the semi-trust approach, a set of entities are
chosen for the management of trust-related information and processing.
Finally, in a centralized approach, a central entity is responsible for the
collection, computation, storage, management, and dissemination of trust-
related information.
11.2.4. Trust update

After every periodic interval, the trust scores are modified and updated.
Commonly two approaches are used for updating the trust as event-driven
and time-driven. In an event-driven approach, the trust value of an event is
updated whenever any event such as the raising of a service request, access
request, and so on occurs. In a time-driven approach, the trust value is
updated after every periodic time duration.
Refer to Figure 11.1 for an illustration of the framework of the Trust
Management System:
Figure 11.1: The framework of Trust Management System
11.3. Classification of Trust Management Systems in IoT

network
The significance of Trust Management in IoT can be analyzed through
various areas of services and applications such as reliable service
management, service composition, access control, secure routing, and so
on. The composition of trust in IoT can be achieved at different levels of
IoT architecture such as layered architecture, propagation architecture, and
conceptual architecture as depicted in Figure 11.2.
Figure 11.2: Classification of Trust Management System

11.3.1. Layered architecture
As discussed in the initial chapters of this book, IoT comprises several
layers and each layer is vulnerable to threats in many aspects. So, providing
and maintaining trust and security is a need of an hour due to limiting
functionalities of available resources. The investigation of trust employment
is carried out in the device layer (perception layer), support layer
(processing layer), and other layers (network and application layer).
a. Device layer
Trust in the Device layer includes the prevention and protection of devices
along with their hardware, software, and platform credentials. Initially, all
devices are considered trustworthy and are satisfied with all the
assumptions and prerequisites such as:
manufacturing and integration of the device’s hardware is sound and
valid;
the firmware and its development process follow the best policy and
practices; and
the generation, management, and deployment of tokens such as keys
are strong and unbreakable
Trust in the device layer is modeled to evaluate the behavior of all devices
participating within the network. The models build up a list of trustworthy
nodes that secure IoT devices and ensure data reliability.
Example of trust in device layer

Researchers have developed various device layer trust model. One of the most
basic and popular trust model was developed by researcher Kamran Ahmad
Awan [2]; it evaluates the trust of all devices in three levels. In the first level
nodes accumulate the knowledge of other nodes by determining compatibility,
integrity, and feedback. In Level 2, the reputation of nodes is evaluated by
honesty, reliability, and cooperativeness. And at last, the experience of the node
is evaluated by competence, recommendations, and credibility parameters. Once
all the information is evaluated; the trust value is scaled between 0 and 1. The
device with a trust value higher than the threshold is kept in the network;
otherwise, it is withdrawn from the network.
b. Support layer
In the Support layer or Processing layer, trust is processed at a high
processing server, public/private cloud, or to a dedicated central entity that
is responsible for carrying out network processes. Commonly, centralized
trust computation is performed at the support layer.
Example of trust in support layer

Centralized trust computation is explained with the help of a model named
“Clustering-Driven Intelligent Trust Management Method for the IoT network
(CITM-IoT)” [3]. The trusted methodology includes four steps: (a) elimination
of irregularities, (b) formation of trusted clusters, (c) migration of nodes from
one cluster to another, and (d) examining the current state of the IoT cluster
node. This is done for the determination of the appropriate cluster.
c. Other layers
For scalability and other characteristics, trust can also be addressed in
Other layers of IoT architecture such as the network or application layer.
Along with securing IoT nodes, the layer also focuses on securing data
while in transmission. All in all, the system can be secured by evaluating
the trust of the data before its collection.
Example of trust in other layers

The scheme developed for the transmission of trusted and reliable data is known
as the “Trustworthy and Secured Data Collection “scheme where only reliable
data is collected and transmitted [4]. The collected data is examined locally for
the identification of untrustworthy signals and mutual information independence
† (MII) is used to measure the quality of these signals. Once the quality signal is
acquired the trusted data is transmitted to the required destination. The proposed
scheme presents a low-error rate and is highly efficient.
11.3.2. Propagational architecture

The propagational trust includes the dissemination of trust and its related
information to other nodes for efficient decision-making judgment. Trust is
circulated depending upon the application in a distributed or a centralized
way.
a. Distributed architecture
In the distributed architecture, every node within the network is responsible
for the evaluation of a trust management system. This means that each node
will collect the trust-related data, compute trust, distribute trust, and will
store trust as and when needed. It is demonstrated with the help of Figure
11.3. The primary aim of Distributed Trust Management is to monitor the
nodes and to notify the appropriate nodes about any anomalies (if present).
Each node analyzes the flow of data and evaluates the trust status of the
sender and receiver. It then updates the trust and creates alerts and events as
a response to the evaluation. The evaluation of the trust is based on history,
expectations, and specific events, which are stored by each node. Based on
the evaluation, nodes make decisions on when and whom to inform about
abnormalities.
Refer to Figure 11.3 for an illustration of the Distributed Trust Architecture:
Figure 11.3: Distributed Trust Architecture
The practical implementation of distributed IoT trust management can be

illustrated with help of the model proposed by Mendoza et al. Authors have
proposed a distributed trust management model for multi-service IoT. The model
uses direct and indirect observations for the evaluation of trust. Direct trust is
evaluated by service requests while indirect trust includes the exchange of trust
tables with neighboring nodes. The Trust Management scheme assigns a score to
nodes, a positive score for honest nodes, and a negative score for malicious
nodes. This approach is able to detect malicious nodes, although the exchange of
the trust table for indirect trust consumes high energy with excessive
computational complexity. For detail, study readers can refer to the research
paper [5].
b. Centralized architecture
In centralized architecture; a central entity is responsible for the collection,
computation, storage, management, and dissemination of trust-related
information. The architecture constitutes three types of nodes: Cluster
node (CN), Master Node (MN), and Super Node (SN) as shown in Figure
11.4.
A group of CNs forms the cluster and each cluster is managed by a single
master node. The Cluster Node is responsible for transporting the data
generated or collected by other CNs to their Master Node (MN). The
Master Node manages all the CNs of each cluster and stores the received
data sent by CN to its repository. The Super Node (SN) acts as the base
node or the central entity and is responsible for ensuring trust in an IoT
network. It consists of a trust management API, which allows the SN to
communicate with the master node (MN) in a given cluster. The repository
of SN stores the trust values and the addresses of MNs and CNs so that
relevant CNs and MN can be accessed.
Refer to Figure 11.4 features the Centralized Trust Architecture:
Figure 11.4: Centralized Trust Architecture
For practical implementation edge or cloud computing is considered as super

node that manages the trust of the network. Considering this the authors of the
research paper [6] have developed a trust computing mechanism based on multi-
source feedback information fusion. The authors believe that trust can easily
solve the problem of security and access control by judging the quality of
service. They consider three-layer edge computing architecture with the network
layer, broker layer, and device layer and have adopted the idea of global trust,
which comprises of three parts: direct trust, feedback trust from edge devices,
and feedback trust from service brokers. The scheme is reliable and adaptable as
it integrates different trust factors using information entropy theory. For detail
study readers can refer to the research paper [6].
11.3.3. Conceptual architecture

The conceptual architecture of the trust management system is based on the
idea of information collection. It includes direct trust models and indirect
trust models, as illustrated in Figure 11.5:
Figure 11.5: Direct and indirect trust models
a. Direct trust model

In the Direct trust model, the information is straightforwardly collected by
observing the devices and their behavior. It uses data, communication, and
energy, among others as behavioral factors for the estimation of the trust
value. The implementation of only direct trust for securing devices is not
enough for determining the accurate trust value. Moreover, direct trust is
generally feasible in a small and static network.
b. Indirect trust model

In the Indirect trust model, the trust is computed by gathering second-
hand information or recommendations from the surroundings. The
estimation of trust includes the information from the third party. For
instance, suppose node “i” want to evaluate the trust of node “j”, then
instead of directly observing “j”; it will ask all the neighbors of “j” to send
their recommendations regarding “j”. On receiving the recommendations
from the neighboring third party; “i” will evaluate the trust value of “j” and
will decide its trustworthiness. Since the decision is based on surrounding
recommendations, so it is accurate but is dependent on others.
Since both direct and indirect trust models are alone; and not suitable for trust
estimation, therefore, researchers generally use the fusion of both direct and
indirect trust models for the evaluation of trust. Readers can refer to the
following research papers for in-depth study [7] [8] [9].
11.4. Challenges in existing trustable IoT techniques

The discussed trust design models for IoT node and network requires the
immediate attention of the researchers; when it comes to the trivial issue of
complexity, storage, delay, and energy consumption. Besides this, the
existing trust technologies provide limited privacy and security to naming,
identification, resources, and services. The following issues encourage
researchers and developers to build a new and improved design that
resolves the existing issue of the current IoT technologies. Some of the
existing issues are stated as follows.

Names are the tokens that are used to denote the existence of one or more
individuals. As IoT is a resource-constrained device, it has naming
limitations. Some of the current IoT naming technological solutions are
employed using MQTT, IEEE 802.15.4 address space, CoAP Uniform
Resource Identifier (URI), and DDS Global NameSpace. Although each
of these aforementioned technologies is diversified, they still have certain
limitations, which are discussed in Table 11.1.
IoT naming Features Limitations
technologies
MQTT It implements a MQTT topics are in human-readable

Unicode format, and thus suffer from:
transformation format • Weak binding to the real-world entity
(UTF-8) string and that produces the information.
creates hierarchically • Security dependence on name
named topics that trustworthiness.
facilitate the • Vulnerability to phishing attacks
publisher’s and where malicious names are created
subscriber’s meeting. similar to the real ones to confuse
people.
IEEE These are 64-bit and Have very large sizes, which are not
802.15.4 128-bit extended suitable for resource-constraint IoT
and IPv6 unique identifiers that devices; thus, the 6LoWPAN
address are used to identify addressing scheme was developed. It
space organizations and uses a 16-bit identifier for allocating
companies behind the and joining the nodes to a network. The
nodes. generation of IDs is still a cause of
concern.
CoAP URI • The CoAP address is This technology is very complex
defined as: coap[s]: because URI mapping is required to
<host>: map URIs between two different
<port>/<path> protocols.
<query>.
• It follows the
classical
request/response
model of HTTP and
uses TCP connections
to map UDP segments
in HTTP to the CoAP
direction.
IoT naming Features Limitations
technologies
DDS Global • It provides data- Topic names are bounded to domains,

NameSpace centric which have 32-bit integer identifiers.
communication
among nodes.
• Data objects are
addressed by topic
names and keys.
• Communication
among publishers and
subscribers takes
place only if there is a
topic match.
• DDS topics are
natural language
strings and use syntax
and languages such as
XML, UML, IDL, and
so on.
Table 11.1: Issues in naming and resolution

Names discussed previously can be used as identifiers, only if they are
unique in some scope. The scope can be any domain, city, country, or any
other particular region. For worldwide or universal identification, the idea
of Identifier-location splitting is used. The location denotes the current
position at which an individual existence inhabits or is attached to in some
space. Space is the set of all possible positions with some individual
existence that is inhabited or attached to.
In Identifier-location splitting, IDs are used by the application and transport
layers to identify a node, whereas the locators are used by the network layer
to logically locate them in the topology and route packets to/from the nodes.
The majority of current IoT technologies do not support ID/LOC splitting
for sensor and actuator nodes, except 6LoWPAN with Mobile IPv6.
Mobility is supported by rebinding the name used to identify the node to the
new locators. Implementing the concept of Identifier-location splitting is a
major issue for the evaluation of trust in IoT technology since IoT devices
are mobile.

The Service-Level Agreements (SLA) of IoT have envisioned spontaneous
interactions among devices. These interactions can be easily created and
can destroy the locating devices as per the need and requirements. The
availability of resources and services at the time of need is the major issue
in current IoT technology. IoT includes the following concepts and
protocols for providing resources and services, as shown in Table 11.2:
IoT naming Features

technologies
DDS • It highlights the interest of nodes and the type of information

standard each node can provide.
• It automatically connects the subscribers to topic-related
publishers.
• Nodes, with DDS standard, can semantically interpret the
information and collaborates with each other toward a common
objective.
MQTT • It also provides similar topic-based coordination among
services.
• MQTT-SN allows multiple broker discovery.
CoAP • It provides representational state transfer (REST) Web services
for Low Power and Lossy Networks.
• The aim is to discover IoT resources behind a CoAP Web server,
as well as their attributes and formats.
Table 11.2: Issues in availability of resources and services

The available trust-based IoT technologies represent a critical challenge to
the security and privacy of the IoT network. Issues and requirements related
to security and privacy in an IoT network are as follows:
Existing technology results in the leakage of sensitive information or
the dissemination of false or corrupted information. Therefore, the
system should be designed in such a way that it minimizes selfish and
malicious behavior. The system should be capable to support flexible
security and privacy mechanisms.
For the effective operation and management of the IoT network, an
efficient security mechanism for the verification of authenticity,
integrity, and reputation is required.
Various trust, reputation, and safety systems can be combined to
promote an integral trust solution.
A Data Centric Trust Establishment (DCTE) framework should be
established for providing distributed reputation and quality assurance
for any node, message, or piece of information.
The capacity to securely exchange data and learned knowledge acts
as the pre-requirement in imparting security.
Securing the MQTT protocol is another major roadblock in the IoT
network. Thus, there is always a requirement for policy enforcement
rules in the MQTT layer.
AMQP can be secured by using SSL, SASL, and TLS over TCP
protocol.
DDS standardization is limited to domain joining the definition of
new topics, publishing or subscribing from a specific topic, or
writing/reading topic values identified by topic keys.
Though many of the current IoT technologies provide solutions with respect
to security, naming, identification, and availability, they are generally
incremental and are focused only on individual requirements. Broader
architectural solutions that meet all challenges are hardly available.
Considering this fact, a new architectural model will be discussed in the
next section that will resolve all the issues related to existing IoT
techniques.
11.5. Introducing Nova-Genesis as an IoT architecture

To address the identified challenges in the existing paradigms; a new
architectural “swarms of things” model is presented. This model is
controlled by a trustable “swarm of services”, which self-organizes itself
and establishes the required security, privacy, and trust levels. This is done
to motivate automation and reduce the degree of human intervention in
controlling and managing IoT devices.
The developed “swarms of things” architecture model is known as Nova-
Genesis (NG) model. This model presents a broader aspect of computer
networks and enables end-to-end communication via computer programs
and processes. It is a Convergent Information Architecture (CIA) model
that integrates Information-Centric Networking (ICN), Service-Centric
Networking (SCN), Service-Oriented Architecture (SOA), and
Software-Defined Networking (SDN). The services in this architecture
establish contract-based coordination toward the fulfillment of network
operator objectives, rules, and regulations. NG architecture is useful in the
following aspects:
It resolves the issue of energy awareness and disruptive/delay-tolerant
communication.
NG architecture addresses the most challenging pre-requirement of
naming and identification of IoT devices, services, and contents.
NG proposes a new control and management mode where physical
devices are represented by named services called proxy gateway
controllers (PGCs). PGCs are used to reveal node capabilities,
negotiate and establish contracts, encapsulate NG messages, and
configure devices according to software-implemented controllers.
Finally, NG protocols can be implemented as services, that enable
dynamic protocol coordination, self-adaptation, and evolution. These
protocol operations are aware of the issues such as energy, delay,
communication opportunities, and so on.

The issue of naming and name resolution is resolved by the NG model. It
uses Natural Language Names (NLNs) and Self-Verifying Names
(SVNs) that identify the physical as well as virtual entities within some
scope.
As soon as the services are initialized, it publishes the naming bindings
among several NLNs and SVNs. The model also publishes various
descriptors exposing its features like its location. Every service is addressed
by subscribing to these initial bindings recursively. This can be explained
with the help of the following example. Let us consider a proxy service of
an Operating System (OS).
This proxy service will generate an SVN, let it be A1, assuming that
this name is an address for this service inside the local OS.
Likewise, OS will also generate an SVN, let us say it is B1, assuming
that this name is an address for this OS inside a certain host.
The host will also generate an SVN, let us consider C1, assuming that
this name is an address for this host inside a domain D1.
The resultant tuple, A1–B1–C1–D1, will enable any other service to
address a message to this proxy service globally. In addition, NLNs will be
linked to this tuple to facilitate the search and discovery of service access
points.
Basically, in a normal internet network, whenever a host moves from one
autonomous system to another system, its IP address changes, resulting in a
change in the identity of the host. This results in an undesirable loss of
traceability, as well as a possible loss of connection. The loss of traceability
is avoided by using an NG approach, where the host remains with the same
SVN even after the movement.
Suppose the host of the mentioned proxy service moves to a new domain,
let it be D2. Then, the SVN tuple changes to A1–B1–C1–D2, whereas the
host continues with the same SVN “C1” despite the movement. The
mobility of a host in the NG approach requires only the removal of the first
name binding (C1–D1) from the name resolution service and the
publication of a new name binding (C1–D2). This solution is self-
organizing and could be applied for the mobility of any existence, including
content, services, hosts, and so on.
As discussed in Section 11.4.2, IoT does not use ID/LOC splitting
techniques, which are one of the major issues in ensuring security and trust
in IoT solutions. To resolve this inadequacy NG architecture is used. NG
resolves the identifier and locator issue by using the same idea as SVNs.
SVNs are considered identifiers and locators. Names are regarded as
identifiers and locations are obtained by considering the distance in SVN
bindings (as discussed previously).
For instance, similar to the preceding scenario discussed in Section 11.5.1,
as soon as the services are initialized, it publishes their naming bindings
along with their location description. The resultant tuple obtained A1–B1–
C1–D1, will enable identifiers by using its Natural Language Names, that
is, A1 signifies the proxy’s name, B1 signifies the OS, C1 states the host,
and D1 states the domain. In this way, the identifiers are obtained. For
obtaining the location, the distance between the address of the SVN
bindings is obtained.

The difficulty of the availability of resources and services is resolved by the
use of NG architecture. The following procedure is adopted for fixing this
issue:
Phase 1—The exposition Phase: This phase includes the use of graphs and
an NG service that publishes its name (NLNs and SVNs) bindings to other
services revealing its relationships to devices, people, and contents.
Services reveal their features, interests, and intents publicly or privately.
This can be illustrated in Figure 11.6, for instance, let us consider various
applications of user A that publish their name bindings using the NG
publish/subscribe service. “Photo application 1” and “Photo application 2”
reveals their relationship with user A by announcing that they have photos
of A. Likewise, “photo store” announces that it stores the photos of A.
Figure 11.6: The exposition phase
Phase 2, Once the graph names are revealed, services look for possible
peers, known as the NG service discovery phase. Services are subscribed to
NLNs related to their contract interests. Whenever a service discovers a
good candidate (it needs to evaluate this), it publishes a contract or SLA
offer.
It is illustrated with the help of Figure 11.7. User A’s services discover each
other using meaningful keywords (NLSs) and publish contract or SLA
offers to candidate peers. SLA offers are kept secret by using encrypted
asymmetric cryptography. Refer to Figure 11.7:
Figure 11.7: Establishment of SLA offers
In order to find a good candidate, developers need to use meaningful, that is,
semantic-rich keywords.
Services can reveal any features such as the physical features of sensors and
actuators, and can configure and manage devices to reflect the required QoS,
energy restrictions, and tuning for the constrained environment.
Every service has a reputation and is verified with respect to possible threats and
risks, before the establishment of service contracts (SLAs).
Services of good quality prosper, while the bad services which are suspected of
being unsafe, will have a reduced reputation, naturally forcing them to improve
or disappear.
Phase 3, Once the agreement is established the services start the secure
exchange of Named Information, as illustrated in Figure 11.8 After the
establishment of SLA, services can securely publish and subscribe data to
their peers. At this time the data integrity takes advantage of self-verifying
names and their bindings. The two photo applications send their pictures to
the “Photo store app.” Refer to Figure 11.8:
Figure 11.8: Content exchange phase

Phase 4, the authorized entities who are allowed to view the content, verify
the integrity of the content by using Figure 11.9. Authorized services derive
complete graphs of relationships, and determine provenance,
nonrepudiation, and other security properties. Provenance can be
determined by decrypting SVNs backwards from the subscriber service,
that is, photo store application up to the original content publisher.
For instance, the SVN “90123782...” of the user A picture is bound to the
SVN “FA32412...” of the “Photo store app.” By resolving this name
binding, an authorized entity can determine the provenance and integrity of
the exchanged data. This approach can be allied to the established SLAs
among services, enabling the creation of a trustable fellowship of “things,”
representative software in the IoT context. Refer to Figure 11.9:
Figure 11.9: Integrity verification phase

The NG architecture model preserves security and privacy in the following
ways:
a. Self-verifiable names: SVNs used in NG ensure data integrity checks
and are aggregated using name bindings that provide sound scalability
for message and packet forwarding or routing.
b. Publish/subscribe communication model: In this model, content is
published by services and subscribed to by others. The model allows a
secure, asynchronous association between publishers and subscribers.
NG extends this model by using SLAs among services. It also enables
the revocation of published bindings and data, as well as enables
changes to authorizations.
c. Contract-based model: The feature of establishing SLA in the NG
architecture model enables the formation of trusted networks among
services, especially representative services. Representative services
establish SLAs by revealing service features, capabilities, constraints,
status, and so on.
d. Self-organizing services: The self-organizing services of the NG
architecture model facilitates the recognition of illegal and
misbehaving services along with malicious content.
e. Deterministic building: The use of self-verifiable names affirms the
compilation of source codes. The compilation guarantees that the same
SVN will be generated for a certain program every time it is compiled.
In case, if any additional executable code is inserted into the service,
its SVN will change, which indicates the detection of possible back
doors.
Conclusion
Trust models are found to be one of the most popular solutions for securing
IoT-based networks. They are popular because of their low computational
complexity and efficient decision-making ability. The chapter highlights the
various trust-based models with their architecture and classification. It also
presents the various security issues and their solutions.
Trust is the mutual relationship between entities, which provides
communication security to the IoT network.
Trust Management Systems include four different phases for the
evaluation of trust. It comprises information gathering, trust
computation, trust propagation, and trust update.
The framework of the trust management system is classified into
layered architecture, propagational architecture, and conceptual
architecture.
Layered architecture signifies the trust within the layer of the IoT
model, propagational architecture is stated on the basis of
dissemination of trust and its related information to other nodes for
efficient decision-making judgment and finally, conceptual
architecture is based on the idea of information collection.
Despite the discussed trust models, the existing IoT technologies
suffer from issues such as naming and resolution, identification and
location splitting, availability of resources and services, and security
and privacy.
Nova-genesis (NG) model for an IoT architecture is proposed to
rectify the discussed issues by creating emerging trustable
fellowships of social and self-organizing “things,” together with their
software-as-a-service representatives. It creates a state-of-the-art
architecture to face the security, privacy, and trust requirements,
which are expected on the future internet.
11.6. Questionnaire

1. _______ is the mutual relationship between two or more entities
a. Security
b. Integrity
c. Trust
d. Authentication
2. Trust Management System includes the following phases:
a. Information gathering and Trust computation
b. Trust Propagation and trust update
c. Trust forcing and Trust Auditing
d. a and b
3. The ____________ trust includes the dissemination of trust and
its related information to other nodes for efficient decision-
making judgment
a. Propagational trust
b. Distributed trust
c. Centralized trust
e. All of the above

4. The issue of naming in IoT architecture is resolved by using
a. NLNs and SVNs
b. Proxy names
c. Simple names

5. NG IoT architecture model supports the following
a. Publish/subscribe communication model
b. Contract-based model
c. Self-organizing services
Answer key
1. (c) 2. (d) 3. (e) 4. (a) 5. (a, b, c)

1. How does the NG architecture model provide security to the Internet
of Things?

1. What are the various phases of the trust management system.
2. Classify the TMS with the help of a diagram.
Keywords (†)
Statistical modeling: A mathematical model that comprises a set of
statistical assumptions concerning the generation of sample data. It
establishes a mathematical relationship between one or more random
variables and other non-random variables.
Bayesian modeling: It is a statistical model where probability is used
to represent all the uncertainty within the model. It uses both the
uncertainty regarding the output as well as the uncertainty regarding
the input to the model.
Fuzzy logic modeling: It is a logical mathematical procedure based
on the “IF-THEN” rule system, which allows the human thought
process to be reproduced in a mathematical form.
Mutual information independence: It is a measure of the mutual
dependence between two or more variables.
References
[1] K. S. Cook, “Trust in Society: Volume 2 of Russell Sage Foundation

series on trust,” p. 403, 2001.
[2] K. A. Awan, I. Ud Din, A. Almogren, M. Guizani, A. Altameem, and S.
U. Jadoon, “RobustTrust – A Pro-Privacy Robust Distributed Trust
Management Mechanism for Internet of Things,” IEEE Access, vol. 7,
pp. 62095–62106, 2019, doi: 10.1109/ACCESS.2019.2916340.
[3] M. D. Alshehri, F. K. Hussain, and O. K. Hussain, “Clustering-Driven
Intelligent Trust Management Methodology for the Internet of Things
(CITM-IoT),” Mob. Networks Appl., vol. 23, no. 3, pp. 419–431, Jun.
2018, doi: 10.1007/s11036-018-1017-z.
[4] H. Tao et al., “TrustData: Trustworthy and Secured Data Collection for
Event Detection in Industrial Cyber-Physical System,” IEEE Trans. Ind.
Informatics, vol. 16, no. 5, pp. 3311–3321, May 2020, doi:
10.1109/TII.2019.2950192.
[5] C. V. L. Mendoza and J. H. Kleinschmidt, “A Distributed Trust
Management Mechanism for the Internet of Things Using a Multi-
Service Approach,” Wirel. Pers. Commun., vol. 103, no. 3, pp. 2501–
2513, Dec. 2018, doi: 10.1007/s11277-018-5942-8.
[6] J. Yuan and X. Li, “A Reliable and Lightweight Trust Computing
Mechanism for IoT Edge Devices Based on Multi-Source Feedback
Information Fusion,” IEEE Access, vol. 6, pp. 23626–23638, 2018, doi:
10.1109/ACCESS.2018.2831898.
[7] S. Talbi and A. Bouabdallah, “Interest-based trust management scheme
for social internet of things,” J. Ambient Intell. Humaniz. Comput., vol.
11, no. 3, pp. 1129–1140, Mar. 2020, doi: 10.1007/s12652-019-01256-8.
[8] W. Alnumay, U. Ghosh, and P. Chatterjee, “A Trust-Based Predictive
Model for Mobile Ad Hoc Network in Internet of Things,” Sensors, vol.
19, no. 6, p. 1467, Mar. 2019, doi: 10.3390/s19061467.
[9] W. Fang, C. Zhang, Z. Shi, Q. Zhao, and L. Shan, “BTRES: Beta-based
Trust and Reputation Evaluation System for wireless sensor networks,”
J. Netw. Comput. Appl., vol. 59, pp. 88–94, Jan. 2016, doi:
10.1016/j.jnca.2015.06.013.

Significance of trust and its role in securing IoT
Study of Trust Management System and its classification
Issues in existing trustable IoT techniques
Importance of NG in securing Internet of Things

CHAPTER 12
Framework for Privacy and Trust in IoT
Apart from enterprise-centric systems, IoT has expanded itself toward

citizen-centric information systems, where data is exchanged between things
and people. Development toward the citizen-inclusive IoT, demands new
security and privacy-preserving solutions. To unleash the full potential of the
IoT, the security and privacy solutions should behave seamlessly and should
act in the background that is invisible to their users. Considering this factor,
this chapter focuses on the scope of SocIoTal (Social-IoT) and deals with the
issue of security and privacy in citizen-centric information systems. It
provides privacy-preserving solutions, identity management, and access
control mechanisms with minimal disclosure of private information. The
chapter also emphasizes on context-aware security solutions so as to cope
with the pervasive and ubiquitous nature of the IoT. A new IoT security
framework is developed, which is based on the classical IoT-A Architecture
Reference Model (ARM) and emphasizes on context-management security
systems.
Structure
The concept of citizen-centric IoT information systems
Issues related to security and privacy in citizen-inclusive IoT
Overview of classical IoT-A Architecture Reference Model (ARM)
SocIoTal security framework
12.1. The concept of user-centric Internet of Things
The user-centric IoT provides smart applications and services that are based
on the needs of individual citizens, user communities, and society at large. It
encourages information flow among people and devices, where services of
high societal value can be built.
Users are considered to be the heart of the user-centric systems that address
various new IoT paradigms where users are given significant importance.
Some of the user-concerned IoT paradigms are as follows: Internet of
People, Social Internet of Things, Physical Cyber–Social Computing, and
People as a Service. Each is explained as follows.
12.1.1. Internet of People

The integration of IoT with the people is regarded as the Internet of People.
The inculcation of people with IoT exploits the maximum benefits of the
Internet of Things. It aims to put people at the center of innovation strategies
and is able to maximize the profit from the power of collective intelligence.
It not only includes smart applications, smart cities, and smart homes but
also smart people. IoP is considered to be the building block of IoT and
includes the features such as:
They are social and have great interaction with the people.
They are personalized, which means that the interaction is based on
the user’s sociological profiles and contexts.
IoP is proactive and not manually commanded by the users.
IoP is predictable, which states that the interactions are triggered
according to a predictable context that the user has previously
identified, and for which a specific behavior has been defined.
Examples of IoP applications are Biometric Sensors and Identification Technology,

Wearable Technology, Brain Informatics Processing, Body Area Network
technology, Social Computing, and Collective Intelligence, Technology for
Biomedical and health care application, and so on.
12.1.2. Social Internet of Things
Social Internet of Things (SIoT) is an IoT paradigm where things establish
social relationships with other objects, especially with respect to humans,
and consequently, create a social network of objects.
The idea of SIoT came from the following fact: when large number of individuals
are tied in a social network, it provides more accurate answers to complex
problems than a single individual or a small group of knowledgeable individuals.
SIoT paradigm includes the following features:

The resulting SIoT structure guarantees network navigability, in other
words, it effectively performs the discovery of objects and services
and assures scalability in human social networks.
It establishes the level of trustworthiness for leveraging the degree of
interaction among things and friends.
Components and models of social networks can be reused to address
IoT-related issues.
Basic components of SIoT

Some of the major components of the SIoT applications are given as follows:
ID: It refers to the identification of the object and includes MACID,
IPV6ID, universal ID, and so on.
Meta-information: It refers to the type and operations of a device
within a system. It tends to establish relationships with other devices
by placing them appropriately within the context of IoT devices.
Security controls: It is the restriction regarding the connection of
devices, and is similar to the Facebook friend list, where the owner of
the device has control over how devices can connect to them.
Service discovery: Dedicated directories are created that store details
of all devices that provide any kind of service. Up-to-date directories
help in learning about other devices.
Relationship management: It is the relationship between devices and
how they are managed.
12.1.3. Physical Cyber Social Computing

Physical Cyber Social Computing (PCSC) is a human-centric view of
computing that analyzes the observations, knowledge, and experiences from
the physical, cyber, and social worlds. It is an emerging paradigm that
provides efficient, convenient, and personalized services to humans. It
includes novel methods of data collection, data processing, and data analysis
resulting in actionable information for humans. The algorithms in PCSC
computing are regarded as operators for semantic integration, annotation,
interpretation, and abstraction. They are of two types: Horizontal operators
and Vertical operators.
Horizontal operators include semantic integration of data with respect to
multisensory and multimodal observations. The observations are said to span
from machine sensors (quantitative observations) to citizen sensors†
(qualitative observations).
Vertical operators include operations that transform massive amounts of
data into abstractions that are acceptable to people. The observations are said
to span from statistical knowledge to social experiences.
Examples of the physical cyber social computing are healthcare, traffic,

sustainability, crime prevention, and mitigation.
12.1.4. People as a Service

People as a Service is a mobile-centric IoT computing model that generates,
keeps and provides user’s sociological profile as a service to third parties
directly from devices such as the cloud or any smart mobile phone. These
profiles are preserved on the devices as the virtual identities of the users and
are available as and when required. This makes it easy for the client or third
party, sitting anywhere in the world, to be served by the provided services
without any extra expenditure cost. For instance, it allows third-party to gain
information about the user such as his mood, tendency, preferences, social
status, and daily and health habits.
12.1.5. Advantages of user-centric Internet of Things
The following advantages have led to the embracement of the user-centric
Internet of Things:
The employment of social networking has improved the process of
navigation and resource discovery.
The use of social networking in user-centric IoT has addressed IoT
challenges such as scalability and heterogeneity.
The availability issue is also resolved as the continuous data comes
from a set of users, a network of users or a community, rather than
from a single user. This results in improved service intelligence and
adaptability to users’ situational needs.
It leads to increased utilization of IoT products and better information
filtering. It is because communities of objects collaborate to provide a
common view.
Social network models in user-centric IoT can be reused to address
IoT-related issues.
It leads to the establishment of a level of trustworthiness among
potential users and friends. This is done by leveraging the degree of
interactions among things or friends.
12.2. Issues in user-centric Internet of Things

Along with the benefits and usefulness, various challenges are identified in
the development of user-centric IoT. Some of the most cited issues from the
perspective of users in IoT are as mentioned as follows.
12.2.1. Utility and usability

The majority of the users do not know the usage of IoT devices and believe
that they are not useful enough for them. Therefore, developers, designers,
and creators of IoT objects and services meet the challenge of developing
more useful and interesting devices that can fulfill the specific needs of
users. Similarly, the ease of using connected objects and IoT services is also
one of the major challenges of user-centric IoT.
As per the studies carried out, it has been found IoT devices are best utilized in
proximity services, followed by home automation services, and then health care
and wellness services.
12.2.2. Fault tolerance

The issue of fault tolerance is a major concern in IoT-enabled user-centric
applications. This can be resolved by using the adaptive and dynamic
functionalities of IoT devices. It monitors and manages the infrastructure in a
self-manageable mode at run-time, which aims to recover the applications
from faults. Faults can also be recovered by integrating online adjustment
technologies with other domains, such as Software-Defined Networking
(SDN) and Data-Centric infrastructures.
12.2.3. Interoperability, data-models, and nomenclatures

The ability for independent devices to cooperate and exchange information
with each other is another major challenge of user-centric IoT. It can be
resolved by providing efficient knowledge repositories, which can easily
handle heterogeneous incoming data streams in a protocol-agnostic manner.
Repositories are beneficial in enabling technologies such as context
awareness, and content-based routing that integrate different IoT domains
with each other.
12.2.4. Big data (graph) analysis

Generation and management of huge amounts of data in a societal user-
centric IoT application is a trivial task. It includes the three areas of research
that should be managed effectively, they are efficient and scalable streaming
of data into the graph, real-time discovery of affected patterns, and
discovering trends based on social and temporal proximity. Management in
these three areas results in the effective formation of big data trees.
12.2.5. Trust and privacy

Trend toward the citizen-inclusive IoT has encouraged the flow of
information among devices and people. This leads to the generation of
services of high societal value. The perception of privacy and trust in
forming public opinion on IoT is an extremely important challenge that
needs to be addressed. There is a need to maintain the transparency of the
data and the user control so that no unwanted deletion and insertion within
the system takes place by any mistrusted users.
The SocIoTal project is one of the proposed solutions that provide a reliable,
secure, and trusted environment for the creation of socially aware citizen-
centric IoT. The approach is based on incentives and encourages people to
contribute their IoT devices and information flow, so as to enable the third-
party user to gain secured and easy access to information. It provides the
techno-social foundations that unlock billions of new IoT information
streams, forwarding a citizen-centric IoT approach toward the creation of
large-scale IoT solutions that are of interest to society.
User-centric IoT includes several challenges; however, it was found that privacy
and trust are the most prominent challenge that need to be addressed. As such,
there will be no use of employing user-centric approach if no security is
maintained. Considering this factor, throughout the chapter, we will discuss the
privacy and trust in user-centric IoT with the help of SocIoTal project.
12.3. SocIoTal- A socially aware citizen-centric Internet of

Things
SocIoTal framework creates a reliable and secure environment for citizen-
centric applications. It encourages citizens to contribute their devices and
their corresponding flow of information, so as to have high socio-economic
value. The objective of SocIoTal is to transform the business-driven IoT into
social IoT, in order to create a socially aware citizen-centric IoT. It
establishes an IoT eco-system that puts trust, user control and transparency at
its heart, for gaining the confidence of everyday users and citizens. It
provides adequate socially aware tools and mechanisms that reduce the
complexity and lower the barrier of unwanted entries in user-centric IoT.
SocIoTal framework is an extension of classical IoT-Architectural Framework. So,

before the discussion of security through SocIoTal framework, we will illustrate a
brief idea of classical IoT-architectural framework, followed by SocIoTal security
framework.
12.3.1. Classical IoT-architectural framework

The classical IoT-A framework comprises three main functional components,
which are as follows:
Application component: This component comprises various IoT
citizen-centric services and applications such as Facebook, shopping
website, general health care applications, and so on.
Core component: This is the heart of the IoT framework and includes
the processing, and management aspects of user-centric IoT. This
component is further classified into sub-components and is explained
in Section 12.3.
Device component: It comprises a list of various IoT devices that
collect, integrate, and transmit the data to the core component for
further processing. For example, sensors, actuators, transceivers, and
so on.
The application and device components are already discussed in Chapter 1,

“Internet of Things and its Security Requirements”. Therefore, in this section, we
will brief the parts of core component.
The architectural representation of classical IoT-A is illustrated in Figure

12.1:
Figure 12.1: Classical IoT-A architectural Framework
Core component
IoT core component is further classified into seven different sub-modules:
a. IoT Process Management
The objective of the IoT Process Management module is to provide the
functional concepts and interfaces that transmit the traditional business
system into real-world IoT systems. It includes the two functional
components known as process modeling and process execution. Process
modeling provides tools and an environment for modeling the IoT-aware
business process using standardized notation that addresses the IoT
ecosystem.
Process execution executes the IoT-aware processes that have been modeled
in the process modeling component. The execution is performed using IoT
services that are instrumented in the Service Organization Layer.
b. Service Organization
The service organization module acts as the communication hub for all other
modules present within the core component. Communication is based on the
idea of services and is used for composing and organizing services at
different levels of abstraction. Service organization consists of three different
processes named as Service Orchestration, Service Composition, and Service
Choreography.
Service Orchestration: Its only function is to organize the services
that resolve the IoT services coming from the process execution phase
or from the users. In the case of complex event processing, temporary
resources can be used to store intermediate results.
Service Composition: It resolves the services that are composed of
IoT services. It supports flexible service composition and increased
quality information. This can be done by supporting dynamic
resolution of complex services and by combining information from
several sources.
Service Choreography: It offers a broker that handles
Publish/Subscribe communication between services. The broker
function assures that a client interested in the offer should find the
service with the desired capabilities.
c. Virtual entity
The virtual entity module is responsible for interacting with the IoT system
on the basis of virtual entities and the functionalities that include services
having information about Virtual entities (VE). In addition, it contains the
functionalities that manage the existing associations as well as with any new
association, that is dynamically available. An association is a relationship
established between IoT services and virtual entities. An example of
association is “Give me outdoor temperature of Car -123”; here, providing
the outdoor temperature is an IoT service and the sensor in the car is
regarded as the virtual entity of the physical world car.
The virtual entity module consists of three different processes: VE
resolution; VE and IoT service monitoring; and VE service.
VE Resolution: The process provides the functionalities to the IoT
user so as to retrieve associations between virtual entities and IoT
services. Associations are discovered based on location, proximity and
other context-related information. Associations are managed by
insertion, deletion, and updation. In case, if no association exists, then
it can be created.
VE and IoT service monitoring: This process is responsible for
automatically finding dynamic or monitored associations, which are
then inserted into the VE resolution process. New associations are
derived on the basis of existing associations, service descriptions and
information related to VEs.
VE service: This process represents the overall access point that
learns and manipulates the status of the entity. It provides access to an
entity via operations that enable reading, updating or both of the
entities’ attribute values.
d. IoT service
The IoT service module contains the IoT services and the functionalities for
discovery, look-up, and name resolution of IoT services. It consists of the
following two functional processes known as IoT services and IoT service
resolution.
1. IoT services: The process discovers the resource and retrieves the
information in a synchronous way, provided by any IoT-based sensor
device or by any storage resources connected through a network. It
also delivers the information to a resource for controlling and
configuring the actuators and resources. In addition to it, the process
subscribes to information, that is, it returns the information provided
by a resource in an asynchronous way.
2. IoT service resolution: The functionalities offered by IoT service
resolution are discovery functionality, where IoT services are found
without any prior knowledge such as by querying. Lookup
functionality, which enables the user to access the service description
having prior knowledge regarding the service identifier; and Service
Identification, which locates and identifies the services through which
the user can contact and access the provided services. Service
Description Management updates, inserts or simply deletes the service
descriptions from the IoT Service Resolution process.
e. Communication
The communication module is an abstraction and models the variety of
interaction schemes derived from several technologies belonging to the IoT
systems. It provides a common interface to the IoT service module.
Communication is classified into three types: hop-to-hop communication,
network communication, and end-to-end communication.
f. Management
The Management module combines all the functionalities that are needed to
govern an IoT system. This module includes the four different processes
known as cost reduction, attending unexpected usage issues, fault handling,
and flexibility.
Cost reduction: The process controls the cost of a system by
designing it for the maximum number of users and/or use cases.
Attending unexpected events: The process provides strategies and
actions for the mitigation of impacts from unforeseen situations. Such
impacts can be link failure, queue overload, and so on. To better adapt
to a new situation, it is paramount that the component should have a
good overview of the system state.
Fault Handling: The process addresses the unpredictability of the
future behavior of the system itself. The process includes the
measurement of prediction of potential failures, detection of existing
failures, reduction of the effects of failures, and Repair.
Flexibility: The process includes the concept of reuse with some
additional functionality, where the IoT system will be able to react
towards changes as per the user requirements. This can take place
during boot-up, commissioning or also at run time.
The scope of our book is security, and therefore, the in-depth illustration of
security aspect is discussed in the forthcoming sections while rest of the sub-
sections are only briefed out. For detailed coverage of Core component readers
can refer the research book [2].
12.3.2. SocIoTal security framework
As already mentioned, the SocIoTal framework is an expansion of the
classical IoT-A framework with an additional security module within a core
component, as illustrated in Figure 12.2. The security module incorporates
seven different sub-components, namely, authentication, trust and reputation,
key exchange management, authorization (or access control), identity
management, context manager, and group manager.
Figure 12.2: SocIoTal security framework
12.3.2.1. Authentication
This component authenticates the users and the smart objects based on their
provided credentials. The component is responsible for binding the real
identity of the object to its subject. As a result, an assertion is generated
which is then used in the authorization process, to declare that a specific
subject was authenticated successfully. Authentication mechanisms can be
performed using login-password or electronic IDs. However, for the
implementation of strong authentication, SAML protocol is used in a
SocIoTal framework, which ensures authentication along with privacy at
minimal disclosure of attributes.
Security Assertion Markup Language (SAML) is an open federation standard that

allows an identity provider to authenticate users and then exchange an
authentication token with another application or service provider. As a result, it
simplifies and secures the authentication process because the user only needs to
log in once with a single set of authentication credentials.
12.3.2.2. Trust and reputation

The component establishes a trusted and reliable IoT environment where
users can safely interact with the IoT services. For Producers (who initiate
the services), the component allows authorization decisions by sharing data
according to trust scores and enables the consumer to obtain data from
producers that satisfy certain trust scores. The trust scores are also used to
manage bubbles, that is, a circle of trust, and share data in the bubble
according to the context and trust values.
The component evaluates the degree of social interaction between users by
following the four main operations:
1. First, continuous information about the entities within the system is
gathered, so as to obtain behavioral information. The information is
gathered via the context manager component.
2. Once the information is gathered, various kinds of algorithms and
techniques are used to compute the trustworthiness of a given entity.
Trustworthiness in the form of trust score is evaluated using entity
attributes such as computational, energy, and storage restrictions of
IoT devices.
3. As per the evaluated scores and other useful information, the best
entity is chosen to interact with and if the best entity is not found, then
interaction is declined.
4. Once the interaction is performed and communication is done, the
trust score of the entity is updated by rewarding or punishing the
penalty to it.
12.3.2.3. Key-exchange management

The component assists the peers taking part in communication: in the process
of establishing a security context, such as setting up tunnels for security
communication. It includes cryptographic key exchange and provides
interoperability between peers to reach an agreement regarding the security
functions for the communication. In the SocIoTal framework, key
management in the privacy-preserving IdM system as well as the group
manager is used by means of the CP-ABE ciphering scheme†.
12.3.2.4. Context manager

The context manager is a traversal component that enables the rest of the
components in the framework to cope with the pervasive and ubiquitous
nature of IoT. It plays a central role in the SocIoTal security framework and
provides access to the following components:
Identity Manager: To create and manage multiple identities that are
associated with a given user/device, and to load and expose them to
other IoT devices and architectural components based on the device
context.
Authorization Manager: To enable capability-based access to the
data and services provided by a user’s device, including both the
provider and consumer.
Group Manager: To define and identify groups as per the context of
the devices and to securely share data among them, by distributing
private keys within specific groups.
Trust and Reputation Manager: To evaluate the reputation scores of
the device according to the context of the device and user.
Context Manager Architecture
Figure 12.3 illustrates the architecture and functionalities of context manager
as per the SocIoTal framework. The modules and functionalities of the
context manager are hosted on the devices, its associated gateways and cloud
or back-end infrastructure or both. It inculcates five-step phases:
1. Context acquisition: First, context-related information is gathered
from different data stream sources, such as sensors, devices, and
components.
2. Context modeling: After collection, the modeling of the collected
context is done and the appropriate context definition is provided.
Examples of the extracted and shared SocIoTal context model
attributes are Location, which provides the location of the device;
Relation, which states the relation of the device with another device;
and DateTimeStamp, which states the time at which the context
attributes are obtained, and so on.
3. Context reasoning: As per the definition defined in the context
modeling phase, the required context element is extracted. The phase
includes the concept of enablers, which infers the context information
and accordingly makes security decisions such as quantification of
trust and derivation of the access control process. The framework
includes two different device-centric enablers, namely, the Face-to-
face (F2F) enabler and the indoor localization enabler, which
measures social interactions. Location attribute is used in indoor
localization enabler and relationship as an attribute is used in F2F
enabler.
In-depth discussion of enablers can be referred from research paper [3]
4. Context prediction: This phase is envisioned to optimize the

operation of context reasoning by taking advantage of the periodicity
of the observed contexts. It reduces the burden of continuously
acquiring sensing data and extracting the context information for
applications where there is a scarcity of resources. Periodicity can be
observed in the user’s behavior while carrying around his or her
SocIoTal device.
5. Context Communication: This phase exposes the SocIoTal-
generated context to external entities, third-party components, and
developers. It proposes two different mechanisms:
a. Query-based: In this, the context consumer makes a request in
terms of a query, so that the context manager, which acts as a
context repository, can use that query to produce the requested
results.
b. Pub/sub-based: In this case, the context consumer subscribes

with a context manager by describing its context requirements.
The context manager acts as a context broker and then returns the
result periodically or whenever an event occurs for example
threshold violation.
Figure 12.3 features the architecture of Context Manager:

Figure 12.3: Architecture of Context Manager
12.3.2.5. Identity management

The Identity Management (IdM) component includes the technologies and
processes, which control and manage private and secure access to
information and resources while, at the same time, protecting the profiles of
the users and IoT objects. It is also responsible for storing, defining,
managing and issuing the information of entities such as its tokens,
identifiers, credentials, pseudonyms, and privacy policies. Entities in an IoT
environment include both smart objects and persons.
In addition, with the functionalities of traditional IdM, SocIoTal IdM focuses
on the authentication process and the privacy-preserving mechanism that
enables users to use different partial identities so as to access target devices
according to the context. Authentication includes the process of user profile
management and single sign-on, and the privacy-preserving IdM relies on
credential systems that encompass two main operations: the credential
issuance and the credential presentation process.
Credential Issuance Process
The credential issuance process includes the recipient and issuer, and
the following steps of interaction. The step-by-step interactions are
Figure 12.4: IdM credential issuance

Step 1: The subject, that is, the IoT device, requests a credential from the
issuer entity. In case it is the first interaction between the subject and issuer,
then the issuer should identify the subject with an out-of-band authentication
process or any other bootstrap electronic authentication.
Step 2: In addition, to the credential request, the subject also requests for a
credential structure definition. The credential structure defines the attribute
structure of the credential that is provided by the issuer. With the credential
structure, the issuer also provides an issuance policy to the subject. Issuance
policy indicates which existing credentials the subject must possess, so as to
be issued with a new credential.
In case a credential is based on another existing credential, the credential structure
should describe which attribute will be reused in the new credential.
Step 3: Once the initialization by both parties is finished and the same
credential definition is shared, the issuer computes a random value called a
nonce, which is then sent to the subject. The subject then evaluates a token in
the form of a cryptographic message, which inculcates the attributes of the
credential, including the credential structure, and optionally satisfies the
issuance policy.
Step 4: After the evaluation of the token, the issuance message with the
token is forwarded to the issuer. The issuer in turn verifies the token, on the
basis of the issued policy, as discussed in Step 2. It also creates the
cryptographic part of the credential, where the attributes are signed with the
secret key. In addition, it also creates proof of correctness and saves the
pseudonym and the context for the purpose of maintaining accountability.
Step 5: At last, the issuer replies by sending the subject a cryptographic
message with the proof of correctness, and the attributes signature. The
subject then verifies the receipt of the cryptographic material, generates the
credential based on this message, and then stores the credential accordingly.
Credential Presentation Process
This process is used to authenticate users and smart objects, with
minimal attribute disclosure of private information; for instance, when
a subject wishes to access an IoT service, such that both parties have
already issued their credentials with the SocIoTal privacy preserving
IdM system. Then, the user provides the proof of credentials following
the Credential Presentation process as a means of authentication to
gain access to the IoT service. The steps for the credential presentation
process with the interactions between a subject (IoT object/user) and
verifier (IoT service) are as follows and are diagrammatically
represented in Figure 12.5:
Figure 12.5: IdM presentation process
Step 1: First, the subject makes a request for an IoT service. IoT service, that
is, the verifier would wish that the Subject should present cryptographic
proof of possessing a credential or certain attribute.
Step 2: Upon receiving the request, the verifier computes a random value
called a nonce, which is then sent to the subject.
As per the actual context, the Identity Selector Module of the subject makes use of
the credential manager to select the best credential that can be used against the
verifier and is among the ones that is already available in its database.
In case the Subject does not know the proof specification required by the IoT
service, the Verifier will send the Subject, a Presentation policy stating which data
a user has to reveal to the Verifier to gain access to the requested IoT service.
Step 3: The subject then defines the proof specification from the selected
credentials to be used against the Verifier. This proof includes the nonce, the
attributes as well as statements about attributes. Then, the Prover builds a
cryptographic object as proof and sends the proof along with the
specification to the Verifier.
Step 4: The Verifier then validates the incoming proof specification using the
cryptographic proof. It computes the verifying protocols and checks that the
attributes’ statements and pseudonyms are valid.
Step 5: Finally, the Verifier, depending on the result of the validation, sends
an affirmative or negative response to the subject. In case of successful
identity validation, the IoT Service then redirects the subject to the
authorization component to make an authorization decision based on
authorization policies.
12.3.2.6. Authorization
The authorization in the SocIoTal user-centric IoT framework is provided
with the use of Distributed Capability-based Access Control (DCapBAC)
strategy and a policy-based mechanism based on XACML†. The SoCIoTal
access control system infers access control privileges in the form of the
capability token.
Capability Token
A capability token is an authentication token that authorizes access requests
and grants access permissions. It includes the right permission for each client
so as to perform a set of operations on a particular resource. Figure 12.6
demonstrates the basic design of the capability token, which contains the
client profile identifier, resource provider identifier, resource identifier and
list of access permissions, and it is expressed in XML due to its simplicity,
wide usability and self-descriptive characteristics [1]. The time-stamp
determines the validity period of a user in accessing the resources.
Figure 12.6: Architecture of capability token
DCapBAC strategy
The DCapBAC consists of three entities known as issuer, subject and target.
The subject is the one who wants access. Target can be any IoT service or
entity or any application that the subject wants to access and the issuer acts
as the third-party entity that issues the capability token to the subject for the
assessment of Target. The basic operation of DCapBAC is shown in Figure
12.7 and includes the following steps:
Figure 12.7: Authorization process based on DCapBAC
Step 1: The subject or device owner or any other entity in charge of the
smart object, who wishes to access the device or services, requests an issuer
for the capability token.
Step 2: The issuer after verifying the credentials of the subject, tends to
make the authorization decision about the subject.
Step 3: Once the subject is identified, a capability token is issued to the
subject, so that other devices and IoT services can be accessed. For the
avoidance of security breaches, a token is signed by the issuer.
In SocIoTal access control framework, the process is based on the use of XACML
policies. XACML obligations are used to embed contextual conditions so as to be
easily verified by the target device.
Step 4: Once the capability token is received by the subject, it attempts to

access the device data or other services and sends the access request to the
target. Next, a request for a capability token is forwarded by the target to the
subject, who then transmits the token back to the target.
Step 5: As soon as the target receives the token and access request, the
authorization process is carried out. First, the application checks the validity
of the token (that is, if it has expired) and verifies the rights and conditions.
Then, the Issuer’s signature is verified with the corresponding public key.
The key can be recovered from a predefined location or can be available
during the commissioning and manufacturing process.
Step 6: Finally, once the authorization process has been completed, Target
generates a response based on the authorization decision (granted/denied).
In addition, with discussed scenario, the proposed DCapBAC Strategy provides

support to advanced features, known as access delegation. The access delegation
is used to address the dynamic and pervasive nature of IoT scenarios in everyday
life.
In access delegation, a subject, let us say “S”, acting as a delegator and having
capability token “CT”, can generate another token “CT1” (it is the subset of the
privileges of CT) for “S1”, where “S1” will be acting as a delegated. As a result,
the target smart objects can be accessed by S1 using token CT1. Moreover, S can
also grant the right to S1 for additional delegations.
Daily life example is of elderly people. For instance, in case of emergency
situations, elderly people (that is, the delegator) can provide the temporary
privileges or delegate them by providing access of their homes to their domestic
help. It is necessary to sign each new capability token with the corresponding
subset of privileges, in order to allow a full auditability of access and avoid
security breaches.
12.3.2.7. Group manager

The group manager component deals with the flexible secure sharing models
within bubbles of users or smart objects or both. The attributes and policies
are exchanged in a secure manner as and when required. Traditionally, the
information among the modules is exchanged by using attribute-based
encryption (ABE). In ABE, the identity of the participants is not represented
by strings but by a set of attributes related to their identity, and cryptographic
credentials are managed by an entity called attribute authority (AA).
However, the discussed SocIoTal security framework uses the CP-ABE
scheme for the encryption of information, attributes and policies. Ciphertext
Policy-Attribute Based Encryption (CP-ABE) is an extension of ABE and
an emerging encryption technology that addresses the challenges of secure
data sharing. In this scheme, a ciphertext is encrypted under a policy of
attributes, whereas the keys of participants are associated with sets of
attributes. In this manner, a data producer exerts full control over how the
information is disseminated to other entities, whereas a consumer’s identity
is intuitively reflected by a certain private key.
Figure 12.8 illustrates the scenario where a specific smart object distributes
information so as to make it visible only to a specific set of entities. The
process includes CP-ABE cryptographic scheme and allows secure
communication between objects belonging to the same bubble. In this
scenario, a smart object A from bubble A tries to get access to data being
shared in bubble B. It is assumed that smart objects in a Bubble X maintain
at least one CP-ABE key associated with the attribute “bubble X” that allows
them to exchange information in a secure way. Thus, Smart Object A needs
to obtain a CP-ABE key associated with the same attribute, in order to access
data being shared among objects of Bubble B. For its implementation, the
following phases are involved; Phase 1 and Phase 2 are performed in the
offline stage and Phase 3 is performed in the online stage.
Phase 1: Request phase
Smart Object A contacts the group manager from Bubble B to get a CP-ABE
key. Refer to Step 1 in Figure 12.8.
Phase 2: Key generation and object authentication
Before the generation of the key, the group manager attempts to verify that
the requester’s smart object is who it claims to be. This process is based on
traditional authentication mechanisms (for example, based on
login/password or X.509 certificates). Once the Smart Object A is
successfully authenticated, the group manager generates and delivers a CP-
ABE key, which is associated with the attribute “bubble B.” Refer to Steps 2
to 5 in Figure 12.8.
Phase 3: Data dissemination
After Smart Object A has received the corresponding cryptographic key,
during an online stage, it can make use of it in order to decrypt the
information which is disseminated by smart objects in bubble B. Refer to
Step 6 in Figure 12.8:
Figure 12.8: Secure data sharing in bubbles
Conclusion
The Internet of Things is an emerging technology that has not only
connected objects and applications with each other but also enriched the
connections of people with everyone and with everything. This has resulted
in the development of citizen-inclusive IoT. Though the development of
citizen-centric IoT has enhanced the application of IoT, it has also demanded
new security and privacy-preserving solutions. The chapter highlights the
concepts of user-centric IoT, its related issues and its solutions with respect
to the SoCIoTal security framework.
The user-centric IoT provides smart applications and services that are
based on the needs of individual citizens, user communities, and
society at large. It encourages information flow among people and
devices, where services of high societal value can be built.
The user-centric IoT comprises the following IoT paradigms, known
as the Internet of People, Social Internet of Things, Physical cyber–
Social Computing (PCSC), and People as a Service.
The integration of IoT with the people is regarded as the Internet of
People. It aims to put people at the center of innovation strategies and
is able to maximize the profit from the power of collective
intelligence.
Social Internet of Things (SIoT) is an IoT paradigm where things
establish social relationships with other objects, especially with respect
to humans. As a result, creating a social network of objects.
Physical Cyber Social Computing (PCSC) is a human-centric view
of computing that analyzes the observations, knowledge, and
experiences from the physical, cyber, and social worlds.
People as a Service is a mobile-centric IoT computing model that
generates, keeps and provides the user’s sociological profile as a
service to third parties directly from devices like the cloud or any
smart mobile phone.
User-centric Internet of Things has led to the following advantages:
navigation and resource discovery, scalability and heterogeneity,
availability, increased utilization, module reuse, and increased level of
trustworthiness.
Just as every application has its pros and cons, similar is the case with
user-centric IoT. Some of the issues in user-centric IoT are utility and
usability, Fault tolerance, interoperability, big-data, trust, and privacy.
The most popular solution for user-centric IoT is the SocIoTal security
framework, also known as a socially aware citizen-centric Internet of
Things.
SocIoTal framework creates a reliable and secure environment for
citizen-centric applications. It encourages citizens to contribute their
devices and their corresponding flow of information, so as to have
high socio-economic value.
The objective is to transform the business-driven IoT into social IoT,
in order to create a socially aware citizen-centric IoT.
SocIoTal framework is an extension of the classical IoT-Architectural
Framework and consists of three main important components known
as an application component, a core component, and a device
component.
Core components are further classified into various other small
components such as IoT process management, service organization, a
virtual entity, IoT service, communication, and management.
Core component with added security sub-component leads to the
development SoCIoTal security framework. It provides the facility of
authorization, authentication, context management, identity
management, key management, trust and reputation, and group
management.
12.4. Questionnaire

1. ___________ is a human-centric view of computing which
analyzes the observations, knowledge, and experiences from the
physical, cyber, and social worlds. It provides personalized
services to humans.
a. Internet of People
b. People as a service
c. Physical Cyber Social Computing (PCSC)

2. SocIoTal framework is an extension of classical IoT framework
with an additional feature of
a. Fault tolerance
b. Security
c. Device and application
d. Scalability
3. The process of retrieving associations between virtual entities and
IoT services is known as _________
a. Virtual entity monitoring
b. Virtual entity resolution
c. Virtual entity service
d. All of the above

4. The context manager component comprises the following sub-
component:
a. Context acquisition
b. Context Modeling
c. Context reasoning
d. All of the above

5. The exchange of information in the SocIoTal security framework
includes ______ type of encryption technique
a. Attribute-based encryption (ABE
b. Ciphertext Policy-Attribute Based Encryption (CP-ABE)
c. Identity-based encryption
Answer key
1. (c) 2. (b) 3. (b) 4. (d) 5. (b)

1. How does the SocIoTal architecture model secure the user-centric
Internet of Things? Explain with the help of a diagram.

1. What is user-centric IoT? What are its advantages and disadvantages?
2. Explain the difference between classical IoT and Socially aware
citizen-centric IoT.
3. Scheme for credential issuance process and credential presentation
process.
Keywords (†)
XACML: XACML is “eXtensible Access Control Markup Language”.
It defines a declarative fine-grained, attribute-based access control
policy language, an architecture, and a processing model. It states how
to evaluate access requests according to the rules defined in policies.
CP-ABE ciphering scheme: The scheme includes the access policy
which is embedded in the ciphertext and private keys are generated
according to a set of attributes. For decryption, the user should own
the private key related to a set of attributes satisfying the access policy.
Citizen Sensors: It is the method that gives citizens more informed
and qualitative information about the quality of their living
environment.
References
[1] I. Pranata, G. Skinner, and R. Athauda, “A Distributed Secure

Mechanism for Resource Protection in a Digital Ecosystem
Environment,” J. Inf. Secur., vol. 03, no. 01, pp. 25–38, 2012, doi:
10.4236/jis.2012.31004.
[2] M. Bauer and S. Lange, Enabling Things to Talk. Berlin, Heidelberg:
Springer Berlin Heidelberg, 2013.
[3] J. B. Bernabe and K. Moessner, “Chapter 18 A User-Centric
Decentralised Governance Framework for Privacy and Trust in IoT,” in
Security andPrivacy in Internet ofThings (IoTs), 2016, pp. 477–519.

Significance of user-centric IoT and its various IoT paradigm.
Pros and cons of user-centric IoT.
Study of classical IoT architecture and socially aware citizen-centric
IoT architecture.
Importance of SocIoTal security framework in securing the Internet of
Things.

CHAPTER 13
Preventing Unauthorized Access to Sensor Data and
Authentication in IoT
IoT is a network of resource-constrained devices having limited memory, energy, and

computational power. So, direct communication between nodes at the far end is not
possible, as it will consume a high amount of energy, which is generally impractical
for an IoT network. Moreover, since they are interconnected through wireless links
and are often deployed in hostile environments, they, thus, suffer from an increasing
number of security threats resulting in the downfall of network performance. To
contemplate this Cooperative Communication (CC) is adopted as one of the
methodologies to improve the performance of the network. Here, instead of directly
transmitting data from source to destination, it is the responsibility of all nodes within
the network to transmit information on behalf of the neighboring nodes. As a result,
data is transmitted from one end to another within a limited environment at a limited
cost. However, to cope with the security threats and breaches; authorization and
authentication are adopted as the major processes that protect the data and network in
the Internet of Things. Authentication verifies the identity of users and services, and
authorization determines their access rights. Progressing on this scenario, the chapter
highlights the concept of Cooperative authentication, where unauthorized access to
sensor data is prevented by the nodes. The idea is based on the dynamic game model
where the probability of correct authentication is evaluated and based on this the
decision-making module is presented. Other than cooperative entity authentication,
other variants of authentication are also highlighted in this chapter such as reputation,
voting, abstinence, and so on. In addition, this chapter also presents the content
authentication pertinent to the Internet of Things (IoT) with the help of VANET as a
case study.
Structure
The concept of cooperative communication, cooperative authentication,
cooperative incentive, and conflict balancing in IoT
Procedure for the bargaining-based dynamic game model for cooperative
authentication
Dynamic game with complete and incomplete information
Other variants of entity authentication such as reputation, voting, abstinence,
and police
Message authentication in IoT with VOR4VANET as an example
13.1 The idea of cooperation in IoT

The resource constraint characteristics of IoT have led to the emergence of
cooperation among nodes of the IoT network. IoT objects are said to be cooperative;
if they are embedded with communication as well as sensing capabilities. It helps
them cooperate and organize themselves autonomously into the network for achieving
a common goal. The vision of cooperation in IoT is to solve the problem of
complexity and resource constraint [1]. Cooperation can be intentional or
unintentional. Intentional cooperation is said to be forced cooperation, which may be
due to selfish or malicious nodes and can lead to threats and attacks. In unintentional
cooperation, nodes work in a cooperative manner and smoothly take part in
communication. In the context of the IoT, several entities, such as smart meters, smart
sensors, smart cars, various consumption and production devices, alternative sources
of energy, and so on, fall within the context of Cooperating objects. Cooperation in
IoT occurs under the following paradigm—cooperative communication, cooperative
authentication, cooperative incentive, and conflict balancing.
13.1.1. Cooperative communication

Communication between two nodes takes place only when one node forwards the
packet to another node. Since IoT is resource constrained, if nodes (that is, IoT
objects) are close to each other, then, packets can be transmitted easily. However, if
nodes are far then a huge amount of energy is consumed for transmitting the packets,
which generally leads to impracticality. Thus, for the fulfillment of the objective, a
concept of cooperative communication is used, where instead of directly forwarding
the packets from one end to another. Packets are forwarded via intermediate nodes,
which are in close proximity to each other. Thus, communication is said to be
cooperative communication, if nodes forward the packets on behalf of another node.
This can be explained with the help of Figure 13.1. Let us consider a source node S
wants to transmit the packet to destination node D. However, since the distance
between “S” and “D” is quite large so high amount of energy and power will be
consumed, which is not acceptable for the IoT network. Therefore, cooperative
communication is followed, where instead of directly forwarding the packets to “D”.
Packets will be cooperatively forwarded via intermediate nodes “A” and “B”, which
are in close proximity to each other and with source and destination nodes. In other
words, packets of “S” will be forwarded to the destination “D” via nodes “A” and
“B”, which will behave cooperatively and will tend to transmit packets of other nodes.
Figure 13.1: Data flow in cooperative communication
13.1.2. Cooperative authentication

Most of the authentication mechanisms that work effectively for the internet are not
applicable to IoT networks because of their limited resources and weak computing
ability. In order to cope with prevailing security threats, a concept of cooperative
authentication is proposed for IoT-based networks. Cooperative communication
includes three different kinds of nodes, which are known as source nodes, neighbor
nodes, and sink nodes. Whenever the source node wishes to prove its message
authenticity to the sink node, it requests its neighbor nodes to participate in
cooperation. If all neighbor nodes believe that the message is true, then the sink node
also believes it to be true, which results in the enhancement of the probability of
correct authentication (PCA). More is the number of participating neighbor nodes,
the higher will be the value of PCA. It not only enhances the PCA but also mitigates
the verification overheads of the sink node.
It is not always necessary that all neighboring nodes are cooperative in nature, they
can also be misbehaving or selfish and can result in leakage of location privacy due to
open wireless channels or consumption of huge resources, which may decrease the
overall lifetime of the network. These two factors make nodes disinclined to
participate in cooperation and reduce the PCA. So, a method of incentive is used for
nodes so that they cooperate and smoothly participate in communication.
The fundamental of authentication is already covered in Chapter 1, Internet of Things and its
Security Requirements and Chapter 7, Crypto Foundations II, of this book.
Cooperative Authentication is a type of Entity Authentication. Other variants of entity

authentication are discussed in Section 13.5.
The method of incentivization is discussed in Section 13.1.3.
13.1.3. Cooperative incentive

To persuade and lure nodes to behave cooperatively so as to enhance the probability
of correct authentication (PCA), various incentive strategies have been proposed
such as price-based and reputation-based incentive strategies. In a price-based
incentive mechanism, a virtual currency is paid to nodes that offer cooperative
services. It is a representation of value, other than real currency that functions as a
medium of exchange. In IoT, it can be in the form of bandwidth exchange, coded
packets, and so on.
In a reputation-based incentive mechanism, the historical behaviors of nodes are
used to assess their reputation and distinguish maliciousness from cooperativeness by
setting a reputation threshold value. Reputation can be in the form of time, energy
consumed, location, and so on. This can be explained with the help of the following
example; for instance, “nodes taking less time in communication are highly reputed as
compared to nodes taking more time”. Similarly, “nodes consuming less energy have
high reputation value as compared with nodes consuming high energy for
transmission” and so on.
13.1.4. Conflict balancing

Though the employment of cooperative communication and cooperative
authentication has improved the accuracy and reliability of the IoT network, it may
still lead to the problem of leakage of location privacy and extra resource
consumption, thus reducing the willingness of nodes to cooperate with each other.
The balancing this conflict raised between increasing willingness of cooperation and
decreasing the loss of cooperative nodes is known as conflict balancing. Balancing
this conflict is a critical challenge in the area of cooperative authentication that needs
to be resolved.
13.2. The practical implementation of cooperative authentication
Cooperative authentication is explained with the help of Figure 13.2. It consists of a
set of randomly deployed mobile nodes and a sink node
(also known as a base station) that acts as a data collection unit with sufficient
resources and any two nodes that share a key pair for authentication.
Let us consider a source node that wants to send a message “m” to base station “
” via an established routing path. For proving the authenticity of the message “m”
the following steps are included:
Step 1: Source node selects “k” neighbor nodes , from
the pool of randomly deployed mobile nodes.
All neighbor nodes are within the one-step transmission range of n0.
The condition k < N should always be true. If k > N, then the single process of cooperative
authentication fails while if k > N is always true, it means that the network has expired.
Step 2: After the selection of neighbor nodes, sends message “m” to all its “k”
neighbors and requests them to cooperatively authenticate “m”.
Step 3: All neighboring nodes in set will return a one-bit MAC code to ,
which determines whether “m” is true or not.
Step 4: After receiving all MAC† codes from set , sends message “m” and k-
bit MAC codes to the base station . If all MAC codes believe “m” is true, then
also believes it to be true, or else it is false and is rejected.
Taking into consideration
Let us consider nodes to be compromised by adversaries with probability “p.” It is
observed that any false identity or message will be recognized if the following two
conditions are satisfied simultaneously: (1) at least one neighbor node is compromised
and it takes part in cooperation and (2) adversaries cannot completely and correctly
guess all MACs generated by uncompromised neighboring nodes. After considering
these conditions, as per the permutations and combinations, the PCA is formulated as
in equation (1).
(1)
Here, k is the number of neighboring nodes taking part in cooperation, i is the number
of compromised nodes out of k neighboring nodes, p is the probability of
compromising and PCA is the probability of cooperative authentication.
Now if the PCA and p are given, then “k” can be easily calculated from the preceding
equation (1). This represents the least number of neighboring nodes, that is, minCNN
(minimum compromised neighboring nodes) that participate in cooperation for
compromising the network. The higher the value of minCNN is, the more resources
are consumed and the more location privacy is exposed. Therefore, our goal is to
incentivize precisely minCNN nodes, so that they participate in cooperation
without any mis-behavioral activity and the network communicates smoothly.
Incentivization of minCNN is carried out with the help Dynamic Game Model, which will be
discussed in next Section 13.3.
Before the discussion of next section; readers are advised to get know of the concept of
Game-Theory, which is discussed in Chapter 22, “The Game-Theory Foundations”.
In brief, Game Theory is the study of mathematical models of conflict and cooperation
between two or more intelligent decision-makers. Here, the model is defined as a Game
with competitive activities, where each competitor interacts with other employers and
employs a strategy to maximize their utility payoff under a certain set of rules.
Refer to Figure 13.2 to understand cooperative authentication:
Figure 13.2: A basic network model of cooperative authentication

13.3. Bargaining-based dynamic game model for cooperative
authentication
To incentivize the appropriate number of neighboring nodes so as to have smooth
cooperative authentication, a bargaining-based dynamic game model is discussed
with the support of decision-making modules. In general, the bargaining game model
is a cooperative game model where two or more players/users bargain or negotiate
over the division of certain goods so as to have maximum profits. A solution to a
bargaining problem means “the determination of a division of share in order to have
maximum payoffs”.
In the IoT specifically, the cooperative authentication game model, authentication
services provided by cooperative nodes are regarded as goods, which need to be
shared. The buyer is the source node , which sends the message and the sellers are
the neighboring nodes , which generates the MAC code of the message.
The objective of the game is to improve the cooperation willingness of nodes so that
all the sellers behave cooperatively instead of selfishly.
Before the discussion of the actual game; let us know the pre-requisite of the
bargaining system in the form of factors affecting the asking/bidding price, the
bargaining price offered by the buyer and asked by the seller, and the bargaining
procedure.
13.3.1. The pre-requisite of the cooperative authenticated bargaining

system
The cooperative authenticated bargaining system consists of the following three pre-
requirements, such as factor affecting price, bargaining price, and bargaining
procedure discussed as follows.
13.3.1.1. Factors affecting the price

The factors affecting the asking and bidding prices are represented in Table 13.1:
S.No. Factors Explanation
A The attribute of the authenticating message includes the following:

The attribute
of message a. Message length ( )
“m”
b. The lifetime of the message, that is, Time-to-Live ( )
c. Importance of message ( )
The longer and more important the message is, the higher the
reservation price.
B Leakage of The uncertainty of adversary is used to measure the leakage of

location location privacy of a node and is represented as follows:
privacy
(2)
Where is the conditional probability with
which the predictive location corresponds to the true location
and “M” is the number of locations.
If the conditional probability is of a uniform distribution, then
reaches the maximum value and is denoted as
as in equation (3).
(3)
For simplicity denotes the location privacy leakage for a

cooperative process.
The degree of location privacy preservation of node is
represented by equation (4)
(4)
And is a lower threshold than exposes location privacy.

C Node energy For the cooperation authentication process, the energy of the
node is measured using three different metrics:
The Initial energy
The current remaining energy
The consumed energy
(5)
where are weights and is the length of the message.

The fraction of remaining energy of the node is denoted by
(6)
The survival threshold energy is denoted by .
D Bandwidth The bandwidth of the channel is assumed to be

For a given message “m”; the required bandwidth is given as
follows:
(7)
S.No. Factors The utilization of bandwidth is denoted as follows:
Explanation
(8)
E In order to assure that the PCA reaches a given threshold value, it is

Required
mandatory that a required number of neighboring nodes should
number of
participate in the process of cooperative authentication.
cooperative
The required number of neighboring nodes (“k”, that is, minCNN)
neighbor
can be obtained from equation (1), for a given PCA and p
nodes
F Fortune is a virtual currency that is paid for each authentication

Fortune
service and provides a cooperation incentive.
It is represented as follows: let represent the fortune of and
represent the fortune level of , which can be defined as
follows:
(9)
Where denotes the poverty line

denotes the wealth line
is the payment capability threshold for nodes
Table 13.1: Factors affecting the bargaining price
13.3.1.2. Bargaining-based price

The bargaining-based price consists of the price offered by the buyer and the price
asked by the seller:
a. Price offered by buyer (n0)
Whenever requests neighboring nodes to authenticate message “m”, it first
calculates the cost price , reservation price and the loss of no authentication
price represented by . It is based on the attributes of the message and the
authentication request. Then, finally, offers the bidding price depending on and
. Here, the reservation price is the highest price that agrees to pay for the
authentication service. Equations (10), (11), (12), and (13) represent the cost,
reservation, bidding, and loss price:
(10)
(11)
(12)
(13)
Here , and are the weights of bidding price, reservation price, cost
price, and loss of no authentication price with respect to , respectively.
Description of all other parameters is previously discussed.
b. Price asked by the seller

Before the seller participates in the cooperation, it calculates its own cost price
and the reservation price . Then, based on the cost and reservation price offers the
asking price . Here, the reservation price is the lowest price for which agrees
to provide the authentication service.
(14)
(15)
(16)
Here , and are the weights of the asking price, reservation price, and
cost price, respectively. is also the weight whose value lies between 0 and 1.
denotes the location privacy leakage for a cooperative process for node .
It is assumed that nodes care about both Privicons and Enercons equally and set vCi to 0.5.
13.3.1.3. Bargaining procedure
When requests its neighboring nodes to authenticate message “m”, the price
bargaining between the buyer and potential sellers is conducted in the following way:
Step 1: The buyer offers a bidding price
The buyer first, calculate from equations (11), (12), and
(13), respectively. It selects and offers a suitable , as per equation (10). Then,
broadcasts an authentication request with the parameters of “m”, that is,
and to neighbor nodes.
Step 2: The potential sellers offer an asking price
As soon as receives an authentication request, it calculates from
equations (15) and (16), and then the price is selected, as per equation (14) and
offered.
Step 3: The buyer selects a sellers’ coalition on the following basis
Let denote
the set of optional sellers’ coalitions, where C is a coalition with their members
meeting the defined conditions. Here, NNs are the number of neighboring
nodes.
If , then the buyer chooses the coalition
as the seller’s coalition.
If , then the bargain fails. In such a situation, to make a bargain
successful, can increase with constraint that
Step 4: The buyer pays for the authentication service
If SC exists, the bargain is struck at the agreed price (AP) as in equation (17) and the
buyer pays AP for the agreed authentication service (AS).
(17)
Step 5: The sellers authenticate

Each cooperative seller receives an allocation price , as in equation
(18), as payment and authenticates the message of . Other nodes receive nothing.
(18)
13.3.2. The dynamic game

The bargaining-based dynamic game for cooperative authentication includes location
privacy leakage and resource consumption in a rational environment. Each node seeks
to obtain maximum benefit at least cost.
Mathematically, the given game for cooperative authentication is represented as
, where P is the set of players, S is the set of strategies, and U is the
utility function.
Players
The set of players is represented as . Here, represents (source
player) and represents (neighboring node).
Strategy
The set of strategies for all players is represented as . Here,
is the strategy of and the strategy set is the strategy chosen
by other remaining players. For simplicity, the strategy set is also represented as
. Strategies in cooperative authentication states:
a. When has message “m” that requires authentication, it has two options:
Cooperation (CP) and non-cooperation (NC). CP represents that it requests
the player to authenticate “m” and NC represent that it refuses to send “m” to
for authentication.
b. When receives an authentication request, then it also has two options:
Cooperation (CP) and non-cooperation (NC). CP represents that wishes to
authenticate “m” and NC show that it rejects the request to authenticate “m”.
Thus, the set for strategies of is given as .
Utility function
The set of utility functions is represented as . The utility function of
under and is given as and is defined by the following:
Utility function for the buyer or source node is given as follows:
(19)
The term shows the following:

earns the difference between and AP when the bargain succeeds.
If chooses CP, but the bargain fails, should pay as punishment for the
failure caused by its unreasonable offer . This punishment is realistic, as it
can make offer a reasonable to improve the possibility of a successful
bargain.
If chooses NC, should pay for
Utility function for the seller or neighboring node is given as follows:
(20)
The term shows the following:

If the bargain succeeds and , it receives the utility as the difference
between and .
If chooses CP, but , it pays as punishment for its unreasonable
asking price This punishment has realistic significance in Game G, as it
can inhibit the behavior of too many players trying to participate in cooperation,
which results in the consumption of extra resources, and make offer a
reasonable to improve the possibility of a successful bargain.
If refuses to be cooperative, it receives no utility.
Performance of the bargaining-based dynamic game model for

The game model was simulated in MATLAB and various experiments were
performed to present the efficacy of the model. The study comprises a network
topology of 2,000 nodes with a transmission range, R = 50 and nodes were randomly
deployed in an area of 1,000 m × 1,000 m. PCA is assumed to be 99.8%, as 2%, and
the value of minCNN is taken to be 8, which means that at least eight NNs are
encouraged to participate in cooperation.
For an effective demonstration of the decrease in the leakage of location privacy and
resource consumption, the discussed game is compared with two other game
scenarios. In the first scenario, “all nodes cooperate” while in other scenarios not all
but only random nodes cooperate, that is, “nodes randomly cooperate”.
13.3.3.1. Location privacy leakage

The aspect of location privacy leakage in the discussed game along with two different
scenarios is illustrated in Figure 13.3. From the figure, it is demonstrated that the
average privacy decreases near-linearly with an increasing number of successful
cooperative authentications in all three scenarios. However, the decrease in
Bargaining Dynamic game scenario is at a far lower speed as compared to other
mentioned scenarios. It is because nodes consider the location privacy leakage at the
time of utility calculation and then on the basis of calculated utility, they decide
whether to participate in cooperation or not, whereas in the other two scenarios no
such aspect is taken into account.
Figure 13.3: Performance analysis with respect to location privacy leakage
13.3.3.2. Energy consumption

Similar to the aspect of location privacy leakage, the aspect of energy consumption in
the discussed game along with two different scenarios is illustrated in Figure 13.4.
Figure 13.4 illustrates that the average energy decreases near-linearly with an
increasing number of successful cooperative authentications in all three scenarios.
However, the decrease in Bargaining Dynamic game scenario is at a far lower speed
as compared to the other mentioned scenarios. It is because nodes consider the
amount of energy consumed by nodes at the time of utility calculation and then on the
basis of calculated utility, they decide whether to participate in cooperation or not. In
this way, only the nodes with sufficient energy participate in cooperation, whereas in
the other two scenarios no such aspect is taken into account.
Figure 13.4: Performance analysis with respect to energy consumption
13.3.3.3. Network survivability

Due to limited resources, survivability is considered as an important parameter in IoT
networks. In the discussed Bargaining game, for a given node , if
, then is said to be a
survival node. The graph in Figure 13.5 illustrates that the percentage of survival
nodes rapidly decreases with the increasing number of initiating cooperative
authentication in all three scenarios. It is observed that in Bargaining-Dynamic game
scenarios, the decrease is at a far lower speed as compared to other scenarios. Thus, it
implies that there are more survival nodes in the bargaining-game model with the
same number of initiating cooperative authentication nodes when compared with the
other two scenarios.
Figure 13.5: Performance analysis with respect to network survivability
The in-depth description of the graph can be referred from the research paper [2]
13.4. Analysis of dynamic game model for cooperative authentication

The game model discussed in the preceding section presents the game in two different
situations; one with complete information (C-G) and the other with incomplete
information (I-G). Complete Information (C-G) game uses each player is able to
observe actions and has common knowledge about the strategy spaces and utility
functions of other players, whereas, in Incomplete Game (I-G), each player knows
all the strategy types of the players and the probability corresponding to each type, but
does not know which type the actions of other players belong to.
13.4.1. Dynamic game with complete information

In C-G, each rational player intends to choose the optimal strategy that maximizes its
utility and tends to present the following related definitions:
a. The best response of the player to the strategies of other players is a strategy
such that
b. A strategy profile is the Nash Equilibrium (NE), if for each
Nash equilibrium is a situation in which a player will continue with their chosen
strategy, having no incentive to deviate from it, after taking into consideration the
opponent’s strategy.
c. A strategy profile ; described by an extensive game tree is

an SPNE; if each subgame of the original game is Nash Equilibrium (NE).
Subgame Perfect Nash Equilibrium (SPNE) is a subgame, where each player
dynamically chooses its optimal strategy according to circumstances, rather than
sticking to its existing strategy. Here each player takes sequential actions as per
the serial strategies of other players and follows a sequential rationality premise.
This means that whenever the buyer makes a decision, it naturally adjusts its
strategy selection as per the actions of the sellers while each seller rationally
expects this situation and considers the effect of its strategy selection on the
buyer.
d. In C-G, a strategy profile, which consists of a Cooperation (CP) strategy taken
by players who belong to successful bargaining for more utility and a Non-
Cooperation (NC) strategy taken by other players for less loss are said to
satisfy SPNE.
Based on this definition, the following three theorems are derived:
Let (where , be a set of cooperative players such that
and . There is a strategy profile
satisfying SPNE for C-G if there exists such that , where
(21)
Let (where , be a set of cooperative players such that

satisfying SPNE for C-G if such does not exist and , where
(22)
Let [where , be a set of cooperative players such that

satisfying SPNE for C-G if such does not exist and , where
(23)
Proof of these theorems are out of scope, if reader wishes, they can refer research paper [2]
The preceding definitions (a to d) conclude that in C-G, each player performs

sequential actions as per the other’s serial strategies and aims to eliminate the Nash
equilibrium using the concept of SPNE. Nash equilibrium is basically aroused in the
static game with perfect and complete information. Therefore, a single SPNE will
always be reached and selected for the maximization of the players’ utility. Algorithm
1 presents step-by-step instructions for dynamic game algorithms with complete
information.
Algorithm 1:
Dynamic game algorithm with complete information for co-operative
authentication
Required parameters:
Given the message “m” with for authentication,
selects a suitable and calculates using equation (1)
Select the coefficients
chooses suitable weights
each , selects suitable weights and
Step 1:
calculates [equation (5)] and , [equation (7)], and
[equation (9)]
using equations (11), (12), and (13), respectively
broadcasts an authentication request with parameters (
) to neighboring nodes.
Step 2:
For each collects the parameters
Calculates and using equations (15) and (16), respectively

Step 3:
calculates and submits using equation (10).
Each in neighboring nodes calculates and submits using equation (14)
Step 4:
Let
Step 5:
If
Step 6:
If a bargain is concluded at , authenticating m and allocating the
utility to according to equation (18); otherwise, the bargain fails.
13.4.2. Dynamic game with incomplete information

As already discussed, in Incomplete Game (I-G), each player knows all the strategy
types of the players and the probability corresponding to each type but does not know
which type the actions of other players belong to. In that case, before playing the
game, each player initiates their own preliminary judgment according to all the
strategy types of the other players and the probability distribution corresponding to
each type.
So, while playing the game each player owns practical information on what action to
take by observing the actions of other players. Then, on the basis of this, players can
correct their initial judgements and choose their optimal strategy according to the
changes in judgments. The change in judgment and adoption of optimal strategy
derives the concept of Bayesian Inference and leads to the abstraction of Perfect
Bayesian Nash Equilibrium (PBNE). Mathematically, Bayesian inference is
formulated in equation (24):
(24)
Here,
is the probability that is of type and is determined by “nature”.
takes action with the probability when it is of type .
If observes an action of at information set , then a belief can be

derived using of in is of type with the condition of
action at , as in equation (24).
The “nature” player refers to a player who assigns a random variable, which could take
values of types for each player, to each player and associates probabilities or a probability
density function with those types.
On the basis of the preceding assumptions; the following definitions are defined:
a. In I-G, a belief profile and a type-dependent
strategy profile constitute a
PBNE if, for each at the information set h,
(25)
Where:
is the set of prior probabilities , such that

is the profile consisting of all beliefs of at the
information set h
is the type space of
is the type of
is the type-dependent utility
function of .
The preceding definition concludes that the PBNE aims to combine the
strategies with the beliefs of all players in the game. One player chooses their
optimal strategy according to the given beliefs of each player concerning the
types of the other players. Finally, on the equilibrium path, can be
derived from the observed information and
equation (24).
b. In a large scale, I-G can be represented in tree structure form as shown in Figure
13.6, where both and in the figure are information set of
From equation (19), it can be observed that the strategy for is related to its
, the sum of all and cost .
Thus, a time-dependent strategy of P can be obtained as
, where
and
Finally, the belief of in the type of player can be derived at a given
information set and type-dependent strategies can be obtained by
applying Bayes’ rule, as illustrated in equations (26) and (27):
(26)
(27)
In a similar manner, the strategy for player is also related to asking price and
time-dependent strategies of can be obtained as
, where:
And
Finally, the belief of P in the type of player can be derived at a given

information set and type-dependent strategies can be obtained by
applying Bayes’ rule, as illustrated in equations (28) and (29):
(28)
(29)
Figure 13.6: Extensive form of I-G

Based on this definition; the following theorem in I-G is derived, which states In I-G,
there is a strategy profile:
(30)
That results in a PBNE, where:
is the probability with which

belongs to the sellers’ coalition,
is the except value of ,
and are the except values of AP at the given f1 and f2, respectively.
Proof of this theorem is out of scope, if reader wishes, they can refer research paper [2]
Finally, summarizing all the preceding factors it can be stated that the PBNE helps a
player in I-G to decide whether or not to participate in cooperation and to maximize
its utility based on its belief about the types of other players. The belief is obtained
from the given information set (such as the history record of observed actions, and the
probability distributions of types) by applying Bayes’ rule. Algorithm 2 presents step-
by-step instructions for dynamic game algorithms with incomplete information.
Algorithm 2:
Dynamic game algorithm with incomplete information for cooperative
authentication
Required parameters:
Given the message “m” with for authentication.
selects a suitable and calculates using equation (1).
Select the coefficients .
chooses suitable weights
Each , selects suitable weights , and
Select the information set , type-dependent strategies
, and probability distributions of and .
Step 1:
calculates [equation (5)] and ,
[equation (9)]
using equations (11), (12), and (13), respectively.
And then predicts the beliefs and .
broadcasts an authentication request with parameters (
) to neighboring nodes.
Step 2:
For each collects the parameters
Calculates and using equations (15) and (16), respectively.

And then predicts the beliefs and .
Step 3:
calculates and submits using equation (10).
Each in neighboring nodes calculates and submits using equation (14).
Step 4:
Let
Step 5:
If is true,
Otherwise
If is true,
Otherwise
Step 6:
If a bargain is concluded at , authenticating m and allocating the utility
to according to equation (18); otherwise, the bargain fails.
13.5. Variants of entity authentication
In addition to the cooperative authentication techniques, there are other variants of
entity authentication. This section deals with the Node-eviction schemes
accompanying the node authentication mechanisms in network security. The section
illustrates various entity authentication techniques with respect to VANET as an
example. Conventionally, a centralized Certificate Authority (CA), such as Motor
Vehicle Registry was considered for node eviction. However, with the rise in the
number of vehicles, CA-based approaches were ineffective and the following local
node-eviction techniques were preferred that take action against other errant nodes,
both distributed and locally.
The structure and architecture of VANET is already discussed in Chapter 5, IoT as

Interconnection of Threats, Section 5.1.1.
a. Reputation
In the reputation-based node eviction method, an individual node forms or updates a
reputation metric of other nodes with which it has interacted. Based on its own direct
observation and information provided, the node updates the reputation metric of
interacted nodes and then gets itself evicted from the nodes of which they have had
bad experiences. As a result, nodes with bad experiences are excluded from the
VANET. Reputation-based approaches are resilient from false detection but respond
to incidents slowly.
b. Vote
Vote-based node eviction method uses a Local Eviction of Attackers by Voting
Evaluators (LEAVE) protocol. In this method, the authority (or responsible node)
collects accusations (that is, negative votes) from different nodes that have witnessed
a node’s misbehavior and on reaching the threshold, revokes the node being accused.
Voting schemes equip the individual with a rapid reaction and self-protection.
However, voting becomes an injustice when there exist more deceptive nodes than
honest ones.
c. Abstinence
In this scheme, the nodes keep the ratings of other nodes to themselves. On
experiencing a bad node’s misbehavior, the node takes a passive role and stays away
from the bad node without reporting. They in return expect that other nodes will
eventually remove the bad nodes from the network.
d. Police
In this scheme, a special vehicle for instance a police car, patrols the network of roads
and revokes any misbehaving nodes immediately upon detection. This class is
accurate, as the evidence is first-hand, but its speed depends on the chance of a node
being caught, though the eviction is made instantly.
13.5.1. Performance analysis of the variants of entity authentication

The performance of the node-eviction schemes is affected by various factors such as
the topology of roads, the spread of RSUs, speed of vehicles, drivers’ behavior, the
number of malicious nodes, and frequency of contact, that is, how often the nodes
contact and exchange messages and much more. The simulation scenario consists of a
circular road in grid format, where vehicles are circulated at different speed cycles
around the road and communicate with each other and with the RSU when in close
proximity. The RSU in turn relays the information to the CA. The network consists of
a total of 60 nodes (or vehicles), including one as the police node.
The behavior of the system components is dependent on the scheme used and is
modeled as a set of states and transitions. This means, that the process segregates all
nodes into two subnets: Subnet A and Subnet B. Initially all nodes; whether good or
bad join any one of the subnets at their own convenience. Then by the process of time
as the implementation of the scheme proceeds, the nodes converge into two different
subnets of the same kind. It means that one subnet will be of good nodes and the other
of bad nodes. In addition, the system is modeled as a network of who wants to receive
messages from whom, controlled by certificates. Each node maintains a List of
other nodes Valid Certificates (LVC).
The performance analysis of the Reputation scheme is not considered as it forms the superset
of Vote, Abstinence, and Police scheme.
Vulnerability time and risks are the two most important parameters of authentication-
based node eviction schemes, and are discussed as follows:
a. Average vulnerability time

Average vulnerability time is the time required by the scheme to resolve the
prevailing vulnerabilities. Figure 13.7 depicts the time simulation results and predicts
that the Vote scheme performs the best in terms of average vulnerability time because
every incident triggers segregation so that only half of the population will be required
to vote a node out. A threshold of 0.5 is considered in the given simulation of the Vote
scheme.
The Police scheme stands out to be in second place since it segregates a bad node
once the police catch a node sending a false message. The time increases with the
percentage of bad nodes because it takes time for the police to arrive in time.
At last, the Abstinence Scheme shows the worst performance, since a bad node is
moved to Subnet B only if all nodes remove it from their LVC. In addition, as the
percentage of bad nodes increases, the time dips slightly since the probability of
encountering a bad node is higher.
Figure 13.7: Performance analysis of entity authentication with respect to vulnerability time
b. Average risks
Risk is the most important parameter that defines the accuracy of the node eviction
scheme. Figure 13.8 demonstrates that the Police node eviction scheme poses the
lowest risk as compared to the other two schemes because every detection triggers a
bad node being moved from Subnet A to Subnet B. Finally, in the end, good and bad
nodes are largely segregated, with almost no risk. However, as the percentage of bad
nodes increases, it becomes difficult for the single police node to catch all the bad
nodes in time, as multiple bad nodes pop up simultaneously at different locations. It
may also be possible that the police never catch some bad nodes, which results in a
rise in risk.
Similar to the Police Scheme, the Vote Scheme also shows lower risk when the
percentage of bad nodes is low but, when the proportion of the population increases
beyond 0.5, its threshold settings, the risk rises suddenly. It is because, after 0.5 there
are only a few good nodes left that report and more bad nodes that provide false
accusations. As the simulation reaches a state of equilibrium, almost all the nodes,
good or bad, end up in Subnet B, returning to the image of the initial state.
At last, the Abstinence Scheme shows the highest risk, since a bad node is moved out
of Subnet A only when every other node abstains itself from it. Risk rises steadily as
the percentage of bad nodes increases. At some points, the risk fluctuates, since a
good node is removed from Subnet A. It is also observed that after 0.5, the risk value
of the abstinence scheme becomes slightly lower than the Vote scheme. It is because
there are more bad nodes than good nodes that distorts the truth. Refer to Figure 13.8:
Figure 13.8: Performance analysis of entity authentication with respect to average risk
The in-depth description of the graph can be referred from the research paper [2]
13.6. Message authentication: content delivery in VANET

Message authentication is another class of authentication which needs the utmost
attention. It ensures the facility of providing accurate content to the required node (or
vehicle) in a timely manner. Reliable content delivery in VANET poses serious
security threats such as confidentiality, integrity, and authentication, due to its
distributed, open, and mobile nature. Therefore, there is an intent to study strong
content integrity schemes that assures reliable communication within the network.
The section discusses the most popular content integrity scheme known as
VOR4VANET.
13.6.1. Voting on reputation for VANET(VOR4VANET)

This content integrity scheme consists of two stages: the local Reputation
Calculation stage followed by Voting Weighted by Reputation stage. In the Local
Reputation Calculation stage, RSU assigns a rating to each of the OBUs. OBU is the
vehicle’s On-Board Unit to which the RSU actually communicates and transmits data
in an ad hoc manner. This is followed by Voting Weighted by Reputation stage, where
the content inconsistency is settled on the basis of votes that is weighted by
reputations among the OBUs, instead of a majority vote.
Local reputation is calculated using an exponential weighted moving average
over past ratings at the completion of downloading all data fragments needed to
assemble the content and is expressed as follows:
(31)
Where:
, M = 1, if OBU delivers a good fragment and –1, if OBU delivers a
bad fragment, and , the recommended value of
Voting weighted by reputation determines the correct version of a data
fragment, in case its multiple copies from several OBUs carry different values.
The actual calculation of the mode from the list of reputations is obtained as in
the following:
(32)
Where:
are the non-negative reputations of corresponding OBUs
is the list of various OBUs that delivers duplicate data fragments to the
RSU.
This can be explained with the help of Table 13.2. Suppose, if an RSU receives
duplicates of a data fragment from four OBUs and only one of the four OBUs
delivers a “good (G)” fragment, whereas the rest three deliver “bad (B)”
fragments, that is, . Then, if the majority rule is applied the
final delivery to the RSU by OBU will be the bad fragment because there are
3Bs and 1G. However, if reputations are incorporated corresponding to each
OBU, that is, . Then, the list of OBUs will be equated to 3Gs
and 2Bs, resulting in a “G” mode. That means RSU would accept the good
fragment.
H1 H2 H3 H4 OBU
Fh B G B B B
Rh 1 3 0 1 G
Table 13.2: Majority versus reputation based

The procedure for content integrity is given in the following points:
Step 1: When a fresh VANET arrives in the vicinity of an RSU, the RSU checks the
reputation of all the OBUs of the vehicles within the VANET. Then, selects all those
OBUs with a high reputation having data fragments that cover the entire content.
Step 2: After the selection of all the highly re-updated OBUs that covers the entire
document. The RSU then establishes concurrent TCP connections with the chosen
OBUs and requests each for their fragments.
Step 3: It may happen that fragments received from all OBUs do not cover the entire
content and most of them are duplicated, which results in a discrepancy.
When a discrepancy occurs in the value of a particular fragment due to corruption in
some OBUs, the RSU invokes the voting scheme to settle the matter as discussed
previously.
Step 4: The final verdict will be reached after the RSU receives all the fragments and
assembles them into full content. The RSU then updates its reputation base.
Step 5: If the content fails the integrity check, the RSU repeats its selection process
and requests fragments again until either the entire content delivery succeeds or the
VANET passes out of its vicinity.
The performance analysis and graphs considered in this chapter are referred from the
research paper [2].
Conclusion
The resource constraint feature of Internet of Things has given rise to cooperative
communication, where instead of directly forwarding the data from source to
destination, intermediate nodes forward packets on behalf of some other nodes. This
reduces the consumption of energy and resources by the nodes. Though the
consumption ability of IoT nodes is reduced, the open-ended behavior of nodes has
jeopardized the network. Since nodes of any type can take part in the network.
Therefore, to contemplate the security threats, authentication and authorization are
used as the best technique that protects nodes and maintains the integrity of the IoT
data. In respect of this, the chapter presents the various authentication and
authorization techniques in IoT networks.
The concept of cooperative communication has given rise to cooperative
authentication, where the probability of correct authentication (PCA) is
estimated by the neighboring nodes.
In a practical implementation of cooperative authentication, the source nodes
first, select the “k” neighboring nodes and transmit the message “m” to each
neighboring node. Neighboring nodes on receiving the message “m”,
authenticates the message using MAC codes and transmits it back to the source
node. The source node then forwards the message and all received MAC codes
to the base station or destination nodes. Base station on receiving the MAC
codes and message verifies the data. If all MAC codes are authenticated truly,
then the base station will also authenticate the message “m”. Otherwise, if any
one of the MAC codes is not authenticated that base station will reject the
message “m”.
For increasing the efficiency of this cooperative authentication, the concept of
incentivization, in the form of a Bargaining-Based Dynamic Game Model is
included, so as to increase the intensity of cooperation and make the
participation of nodes smoother.
The Bargaining game model is a cooperative game model where two or more
players/users bargain or negotiate over the division of certain goods so as to
have maximum profits. A solution to a bargaining problem means the
determination of a division of shares in order to have maximum payoffs.
While establishing the analogy, in the IoT-specific cooperative authentication
game model, authentication services provided by cooperative nodes are
regarded as goods, which are needed to be shared. The buyer is the source node,
which sends the message and the sellers are the neighboring nodes, which
generate the MAC code of the message. The objective of the game is to improve
the cooperation willingness of nodes so that all the sellers behave cooperatively
instead of selfishly.
Incentives are provided based on the bargaining price offered by the buyer and
asked by the seller.
Price Offered by Buyer is given as follows:
Where , are the weights of bidding price, reservation
price, cost price and loss of no authentication price with respect to ,
respectively.
The price Asked by the Seller is given as follows:
Where , are the weights of the asking price, reservation

price, and cost price, respectively. is also the weight whose value lies
between 0 and 1. denotes the location privacy leakage for a
cooperative process for node .
The bargaining procedure includes the following steps:
Step 1: The buyer offers a bidding price.
Step 2: The potential sellers offer an asking price.
Step 3: The buyer selects a sellers’ coalition on the following basis.
Step 4: The buyer pays for the authentication service.
Step 5: The sellers authenticate.
The dynamic game includes players, strategy, and utility functions. Based on
the strategy the players take action so as to gain maximum utility price.
The performance of bargaining-based dynamic game model shows better
performance in terms of location privacy leakage, energy consumption, and
network survivability.
Dynamic game is further analyzed with respect to provided complete and
incomplete information.
Reputation, vote, police, and abstinence are some of the other methods of entity
authentication.
Performance analysis presents the abstinence method and shows the best
performance in terms of vulnerability time and average risks.
Other than entity authentication, message authentication is another major factor
that hampers the security of IoT networks. Voting on reputation is a method to
protect the integrity of the data in an IoT network.
13.7. Questionnaire

1. In cooperative communication nodes forward data packets
a. Directly to the destination node
b. Nodes forward packets on behalf of other nodes, so as to reduce energy

consumption
c. Nodes do not forward packets, so as to reduce energy consumption

2. In cooperative authentication;
a. If all neighboring nodes believe that message is true then the sink node
believes that message is true
b. If anyone node discards the authenticity of the message then the sink node
also discards its authenticity
c. If all nodes discard the authenticity of the message then the sink node also
discard its authenticity
d. All of the above

3. Bargaining-based dynamic game model is used to support:
a. Cooperative communication and cooperative authentication
b. Cooperative authentication
c. Cooperative communication, cooperative authentication, and cooperative

incentive

4. _________________ employs that each player is able to observe actions
and have common knowledge about the strategy spaces and utility
functions of other players.
a. Complete information (C-G) game
b. In-complete information (I-G) game
c. Dynamic game

5. ________ strategy is adopted for message authentication in IoT network
a. Police strategy
b. Reputation strategy
c. Voting strategy
d. Voting on reputation strategy
Answer key
1. (b) 2. (d) 3. (c) 4. (a) 5. (d)

1. Explain the strategy adopted for providing cooperative authentication in IoT
networks using the bargaining-based dynamic game model.

1. Explain various methods of entity authentication in the IoT network, with their
performance analysis.
2. How data integrity can be provided in an IoT network.
Keywords (†)
MAC Codes: They are a cryptographic data checksum code, which uses a
session key to detect both accidental and intentional modification of data.
References
[1] S. Karnouskos, “The cooperative Internet of Things enabled Smart Grid,” SAP
Res. Vincenz-Priessnitz-Strasse 1, D-76131, Karlsruhe, Ger., no. May, 2010,
[Online]. Available: http://diktio.dyndns.org/files/2010_ISCE.pdf.
[2] L. Licai, Y. Lihua, G. Yunchuan, and F. Bingxing, “Preventing Unauthorized
Access to Sensor Data,” in Security and Privacy in Internet of Things (IoTs), CRC
Press, 2016, pp. 319–346.

Significance of cooperation in IoT network.
How nodes can be authenticated using a cooperative authentication approach.
Study of Bargaining-based dynamic game model and its analysis.
Various techniques of Entity authentication and message authentication.

CHAPTER 14
Computational Security for the IoT and
Beyond
Computational Security is another major concern of the Internet of Things.

This relies on the fact that the system should be powerful enough to resist
the attack for a reasonable amount of time. However, due to the increasing
complexity of the IoT network, their interdependencies, their relationships,
and their unwanted communication have made them vulnerable to
computational attacks. IoT can be easily hacked, and computational
securities can be breached. In light of this, the chapter discusses various IoT
complex systems along with their characteristics. In addition to it, the
chapter presents an in-depth analysis of the computational security and
tools for IoT complex systems, followed by future perspectives of research.
Structure
The idea of computational models and their security in the Internet of
Things
The idea of Complex systems with their characteristics and
challenges
Examples and features of complex systems with their security
characteristics
The available computational tools with their future endeavor
14.1. An introduction to computational models and their
security
The computational model uses computer programs to simulate and study
complex systems using an algorithmic approach. These systems are
generally complex and nonlinear for which simple and intuitive analytical
solutions are not readily available. Therefore, a mathematical analytical
solution is derived by experimenting and adjusting the parameters of the
system with the help of computers and analyzing the differences in the
outcome of the experiments. These models are diversified into various
fields ranging from physics, chemistry, and biology to economics,
psychology, cognitive science, and computer science. Some examples of
commonly used computational models are weather forecasting models,
earth simulator models, flight simulator models, molecular protein folding
models, and neural network models.
Computational security accounts for providing security to these
computational models. The security of these models does not rely on
perfect security but on computational security. This means, that the
complex system is computationally secure “if it is unbreakable within any
reasonable time”. Mathematically, it can be formulated as the “Problem ‘P’,
which cannot be solved in a reasonable time and a reasonable time depends
on the task in hand [1]”.
Computational security can be explained with the help of the following example:
suppose if the intruder wishes to intercept the encrypted login details of
someone’s bank account. Then spending a few days to decrypt the account
would be reasonable. However, spending years to decrypt it is not useful. This is
because in a few years the account may be closed or the password would have
changed. Thus, it can be said that the algorithm for login details is
computationally secured.
14.1.1. Need for computational security in the Internet of

Things
The ubiquitous IoT is developing drastically in everyday life, from physical
interactions between devices to social relationships among humans. All
these emerging interactions have resulted in the development and study of
large-scale complex networks. These complex networks not only require
intelligent communication but also require advanced theoretical and
computational analysis. The emergence of the large-scale IoT has profound
effects on functionality, dynamics, processes, and activities, including
security in theoretical as well as computational aspects.
Modern-day intruders exploit the computational approaches of IoT
extensively to devise sophisticated and possibly multiscale and
multidomain attacks against increasingly more complex IoT systems while
evaluating and limiting their chances of being detected. Therefore, to
protect the large-scale IoT system from unwanted intruders, it is necessary
to secure the systems theoretically as well as computationally.
Computational security is concerned about the scientific approaches to security

rather than the security of computing.
Following are the points of concern that can be iterated during the course of
the computational attack so as to adaptively increase the chances of normal
execution without any effect of attack implementation:
Identifying and gathering relevant data from existing sources, and
actively exploring the system to collect additional useful data.
Evaluating data and building models for the targeted system at
different scales and in different domains.
Assessing the Security of the model using computer simulations,
which are likely to be intractable due to the complexity of the model.
Exploiting the identified vulnerabilities in order to create an initial
strategy for the attack.
Refinement of the attack strategy and devising its implementation
under the concealment, available timescales and resources, and other
required constraints.
The preceding points if successfully adapted can prevent the computational
exploitation of computational security in large as well as small scale IoT
systems.
14.2. Complex systems
Complex systems are regarded as networks of mutually interconnected sub-
units (that is, structural models derived from the physical structure) or as
network that captures the interdependencies and relationships (meaning,
functional models, and derived from logical structure). In other words, the
complex network models are collections of scalar interactions between the
pair of entities.
Some examples of complex system networks are as follows:

Socioeconomic infrastructures such as telecommunication systems,
roads, and distribution of utilities, which are regarded as the largest man-
made networks
Biological systems formed by complex interactions of biomolecules,
cells, organs, tissue, individuals, and populations
14.2.1. Characteristics of complex systems

As discussed, complex systems are modeled as interconnections of various
heterogeneous networks along with their spatiotemporal† nonlinear
interactions, which makes these systems far beyond complicated.
Straightforward measuring of individual components is simple, although
measuring the interactions between components or groups of components is
often difficult. Moreover, predicting the behavior of complex systems is
much more complicated because of the nonlinear responses to
perturbations. This indicates that the “Complex network as a whole is not
equal to the sum of its parts”.
Complex systems have a number of natural characteristics, and they are
regarded as follows:
These systems are self-organized, which is achieved by employing
them in a fully distributed manner.
Complex systems can be easily adapted to the environment. This is
done by solving different constrained optimization problems at
different spatiotemporal† scales. It reflects the static as well as radical
changes in the internal structure.
Complex systems are not evolved from scratch. They are often built
by reusing the components and subsystems of other complex systems.
This speeds up the evolutionary development of complex systems.
Complex systems maintain a dynamic internal state at the boundary
between order and chaos.
IoT as a complex system

IoT itself is also a complex system that bridges the gap between existing
complex systems. It is done by extending the reach of the internet into the
physical world. The objective is to build a pervasive system and
environments that are reliable, unobtrusive, autonomous, and secure. The
controllability of the systems and environments is enhanced through a
network of nested heterogenous networks leading to a formation of an
extremely complex system of systems. These systems are modeled as
graphs that represent the interactions of a large number of nodes, which
may be of the same type or different types, located at different
spatiotemporal scales.
IoT as a complex system can be explained with the help of three interacting
network systems A, B, and C as shown Figure 14.1. Here network A is the
human brain, network C is the surrounding environment and network B is
the IoT sensors and actuators, which act as the bridge or interface between
network A and C. Network B is used for the extraction of information from
the data collected by the IoT sensors. The extracted information is used for
making meaningful decisions and assists the system toward a desirable
state.
Figure 14.1: IoT as a complex system
The development and inculcation of the IoT as complex systems of systems
have profound effects on the functionality, dynamics, processes, activities,
and security of all the existing systems, shown in the following ways:
The existing systems, which are already complex systems, become
more closely interconnected and immersed.
The interactions of components within and in between systems
increase.
The existing services are modified and the opportunities for new
services emerge.
The perception of the environment and reality changes.
The scale and scope of security problems get expanded.
14.2.2. Security challenges in complex systems

The security of complex systems in terms of computational security is an
area of concern, which needs the utmost attention. For instance, biological
and social networks are very complex, and defining their security is a
difficult task. So, instead of analyzing perfect security the provision of
computational security is used for these systems. However, security
provisioning requires extra resources and often establishes trade-offs among
reliability, availability, and security. Moreover, the security of complex
sociotechnical networks accelerates several challenges and demands the
following:
Highly fragmented systems with diverse components and hybrid
interfaces
Components with varying levels of security certification, standards
compliance, and interoperability
A mixture of components designed with embedded security features
and those with security added as an extra feature
A highly competitive environment with many manufacturers,
operators, contractors, suppliers, and so on
The convergence of information technologies and operation
technologies (IT and OT)
A growing need for remote access and management of subsystems
A paradigm shift in the motives and targets of the adversaries, fueled
by IoT characteristics. Shifts can be from small to large scale, from
ad hoc to well planned, from a single domain to concurrent attacks
across multiple domains, and from material or financial to
psychological.
Consequently, fulfillment of the proceeding demands and challenges leads
to a security system that computationally aims at the following:
Development and support of widely accepted good security practices
across IoT industries.
Identification of security monetization opportunities and accounting
for underlying costs such as environmental, social, and system
downtime costs.
Development of universal, systematic approaches to holistic security
that encompass all complex systems that affect social lives, such as
embedding security and creating security platforms and concepts,
security intelligence, plug-and-play security, and so on.
Development of automated security threat (risk) assessments and
security analytics for arbitrary complex systems or their subsystems.
14.3. Examples of complex systems with their security

characteristics
This section reviews the representative examples of complex systems along
with their security aspects.
14.3.1. Wireless networks

The wireless network is a complex computer network that connects various
nodes via wireless data connections. It is a method by which various sub-
networks are connected to each other via wireless links, also termed as
radio links. The implementation of wireless transmission takes place at the
physical layer (lower layer) of the protocol stack. Some of the most popular
examples of complex wireless networks are cell phone networks, wireless
sensor networks, satellite communication networks, wireless LANs, IoT
networks, and so on.
Though wireless networks are widely recognized, they create several
challenges as well as opportunities. Since they are insecure and data sent
through them can be easily broken and modified. Security is considered as
the most critical and compulsory aspect. Some of the major security
challenges of wireless transmission are jamming, eavesdropping, DoS,
Masquerade, replay attacks, message modification, and so on.
Details of all these attacks is discussed in Chapter 2 “IoT Security:

Vulnerabilities, Attacks, and Countermeasures”.
14.3.2. Social networks

A social network is a network where a virtual connection is established
between people with similar interests, backgrounds, and activities. A simple
model of a large-scale social network such as civilization classifies people
as follows: (1) free riders, who consume excessive resources compared to
little contribution to society, who form the majority of users, and whose
consumption and contributions are balanced, and (2) contributors, whose
contributions exceed their consumption. The services in social networks
allow users to share their data in the form of their interests, videos, photos,
activities, and so on. They are also beneficial to users in terms of economic
and geographical borders. In addition, they can be used for achieving goals
related to job searching, entertainment, education, and so on.
Apart from their huge popularity, they are vulnerable to attacks and are at
high-security risk for their users. Shared data can be easily stolen or
manipulated by attackers, who can easily impose spam, malware, social
bots, and so on. The most common types of security threats and attacks in
social networks are classified as follows:
a. Multimedia content threats

These threats include the illegal utilization of photos, videos, location, and
Web searches via sharing multimedia data on social networks. For instance,
a shared picture can reveal a user’s location via the usage of geotagging.
Some of the multimedia threats that can be used by an attacker to obtain a
user’s sensitive information are Exposure of multimedia content, Shared
Ownership, Manipulation of multimedia content, Steganography, Metadata,
Unauthorized data disclosure, and so on.
b. Traditional threats
Traditional threats consist of traditional attacks, where confidential
information can be easily gained access. Once an attacker obtains this
information, they can commit other crimes and serious attacks, such as
phishing and identity theft. Various traditional threats that can be used by
attackers to gain a user’s personal information are phishing, malware, Sybil
attack, spamming, hijacking, inference attacks, cloning, and so on.
c. Social threats
In this type of threat, attackers maliciously exploit the social relationship of
the users and interact in different ways with different kinds of users such as
minors, employees, and so on. For instance, an attacker can attract minors
by expressing sympathy, love, and care, or offering online gifts, and cash,
among others. Their motivations can include blackmail, sharing
pornography, engaging in cyber harassment, and spying. Some of the
examples of social threats are Cyberbullying (online harassing attack) and
cyber-grooming (sexually abusing using emotional talks), Corporate
espionage (automated social engineering attack to gain access to
information such as employee’s position within a company, email
addresses, full names, among others), Cyberstalking, and so on.
Details of all these attacks is out of scope. If readers wish, they can refer the
research paper [2].
14.3.3. Economic networks

An economic network is a combination of individuals, groups, or countries
that interact with each other for the benefit of the community as a whole.
The objective of the network is to strengthen the position of the community
in a market. It deals with the production and distribution of goods and
services. It also contributes to rich and universal tools which are readily
used to describe the dynamics of other systems.
IoT plays an important role in existing and enabling new economic
processes such as tracking and managing the inventories of goods,
delivering parcels, supporting e-commerce activities (online shopping),
optimizing supply chains and manufacturing, creating smart environments
for assisted living, personalized healthcare, and so on. However,
introducing intelligence into these economic processes create opportunities
for more sophisticated small-scale as well as large-scale attacks and
exploitation as part of economic warfare. Some of the warfare attacks in
economic networks are espionage (monitoring other countries to steal
secrets), sabotage (theft of sensitive information either accidentally or
intentionally by government employees or terrorists), DoS, propaganda
attacks (attacker aims to control the minds and thoughts of people living in
or fighting for a target country), economic disruption (attackers target
computer networks of economic establishments such as stock markets,
payment systems, and banks to steal money or block people from accessing
the funds they need), surprise attacks (attacker aims to carry out a massive
attack that the enemy is not expecting and enables the attacker to weaken
their defenses, it is done to prepare the ground for a physical attack in the
context of hybrid warfare), and so on.
14.3.4. Computer networks

Computer networks is another complex set of computers that share
resources located on or provided by network nodes. Communication
protocols over digital interconnections are used to communicate with each
other. These interconnections can be wired, optical, wireless, or a
combination of all these. Despite its diverse popularity, computer networks
are used by security hackers to deploy computer viruses and worms, which
can be easily transmitted to other systems and subsystems. Thus, it can be
said that all networks are prone to hacking, hijacking, and other types of
attacks. Some of the major threats in computer networks are malware (such
as rootkit†), spyware, viruses, trojan horses, phishing, SQL injection, and so
on.
14.4. Computational tools for complex systems

To measure the computational complexity of the complex systems, various
computational tools are considered, some of them are illustrated as follows:
14.4.1. Signal processing tools

Signal processing tools are statistical in nature and are preferred for models
that are uncertain and have random behavior of actors. Features related to
signal processing tools are as follows:
These tools rely on the ergodicity and stationarity of the random
processes. Ergodicity defines that the statistical averages are not time-
varying and stationarity states that the time averages are non-random.
Summarizing this, it can be stated that the signal processing methods
work well on average, for the vast majority of inputs and system
internal states.
Statistical tools form the basis of estimation theory and detection
theory and focus on the problems of finding the values of model
parameters. Parameters are the discrete random variables that
represent how likely different outcomes are observed.
For more complex systems, which involve high-dimensional and
structured data, statistical tools include machine learning, pattern
recognition, fuzzy logic, and so on.
Machine learning can be used by an adversary to identify the
predictable patterns of the system processes and to devise a powerful
attack and avoid detection.
Similarly, the concept of Deep learning is used to learn efficient
representations of unlabeled data, and then follow similar principles
as neural networks with multiple layers of nonlinear processing.
Game theory is another form of statistical tool that includes
mathematical models of cooperative and competing strategies among
interacting intelligent players.
Multiagent models and multiagent systems are also statistical tools
for complex networks.
Finally, the algorithms are a crucial step in the implementation of
signal processing methods. Their design is important for large-scale
problems and time-critical applications such as online learning from
large numbers of data sources.
Evolutionary algorithms are popular for simulations of large-scale
complex systems. They are trial-and-error stochastic optimization
methods and are inspired by the principles of Darwinian evolution†.
14.4.2. Network science tools

Network science tools are rapidly growing mathematical tools for studying
complex networks. It is the result of disciplines such as graph theory,
statistical mechanics, data visualization, and algorithms. Features of
complex networks analyzed by network science tools are as follows:
Connectivity: It decides whether the two nodes are connected over a
nonzero time interval or not.
Autonomy: The autonomy of nodes is a necessary condition to allow
their intelligent decisions.
Emergence: Even though the emergent macroscopic behavior from
local interactions is nonrandom, it is so complex that it is
unpredictable.
Non-equilibrium steady states: The existence of states close to
equilibrium (being unstable) is a crucial condition for the system to
keep evolving.
Self-organization: Self-organization is a form of structural adaptivity
in response to actual or perceived (anticipated) external perturbations
or events.
Evolution: Evolution is a long-term, large-scale adaptivity to the
external environment.
Network resilience: It is the ability to resist a change due to external
disturbances. It is the speed at which the network returns to normal
functioning after external perturbations.
The spreading of epidemics and information cascades: It predicts
the autonomous distribution of material objects (such as viruses and
mechanical malfunctions) and information (for example, know-how
and news) through the network, respectively.
Searching: Searching networks aims to find a source–destination
path in a reasonable amount of time.
Routing: Network routing is used to find a path with minimum cost.
Network Science tools are also used in the study of network
structures referred to as Social Network Analysis (SNA). They offer
different types of metrics to evaluate network connectivity, centrality,
transitivity (for example, clustering), similarity, searchability, routing,
partitioning (for example, communities), and other properties.
14.4.3. Controllability and observability of networks

Network controllability and observability are important tools for the
measurement of the computational security of complex systems. These
tools are suitable for networks where attackers are motivated to gain at least
partial control of the system and to get access to additional resources rather
than attempting to cause any damage. The characteristics and features
related to controllability and observability tools are as follows:
Controllability and observability are derived for a static directed
network where every node and edge is assigned a scalar value. The
node values represent the system’s internal state, and the edge values
are attenuations of the node states.
Controllability is considered as the ability to drive the system from
an arbitrary state to any other state. The aim is to find the minimum
number of driver nodes that act as external inputs to the network. In
this way, the full controllability of the network is achieved.
The minimum number of driver nodes is dependent on degree
distribution and has a small degree of connectivity. Therefore, sparse
and heterogeneous networks (such as IoT) are more difficult to
control than dense and homogeneous ones.
Observability of complex networks is the ability to estimate the
internal state of the system from a finite number of observations. It
can be approximated by decomposing the network into a set of
strongly connected components by selecting at least one sensor node
within each of these components. Similarly, partial observability
identifies the minimum number of sensor nodes to reconstruct some
(but not all) state variables.
14.4.4. Network tomography

Tomography is the art of obtaining an interior image of the network so as to
analyze the quality of the offered services and the prevailing abnormal
activities, if they exist. The characteristic features of network tomography
are as follows:
Traditionally, Network monitoring was used for the observability and
the employment of computational security in complex networks,
where the determination of allocated resources, measurement of
quality of offered services, and the detection of abnormal activities
and behaviors were guaranteed for the reliability and security of the
network. However, for efficient security implications separate
monitoring of individual nodes and edges is needed, which is
impractical. So, either active network probing or passive observation
is used instead (for example, end-to-end measurements). This leads to
an inverse problem of either reconstructing the network’s internal
state or testing hypotheses, for instance, it is unable to decide whether
the network behaves abnormally or not from a finite number of
observations.
To counter this problem, mathematical tomography was used, which
makes use of either sectional or projection imagining and the
subsequent computational reconstruction.
This tool is used to identify the network’s vulnerabilities which can
directly lead to the detection of efficient attack strategies against key
network infrastructure.
An example of adaptive iterative network tomography can be investigated in

research paper [3]. Here, new observation nodes are identified as the network is
being reconstructed at each step. Iterative exploration of the network combined
with malicious activities while in progress can be easily identified.
14.5. Future scope

Computational security has emerged as the popular approach for designing
of the defense and counter-measuring of the sophisticated attacks. The
computational methods aid the attack transition from reactive (suspected) to
proactive (suspicious) security considerations. Some of the perspectives of
the research for our readers in the area of complex systems, networks, and
their security are as follows:
To enhance the understanding of complex IoT systems, multiscale
and multidomain modeling with the correct level of granularity and
accuracy is the fundamental security challenge that should be
derived.
It is difficult to detect security attacks that are much slower or much
faster than the responses of the system’s dynamics, that is, the steady-
state of the system.
There is a need for the standardization of designing networked or
distributed systems with defined trade-offs between security and
other network characteristics such as reliability.
It is still not clear whether network evolution is an open-ended
process, whether all networks mature and disintegrate in some finite
time period, or whether the network lifetime is shortened due to
security breaches.
There is an extensive need to devise markers that forecast various
events within networks and other complex systems. The markers are
used as proactive security measures.
Conclusion
The chapter presents, the design, deployment, and monitoring of complex
systems with that of security features. It highlights the concept of
computational security in complex systems along with various examples.
The key features of the chapter are as follows:
Computational models are the models that use computer programs for
the simulation and study of complex systems using an algorithmic
approach.
The security of these models does not rely on perfect security but on
computational security.
Computational security means that the system is unbreakable within
any reasonable time.
Complex systems are regarded as networks of mutually
interconnected sub-units (that is, structural models derived from the
physical structure) or as a network that captures the
interdependencies and relationships (such as functional models and
derived from the logical structure).
Wireless networks, social networks, economic networks, and
computer networks are some of the examples of complex systems.
Security to these systems is provided by computational tools. Some
of the examples of computational tools are signal processing tools,
network science tools, network tomography, and controllability and
observability of networks.
14.6 Questionnaire

1. Security that is unbreakable within a reasonable amount of time
is known as
a. Cryptographic security
b. Computational security
c. Steganography security

2. Network where a virtual connection is established between
people with similar interests, backgrounds and activities is
known as
a. Wireless network
b. Social network
c. Economic network
d. Computer network
3. Rootkit is an example of
a. Malware
b. Spyware
c. Phishing
d. DoS
4. Machine learning, game theory, and deep learning is an example
of ________ processing tools
a. Network science tools
b. Signal processing tools
c. Network tomography
d. None of above
5. _____ is the ability to drive the system from an arbitrary state to
any other state.
a. Controllability
b. Observability
c. Tomography
Answer key
1. (b) 2. (b) 3. (a) 4. (b) 5. (a)

1. What do you mean by computational security and what is the need to
secure complex systems from that of computational security?
2. How can upcoming researchers contribute to the security of complex
systems?
1. What do you mean by complex systems? Explain with the help of
examples.
2. What do you mean by computational security? State the
characteristics of computational tools along with some examples.
Keywords (†)
Spatiotemporal Interaction: Interactions where data is collected
across time as well as space and has at least one spatial and one
temporal property.
Rootkit: A rootkit is malicious software that is designed to give
unauthorized access to a computer or other software.
Darwinian Evolution: Theory of evolution where organisms produce
more offspring than are able to survive in their environment.
References
[1] B. Barak, “Lecture 3 - Computational Security,” 2007, pp. 1–7.

[2] S. Rathore, P. K. Sharma, V. Loia, Y.-S. Jeong, and J. H. Park, “Social
network security: Issues, challenges, threats, and solutions,” Inf. Sci.
(Ny)., vol. 421, pp. 43–69, Dec. 2017, doi: 10.1016/j.ins.2017.08.063.
[3] J. S. Baras, “Network tomography: New rigorous approaches for
discrete and continuous problems,” in 2014 6th International
Symposium on Communications, Control and Signal Processing
(ISCCSP), May 2014, pp. 611–614, doi:
10.1109/ISCCSP.2014.6877949.

Concept of Computational Model and computational security
Significance of Complex networks with their example
Security challenges in Complex systems
Tools to measure the computational security

CHAPTER 15
Identity and Access Management Solutions for
the IoT
The protection of data and safeguarding of user privacy are the major
concerns of IoT organizations. This is where Identity and Access
Management (IAM) appears, as they help organizations to be away from
cyber-attacks and data leaks in the long run. Yet, the lack of proper IAM in
the Internet of Things is still a subject to be discussed, as it leaves devices
open to identity theft, encryption, and unauthorized parties taking control of
smart devices. This further demands the quick implementation of effective,
fast IoT digital identity, and security solutions. This chapter discusses
Identity and Access Management for IoT devices along with their lifecycle.
Technologies such as PKI and OAuth with different types of authentication
credentials are discussed for providing authorization and access control for
IoT devices. These technologies offer the foundations for a complete, user-
friendly, automated, and secure authentication and authorization solution.
Structure
The idea of identity and access management and its implementation in
the Internet of Things
The lifecycle of identity establishment
Illustration of IoT IAM infrastructure
The available authorization and access control for the Internet of
Things
15.1. Introduction to identity and access management for the
IoT
Identity and Access Management (IAM) is a structure of technologies and
policies that ensures that only suitable or authorized users have appropriate
access to technology resources. In addition, besides managing user access to
data, it also identifies devices of IoT systems. Traditionally, IAM includes
only the login process to gain access to the application portfolio. However,
the new-age advancement of IoT devices is unable to deal with available
traditional IAM solutions. Since many more IoT devices are expected to be
deployed throughout an organization than the usual one or two mobile
phones or laptops for each employee. Thus, there is a need to upgrade the
architecture quickly taking into account the number of device connections
and the looming security concerns. Refer to Figure 15.1:
Figure 15.1: Comparison of traditional and IoT IAM
The demand for IAM has gained precedence for the Internet of Things and
has forced the coverage of IoT into the following aspects:
Scalability with low latencies: Inculcation of IAM by IoT vendors
provides scalable runtime access for securing authentication and
authorization at high transaction rates, without facing any latencies
issues. IoT vendors tend to reduce data storage and manage both
structured and unstructured data sets that support deployment on-
premise and on the cloud platforms.
Integration of IAM with IoT devices: To manage the security in IoT,
device identity and access technologies are incorporated with IoT
platforms. This has accelerated the endorsement of IAM into the IoT
market while ensuring the protection of data at all costs.
Embedded device authentication: For ensuring identity and access
management, IoT manufacturers are joining hands with authentication
providers and product specialists. They are doing so for the creation of
a dynamic and robust authentication process.
Need of IAM for IoT can be illustrated with the help of examples, such as the
following:
The leased IoT solutions designed for radio machine technology, records the
number of scans and permits operations only up to a certain number of
entitlements. These are restricted to only authorized users and authorized
machines, which makes the system very complex. Therefore, access control
decisions for restricted users, for specific device version, time of day and other
constraints is implemented using IAM program.
The use of wearable devices, such as Fitbit, requires that it should be worn by
authorized individual only for whom the Fitbit is designed for and no one else
should use it. This is done to have the accurate information related to daily steps
and heart rate. Employment of IAM in wearable technology not only manages the
fresh inculcation of data but also uses the significant privacy concerns related to
safeguarding the personal information.
Implementation of IAM for the development of IoT application

The rapid expansion of the connected ecosystem has called for the
implementation of Identity and Access Management in every phase of the
Internet of Things. Since IoT can be compromised in several domains, it is
mandatory to manage single or overlapping identities evolving from them.
Some of the stemming identity issues in IoT are discussed as follows:
a. Default password risks

Various IoT devices are provided with default passwords and users are
instructed to change them before use. However, not everyone does so or
bothers to act accordingly. Besides, if passwords are changed then they are
not strong enough.
IAM solutions help users to manage their identities by providing mandatory
instructions for creating and changing passwords such that the password
length should be eight characters with one uppercase, one numeric, one
special character, and so on. Besides, IAM can limit access privileges to
devices with added plugins and workflows.
b. Cross-domain IoT
Machine-to-machine applications cannot be combined with each other since
they are domain-specific and not interoperable. However, IoT is diversified
into several domains, where the management of heterogeneity is of major
concern. This demands that devices should communicate with each other
and be interoperable. This has resulted in the emergence of cross-domain
IoT. A cross-domain IAM solution helps to manage and understand the
multiple identities across domains and devices perfectly. These solutions
assist the successful operation of IoT services in their environment.
c. Credential abuse
Stealing of credentials such as usernames, passwords, or any other sensitive
data is another issue of the IoT ecosystem. It generally takes place in the
workplace, where employees sometimes intentionally or unintentionally
share their data with coworkers, which leads to credential abuse. The
absence of a proper IAM solution gives them the opportunity to hackers,
where they have unwanted access to data and places, which they can easily
exploit. Therefore, it is necessary to have a proper IAM platform, where an
organization and its employees can control all their interlinked devices and
build them to be strong enough to shield data at a corporate level.
d. Virtual Eavesdropping
In Virtual Eavesdropping company secrets and sensitive information is
leaked via virtual personal assistants such as Alexa, Siri, or any other
advanced version. The leakage of data affects the reputation of the brand in
the market. Therefore, to address these challenges IAM solutions should be
built in such a manner that they should include the following:
A well-equipped user identity system that controls their IoT
environment
Responsive authentication and data access protocols for contextual
control
End-to-end encryption for data protection at endpoints, that is,
between two different devices as well as everywhere else in between.
The identity issues in the Internet of Things that were discussed preceding
are analyzed and resolved using the IAM program. For this, the IAM
program should be designed in such a way that it should mitigate the fault in
an environment, where:
New devices with diverse functions are securely added to the network
at a rapid pace.
Data and devices are frequently shared within the organization as well
as with other organizations.
Privacy is maintained despite consumer data being collected, stored,
and frequently shared with others.
15.2. The identity lifecycle

Identity management in the Internet of Things is a complex function, which
consists of several phases and is demonstrated with the help of the identity
lifecycle. The lifecycle procedure is established and applied to all IoT
devices that are procured, configured, and attached to an organization’s
network. It starts with the naming convention of the device and ends with the
deletion of identity from the system. The first aspect of the identity lifecycle
requires a synchronized understanding of the categories of IoT devices and
systems that are introduced within the organization, both now and in the
future. The actual illustration of the identity lifecycle is exemplified Figure
15.2.
Figure 15.2: Identity lifecycle of IoT
15.2.1. Identity establishment with unique requirements

The very first phase of the identity lifecycle is the establishment of unique
naming conventions. Uniqueness is a non-identical feature that can be
randomized or deterministic. For example, consider a counter value, where
the value is assigned and never repeated. Another example of uniqueness can
be a static value in concatenation with a counter value such as “device
manufacturer ID + a product line ID + a counter value”. In addition, a
Global unique identifier, that is, UUID† can also be used for defining the
uniqueness while naming the device.
Once a method of uniqueness assignment in IoT devices is established, the
subsequent step in this phase is to logically identify the assets within the area
of operation. This is done to support authentication and access control
functions.
Identity of IoT devices

Authorized identification of the assets is done by checking the identity of the
resources. The identity of resources can be defined using the following
methods:
Using a username within a domain such as
<lastname_firstname_middleiniital>
Using unique identifiers such as UUIDs and Electronic Serial
Numbers (ESNs). These identifiers are generally not adequate for
securing authentication and access control decisions. As they can be
easily spoofed through cryptographic controls. In such a case,
administrators are advised to chain another type of identifier to a
device such as a password or credentials like digital certificates.
Using Thing Registry service, which permits an administrator to
register IoT devices, where for each device the name and various
attributes of the thing are captured. The attributes of the device include
data items such as manufacturer, serial number, location, type,
deployment date, and so on.
Using ClientID in IoT messaging protocols; for instance, the MQTT
IoT protocol tends to include a ClientID field, which transmits a
broker-unique client identifier within a unique broker-client
communication session.
15.2.2. Secure bootstrap

Once the identity of the device is established, the very next phase is the
establishment of initial trust within the device by means of secure bootstrap.
An insecure bootstrap is among the greatest vulnerabilities in the IAM
program.
Bootstrapping is the beginning of the process that can be regulated in the
manufacturing state (for example, in the foundry manufacturing a chip),
intermediary state (such as a depot or supplier), or at the end state where the
system is delivered to an end operator. Generally, the most secure
bootstrapping method is during the manufacturing state, where devices are
uniquely identified through:
Unique serial number(s) imprinted on the device.
Unique and unalterable identifiers are stored and fused in device read-
only memory (ROM).
Manufacturer-specific cryptographic keys, which are used via definite
lifecycle states and securely hand off the bootstrapping process
throughout the lifecycle states (such as shipping, distribution, hand off
to an enrollment center, and so on).
Bootstrapping using PKI

Bootstrapping from the perspective of PKI involves the following processes:
Devices are securely shipped from the manufacturer (via a secure,
tamper-detection-capable shipping service) to a trusted facility or
depot. The facility includes robust physical security access controls,
audit processes, and record-keeping, along with highly vetted staff.
The device counts and batches are matched against the shipping
manifest.
Once the devices are received by a trusted facility, the steps for each device
include the following:
Device authentication using a customer-specific, default manufacturer
authenticators such as a key or password.
Installation of PKI trust anchors and the intermediate public key
certificates (for instance those of the registration authority, enrollment
certificate authority, other roots, and so on).
Installation of minimal network reachability information, which means
that the devices are aware of where to check certificate revocation
lists, perform security-related functions, and OCSP lookups.
Provisioning of the device PKI credentials (such as public key signed
by CA) and private key(s) so that other entities possessing the signing
CA keys can trust any of the new devices.
Threat mitigation in the bootstrapping process
A bootstrapping process is said to be secured if it is able to mitigate the
following threats and vulnerabilities when facilitating devices. These are as
follows:
Insider threats, which are designed to introduce new, rogue, or
compromised devices
Duplication (cloning) of devices anywhere in the life cycle
Public key trust anchors or other key material into a device that should
NOT be trusted, for example, rogue trust anchors
Compromise (including replication) of a new IoT device’s private key
during key generation or import into the device
Gaps in device possession through the supply chain and enrolment
processes
15.2.3. Credential and attribute provisioning

Once the base of identities within the device is established, the facilities of
operational credentials and attributes take place. Credentials are used for
secure communication, authentication, and integrity protection. Credentials
can be any digital certificate, which generates the key pairs centrally or on
the device itself.
If the centralized generation is used, then it should be a highly secured key
management system operated by designated personnel in secured facilities.
Another means of provisioning certificates is via the local generation of the
key pairs that are directly on the IoT device. It is followed by the
transmission of the public key certificate through a certificate signing
request to the PKI.
Incase if the bootstrapping procedure is not secured enough, then an additional

policy control is established for PKI’s registration authority (RA) for verifying
the identity of the device being provisioned. Basically, the more secure the
bootstrapping process, the more automated the provisioning can be.
There are times when local access to the device is required for administration
purposes. This may require the provisioning of SSH keys or administrative
passwords.
Figure 15.3 represents a sequence diagram that presents an overall

registration, enrollment, and provisioning flow for an IoT device:
Figure 15.3: Credential provisioning of an IoT device
15.2.4. Account monitoring and control

After the provisioning of accounts and credentials, the monitoring of these
accounts against the defined security policies takes place. The strength of the
credentials such as cryptographic cipher suites and key lengths is monitored
across the IoT infrastructure. Monitoring also includes the usage tracking of
the accounts and credentials. For this, an authorized representative is
assigned to audit the use of local IoT device administrative credentials such
as SSH keys and passwords, on a routine basis.
Monitoring in IoT system also include the privileged account management tools
that allows the features such as checking out administrative passwords to aid in
audit processes.
15.2.5. Account updates

In this phase credentials (such as passwords, certificates, and keys) are
rotated on a regular basis. It is observed that the higher the rotation; the more
secure the system. This means that credentials having a reduced attack
footprint are short-lived, and yet the process of changing the credentials
tends to be expensive and time-consuming. Thus, whenever possible, look
for automated solutions for these processes.
Let’s_Encrypt [3] is a service that helps to improve and simplify certificate

management practices for organizations.
15.2.6. Account suspension

The account suspension phase gets activated only if the data present in the
IoT account requires forensic analysis at a later stage.
15.2.7. Account/credential deactivation/deletion

This is the last phase of the identity lifecycle. Here accounts used by IoT
devices get deleted and credentials get deactivated, as soon as devices are
decommissioned. Keys used for encryption, whether network or application,
are deleted to keep adversaries from decrypting captured data at a later point
in time using the recovered keys.
15.3. Authentication credentials

Appropriate implementation of authentication has favorable effects on IoT
security. There are different types of authentication credentials that are
available for IoT protocols and services. This section discusses the various
methods of building authentication solutions, that are mentioned as follows.
15.3.1. Usernames and passwords

Usernames and passwords are the most common authentication credentials
available for providing security to IoT devices and systems. Though this
credential secures the system but is not observed to be an ideal solution
because of the following concerns:
It is difficult to manage huge numbers of device usernames and
passwords
It is difficult to secure the passwords stored on the devices themselves
It is difficult to manage passwords throughout the device lifecycle
Even if the organization still plans to implement the usernames/passwords
for IoT device authentication, then the following precautions should be taken
under consideration:
Create policies and procedures for rotating passwords at least every 30
days for each device.
Establish controls for monitoring device account activity.
Establish controls for privileged accounts, which supports
administrative access to IoT devices.
Partition the password-protected IoT devices onto less-trusted
networks.
MQTT IoT protocol provides the ability to use a username/password combination

for protocol authentication purposes. Within MQTT, the CONNECT message
includes the fields of username/password, which is then passed to an MQTT
Broker [4].
15.3.2. Symmetric keys

The use of symmetric keys is another method of authenticating IoT devices
and systems. Message Authentication Codes (MACs) such as CMAC,
HMAC, and so on, with shared keys and known data, are used for
authenticating IoT messages. MAC algorithm uses symmetric keys for the
generation of MAC codes. A detailed study of MAC algorithms is already
discussed in Chapter 7, Crypto Foundations II, Section 7.2.
15.3.3. Certificates
Public-key-based digital certificates prove to be yet another favored method
for providing authentication functionality in the IoT system. The most
common examples of certificates are X.509 certificates and IEEE 1609.2
certificates.
X.509
X.509 is a digital certificate that is built on top of a trusted standard known
as the International Telecommunication Union (ITU)† standard,
consisting of a format similar to the format of PKI certificates. The
certificate is used for providing secure transaction processing and private
information. It is used to handle the security and identity in computer
networking and internet-based communications. They are issued by a trusted
entity known as Certification Authority (CA). CA maintains the certificates
known as CA certificates, which are used to issue X.509 certificates. The
X.509 certificate format uses an associated public and private key pair for
encrypting and decrypting a message.
AWS-based X.509 certificate allows only one-click for the generation of a device
certificate; which creates public/private key pair. The detailed study of AWS-
based X.509 authentication can be referred from the website [5].
IEEE 1609.2
IEEE 1609.2 standard credential is used for building authentication
certificates for resource-constrained devices employed in vehicle-based
organizations. The certificate format of IEEE 1609.2 is half the size of the
conventional X.509 certificate. It uses strong, elliptic curve cryptographic
algorithms known as Elliptic Curve Digital Signature Algorithm
(ECDSA), and Elliptic Curve Diffie-Hellman (ECDH). The certificate
uses unique attributes including explicit application identifier (SSID) and
credential holder permission (SSP) fields. Attributes permit IoT applications
to make explicit access control decisions without internal or external queries
regarding the credential holder’s permissions. Attributes are embedded right
in the certificate during the secure, integrated bootstrapping and enrollment
process with the PKI. The reduced size of credentials makes them attractive
for others as well as for bandwidth-constrained wireless protocols.
15.3.4. Biometrics
Biometric authentication is the most popular domestic as well as commercial
method of authenticating IoT devices. It supports both passwordless and
two-factor authentication experience, which ranges from fingerprints to
voice prints.
Consumer door lock is an example of fingerprint biometric and voiceprint
biometrics are generally used to authenticate across a set of distributed IoT
devices such as Road Side Equipment (RSE) in the transportation sector.
Hypr Biometric Security [1] is the most popular voiceprint technology.
15.3.5. New work in authorization for the IoT

Other than previously discussed credentials, Internet Engineering Task
Force (IETF) has provided RFC 7744 use cases for authentication and
authorization in a constrained environment [2]. The RFC use cases are most
importantly based on IoT devices that employ CoAP as the messaging
protocol and include the following consideration:
Devices may host several resources wherein each requires its own
access control policy.
A single device may have varying access rights for varying requesting
entities.
Policy decision points should be able to evaluate the context of a
transaction. This includes the potential for understanding that a
transaction is occurring during an emergency situation.
The ability to dynamically control authorization policies is critical to
supporting the dynamic environment of the IoT.
15.4. IoT IAM infrastructure

This section presents the utility of public key infrastructure in securing IAM
deployments for the Internet of Things. The in-depth discussion of Public
Key Infrastructure (PKI) is already discussed in Chapter 7, Crypto
Foundations II, Section 7.6.4.
15.4.1. PKI for the IoT IAM

Implementation of PKIs can be for individual organizations, public
organizations, internet-based services, or any government-operated
organization. In the case of maintaining an identity, PKI includes a digital
certificate that is issued to a person or device for performing a variety of
cryptographic functions, such as signing messages in an application or
signing data as part of an authenticated key exchange protocol such as TLS.
Figure 15.4 represents the PKI architecture for IoT IAM. As per the figure
the following steps are adopted for providing identity to the IoT devices
using Public Key Infrastructure (PKI):
Step 1: Generation of certificates by end-entities
Step 2: For validating the certificate, a certificate request is sent to the
Registration Authority (RA)
Step 3: The RA when receiving certificate requests (generally it is the
device’s self-generated, but unsigned, public key) from end entities, verifies
it such that it met some minimum criteria, then passes the certificate request
to the certificate authority (CA).
Step 4: The CA signs the certificate using RSA, DSA, or ECDSA signature
algorithms.
Step 5: CA then sends the signed certificate back to the RA, which is then
finally forwarded to the end entity in the form of a message called the
certificate response. In the certificate response message, the original
certificate generated by the end entity is fully completed with the CA’s
signature and explicit identity.
Now, when the IoT device presents its certificate during authentication-
related functions, other devices can trust it because they
Receive a valid and signed certificate from it.
Can validate the signature of the CA using the CA’s public key trust
anchor that they also trust.
Figure 15.4: PKI IAM infrastructure
Revocation support
While authenticating devices using PKI credentials, it is necessary that
devices should know the validity of the credentials of other devices (aside
from expiration). As the devices can be compromised, malfunctioned, or
retired, they are thus generally revoked. Therefore, it is necessary to include
revocation support for maintaining the identity of IoT devices. Since a
revoked device is never trusted by any application or network layer
engagement.
The existing method of revocation uses CA, which periodically generates
and issues Certificate Revocation Lists (CRL). CRL contains a
cryptographically signed document that lists all the revoked certificates. This
requires that the end devices have the ability to reach out through the
network and frequently refresh CRLs. It also requires turnaround time for
the following:
the CA to generate and publish the CRL,
end devices to become aware of the update, and
end devices to download it.
15.5. Authorization and access control
As soon as the device is identified and authenticated, the next foremost step
is to determine what that device can read or write to other devices and
services. This section presents the framework of authorization (OAuth 2.0)
and access control within the IoT protocols.
15.5.1. OAuth 2.0

OAuth 2.0 stands for “Open Authorization” and is a token-based
authorization framework specified in IETF RFC 6749. It allows a client to
access protected and distributed resources without the entry of any kind of
user credentials. It focuses on client developer simplicity while providing
specific authorization flows for Web applications such as Facebook, GitHub,
and Digital Ocean, desktop applications, mobile phones, and IoT devices.
OAuth2.0 components
The essential components of an OAuth 2.0 system are as follows:
Resource owner: The resource owner is the user or system that owns
the protected resources and grants access to them.
Client: The client is the system that requires access to the protected
resources. To access resources, the Client should hold the appropriate
Access Token.
Authorization server: The authorization server receives requests
from the Client for Accessing Tokens and issues them upon successful
authentication and consent by the Resource Owner. The authorization
server exposes two endpoints: the Authorization endpoint, which
handles the interactive authentication and consent of the user, and also
the Token endpoint, which is involved in a machine-to-machine
interaction.
Resource server: The resource server protects the user’s resources
and receives access requests from the Client. It accepts and validates
an Access Token from the Client and returns the appropriate resources
to it.
Working of OAuth2.0
Before the use of OAuth 2.0, the Client such as mobile apps, websites, smart
devices, and so on. Must acquire its own credentials, a client_id and client
secret, from the Authorization Server to identify and authenticate itself when
requesting an Access Token. The token request, exchange, and response are
represented in Figure 15.5 and are explained as follows:
Figure 15.5: Working of OAuth2.0

Step 1: The Client requests authorization (authorization request) from the
Resource Owner, which supplies the client id and client secret as
identification.
Step 2: The Resource Owner authenticates the Client and verifies the
requested authorization information of the Authorization Grant.
Step 3: Authorization Grant is then redirected by the client to the
authorization server for getting hold of access tokens.
Step 4: For accessing resources, the Authorization server in return grants an
access token to the client.
Step 5: Once the access tokens are received by the client; they are forwarded
to the resource server for access to the required resources.
Step 6: Finally, the resource server provides the protected resources to the
client for which the tokens are granted.
We encourage readers to visit IETF RFC 6819 for a more thorough treatment of
OAuth2 security considerations [6].
15.5.2. Access controls within publish/subscribe protocols

MQTT protocol is the best example of publish/subscribe protocol in an IoT
system that needs fine-grained access control. MQTT permits clients to read
and write topics. Not all clients have the permission to write all topics, and
neither do they have the permission to read all topics. Therefore, there is a
need to provide access control restrictions to clients at the topic level.
Access control in MQTT is achieved through MQTT Broker, which keeps an
access control list that pairs topics with authorized publishers and authorized
subscribers. The access controls take the client ID as the input and then
transmit the username in MQTT connect message. The broker performs a
topic lookup when applicable MQTT messages arrive to determine if the
clients are authorized to read, write, or subscribe to topics. In this way, the
MQTT broker determines the topics to which the client has permission to
subscribe or publish.
15.5.3. Access controls within communication protocols

IoT communication protocols include the management of an Access Control
List (ACL) for the determination of trusted and untrusted neighbors. The
ACL includes information such as the address of the neighbor node, the
security policy in use by the node, the key, and the initialization vector
(IV). Upon receiving a packet from a neighbor node, the receiver consults
the ACL and if the neighbor is trusted, then the communication is allowed. If
not, the communication is either denied or an authentication function is
invoked.
Conclusion
Employment of Identity and Access Management in the Internet of Things is
considered as one of the best solutions for protecting data and safeguarding
user privacy. Concerning this the chapter highlights the concepts of IAM and
its utility in IoT. The comprehensive details of the chapter are presented as
follows:
Identity and Access Management (IAM) is a structure of technologies
and policies that ensures that the right users have the appropriate
access to technology resources.
IoT IAM includes several IoT devices and various application
portfolios that interact through authorized IAM technological
resources.
The demand for IAM manages the security, scalability with low
latency, and embedded authentication of IoT devices.
The idea of IAM was introduced because of the following identity
issues in existing IoT, such as default passwords, cross-domain IoT,
credential abuse, and virtual eavesdropping.
The identity lifecycle includes the naming convention, secure
bootstrap, credential provisioning, account monitoring, account
updates, account suspension, and deletion.
IAM helps in providing authentication with the help of the following
credentials such as usernames and passwords, symmetric keys,
certificates, and biometrics.
IoT IAM infrastructure includes public key infrastructure (PKI)
architecture with identity management and revocation support.
OAuth 2.0 is an open authorization and a token-based framework that
allows a client to access protected and distributed resources without
the entry of any kind of user’s credentials.
Access control is another feature of the IAM solution where only the
authenticated devices or entity is allowed to access only the permitted
devices or entities.
Access control in the publish/subscribe protocol is provided by the
third entity known as the broker.
Access control in communication protocol is provided by the Access
Control List (ACL).
15.6. Questionnaire

1. Authentication credentials include:
a. Username/password
b. Certificates
c. Biometrics
d. All of the above

2. IoT IAM infrastructure uses the concept of
a. Public key infrastructure
b. Private key infrastructure
c. All of the above

3. OAuth 2.0 is a token-based
a. Authentication framework
b. Authorization framework
c. Access control framework

4. Access control in MQTT publish/subscribe protocol is provided
by
a. MQTT broker
b. MQTT client
c. MQTT server
d. MQTT topics
Answer key
1. (d) 2. (a) 3. (b) 4. (b) 5. (a)

1. What do you mean by IAM? Explain the Identity Lifecycle of the
IAM for the Internet of Things.

1. Illustrate different types of authentication credentials.
2. What is OAuth 2.0? Explain the working of OAuth 2.0.
Keywords (†)
UUID: It is a 128-bit Universally Unique Identifier; standardized by
the Open Software Foundation (OSF) as part of the Distributed
Computing Environment (DCE).
ITU: It stands for International Telecommunication Union. It is a
specialized agency of the United Nations responsible for matters
related to information and communication technologies.
References
[1] “https://www.hypr.com/.” .
[2] “https://datatracker.ietf.org/doc/rfc7744/.” .
[3] “https://letsencrypt.org/.” .
[4] “http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html.” .
[5]
“https://docs.aws.amazon.com/iot/latest/developerguide/authentication.ht
ml].”
[6] “https://tools.ietf.org/ html/rfc6819#section-4.1.1.” .

The idea of Identity and Access Management and its implementation
for the Internet of Things
The lifecycle of identity in IAM
IoT IAM infrastructure
Employment of authentication, authorization, and access controls with
respect to IoT

CHAPTER 16
Privacy-Preserving Time Series Data
Aggregation for IoT
Addressing privacy is the biggest challenge in the Internet of Things (IoT).

Previously in Chapters 8, 9, 10, and 12, we have discussed various privacy
preservation schemes. In continuation with privacy-preserving schemes, this
chapter too discusses the privacy preservation proposal. But, with respect to
large space multidimensional data aggregation programs. The chapter
highlights various data aggregation mechanisms in IoT systems. However,
predominantly it features a novel privacy-preserving time series aggregation
scheme for the IoT. It exploits the properties of group† that supports
data aggregation for both small and large plain text space at the same time.
Structure
The application of data aggregation in IoT system
Various data aggregation schemes
Privacy-preserving data aggregation scheme based on time-series
16.1 Data aggregation on IoT system

Despite the significant advances in the Internet of Things, there are still
several IoT challenges that need to be addressed. Some of them are
complexity, Quality of Services (QoS), low data transmission delay, high
reliability, deployment in harsh environments, availability of required
energy, and many more.
To deal with the mentioned challenges, data aggregation is considered as one
of the primary processes of IoT. It is defined as the creative process that
collects data from various sensors and IoT devices and then integrates them
using an aggregation function to minimize the injected traffic into the
system. The principal idea of data aggregation is to execute aggregation code
on devices and reduce the number of transmitted packets to the sink so as to
optimize the network’s energy consumption. In simple language, it can be
stated that data aggregation minimizes the injected traffic into the system,
reduces the data transmission delay, improves the energy consumption of
IoT devices, and enhances the lifetime of IoT devices. IoT includes three
wide categories of data aggregation mechanisms such as client-server-based,
mobile-agent-based and time-series-based.
16.1.1 Data aggregation mechanisms on IoT system

Data aggregation mechanisms are classified into three broad categories
named as client-server-based mechanisms, mobile-agent-based mechanism,
and time-series-based mechanism. Client-server-based mechanisms are
further classified into three groups, including cluster-based, tree-based, and
centralized ones. Figure 16.1 shows the classification of data aggregation
mechanisms on IoT:
Figure 16.1: Data aggregation mechanisms
16.1.1.1 Client-server-based data aggregation mechanisms

In the client-server approach, each IoT device is equipped with a memory
with a certain capacity, so as to save its sensed data or the received packets.
The aggregation function is executed on the data collected in its memory and
then sends the final packet to the next destination. Its main aim is to
aggregate the data effectively so as to improve the amount of injected traffic
into the network, the traffic bottleneck, the energy consumption, and the IoT
lifetime.
Client-server aggregation mechanism is further divided into cluster-based,
tree-based, and centralized-based.
a) Cluster-based data aggregation mechanism groups IoT devices in

a certain as well as uncertain number of clusters. Each cluster
consists of a cluster-head that receives the data from its members,
aggregate them, and then transmits the resulting packet to the sink.
b) Tree-based data aggregation mechanism groups the IoT devices
in a hierarchical tree. The aggregation process starts from the leaf
device and ends in the root device, where the sink is deployed.
c) In a centralized-based data aggregation mechanism, each IoT
device delivers its data to the powerful centralized device. The
central device executes the aggregation process and then sends the
resulting packet to the sink.
16.1.1.2 Mobile-agent-based data aggregation mechanisms

In mobile-agent-based data aggregation mechanism, each IoT device saves
its sensed data on a local memory and waits for the sink to produce one or
several mobile agents to process, aggregate, and collect the required
information. A mobile agent is a software package that includes
computational code and an assigned itinerary plan to visit all or a group of
IoT devices for data aggregation. In the case of a single agent, the sink sends
a mobile agent over the system to collect data from all devices and then
return it to the data delivery sink. Moreover, it injects a traffic flow of data
into the network, decreases the energy consumption of the devices, and
enhances the lifetime of the system.
However, this mechanism has certain drawbacks, some of which are as
follows:
Long delays where the mobile agent visits a large number of devices
one by one.
Increase energy consumption of the IoT devices that are close to the
sink and where the packet size of mobile agents grows during the data
collecting process.
Incremental data loss at places where the mobile agent aggregates all
devices’ data one by one.
For in-depth study of client-server and mobile-agent data aggregation method

readers can refer research paper [2].
16.1.1.3 Time-series-based data aggregation mechanisms

In time-series-based data aggregation mechanism, data is periodically
collected by central authority from all or from the group of IoT devices.
Central authority is responsible for integrating the collected data and
performing aggregation function on participant’s values in every time period,
without any prior knowledge.
The prime application of the time-series data aggregation mechanism is to
enhance the performance of the system by providing privacy-preservation
strategies. Concerning this, the upcoming section discusses a novel privacy-
preserving time series aggregation scheme for the IoT.
Since security is the prime focus of our book, therefore in-depth study of privacy
preservation using time-series data aggregation will be studied next.
16.2 Time-series data aggregation privacy preservation scheme

Privacy-preserving time series data aggregation scheme is based on the
features of Group , and aims to achieve privacy preservation of each
individual node’s data. Unlike traditional data aggregation schemes, it uses
one single aggregated piece of data for both small plaintext space
aggregation and large plaintext space aggregation in a privacy-preserving
way at the same time.
16.2.1 Prerequisites
The actual implementation of the time series aggregation in the IoT requires
the prior study of the IoT scenario where the scheme is applicable, its design
and security goals, and the properties of the Group that are discussed as
follows:
IoT scenario
The time-series data aggregation scheme is applicable to a stationary IoT
scenario. It includes one trusted authority, one control center, one gateway,
and a set of “n” nodes denoted as N = . The maximal
value of nodes is denoted as .
Trusted authority (TA): This is a trustable entity and is responsible
for managing and distributing key materials to other entities in the
system.
Control center: This is the core entity, which is responsible for data
collecting, processing, and analyzing the time series data from a set of
nodes “N” for monitoring IoT scenarios.
Gateway: This entity acts as a relay and aggregator of the system. It
relays information from the control center to N, and at the same time,
collects and aggregates data from N and forwards the aggregated data
to the control center.
Nodes: Each node is equipped with sensors. It collects and
reports the time series data , where is a large value
while is a smaller value to the control center via the gateway.
With respect to traditional data aggregation schemes, the time series aggregation
in IoT enables the control center to obtain not only small plaintext space
aggregation, that is, ∑ni=1 xi, but also large plaintext space aggregation, that is,
∑ni=1 mi. This enables control center to carry out more accurate data analytics for
the monitoring and controlling the IoT system.
Security consideration and design goals

For the experimental purpose, the following security model is considered:
An adversary “A” is considered in the IoT scenario, whose objective is
to compromise the privacy of nodes by eavesdropping on the
communication data from the nodes to the gateway and those from the
gateway to the control center.
Though other types of attacks are also possible in given IoT scenarios;
for example, bad data injection attacks, DDoS attacks, and so on.
Since the focus is on privacy-preserving time series aggregation, those
attacks are currently beyond the scope of this chapter.
Initially, all nodes are considered to be
honest, that is, no would report false data to the control center or
collude with the control center to obtain other nodes’ individual data.
The control center and the gateway are considered as honest-but-
curious entities. Honest means they are supposed to follow the
aggregation protocol appropriately, and Curious means that they try all
sorts of measures to seek and infer knowledge of other nodes.
In addition, it is assumed that all honest-but-curious participants do
not tamper with the aggregation protocols. They do not maliciously
distort or drop any received values and intermediate results and keep
the system running normally.
Considering the security model, the design goal of the time-series
aggregation is as follows:
To include the concept of privacy-preserving within the IoT scenario.
This can be carried out only when the control center can read the
aggregation results and no one else (including the control center) can
read each individual user’s data.
To include efficient encryption and decryption (in terms of
computational cost) at the node side and at the control center,
respectively.
To use one single aggregated piece of data for transmission so as to
achieve communication efficiency.
Properties of the Group Z*p2

Following are the two properties in Group :
a) The Group supports messages in small as well as large plaintext

spaces at the same time.
b) The Group provides flexible data aggregation function in terms of
equations (1) and (2):
(1)
(2)
Here “p” is prime such that , where be the security parameter and
is an integer less than and .
The derivation of equations (1) and (2) are demonstrated as follows:

Let be the security parameter and let p be the prime number such that p = 2q + 1,
where = |p| and q is also prime. Then by using Euler’s totient function Φ(p2) is
stated as follows:
(3)
Equation 3 states that there are 2pq elements in the group
Now, let be an integer less than p, then, as per the Fermat’s Little Theorem,
it can be stated that . That is
, for some integer k (4)
On raising both side of equation (4) to the power of p and with the modulus p2, it can
be concluded that,
(5)
From Equation 5, for k = 1, and it can be seen that

and
(6)
16.2.2 The actual scheme

The scheme comprises four components, named as system settings, data
encryption at nodes, data aggregation at the gateway, and aggregated
decryption at the control center.
System settings
The system consists of the following settings:
is the security parameter, and is the prime number such that
, where and is also prime.
A random number is selected as a generator of , then
is computed, and a secure cryptographic hash
function is selected. The public parameters
obtained are
Next, the TA chooses n random numbers
and computes ,
such that
(7)
Finally, the TA sends as the secret key to the control center, as
the secret key to the gateway, and as a secret key to each
corresponding node via secure channels.
Data encryption at nodes

Each node encrypts the data using its secret key and computes
the cipher text as in equation (8) and then reports to the gateway.
(8)
At every time interval t, each node reports two types of data

, where the data lies in a large plaintext space, that is,
, where is the maximal value of the
number of nodes n and the piece of data xi is within a small plaintext space
Data aggregation at gateways

After receiving all ciphertexts , from nodes
, the gateway uses its secret key to perform the
following aggregation operation:
(9)
And sends the result C to the control center.
Aggregated data decryption at the control center

After receiving the aggregated ciphertext C, the control center performs the
following steps to recover the aggregated data.
Step 1: The control center uses its secret key to compute:
Since
Thus,
(10)
Step 2: The control center continues to use p to compute

Since
(11)
Step 3: After obtaining , the control center computes
Since so,
Thus
(12)
At last, is recovered by computing
As a result, two types of aggregated data , respectively, in

large plaintext space and small plaintext space, can be obtained by the
control center.
Privacy maintenance during node joining and leaving

In IoT scenarios, it is very common for nodes to join and leave frequently.
So, to deal with this dynamic environment, the following dynamic key
management strategy is applied by the TA.
Node joining:
When a node joins, the TA randomly chooses a subset of nodes {
of N, where each node has its secret key .
Then, the TA assigns a random secret key to the joining node , and a
new secret key to each such that
(13)
With this plan of action, the aggregation at the gateway and the decryption at
the control center will not be affected.
Node leaving:
The same is the case of leaving, when a node with the secret key
leaves, the TA also randomly chooses a subset of nodes {
of N, where each node has its secret key .
Then, the TA assigns a new secret key to each such that:
(14)
The discussed dynamic key management is also suitable for multiple users’
joining and leaving cases.
16.2.3 Computational cost of time series data aggregation

privacy preservation scheme
The scheme is simulated in JAVA with λ as 1,024, a number of nodes (n)
ranging from 200 to 1,000, and nmax to be 1,000. After conducting the
experiments, the average encryption at the node takes 35 ms, which is found
to be efficient for IoT systems. In addition, computational costs of
aggregation at the gateway and decryption at the control center are also
observed to be energy-saving. This can be referred from Figure 16.2; here
number of nodes varies from 200 to 1,000, with an increment of 200. It is
observed from Figure 16.2(a) that the computational cost of aggregation at
the gateway increases from 30 ms to 35 ms for a range of 200 to 1,000
nodes. Figure 16.2(b) illustrates that the average computational cost of
decryption at the control center is 35 ms (similar to encryption cost), which
fluctuates plus-minus 2 ms for a range of nodes varying from 200 to 1,000. It
can be concluded that the result is efficient, and the number of nodes “n” has
little effect on aggregation and decryption due to the direct aggregation over
ciphertexts.
Figure 16.2: Computational costs of (a) aggregation at the gateway and (b) decryption
at the control center varying with n.
For in-depth analysis the preceding graphs can be referred from the research paper
[1].
Conclusion
Data aggregation is an important process of the IoT system, and so
preserving data privacy while aggregating data is of prime concern, which
needs instant action. The chapter highlights various data aggregation
schemes with its main focus on privacy-preserving time series aggregation
schemes. The comprehensive details of the chapter are presented as follows:
Data aggregation is the process that collects data from various sensors
and IoT devices and then integrates them using an aggregation
function.
It is used to minimize the injected traffic into the system by executing
the aggregation code on devices.
IoT includes three wide categories of data aggregation mechanisms
such as client-server-based, mobile-agent-based, and time-series-
based.
In the client-server approach, the sensed data is saved in the memory
of the IoT device, where the execution of the aggregation function
takes place, and then the final packet is forwarded to the destination.
Client-server aggregation mechanism is further divided into cluster-
based, tree-based, and centralized-based.
In mobile-agent-based data aggregation mechanism, each IoT device
saves its sensed data on a local memory and waits for the sink to
produce one or several mobile agents to process, aggregate, and
collect the required information.
In a time-series-based data aggregation mechanism, data is
periodically collected by central authority from all or from a group of
IoT devices.
Time series-based data aggregation is used for preserving the privacy
of the IoT system.
The scheme is based on the features of Group , and preserves the
privacy of each individual node within the IoT network.
16.3 Questionnaire
1. Process of collecting data from various IoT devices and then
integrating them for optimizing traffic is known as:
a. Aggregation
b. Separation
c. Splitting

2. Data aggregation can
a. Reduce the computational complexity of the system
b. Improves the network’s energy consumption
c. Reduces the transmission delay

3. Periodic collection of data for aggregation is done on
a. Cluster-based data aggregation scheme
b. Mobile-agent-based data aggregation scheme
c. Tree-based data aggregation scheme
d. Time-series-based data aggregation scheme

4. Time-series data aggregation scheme supports messages in a
a. Small plaintext space
b. Large plaintext space
c. Small as well as large plaintext spaces

Answer key
1. (a) 2. (a, b, c) 3. (d) 4. (c)

1. How privacy can be preserved in an IoT system using a time-series
data aggregation technique?

1. What is meant by data aggregation? Categories various aggregation
techniques.
Keywords (†)
Group: It is a set and an operation that combines any two elements of
the set using an operation to produce the third element of the set. Here
the operation should be associative, an identity element should exist,
and every set element should have its inverse.
References
[1] R. Lu, X. Lin, C. Huang, and H. Bao, “Privacy-Preserving Time Series
Data Aggregation for Internet of Things,” in Security and Privacy in
Internet of Things (IoTs), CRC Press, 2016, pp. 405–428.
[2] S. Yousefi, H. Karimipour, and F. Derakhshan, “Data Aggregation
Mechanisms on the Internet of Things: A Systematic Literature Review,”
Internet of Things, vol. 15, no. April, p. 100427, Sep. 2021, doi:
10.1016/j.iot.2021.100427.

Data aggregation and its usage in IoT
Various data aggregation schemes
Privacy-preserving using a time-series data aggregation technique

CHAPTER 17
Path Generation Scheme for Real-Time Green
IoT
IoT as an emerging technology has brought out an intelligent world with a

wide variety of applications and services, such as in Machine-to-Machine
(M2M) and Device-to-Device (D2D) communications. This has resulted in
the generation of huge amounts of data, known as big data. Big data is stored
on servers where its processing and analysis take place. These functions,
though, are favorable but consume an enormous amount of energy and
release a huge amount of CO2, which results in an escalation of carbon
footprint. Likewise, communication in IoT objects and devices via wireless
channels too engrossed ample energy and results in the emission of
greenhouse gasses such as carbon dioxide, methane, Ozone, and
Chlorofluorocarbons (CFCs), which further lead to global warming.
Increasing consumption of energy and emission of greenhouse gasses has
resulted in the downfall of IoT networks, as it minimizes the lifetime of the
resource-constraint IoT objects and devices. Therefore, there is a need to
supplement an economical and energy-efficient IoT that provides
environmental sustainability. This energy-efficient sustainable IoT is known
as Green IoT (GIoT). It emphasizes on the reduction of energy
consumption, emission of CO2, and carbon footprint of IoT elements, with
smart and sustainable technologies.
Focusing on the features of energy-efficiency, this chapter discusses the
concept of Green IoT, along with its classification and architecture. In
addition, the challenges of GIoT are also analyzed, with a remarkable focus
on its security. The chapter highlights the GIoT security features and presents
a secure path generation framework with deadline considerations for real-
time query processing of green IoT systems.
Structure
The idea of green IoT, its components, and open issues
Real-time GIoT and its issue
Real-time query processing in the GIoT
Generation of an optimized secure path in GIoT
17.1 Green Internet of Things: An introduction

GIoT is defined as an energy-efficient IoT where intelligent communication
is established between devices, at any time and at any place, with a vital
characteristic of prioritizing energy requirements. It aims to achieve a
sustainable smart world with reduced carbon emissions and greenhouse
effects. It operates similarly to the normal Internet of Things, except; that
special attention is paid to energy parameters so that the IoT greenhouse
footprint is optimized. The characteristic of low energy consumption has
ensured the high adaptability of GIoT with the environment in a variety of
applications such as GIoT smart cities, GIoT smart homes, GIoT industrial
control, GIoT smart agriculture, GIoT e-health, and much more. All these
applications include green sensor devices, that is, devices that consume
limited power and emit limited CO2 and carbon footprint.
To achieve a green technology, energy-efficiency is integrated with all IoT
layers. As illustrated in Figure 17.1, it consists of four layers:
Figure 17.1: The layered architecture of GIoT
Things layer: This layer is responsible for data acquisition through
green sensors and proper reaction by actors.
Communication layer: This layer consists of network infrastructure
and is responsible for network connectivity.
Application layer: This layer is responsible for processing data and
big data storage and then providing services to the required
applications.
Power management layer: This is an abstract layer and is responsible
for the energy management of all layers.
17.1.1 GIoT components

The GIoT lifecycle concentrates on green design, green production, green
deployment, and green disposal or green recycling so as to have a minimum
negative impact on the environment. The design components of green IoT
include developing energy-efficient green computing devices (hardware as
well as software), green communication protocols, and green networking
architectures. Quality implementation of these components helps in
achieving effective GIoT. Components are illustrated in Figure 17.2 and are
investigated as follows:
a. Green hardware
Hardware elements play a vital role in achieving GIoT technology, as they
consume a significant percentage of network energy. GIoT is achieved by
designing and constructing energy-efficient and renewable elements to make
them harmless and eco-friendly. Green Hardware elements include the
following:
Green SoC hardware element. It is a small-sized, high-frequency, and
low-power consumption element suitable for an optimal GIoT
platform. This element is built using high-density nanometer
technologies coupled with Ultra-Low Voltage (ULV) (0.3–0.5 V)
CMOS, which has ultra-low average power and convenient speed
performance in the near-threshold regime. Details of green SoC can be
referred from the research paper [1].
Transparent and recyclable interconnected sensors in a wireless
channel with optimal antenna designs as per the green standards † .
Working and other details of green sensors can be referred from
research paper [2].
Ultra-low-power FPGA hardware platform. It includes an MSP430
ultra-low-power microcontroller, which operates as sensor nodes, and
Pulsed-Index Communication (PIC), which acts as a single-wire
communication protocol.
The design optimization and redundant facility minimize the problem
of power leakage. It also facilitates the inactivation of unnecessary
hardware elements.
The facility of switching between sleep and active modes with
predefined time intervals to conserve energy.
b. Green software
Designing reliable software prevents the repetition of processes and tends to
reduce energy consumption. It has been observed that along with green
hardware, green software also plays a pivotal role in achieving GIoT
services. It uses the development of energy-efficient software that minimizes
environmental impacts and is reusable, with minimal computational and
memory resource requirements. It can operate the services such as data
analysis and event prediction.
Data analysis: Data analysis encompasses the analysis of data
generated by green IoT devices. The accuracy and speed of this
generated data affects the decisions taken, and the software developed
for its processing plays a critical role in GIoT performance. Therefore,
for achieving effective GIoT, it is essential to include energy
consumption management systems in the developed software.
Event prediction: Green software plays a vital role in processing
event database management, event notification, event classification,
and prediction models. Software is also responsible for accurate data
collection, efficient data analysis, and real-time results announcement.
In addition, GIoT software is also responsible for real-time accurate
decision-making. Thus, there is always a need for the development of
efficient software for event prediction with minimum computational
overhead.
c. Green communication
Green communication too plays an important role in GIoT, as data
transmission in wireless networks consumes a significant amount of energy.
GIoT communication includes technologies such as Zigbee, BLE, PLC,
RFID, and NFC. These technologies consume a limited amount of power and
contribute toward the significant performance of the GIoT.
d. Green architecture
For achieving an effective GIoT system, the facility of greenery should be
enforced in the communication architecture that connects GIoT to other
networks and end-users. The architecture includes the two dominant
architectures known as green cloud computing architecture and green fog
computing architecture.
Green cloud-computing: It is also known as the green cloud of things
and achieves consistency, coherence, and scalability on optimal power
consumption. It also provides scalability and flexibility to businesses
and opportunities to users for accessing free demanded resources.
Furthermore, the earned data from actual things are combined with
other available resources that generate value-added information for
users. It is identified as a service-oriented model that stores and
analyzes big data systematically.
Green fog-computing: Inculcation of fog-computing in GIoT is
termed as green fog-computing. Green fog-computing optimizes the
efficiency of the green cloud as the data sources and edge nodes are
closer to the device layer than the cloud layer. Thus, consumes limited
power. Moreover, it facilitates continuous and real-time data
acquisition through local storage. In addition, it solves the problem of
redundancy, security, and data compression with minimum latency.
Figure 17.2: GIoT components
17.1.2 Green IoT technologies

As IoT, GIoT too includes various technologies; however, these technologies
consume low energy, emit low CO2, and include low carbon footprints. The
key enabling technologies for GIoT include Green Tags, green sensing
networks, Green M2M, Green data center, and Green Cloud Computing.
Green tags
Green tags are the RFID tags that help to promote a greener world by
reducing vehicle emissions, conserving energy use in buildings, improving
waste disposal, and so on. Carbon footprints and energy consumption are
reduced by the use of passive tags where no batteries are used; instead, the
tag uses the radio energy transmitted by the reader for the identification of
IoT objects. It focuses on reducing the size of RFID tags in order to use less
non-biodegradable material in their production.
Other green initiatives in green tags include producing biodegradable RFID
tags, printable tags, and paper-based RFID tags.
Architecture and working of RFID is studied in Chapter 1 “Internet of Things and

its security requirements”, Section 1.2.3.
Green sensing networks

Green sensing networks are the major enabling technology that is used in the
development of the IoT system. It includes various sensor nodes with low
processing power and storage and the base station with powerful resources.
Green WSN enables greening in IoT by increasing energy efficiency,
reducing relay nodes, extending the network lifetime, and improving the
system budget. This is achieved by adopting battery-free wireless solutions
where data communication occurs at ultralow power and using energy
harvesting mechanisms that generate power from the environment, such as
from the sun, kinetic energy, temperature differentials, and so on. Battery
elimination reduces exposure of the toxic substances and paves the way for
green IoT. Another way of reducing energy is to make sensor nodes and
other devices to go to sleep mode when not in use.
Green cloud computing

Data centers in cloud computing are the main source of environmental issues
and CO2 emissions, as it consumes huge amounts of energy and power.
Green cloud computing reduces energy consumption by producing low
energy-consuming hardware and designing energy-efficient software.
Greenness in software is emerging as a quality attribute.
Green coding
Green coding and low-code development, along with Automated Software
Quality Monitoring, are the evolving technologies that minimize the energy
consumption of software. Thereby limiting the potential environmental
impact. It uses the choice of language, AI models, and software development
techniques for the development of greener software. It is based on the
principles of greener logic such as zero-waste code, benefit-driven visual
content, low-footprint resources, and greener methodology involving Agile
and Lean methods. The developers are advised to focus on removing unused
features and inefficient loops in the code as well as limit apps’ computational
accuracy as required for operational needs.
Companies such as Accenture, GitHub, Microsoft, and ThoughtWorks, are

contributing to address the global climate crisis, so that sustainability becomes a
core priority to software teams, similar to performance, security, cost, and
accessibility.
These companies have formed a nonprofitable foundation known as Green
Software Foundation. It promotes the development of green software whose main
priority is formation of sustainable software which reduces carbon emission.
Green data centers

It uses the idea of nano data centers that are more energy-efficient than
conventional data centers. They help to reduce the cost of heat dissipation,
have high service proximity, and have the capacity for self-adaptation or self-
scalability. The concept of machine learning can be used to reduce the need
for data center cooling by a significant percentage.
Greening of IoT can also be performed by drones. They offer effective energy
utilization; hence, lowers the power consumption of IoT devices.
As IoT devices require a lot of transmission power to relay data across long
distances. Here drones come into play, where drone can move closer to IoT
devices to collect, process, and send data to another device in a different location.
The methods of data collection using drone-based WSN have been successful in
lowering flight time, energy consumption, and data gathering delay.
Green M2M
Green M2M focuses on using energy-efficient techniques to intelligently
adjust the transmission power, design efficient communication protocols, do
activity scheduling based on workload variation, and employ energy
harvesting. For instance, the green M2M allows the owner to monitor and
control vehicle charge settings, plan single- or multiple-stop journeys, locate
charging stations, and pre-heat or cool the car.
17.1.3 Contribution toward Green IoT

The establishment of a sustainable environment is not a job of a single
person; everyone is required to contribute toward it. A common person can
contribute towards the Green IoT in the following way:
To save the planet, it is required to save power. For that, every
individual is required to turn off the unwanted facilities. They should
avoid the transmission of unwanted data; for example, people tend to
use online videos to fall asleep, which places unnecessary demand on
data centers and harms the climate. Sleep scheduling can be used to
make sensor nodes dynamically sleep and awake as per their usage
requirements.
Limited use of streaming videos should be there, as it consumes a lot
of energy and produces a larger carbon footprint. Media and images
can be compressed and aggregated as it saves a lot upon energy.
The length of the data path should be minimized using energy-efficient
routing schemes and architectural designs for wireless
communications. For instance, using relay nodes to overhear the
transmission and relay the signal to the destination node results in
energy efficiency.
All individuals, as well as organizations, should emphasize on the
usage of renewable green power sources such as wind, solar, water,
and geothermal energy. Using renewable green power sources will
have a positive impact on the environment by minimizing the emission
of CO2.
Low-code development, in combination with automated software
quality monitoring, will pave the way to a sustainable society. It aims
to remove or refactor unused features and improve energy efficiency
and make the software more maintainable.
Aim to design and plan IoT solutions that can be reused again and
again so that there is no waste. It is important to think about how
common platforms, infrastructure, and even individual devices might
be reused as applications and use cases grow over time. Examples of
such problems include smart parking and dynamic street lighting.
17.1.4 GIoT open issues

Though GIoT has several merits and advantages, it suffers from numerous
challenges and problems as well. Some of the major challenges addressed by
researchers and users are as follows:
a. Technical challenges
GIoT technical challenges constitute the following:
Budgetary limitations and hardware constraints obstruct the
implementation of concepts and ideas at the GIoT hardware layer.
The absence of fast renewable materials and incompatibilities between
different materials pose another challenge for GIoT.
For effective utilization of GIoT, it is recommended that GIoT should
be able to combine with other non-green networks, leading to a
heterogeneous structure. Preserving green features in these
heterogeneous networks and maintaining green communications are
fundamental challenges.
The lifetime of the device should be compatible with the type of
application.
b. Standardization
The lack of appropriate standards for GIoT leads to the following challenges:
The production of various equipment and devices with different
hardware and software that are not compatible with each other.
Limits the frequency bands and energy levels for different radio
communications.
Reduction of energy consumption and recycling.
Production of harmful gasses, which intends humans to encounter
environmental problems.
c. Security and privacy

GIoT security threats come from vulnerabilities and weaknesses at various
levels, including applications, interfaces, network elements, software,
firmware, and objects. The absence of security in GIoT leads to the
following:
Increase in system cost
Inappropriate access permission to unwanted users
Attacks such as eavesdropping, man-in-the-middle, Sybil, and
jamming
Failure of the intrusion detection system and authentication schemes
Therefore, it is necessary to protect systems by using strong security
measures such as trust management, communication security,
communication privacy, and security of services and applications.
Since focus of our book is on security, therefore issue of security will be further
elaborated and discussed in this chapter.
17.2 Real-time GIOT and its issues

Like IoT, GIoT also connects different things over the network and aims to
provide good and efficient services to many applications. A real-time GIoT
is an energy-efficient IoT that functions within a time frame that the user
senses as immediate or current. The behavior of real-time GIoT depends on
the logical results of the computations as well as on the physical time when
these results are produced. These applications react to stimuli from their
environment within a time interval dictated by their environment. The instant
(or time) when a result should be produced is called a deadline. It means that
GIoT must collect the data from its things (or sensor networks) before the
given deadline. Real-time GIoT consists of real-time embedded devices,
real-time wireless infrastructure, real-time analytics, and real-time
processing with significant energy consumption.
There are various real-time GIoT applications such as smart defense systems,
smart retail, smart transport, smart e-health, natural disaster monitoring
system, and so on. All these energy-optimized applications are time-
sensitive; this means that if data is not processed and analyzed within the
specified deadline, then these applications may result in huge losses in terms
of infrastructure, life, and money.
The major issue in the GIoT application is to provide high-security features
with limited resources and with the expected deadline. In other words, the
main challenge in GIoT is to guarantee that the transmission of data packets
meets its deadline with minimal energy consumption. The chapter illustrates
a real-time query processing framework as a solution for GIoT that derives a
secure path generation plan for the transmission of data packets.
It is expected that if the data transmission by sensor node does not meet the
expected deadline, then it has been attacked and if it is not below the power
consumption threshold point, then it is not satisfying the resource constraint
property of IoT node.
17.3 Real-time query processing in the Green Internet of Things

Depending upon the type of GIoT applications, the appropriate action is
taken; for instance, if the application is a defense system, then processing
and actions are given first priority as compared to energy consumption. It is
because it may result in loss of life and property. On the contrary, if the
application is smart agriculture, then energy consumption can be given first
priority instead of the action taken, as little delay will not result in loss of life
and property.
Discovering the type of application and the action plan taken depends on the
processing of real-time queries. To support the real-time queries in the green
IoT, the routing path is adjusted to the packet deadlines with minimal energy
consumption. For minimal energy consumption, multi-hop wireless networks
are adopted, where instead of directly forwarding the data packets,
intermediate nodes forward the data packets on behalf of other nodes. In
addition, nodes that are not taking part in transmission are kept in sleep
mode.
Query processing can be understood by the following example. Let us
assume a user who asks the sink an urgent question via a declarative query.
Sink, in response, will generate a high-level query plan for the query. Finally,
the infrastructure conducts a query propagation plan from the query plan to
efficiently collect and process the data within the sensor network.
Query plan: It is the path through which the data is transmitted from sensors
to the sink. For example, in Figure 17.3, as per the query plan from node C,
data is transmitted to sink via node D (C→D). However, it is observed that
the distance between node C and node D is quite large. Resulting in higher
energy consumption [can be understood from equation (1)]. Thus, it is not
suitable for GIoT application. Therefore, the query propagation plan is
prepared by employing a multi-hop fashion.
Query propagation plan: It is a multi-hop path; basically adopted at run
time, through which the data is transmitted from sensors to sink. For
example, in Figure 17.3, instead of directly transmitting data from node C to
D and then to sink. In query propagation plan, data is transmitted from C to
D via intermediate nodes k, m, and n (C→k→m→n→D). However, the
energy consumed in the query propagation plan is less than in the query plan,
but it does not meet the transmission time. It means that the transmission
time in the Query propagation plan is higher than the query plan. This is not
suitable for a real-time system.
Considering this situation, the main objective for securing GIoT is the
development of a power-efficient network that generates data-gathering
paths with no violation of the given deadline.
Figure 17.3: Query plan and query propagation plan
17.3.1 Query processing in the green Internet of Things

Query processing system in GIoT consists of a Query plan (QEP).
Traditionally, QEP is a set of steps used to access information in an SQL
relational database management system. However, in the GIoT network,
query plans are different from traditional databases. In GIoT, queries are
required to transfer data to all sensors and, then, after processing, gather data
from all sensors with minimal energy consumption. Query data gathering
consists of three phases, as illustrated in Figure 17.4. The first phase
constitutes multicasting data dissemination from the sink to the sensor
nodes. Then, in the second phase, the sensor senses objects and retrieves
the information. Finally, in the last phase, the sensor nodes unicast and
transmit data packets to the sink node based on a query plan.
Figure 17.4: Query data gathering
Mathematical representation of query processing

Let us assume a homogeneous network consisting of “M” sensor nodes
. There is a set of “K” discrete power levels
for a given sensor node, where if i > j, such
that a higher power level results in a large range to send data to another
sensor node in the network. Each power level is associated with a fixed
range for signal transmissions and an energy consumption amount ,
where and , if . It is assumed that the
sensor nodes can change their power level during runtime.
The set of edges, denoted as , includes all possible edges. An edge
represents the connection of sensor nodes . Further,
each edge is associated with a weight that is equal to ,
where a weight denotes the energy consumption of the signal transmission.
The energy consumption for a node to transmit signals to another node is
given as follows:
(1)
Where is the energy consumed by transmitting one bit from one node
to other
k is the number of transmitted bits from the node
d is the distance between two nodes and
The plan for data gathering is shown in Figure 17.5 and is demonstrated as
follows:
It can be viewed as a query plan .
Each edge represents a need to transfer bytes of
data from .
The query plan Q is assumed to be a partial order function for set .
It means that the data transfer of must be processed before that of
.
Figure 17.5: A sensor network with a DAG-structured query plan

The data gathering plan at runtime is shown in Figure 17.6 and is
demonstrated as follows:
It can be viewed as a query propagation plan .
Each edge represents units of data from .
From the figure, it can be seen A → D is a query plan path. Both
sequences of paths A−B−D and A−i−B−j−D are possible for .
Since the relationship between energy consumption and distance is
exponential. It is easy to observe that the energy consumption of the
sequence of path A−B−D, with higher power levels, is greater than
that of path A−i−B−j−D. However, the transmission time of path
A−i−B−j−D is greater than that of path A−B−D. In a real-time
environment, the path A−i−B−j−D might not meet the time constraint.
As a result, it is needed to adjust the power level of the nodes and set
up the path to meet the time constraint.
Figure 17.6: The data gathering path at runtime of a query plan

Considering the issue of both the query plan and query propagation plan in
the next section, path generation methodology is formulated for the real-
time query-processing (RTQP) problem. It will find a data-gathering path
of the given query plan that does not violate the given deadline D and where
the total energy consumption is minimized.
17.3.2 Secure path generation scheme

Path generation framework of GIoT consists of four important procedures
named as the discovery of the minimal-cost path, the discovery of the critical
path, budget reassignment, and path regeneration, as illustrated in Figure
17.7 and are explained as follows:
Discovery of the minimal-cost path: Minimal-cost path is discovered
by setting the nodes on a minimal power level and then applying
Dijkstra’s algorithm to find the minimal-energy path of the segments.
Discovery of the critical path: The discovered minimal-cost path is
then used to search for the critical path.
Budget reassignment: If the data transmission via the critical path
does not meet the expected deadline, then the reassignment of the
budget in terms of sub-deadline assignment is done. Sub-deadline is
then assigned to each segment with the proportion of the transmission
time of the critical path segments.
Path regeneration: In this procedure, Restricted Shorted Path
(RSP) method is adopted to derive the new paths.
Figure 17.7: Path generation flow
Procedure for the generation of GIoT secured path

GIoT path generation consists of the following series of algorithms:
Algorithm 1: Propagation plan generation
This is the main function of the GIoT path generation. At the beginning, the
algorithm assumes that all nodes are set to a minimal transmission range.
Initially, the algorithm invokes another algorithm, called Minimal Cost Path
Finding, that uses the Dijkstra algorithm. It derives the path of the query
plan with minimal cost. To assign a feasible time budget, it is necessary to
know the longest transmission path. For this, the Critical Path Finding using
the PERT algorithm is invoked (Algorithm 3) to determine the critical path.
If the derived path violates the deadline, the algorithm would invoke Budget
Reassignment (Algorithm 4) to reassign the time budget and then generate a
new path using the Path Generating algorithm (Algorithm 9). Finally, a
secured path is returned as output.
Algorithm 2: Minimal cost path finding
This algorithm explores the minimal-cost paths of the query plan using
Dijkstra’s algorithm. For a given sensor network SN = (V, Es), query plan Q
= (V, Eq), the algorithm finds the path with the lowest cost between that
sensor node and every other sensor node. It can also be used to find the costs
of the shortest paths from a single sensor node to a single destination sensor
node by stopping the calculation once the minimal-cost propagation plan to
the destination sensor node has been determined.
Dijkastra’s algorithm is an algorithm used to find the shortest paths between nodes,
that is from sources to all nodes in the given graph. Step by step procedure of
dijkastra is out of scope of this book. Readers can refer book “Introduction to
Algorithms” by Thomas H. Cormen, PHI publication for further study.
Algorithm 3: Critical path finding

This algorithm is used to find the critical path† under the PERT† algorithm.
Here the longest path from the sensor node to the end of the sink node is
calculated. It also calculates each activity that can start and finish without
making the transmission time longer. It means that the algorithm is able to
determine which paths are “critical”, that is, the longest path, and which have
“total float”, that is, can be delayed without making the transmission longer.
In depth analysis of PERT algorithm can be referred from research paper [3].
Algorithm 4: Budget reassignment

As discussed preceding, in case if the data transmission via the critical path
does not meet the expected deadline, then the reassignment of the budget is
done. This can be explained with the help of Figure 17.8, where a sensor
network has derived a critical path via the PERT algorithm (Algorithm 3).
However, to save energy, one should reduce the transmission range of some
sensor nodes. Therefore, there is a need to know the slack (Algorithm 5) of
in time that can be achieved. Once the slack time is achieved, an optimized
transmission path is found, which is then assigned to Algorithm 4 for budget
reassignment.
To explore the overall time budget of a path, the ExplorePath function
(Algorithm 6) is used to check paths from parent nodes to leaf nodes. Then,
Algorithm 7 is invoked to assign the time budget of nodes, and then a
function is invoked that reassigns the segment budget by the budget of the
nodes (Algorithm 8).
Figure 17.8: Budget reassignment of non-critical-path nodes

Algorithm 5: Slack computing (to decide the time budget reassignment
sequence)
Slack time is the total time that can delay a transmission time without
delaying the deadline. This algorithm calculates the slack time of nodes from
leaf to sink. This algorithm decides the time budget reassignment sequence.
Algorithm 6: Explore path
This algorithm explores and checks all paths from parent nodes to leaf nodes.
Algorithm 7: Node budget reassign
This algorithm reassigns node budgets, and it assigns the new sub-deadline
of each query plan node according to the proportion of a segment in the
critical path. The new budget of a segment will be reassigned as follows:
Algorithm 8: Segment budget reassign
This algorithm reassigns the time segment budgets of each Query plan
segment.
Algorithm 9: Path generating
The algorithm is used to generate the execution path in a sensor network
with a given query plan such that it meets the deadline with an optimized
time budget.
Algorithm 10: Edge generating
The algorithm is used to find a set of sequences of execution paths for each
edge of the sensor network. Such that it meets the deadline and time budget
of the query plan.
The algorithm did not consider the scenario where two paths use the same edge
ei,j.
Example: Derivation of Query Execution Path

The secured path generation scheme or, in other words, derivation of Query
Execution Path discussed preceding is explained with the help of the
following example:
Assumption
Let us consider a Figure 17.9(a), consisting of sensor network SN =
(V, Es), and a query plan Q = (V, Eq), where each edge in Eq is a query
plan edge.
Dark nodes are considered as the query plan nodes, and light nodes are
the relay sensor nodes.
The objective is to derive a feasible query propagation plan EP = (V,
EEP).
Procedure—Part I
Initially, all sensor nodes are set to the minimal power level at which
they are connected.
Next, Dijkstra’s algorithm is applied to get the minimal-energy paths.
Then, the query propagation plan is derived, as shown in Figure
17.9(b).
The derived Query propagation plan is not equal to Query Plan. This is because the
Dijkstra algorithm has discovered some paths consuming smaller amounts of
energy than those in the query plan.
Next, the transmission time of a segment of the query plan is

computed, which is denoted by the variable “ti”. For example, in
Figure 17.9 (c ), “t5” is the segment EB. The variable “tEu + tuv+tvB”
is the transmission time from node E to node B.
Finally, the transmission time of the query plan (that is, all segments)
is computed using the preceding method [Figure 17.9(d)]
Figure 17.9: An example construction process of a query propagation plan (Part I)
Procedure—Part II
After the computation of transmission time, the PERT algorithm is
adopted to derive the critical path. In other words, it finds the path
with the largest transmission time of all paths, as illustrated in Figure
17.10 (a), and returns it to the propagation algorithm (algorithm 1).
Next, the transmission time of the critical path is checked. Here, in
Figure 17.10(a), it is “tcp=t1+t3+t5”.
If the time of the critical path “tcp” is smaller or equal to deadline D,
the derived query propagation plan can satisfy all requirements, and
the plan is returned.
Otherwise, it is assumed that the path is attacked and is not secured.
Therefore, it is necessary to derive a new propagation plan for each
segment associated with the critical path. For this, a sub-deadline is
assigned to each segment. For example, in this figure, the critical path
is E−B−A−Sink, and a two-phase mechanism for each segment is EB,
DB, BA, CA, and A−Sink.
In given example, the transmission time of the critical path is greater than
the deadline. Thus, a two-phase mechanism to derive the query
propagation plan is followed. First, the subdeadlines is assigned for the
segments of the plan. Then, generation of the path for each segment on the
critical path is done to meet the assigned subdeadline with the RSP
algorithm.
Following this, Algorithm 7 is invoked for assigning the subdeadlines.

Initially, is assigned as the subdeadline of segment “i” in the query
plan. Referring to Figure 17.10(b), subdeadline is assigned according
to the proportion of the transmission time of each segment in the
critical path.
For example:
After the subdeadline is assigned, then as shown in Figure 17.10 (c),

(d), and (e), the RSP algorithm is used to derive a new path for each
segment to meet its subdeadline.
For example, in the segment EB, since it has a subdeadline of D5, it
will generate the new path EVB to replace the path EuvB. Since D4 is
large enough, the segment DB transmits data via path DB. Finally, the
returned query propagation plan is as shown in Figure 17.10(f). The
obtained path is free from attackers.
Figure 17.10: An example construction process of a query propagation plan
(Part II)
Conclusion
Preserving energy is an important parameter of resource-constrained Internet
of Things, which has resulted in the development of the Green Internet of
Things (GIoT). It focuses on the reduction of energy consumption of IoT
elements with smart and sustainable technologies. The overall detail of the
chapter is presented as follows:
GIoT is defined as an energy-efficient IoT where intelligent
communication is established between devices, at any time and at any
place, with a vital characteristic of prioritizing energy requirements.
In GIoT architecture, energy-efficiency is integrated into all layers
from bottom to top, referred to as the power management layer.
GIoT technology consists of four major components named as green
hardware, green software, green communication, and green
architecture.
As with other technology, GIoT too has open issues; some of them are
technical issues, standardization, security and privacy, and so.
A real-time GIoT is an extended version of GIoT. It is an energy-
efficient IoT that functions within a time frame that the user senses as
immediate or current.
The major issue in GIoT is providing security in a limited time with
limited energy. This is done by finding the optimized path from source
to destination.
For this, real-time query processing is implemented with the help of a
query plan and query propagation plan.
Query Plan is the path through which the data is transmitted from
sensors to sink.
Query Propagation Plan is a multi-hop path; basically, adopted at run
time, through which the data is transmitted from sensors to sink.
Data gathering in query processing includes multicasting data
dissemination, sensor sensing, and then the transmission of data
packets to sink.
Once the data is gathered, a secured path from nodes to sink is
generated using four important procedures named as the discovery of
the minimal-cost path, the discovery of the critical path, budget
reassignment, and path regeneration.
Path generation includes the series of algorithms as discussed
previously in Section 17.3.2 and is explained with the help of an
example.
17.4 Questionnaire

1. Green IoT prioritized the ______ parameter of resource
constraint IoT.
a. Computation
b. Energy consumption
c. Memory
d. Size
2. The instant (or time) when an IoT application result should be
produced is called a _____.
a. Finish Line
b. Start Line
c. Deadline

3. A multi-hop path adopted at runtime is known as:
a. Query plan
b. Query Propagation plan

c. Simple Path

4. GIoT Path generation consists of the following procedures:
a. Discovery of minimal-cost path and critical path
b. Budget reassignment
c. Path regeneration
d. All of the above
Answer key
1. (b) 2. (c) 3. (b) 4. (d)

1. How can a secured path be generated from source to destination in
GIoT real-time query applications? Explain step-by-step procedure.

1. What is meant by GIoT? How is it different from IoT?
2. What is real-time GIoT, and what are its issues?
Keywords (†)
PERT: PERT is a Program Evaluation and Review Technique (PERT).
It is a method that examines the tasks in a schedule and determines a
Critical Path.
Critical path: It is the longest path (in time) from Start to Finish
and indicates the minimum time necessary to complete the entire
project.
Green Standards: It aims to develop a standard and raise awareness
for best environmental practices in AI research and development
References
[1] D. Bol et al., “Green SoCs for a sustainable Internet-of-Things,” in 2013
IEEE Faible Tension Faible Consommation, Jun. 2013, pp. 1–4, doi:
10.1109/FTFC.2013.6577767.
[2] K. Guerchouche, E. Herth, L. E. Calvet, N. Roland, and C. Loyez,
“Conductive polymer based antenna for wireless green sensors
applications,” Microelectron. Eng., vol. 182, pp. 46–52, Oct. 2017, doi:
10.1016/j.mee.2017.08.007.
[3] S. Ali Göksu and Elma Ćatović, “Implementation Of Critical Path
Method And Project Evaluation And Review Technique,” 3rd Int. Symp.
Sustain. Dev., vol. 2017, no. May 2012, pp. 205–302, 2012, [Online].
Available: https://www.researchgate.net/publication/265421349.

Concept of Green Internet of Things and how it is different from
normal IoT
Idea of real-time GIoT
Method of Real-time query processing in GIoT
GIoT Secure path generation scheme

CHAPTER 18
Security Protocols for IoT Access Networks
and Their Impact on Mobile Networks
The ongoing evolution of the Internet of Things is creating a new

ecosystem with the pervasive presence of a great variety of sensors and
devices connected with varying topologies. The connectivity is reaching
beyond the IoT devices, providing access control to not only sensor-enabled
devices but also to non-IoT devices. Access control management and its
related strategies are already discussed in Chapter 2, IoT Security -
Vulnerabilities, Attacks, and Countermeasures and Chapter 15, Identity and
Access Management Solutions for the IoT. Continuing further, this
heterogeneous connection of IoT devices and non-IoT devices has escalated
the productivity of IoT platforms. However, its heterogeneity feature has
inculcated the issue of security. This is because the protocol stack is not
equal for all devices since different devices have different processing
capabilities and supported functionalities.
One of the methods of resolving the complication of security in
heterogeneous networks is done by establishing the appropriate or new
protocol within the IoT ecosystem so that unidirectional as well as
bidirectional communication is effectively established. IoT Protocols, along
with their security solutions, is already discussed in Chapter 1, Internet of
Things and its Security Requirements, Section 1.8. This chapter discusses
the security algorithms that provide secure connections to unidirectional
and bidirectional (non-IoT) communications. The chapter also highlights
the impact of IoT security on mobile networks.
Structure
The security features in existing IoT protocols
Time-based security protocol
The concept of cognitive security
Impact of IoT security on mobile networks
18.1. Existing security features of IoT protocols

It is already discussed that IoT architecture consists of several layers, such
as the application layer, network layer, and many more. For smooth
functioning, each layer is equipped with various protocols such as CoAP,
MQTT, and XMPP in the application layer, 6LowPAN, and RPL in the
networking layer, and so on. Though these protocols make IoT easy, but it
still results in certain issues, such as:
The lack of a standardized platform, which forces the software
developers to implement a rigid architecture so as to provide specific
services.
The need to address each IoT object.
The need to maintain heterogeneity of terminals since the protocol
stack is not the same for all the objects, causing different processing
capabilities and supported functionalities for each object.
The need to guarantee the security of data collected by each object
and their transmission to the application platform, which is the prime
functioning of the IoT diffusion and standardization process.
In order to deal with these issues, various security features are inculcated in
each IoT protocol, which is summarized in Table 18.1:
Layer Protocol Security features
Constrained Application Security is provided by

Application layer
Protocol (CoAP) binding DTLS to CoAP
protocol
Message Queue Telemetry Security is provided by

Transport (MQTT) using SSL/TLS
encryption
Extensible Messaging and Security is provided by
Presence Protocol (XMPP) using:
• Authentication and
Security Layer (SASL),
• SCRAM-SHA-1-PLUS
• TLS protocol
Network Layer IPV6-based Low power Provided security
Protocols Personal Area Network solutions include:
(6LowPAN) • Acquisition of IPsec
over 6LowPAN
• Designing of the
compressed secure
header
• Use of Encapsulating
Security Payload (ESP)
Routing/Transport RPL It has three security
Layer Protocol modes:
• unsecured mode
• preinstalled mode
• authenticated mode
Link Layer IEEE 802.15.4 Security is provided by:
Protocol • Advanced Encryption
Standard (AES)
• symmetric
cryptography
LTE-A Available with five

Physical Layer
security levels:
Protocol
• network domain
security
• network access security
• application domain
security
• user domain security
• non-3GPP domain
security
Z-Wave • Supports-
• confidentiality
• message integrity
• Prevents-
• information leakage
• unauthorized access
• malicious intrusion
Table 18.1: Security features in IoT protocol
18.2. Futuristic security protocol/algorithm for IoT network

Traditional protocols are not efficient enough, and there is a need to develop
and formulate new security protocols for accessing IoT networks.
Accessing resource-constrained networks in a secure framework requires
the generation and transmission of keys in a protected manner. For this, a
time-based approach is considered as the best; as its aim is to effectively
manage the keys in a secure manner while guaranteeing the integrity of
transmitted data over an insecure channel. This section deals with the
concept of Time-based secure key generation and its renewal [1].
18.2.1. Time-based secure key generation and renewal

As discussed, the time-based approach secures the transmission of keys
while maintaining the integrity of data that is transmitted over an insecure
channel. Generally, it deals with the local key synchronization and
generates the key by means of symmetric encryption at both sides of the
communication channel, that is, at the transmitter as well as at the receiver
sides. The transmitter is used to encrypt data by means of an encryption key
which is extracted from a shared sequence of keys. Similar is the case with
the receiver, which decrypts data on the other side using a decryption key
extracted from the same sequence of keys. In addition, for enhancing
transmission security, the selected key is changed from time to time during
transmission. The key change is planned on a time or an event basis and is
synchronized between the two communication parties.
Figure 18.1: Time-based secure key generation.

The method of time-based secure key generation constitutes the following
key features which can be referred to Figure 18.1:
The key generation operation is individually performed by each
communication party.
For the acceptance of the key, no additional messages are required to
be exchanged.
The principal requirement is that the key generation function should
create the same keys for both communication parties based on the
timestamp (TS in Figure 18.1) of the device.
The validity of the secure keys is restricted to a time interval so that
reply attacks based on valid messages sent using keys generated in
past time intervals are discarded.
Unlike any other key management system, in this system, there is no need
for a server to manage security keys. In addition, the keys are generated
locally on both sides of the communication link and are not shared along
the connectivity link; thus, they are much secure. The method secures the
generation of keys; however, the security of data transmissions is still not
implemented. For this, the existing time-based protocol is modified for both
unidirectional and bidirectional data transmission.
In the discussed example (Figure 18.1), clocks are locked to a global positioning
system (GPS) timescale.
a. Security protocol for unidirectional data transmissions

In existing communication protocols, non-IoT devices with unidirectional
communication cannot exchange any key with the gateway in a secure
manner. This is because the transmitter just sends a message without any
feedback and fails to receive any signal. In addition, it is equipped with an
internal clock, which is assumed to be inaccurate. Therefore, the following
steps are adopted by generic non-IoT devices that send data to the gateway
in a secure way:
Step 1: It locally generates the encryption key based on the time measured
by a local clock.
Step 2: The message is then created and encrypted with the generated key.
The message includes the payload and (possibly) any other data to be used
to enhance security.
Step 3: The hash value is then computed using the created message and
generated key, which is then attached to the message.
Step 4: Finally, the complete message is forwarded to the gateway.
The format of the message sent by non-IoT devices to the gateway is shown
in Figure 18.2.
Figure 18.2: Message sent format

The message includes fields that are grouped into plain text and encrypted
text, illustrated in Table 18.2:
Fields Characteristics
Plain Text Timestamp Obtained by the local clock
Destination Allowing the gateway to identify it

Identity locally for a security procedure such as
key generation
Plain
Source
Identity
Plain It is present when several security
Text degrees are allowed at the application
Identity level for different types of messages (for
Security example, simple state data and setting
level sensor data can be secured differently).
Identity The security-level parameter (SLP)
indicates the security algorithm to be
used for decryption (for example, AES
for confidentiality or SHA for integrity).
Hash Value Used for assessing message integrity; if
the hash is calculated using the message
texts and the generated encryption key,
then the hash can also be used to verify
the identity of the transmitter.
Frame Counter Increased one at each frame sent.
Encrypted source Used to enhance authentication.
Encrypted
identity
Text
Payload Used to convey information to the related
application running on the remote server.
Table 18.2: Characteristic of the message sent format
As soon as the gateway receives the cipher message, it then deciphers it by
generating the correct decryption key starting from the attached timestamp.
Based on the information of the timestamp, the gateway calculates and
selects the key for the decryption of the received message. If the temporal
difference between the current time and the timestamp exceeds a predefined
threshold, the message is discarded, else is accepted.
Consecutive values of the timestamps are used by the gateway for estimating the
behavior of the clocks of the non-IoT unidirectional devices in terms of phase
and drift.
It can be noted that if the received timestamp time series is monotonically
increasing that it enables the avoidance of replay attacks.
b. Security protocol for bidirectional data transmissions

Bidirectional terminals are devices that can send as well as receive packets.
Here, the gateway periodically broadcasts its clock time in a dedicated
message and its identity in the plain text of the message. Terminals align
their local clocks to the gateway and then generate the security keys in
accordance with the algorithm previously described (as in unidirectional
data transmission).
Since devices are close to the gateway, propagation delays are neglected.
Time interval of the security keys is kept sufficiently long so as to transmit one or
more packets and to absorb possible retransmissions or any other unwanted
delay.
In IoT network, each terminal within a coverage area is served by more than
gateway. These gateways have clocks running at different times. Therefore,
mentioning the identity of the gateway in sent message is fundamental for
bidirectional transmissions. As it distinguishes one gateway from other and
assist the terminal to decrypt the message correctly. Identities of the gateways
are inserted in the sent messages.
18.2.2 Cognitive security

Other than traditional security protocols, cognitive security is another
method of securing IoT system. The protocol includes the concept of
“cognition†”. It involves conscious intellectual activity, such as knowing
and perceiving, and is based on the possibility of being reduced to actual
knowledge. Cognition in cognitive security is added by exploiting
technologies such as machine learning, knowledge representation, and
network control and management while solving security problems. It
authenticates a user through properties, patterns, or knowledge; specific to
the user that has been continuously learned and updated.
Figure 18.3: Principle scheme of cognitive security

The working of cognitive security is demonstrated in Figure 18.3. For
better understanding, a capillary network† is considered with the short-
range devices. The cognitive engine present at the gateway collects all the
received data from the terminals and evaluates the possible parameters.
Parameters collected are the transmission–reception time difference of
frames for each terminal, the transmission frequencies, the packet lengths,
the queue lengths, and so on.
For unidirectional terminals, the timestamp difference related to received frames

provides information about the emission rate of the source, which should be
compared with its target emission rate.
For bidirectional terminals, their timestamp difference measured at the gateway
should be compared with the set value.
Based on the collected parameters, a comparison with historical data is

made by a cognitive security-based algorithm. If the security values are
above the threshold, then a counteract solution is implemented for the
terminals that are not working correctly.
For example, in case, the cognitive security engine modifies the backoff
time† (BO) of the same terminals to increase their possibility of accessing
shared channels and transmitted frames. When a traffic anomaly at a certain
terminal is detected, the gateway analyzes the identity (ID parameter) of
this terminal, which is considered as a potential disturber (that is, attacker).
If the disturber is declared trustworthy (that is, secure), the gateway
modifies the transmission parameters of terminals of the capillary network
to increase the bidirectional sent frames and also notifies the ID disturber
about the management entity of the capillary network. On the contrary, if
the anomalous terminal is non-trustworthy, the gateway notifies the
terminal ID to the management entity, stating that the terminal has been
compromised.
The other possible implemented solutions are as follows:
Based on the information on the application level, the gateway
modifies the access parameters of the set of terminals. Possible access
parameters that can be modified are the generation rate of the frames,
the reduction of the backoff time to repeat a new access to the
channel and the reduction of the measured time to detect the presence
of the transmission of another terminal.
The terminal can perform packet aggregation to improve its
performance.
The gateway can modify the time validity of the security keys to
avoid replay attacks or clock desynchronization.
18.3 Impact of IoT security on mobile networks

The outbreak of the IoT system gave rise to a new wave of opportunities to
cybercriminals. They were motivated by the threat landscape resulting from
unsecured resource-constrained IoT devices. Not only there was an increase
in cyber-attacks, but also their speed and severity were also amplified.
Thus, there was a need to implement robust security protocols, frameworks,
and systems that offer ongoing security training. However, the enforcement
of security in IoT has affected mobile networks in the following ways:
Cost of mobile network

Everybody wants to implement the best security in their system, which
usually comes with hefty price tag. Security generally follows the economic
laws, which states “higher the security, higher the cost”. Cost includes not
only the security measures but also the convenience toll such as multiple
password entries, repeated requests, quick expiration, and so on.
Increases in the cost of mobile networks can be balanced by the value of
security, that is, the value of the item that’s secured and the risks associated
with a security breach. Logically representing, the higher the value of
something and/or the larger the risk of a security breach, the higher will be
the price that would be imposed for securing the network.
The risk and complexity of mobile networks

The progress of technology in IoT security is another parameter that affects
mobile networks. It means “Network that’s secure today can be broken
tomorrow, and a network that was out of reach in the past is solvable
today”, all because of the development of IoT security. However,
progressing technology has resolved lot of security issues but has made the
mobile system complex, resulting in the production of various security
holes. These security holes, if not rapidly patched than may result in the
largest risk for being able to build secure systems. Thus, the progress of
technology at any given moment is an important factor in IoT security that
affects mobile networks.
Delay in mobile network

The employment of security in IoT networks has resulted in the delay of the
flow of data from one end to another end. It is expected that adding a
security module within the system; though secures the network, but, in turn,
directs the flow of data via an extra module resulting in the delay of data
packets.
Scope restriction of mobile network

Every security solution is an answer to a particular security breach in the
mobile network. It is assumed that breach is played by certain rules, staying
within that issue’s scope. The problem with the lack of IoT scope is that for
defined rules, there are no rules. For an instant, in wireless technology, all
the data going through the air is fully encrypted. But in case if someone is
recording the encrypted data (like a username and password) and then
replaying that data will make them gain access. There is no need for
decrypting. Thus, security can be hampered anywhere, at any time, and by
any person or application.
Conclusion
The connectivity in the Internet of Things is reaching beyond the expected
domain. It has connected sensor devices, non-sensor devices as well as
people as a whole. The connectivity of these different types of entities
requires the implementation of various protocols. Moreover, this
heterogeneity too requires novel security techniques that secure IoT systems
from unwanted intruders. Considering this factor, the chapter discusses
various types of security protocols and their impact on mobile networks.
The overall detail of the chapter is presented as follows:
The conventional IoT protocols, such as XMPP, CoAP, and so on,
supports connectivity but lack the security features with respect to
heterogeneity of the system.
In view of this, the chapter introduces the concept of Time-based
secure key generation and its renewal.
Time-based protocols secure not only the IoT devices but also the
flow of data transmission, both unidirectional as well as bidirectional.
Time-based protocol protects the device by generating a key from
time to time at both sides of the communication channel, that is, at
the transmitter as well as at the receiver sides. The transmitter is used
to encrypt data by means of an encryption key which is extracted
from a shared sequence of keys. Similar is the case with the receiver,
which decrypts data at the other side using a decryption key extracted
from the same sequence of keys.
For protecting data, the protocol uses the concept of hashing and
timestamping.
Other than time-based protocol, cognitive security protocol can also
be used for protecting the IoT system.
This protocol includes the concept of “cognition”, which involves
conscious intellectual activity, such as knowing and perceiving, and is
based on the possibility of being reduced to empirical factual
knowledge.
The discussed protocols secure the network from unwanted intruders.
However, the enforcement of security has adverse effects on mobile
networks with respect to cost, complexity, delay, and scope of mobile
networks.
18.4 Questionnaire

1. Security in the IoT application layer is provided by:
a. Binding DTLS to CoAP
b. Using SSL/TLS encryption
c. Using SCRAM-SHA-1-PLUS
d. All of the above

2. Time-based secure key generation constitutes:
a. key generation operation
b. keys are generated based on timestamp
c. both (a) and (b)
d. none of the above

3. Encrypted text in unidirectional data transmission constitutes
the following field:
a. Frame Counter
b. Encrypted source identity
c. Payload
d. All of the above

4. The idea of involving conscious intellectual activity, such as
knowing and perceiving, is known as:
a. Preservation
b. Cognition
c. Intelligence

5. Security in IoT system has huge impact on
a. Cost of system
b. Delay in system
c. Complexity of the system
d. All of the above
Answer key
1. (d) 2. (c) 3. (d) 4. (b) 5. (d)

1. Explain Security protocol for unidirectional data transmissions.

1. How does security affect the IoT system?
2. What is cognitive security? Explain with help of example.
Keywords (†)
Cognition: the process by which knowledge and understanding is
developed in the mind.
Backoff time: It is a waiting time that a station waits before
attempting retransmission of the frame.
Capillary network: It is a local network that uses short-range radio-
access technologies and provides local connectivity to things and
devices.
References
[1] R. Giuliano, F. Mazzenga, A. Neri, and A. M. Vegni, “Security
Protocols for IoT Access Networks,” in Security and Privacy in Internet
of Things (IoTs), CRC Press, 2016, pp. 481–494.

Security features of IoT protocol
Time-based security in IoT communication protocol
Impact of IoT security on mobile networks

CHAPTER 19
Cloud Security for the IoT
Cloud computing plays an important role in improving the performance of

the Internet of Things. It solves the problem of storing, processing, and
accessing large amounts of data generated by IoT devices. Moreover, it
enables users to perform computing tasks using services provided over the
internet. Since the internet is an open-ended network, it jeopardizes the IoT
system if not provided with any security features. Considering this, the
chapter provides an overview of the cloud services and security
architectures that are designed to support the Internet of Things.
Employment of cloud services and security practices within an organization
manages the cross-organizational, multi-domain IoT deployments across
trusted boundaries. The chapter dives into IoT data storage, data analytics,
and reporting systems, along with best practices on how to secure cloud
services. It addresses IoT cloud services and cloud security through the
exploration of IoT offerings by cloud service providers, cloud IoT security
controls, tailoring of IoT cloud security architecture, and so on.
Structure
Cloud services and the IoT
IoT offerings by cloud service providers and their security controls
The architecture of IoT cloud security
Advanced technologies of cloud-enables systems for the Internet of
Things
19.1. Cloud services and the IoT
The supporting services of the cloud connect IoT devices, device data,
individuals, and organizations together. Gateways, applications, protocol
brokers, and a variety of data analytics and business intelligence
components reside in the cloud for convenience, cost, and scalability. In
addition, cloud-based services offer the most compelling environment to
organizations, where more and more features are added for connecting IoT
products in a secure way.
19.1.1. Samples of IoT cloud services

Nowadays, developer-friendly IoT cloud-based starter kits are available that
deploy IoT products and services in a secure manner and with minimal
effort. For example, a cloud-enabled starter kit developed by IBM contains
MCU that automatically streams data to a website on the internet. It trains
the developer on how to use the cloud in the IoT solutions in a secure way.
Considering the discussed subject, the section overviews the cloud services
that support IoT systems.
a. Asset/inventory management
One of the important aspects of securing IoT is to track assets, inventories,
and attributes of the devices within the network. The cloud is found to be a
great solution for enabling enterprise asset and inventory management. This
cloud-based service provides all the devices that have been registered and
authorized to be operated within the organization’s boundaries.
b. Service provisioning, billing, and entitlement management

This service is used by IoT vendors when devices are offered to customers.
It requires the ability to track entitlements, authorize or deauthorize device
operations, and prepare billings in response to the amount of usage. For
example, subscription services for sensor-based camera monitoring, such as
DropCam cloud recording, wearables monitoring and tracking services like
FitBit devices, and much more.
c. Real-time monitoring
Real-time monitoring services are required in mission-critical applications
such as emergency management, industrial control, manufacturing, and
many more. Organizations are using industrial control systems, industrial
monitoring, and other functions in the cloud to reduce operational costs so
as to make the data more available and open up new B2B and B2C services.
IoT devices such as programmable logic controllers (PLCs) and remote
terminal units (RTUs) are directly connected to the cloud, supporting the
ability to monitor systems more efficiently and effectively.
d. Sensor coordination
Automated workflows in machine-to-machine transactions require sensors
and devices to cooperate and coordinate with each other. The cloud plays a
central role in enabling these automated workflows. For example, with the
help of cloud services, IoT devices can query to gather the latest
information, restrictions, or instructions. The publish/subscribe protocols,
such as MQTT, make use of cloud services to drive many IoT
implementations.
e. Customer intelligence and marketing

IoT has the ability to customize marketing to customers. Here cloud
includes a system known as Thunder, which introduces a new real-time
event engine. This system provides customers with the ability to
automatically trigger messaging or send alerts to sales personnel. For
instance, in the smart local advertisement, customers are identified through
their purchase history, preferences, or other characteristics as they walk
through a store or shopping center.
From a privacy perspective, it is interesting to think through how either the

tracking mechanism or the dossier collected can be used against a customer by a
malicious party.
Other examples of IoT customer intelligence include energy efficiency

improvements that benefit the environment. For example, home appliances
can share the usage of data with cloud backend systems as part of a smart
grid approach; device usage can be modulated and updated based on the
need and price. Data such as time and frequency of use, energy consumed,
and current electrical market pricing collected by the cloud can be used by
users to save energy costs and reduce environmental impact.
f. Information sharing
IoT allows the sharing of information among many stakeholders. For
example, an implantable medical device provides information to a medical
office, and that medical office then provides that information to an
insurance provider for further assessment. This Information sharing and
interoperability services of the cloud are mandatory for enabling powerful
IoT analytics. These services support protocols based on the
publish/subscribe model and enable data to Business-to-Business (B2B),
Business-to-Infrastructure (B2I), and Business-to-Customer (B2C)
offerings.
g. Message transport/broadcast
The centralized, adaptable, and elastic capabilities of the cloud provide an
ideal environment for implementing large-scale IoT message transaction
services. These cloud services include message transport and broadcast
services that support the implementation of HTTP, MQTT, and other
protocols. Other than transport and broadcast, these service protocols
publish, subscribe, and move data in a centralized or distributed manner.
19.2. IoT threats from the perspective of cloud security

As per conventional infrastructure, cloud-based IoT are also targeted by
several threats. Some of the security topics that need to be addressed when
migrating to or making use of IoT infrastructures to the cloud are presented
in Table 19.1.
Threat area Targets/attacks
Cloud system Harvesting and use of administrator passwords,

administrators and users tokens, and/or SSH keys to log into and wreak havoc
on an organization’s virtual private cloud.
Threat area Targets/attacks
Web browser cross-site scripting on user/manager host

machines.
Malicious payloads (for example, JavaScript based)
from Web browsing or e-mail attachments.
Rooted administrator computers offer an attractive
attack vector to compromise an organization’s cloud-
based enterprise, too.
VM and other container vulnerabilities
Web application vulnerabilities
Insecure IoT gateways
Virtual endpoints/
Virtual Machines Insecure IoT brokers
/virtual containers
Misconfigured Web servers
Vulnerable databases such as SQL injection
Misconfigured databases for proper access controls
Virtual networking components
Networks
Denial of service flooding of any endpoint
Insecure IoT edge gateways
Tampering and sniffing traffic or accessing data
Tampering and injecting malicious payloads into the
IoT communication protocol traffic between devices,
edge gateways, and cloud gateways
Physical and logical IoT device endpoint spoofing (communication
threats to IoT devices redirects or lack of proper
that connect to the authentication/authorization)
cloud
Lack of encryption/confidentiality
Poor cipher suites
Lack of perfect-forward-secrecy
Insecure database (plaintext or poor access control)
Theft of IoT devices
Table 19.1: IoT threats from the perspective of the cloud
19.3. Exploring cloud service provider IoT offerings

Today, most organizations lack the people and the knowledge that are
needed to perform security integration. They fail to keep up with the latest
security threats, architect security operations centers, and perform security
monitoring. To resolve these issues Cloud Service Providers (CSPs) offer
some solutions in the form of security-as-a-service (SECaaS). It presents a
cloud-enabled business and offers support for the IoT. Not only are SECaaS
offerings scalable, but they also help organizations cope with the limited
supply of security engineering resources. Considering this, the section
explores some of the IoT business offerings and benefits available in the
cloud today.
19.3.1. AWS IoT

Amazon’s Amazon Web Services (AWS) is a leading enabler of cloud-
based IoT services and offers the best solutions to connect and manage
billions of devices. It collects, stores, and analyzes IoT data for industrial,
consumer, commercial, and automotive workloads. It is an Amazon’s
framework that permits IoT devices to communicate with the cloud using
protocols such as HTTP, MQTT, and so on. Once connected with the cloud,
IoT devices speak with each other and provide services via application
brokers. An extensive study of AWS IoT can be referred from the website
shown in [1].
Other than providing its own services, AWS IoT integrates with a variety of
other Amazon services. Some of them are as follows:
a. Kinesis
It is a real-time data analytical engine and has the following features [2]:
It collects, process, and analyze real-time streaming data so as to get
timely insights information and then respond instantly instead of
waiting until all the data is collected before the processing can begin.
It is capable of processing streaming data in a cost-effective manner,
along with the flexibility of choosing the tools that are best suited for
the required applications.
Kinesis Firehose operates as the ingestion platform that accepts data
streams, such as audio, video, application logs, and so on, and loads it
into other Amazon domains such as Simple Storage Service (S3),
Redshift (data warehousing), and Amazon ElasticSearch (ES).
b. Amazon Lambda
It is an event-driven, serverless computing platform that runs code in
response to events and automatically manages the computing resources
required by that code. It has the following features [3]:
Run code without provisioning or managing infrastructure. Simply
write and upload the code as a .zip file or container image.
Automatically respond to code execution requests at any scale, from a
dozen events per day to hundreds of thousands per second.
Save costs by paying only for the compute time that is used. Payment
is per millisecond instead of provisioning infrastructure upfront for
peak capacity.
Optimize code execution time and performance with the right
function memory size.
c. Simple storage service (S3)

Amazon S3 is a service that provides object storage through a Web service
interface. It can store any type of object, which allows uses such as storage
for internet applications, backups, disaster recovery, data archives, data
lakes for analytics, and hybrid cloud storage. It encompasses the following
features [4]:
It can scale the storage resources to meet fluctuating needs with
99.999999999% of durability.
Data stored in S3 classes reduce cost without upfront investment or
hardware refresh cycles.
It protects data with unmatched security, compliance, and audit
capabilities.
It can easily manage data at any scale with robust access controls,
flexible replication tools, and organization-wide visibility.
d. CloudWatch
Amazon CloudWatch is a monitoring and management service that provides
data and actionable insights for AWS on-premises applications as well as on
other infrastructure resources or clouds. It includes the following features
[5]:
CloudWatch collects, access, and analyzes resources and application
data using powerful visualization tools.
It improves operational performance using alarms and automated
actions that are set to activate at predetermined thresholds.
It seamlessly integrates with more than 70 AWS services for
simplified monitoring and scalability.
CloudWatch dashboards are used to troubleshoot operational
problems with actionable insights derived from logs and metrics.
e. DynamoDB
Amazon DynamoDB is a fully managed NoSQL database service that
supports key-value and document data structures. It has the following
features [6]:
It delivers applications with consistent single-digit millisecond
performance, nearly unlimited throughput and storage, and automatic
multi-region replication.
It secures data with encryption, performs automatic backup and
restores, and guarantees reliability with an SLA of up to 99.999%
availability.
Focus on innovation and optimize costs with a fully managed
serverless database that automatically scales up and down as per the
requirement.
f. AWS Thing Shadow
AWS Thing Shadow is a virtual service that maintains the state of an IoT
device even when it is offline. This service adds shadows to AWS IoT thing
objects. Shadows are used to make the device’s state available to apps and
other services, irrespective of whether the device is connected to AWS IoT
or not. AWS IoT thing objects have multiple named shadows; in order to
have an IoT solution that has more options for connecting devices to other
apps and services. Thing shadows support the MQTT protocol with
predefined topics and are used to interact with the service and devices [7].
For example, if an MQTT-enabled light bulb is offline, an MQTT command
can be sent to the virtual things repository to change its color. When the
lightbulb comes back online, it will change its color appropriately. From a
perspective of security, only authorized endpoints and applications should
publish the MQTT topics. It is also recommended that the administrative
console be locked down sufficiently to keep unauthorized actors from
gaining access to directly configured IoT assets.
The section presents only some aspects of AWS IoT. For in-depth illustration
readers can refer website [11].
19.3.2. Microsoft Azure IoT suite

Microsoft is another giant that has stepped into the IoT cloud space with its
Azure IoT Hub. It manages and enables highly secure and reliable
communication between IoT devices and applications. It provides a
backend cloud-hosted solution and can virtually connect any device
together. Beyond this, Azure can extend the IoT solution from the cloud to
the edge with per-device authentication, built-in device management, and
scaled provisioning. It supports IoT-related protocols such as MQTT, HTTP,
and AMQP to enable device-to-cloud and cloud-to-device communication.
It simplifies the development of IoT applications by fully integrating itself
with Azure Event Grid and serverless computation. Moreover, for building
hybrid IoT applications, it establishes compatibility with Azure IoT Edge.
In addition, Azure’s group management service is provided through the
device group API, while its device management features, software
versioning, and provisioning are provided through its device registry
management API [8]. Azure provides cross-protocol fusion capabilities to
developers via a generic IoT Hub message format. The message format
consists of a variety of system and application property fields.
For enabling security features, Azure provides a Centralized authentication
using the existing Azure Active Directory authentication framework. Per-
device authentication and access control in Azure are enabled through the
use of IoT Hub security tokens that map to each device’s access policy and
credentials. Token-based authentication allows authentication to take place
without the transmission of security parameters across the wire. Tokens are
based upon a unique Azure-generated key that is generated using the
accompanying manufacturer or implementer-provided device ID. It also
includes the security-enhanced communication channel that sends and
receives data from IoT devices. Furthermore, for keeping IoT devices
secure and up-to-date, the Azure Device Update component for IoT Hub
is used that enables over-the-air deployment of device updates.
The section presents only some aspects of Azure IoT. For in-depth illustration
readers can refer website [12].
19.3.3. Cisco fog computing

Cisco’s IoT solutions for the cloud are based on the concept of Fog
Computing. It states that the majority of IoT devices operate in close
proximity to the cloud, and since clouds are at a vast distance from the edge
layer, it increases the redundancy and computational cost of the overall
system. Thus, to increase efficiency, the Fog layer works between the edge
and the cloud layer for processing and analyzing the data. The benefits such
as time-sensitive sensor streams, controllers, actuators, monitoring,
reporting, and processing of voluminous data sets associated with the
industrial IoT, make Fog Computing an appealing model. IoT Fog
Computing is generally supported by Cisco DevNet Software Development
Kits.
IoT organizations make use of existing Cisco cybersecurity solutions such as

Cisco NetFlow, TrustSec, and identity services engine (ISE).
Cisco’s Fog Computing is implemented in the IOx, a middleware

framework that sits between hardware and applications that run directly on
edge equipment.
The basic IOx architecture consists of the following:
Fog nodes: These are the devices like routers and switches that
comprise edge networks and provide host resources to the Fog
framework.
Host OS: Sitting on Fog nodes is the Host OS that supports the
following:
Cisco Application Framework (CAF) for local application
management and control
Various types of applications
Network and middleware services
Fog director: It is connected to the CAF’s APIs and provides the
centralized application management and repositories for apps running
on all of Fog nodes. Administration via the Fog director is accessed
through the Fog portal.
19.3.4. IBM Watson IoT platform

IBM Watson IoT platform is a fully managed, cloud-hosted service that
derives data from IoT devices. IoT data can be obtained by simply
registering and connecting devices, such as a sensor, a gateway, or
something else, to the Watson IoT Platform and then sending data securely
up to the cloud for analysis using the open, lightweight MQTT messaging
protocol. Devices are managed using online dashboards or secured APIs in
such a way that apps can access and use live and historical data.
The overall architecture of the Watson IoT Platform offering is represented
in Figure 19.1. It includes six different components, namely, storage unit,
devices unit/historical unit, platform, analytics unit, dashboard, and users.
Users are of four types named as consumers, admin users, business users,
and analytics administrators. The IoT platform provides services such as
connectivity, information management, and risk and security management.
Data is obtained from IoT devices, OT systems, and enterprise historians.
Once the data is obtained, it can be stored in cloud object storage or
analyzed using KPI functions and derived metrics. After all processing and
analysis, data is presented and represented through User Interface.
Figure 19.1: Architecture of Watson IoT platform
19.4. Cloud IoT security controls

The implication of secured cloud-based services is vital for IoT
deployments. Each cloud and stakeholder endpoint plays an important role
in securing the multitude of transactions. The section discusses the IoT
security controls and services supported by CSP. Most CSPs integrate the
services in different ways. Organizations can either directly or indirectly
obtain and benefit from these services based on unique package offerings.
These services are combined in different ways that build powerful,
transitive trust relationships throughout the virtualized infrastructure.
Various IoT security controls are as follows:
19.4.1. Authentication and authorization

Authentication security controls handle the following capability:
Verification of the administrator authenticity for individuals accessing
administrative functions and APIs. Multi-factor authentication is
preferred as it gives enormous sensitivity to administrative controls of
virtual infrastructure.
End users’ authentication to cloud applications.
Authentication of cloud applications, including IoT gateways and
brokers, from one to the other.
Direct authentication of IoT devices to gateways and brokers.
Proxy-authentication of end users from one application provider to
another.
Authentication mechanisms in Amazon AWS

Authentication services supported by Amazon AWS include the following:
Combined identity, user/role/permission management, and complete
integration with other Amazon services.
Hardware tokens, key fobs † , access cards, and virtualized MFA
devices, for example, services that run on a mobile device.
Multi-Factor Authentication is used by virtual private cloud
administrators as well as by end users.
OAuth2.0 authorization standard, which maintains a trust flow
between multiple Web applications and services in a secure way.
The functionality of authentication is obtained by using the OpenID
Connect (OIDC) service that is built on OAuth2. OIDC makes use
of identification tokens acquired via the OAuth2 transaction to
support authorization for users.
OAuth2 is already discussed in Chapter 15: Identity and Access Management

Solutions for the IoT.
Authentication mechanisms in Microsoft Azure

Microsoft Azure provides centralized and federated identity authentication
through its Azure Active Directory (AD) authentication framework. It
offers both OAuth2 and OpenID Connect identity-as-a-service within its
Azure AD offering. If chosen cloud provider does not offer OpenID
Connect but does offer OAuth2, then the OAuth2 service from Provider 1
can be integrated with the OpenID Connect service (for authentication
tokens) from Provider 2, though this may not be as seamless as coming
from a single provider.
19.4.2. Software/firmware updates

For enhancing the security in the cloud, the following recommendations can
be considered:
Implementation of an automated, secure firmware and software
update capability to every end device.
Digitally signed executable chunks (patches) within the DevOps
environment can be obtained by hardening a software signing service.
With respect to the end devices, it should be ensured that software
and firmware updates propagating to end IoT devices are capable of
being validated by those end devices.
19.4.3. End-to-end security recommendations

For successful deployment of the IoT cloud, maintenance of end-to-end
security is recommended. For that, it should be ensured that security is not
lost at the gateway. End-to-end authentication and integrity protections can
be applied from the CSP to the IoT devices, with the gateways acting as
pass-throughs. That is, both from the IoT device to the gateway and the
gateway to the cloud. In addition, secure configuration of the databases and
Web services that serve the IoT devices can be practiced. Cloud
applications can be protected that support the analysis and reporting
workflows.
Furthermore, for end-to-end security, protection against denial-of-service
attacks should be there. It can be done by using robust, properly configured
load-balancing application gateways. Data/messages and transactions can
be encrypted and authenticated by devices themselves, whenever required.
Also, a notification on data use can be provided.
Maintaining control of data through to destruction is not possible when the
data may have been passed on to potentially many other organizations;
however, service providers should make attempts to obtain privacy
agreements with peer organizations. For that, implementation of flexible
access controls, such as the use of attribute-based access controls for higher
resolution access decisions, is done. Also, data can be tagged for privacy
protection.
19.4.4. Maintain data integrity

Data integrity can be maintained by considering the following
recommendations:
It should be ensured that rogue devices do not transmit data into the
cloud
Gateway devices should be securely configured and installed in the
cloud. Since gateways process large quantities of data; so, they
should be secured via the following:
Security logging and analysis in a SIEM.
Secure configurations (operating system, database, and
application).
Firewall protection.
Encrypted communications on each interface.
Strong authentication using PKI certificates, if possible.
Secure configuration of the infrastructure that supports the IoT Web
service.
19.4.5. Secure bootstrap and enrollment of IoT devices

Initial provisioning of trust in IoT devices should be handled carefully.
Depending on the criticality of a particular device, the bootstrap can occur
at the vendor or in person by a trusted agent. Completing bootstrap and
enrollment results should have the ability to provision operational
certificates to devices in a secure manner.
19.4.6. Security monitoring

IoT gateways and brokers should be configured to look for suspicious
behavior of the endpoints. For instance, deployed MQTT brokers should
capture messages from publishers and subscribers that may signal malicious
behavior, such as:
Repeated connection attempts
Repeated authentication attempts
Abnormal termination of connections
Topic scanning
Sending undeliverable messages
Clients that connect but do not send data
19.5. An enterprise IoT cloud security architecture

The architectural aspect of cloud-enabling IoT systems comprises of CSPs,
IoT service providers, and enterprise adopters with appropriate security
control capabilities. Figure 19.2 represents a generalized virtual private
cloud from a CSP that offers basic functional and security services to
protect end-to-end data transactions. It includes virtualized services that are
available for IT as well as IoT-enabled deployments.
Architecture constitutes the following components:
Users: They are the end users or vendors who can access the IoT
devices as per their requirements.
Applications: Applications give end users access to IoT devices and
the features provided by the cloud services to which those devices are
connected.
Devices: It is hardware that manages interfaces and communications.
It is usually located in close proximity to the real-world interfaces,
which they monitor and control. Devices include computing and
storage resources, such as microcontrollers, CPU, and memory.
Examples of these devices are Raspberry Pi, Arduino, custom IoT
devices, and so on.
Interfaces: This component connects a device to the physical world.
There are different types of interfaces, such as user interfaces,
sensors, and actuators. The user interface is a component that allows
devices and users to communicate with each other. Sensors are input
components that measure or sense something in the outside world in a
way that a device understands. Actuators are output components that
the device can use to control something in the outside world.
Communication: Devices communicate with cloud services by using
various technologies and protocols such as Wi-Fi/Broadband internet,
Broadband cellular data, Narrow-band cellular data, and Long-range
Wide Area Networks (LoRaWAN).
Cloud services: Cloud services are distributed, large-scale data
storage and processing services that are connected to the internet. The
diagram includes the following services: DNS service, content
delivery network and services, notification services, storage and
processing services, data streaming services, operational management
services, and real-time streaming analytics service.
Figure 19.2: IoT cloud security architecture
While designing the IoT cloud enterprise, the following points are
recommended for structuring the security within the system:
a. Administer a threat model by first characterizing the system and
security starting point, which includes the following:
Identification of all existing IoT device types, protocols, and
platforms.
Identify and categorize system components based on the sensitivity
and privacy of all IoT data originating from the IoT devices at the
network edge.
Determination of the nearby and distant data producers and
consumers of the sensitive data.
Identification of all system endpoints, their physical and logical
security characteristics, and who controls and administers them.
Identification of all organizations whose people interact with the IoT
services and datasets and/or manage, maintain, and configure
devices.
Determination of data storage, reuse, and protections needed at rest
and in transit.
Based on risks, determine what data types need to be protected
point-to-point (also identifying those points) and which need to be
protected end-to-end so that the end consumer or data sink can be
guaranteed of the data’s origin, integrity, and (if needed)
confidentiality.
Finalize a risk and privacy assessment against the data to ascertain
necessary controls that may currently be lacking from the CSP.
b. Formulate cloud-specific security architecture from the following:
Find security provisions directly available from the CSP.

Add-on cloud-based security services that are available from the
CSP’s partners or through compatible, interoperable third-party
services.
c. Develop and adapt policies and procedures that include
Data security and data privacy treatment

User and admin roles, services, and security requirements
19.6. New directions in cloud-enabled IOT computing
The section presents the IoT-enabling characteristics of the cloud along with
new, potential future directions and uses cases of the cloud-connected IoT.
19.6.1. IoT-enablers of the cloud

The cloud has many characteristics that make it an attractive, adaptive, and
enabling technology. This technology pictures, builds, and deploys new IoT
services. Some of the IoT-enabled services are as follows:
Software defined networking

SDN is the next-generation network management technology that simplifies
and reduces the amount of work to be done for reconfiguring the networks
and managing policy-based routes. They tend to manage the world’s IoT
traffic by making the network scalable, flexible, programmable, and
dynamic. Its architecture functions by decoupling network control from the
forwarding functions. They constitute SDN controllers that implement a
northbound API or bridge that connects to network applications and a
Southbound API that connects the network controllers to the fielded
network devices that perform traffic forwarding.
Virtualization systems that host management servers, brokers, IoT gateways, and
other IoT architectural elements are built into Amazon, Google, and other cloud
providers.
SDNs are used today by security vendors that basically tackles distributed denial
of service (DDOS) challenges.
Data services
Data services are another source of managing and structuring huge amounts
of data, data sources, and data sinks in IoT. These services include cloud
environment tools, such as Amazon’s DynamoDB. It offers scalable, low-
latency, NoSQL database capabilities that manage various IoT data storage,
sharing, and analytics services. Similarly, in an easy-to-use Web front,
developers create and manage tables, logs, access, and other data control
features.
Data security, authentication, and access control are implemented on a per-
table basis that makes use of AWS identity and access management
systems. It means that a single organization can execute a variety of
analytics, produce derivative data populated in distinct tables, then
selectively make that data available via an application to its various unique
customers.
Container for secure development and deployment of IoT

environments
Container technology is a lightweight, executable unit that aggregates
application code and dependencies such as binary code, libraries, and
configuration files for easy deployment across different computing
environments.
This technology resolves the issue of diversification in the IoT development
environment. IoT diversification includes the employment of a variety of
software and hardware platforms, such as programming languages that are
used across different hardware ranges, from C to embedded C to Python
and many others. Using this technology, containers are built with the
libraries and packages that are required to develop the current device type.
These containers are then replicated and shared across the development
team as a development baseline. So whenever required, these containers are
used.
Example of container technology:
Docker [9] is a container tool that provides a valuable advantage for storing,
deploying, and managing the workflow of IoT device images. It is designed
with the capability of enabling developers and system administrators to
deploy software/firmware images directly to IoT hardware. It has two
additional benefits:
Device images can be easily updated (not just initially deployed)
through Docker.
Docker can be integrated with a test system such as Ravello for full
testing of the IoT system.
Ravello Systems [10] offers a powerful framework for deploying and testing
VMWare/KVM applications virtually in self-contained cloud capsules running
in AWS or Google cloud.
Microservices
Microservices is a concept in which large, monolithic enterprise
applications such as Web UI and REST APIs, databases, core business
logic, and so on; are modularized into small, bite-sized services like a
Service-Oriented Architecture (SOA). Each module comes with its own
business logic, data backend, and APIs connecting to other microservices.
Each individual microservice is virtually instantiated into the container type
(for example, Docker, VMWare) of choice. The technology simplifies and
mitigates the complexity of enterprise applications that tend to grow and
snowball in response to changing requirements.
19.6.2. Cloud-enabled directions

The inculcation of centralized and distributed cloud processing pushes the
IoT in amazing new directions, which are as follows:
On-demand computing and the IoT

On Demand Computing (ODC) is significantly a major push of cloud-
based architecture that elevates the functionality of IoT systems. Here
computing resources are available at various edge applications, which can
be scheduled, delivered, and billed on demand based on a dynamically
changing client’s requirement. IoT-facilitated ODCs make use of
microservices and their fine-grained execution units described earlier. From
a security perspective, secure, trusted computing domains within IoT
devices are the basic requirement for IoT-provisioned ODC. This can be
explained with the help of the following example.
Let us consider a vehicle that provides computing resources to a nearby
business, or to a remote individual or to a process or to any cloud provider.
It is required that On-demand, executable uploads and processing of
untrusted code on the vehicle should be domain-separated with a high
degree of assurance; otherwise, personal applications and data can easily be
put at risk of compromise from temporary guest processes.
ARM, TrustZone, and other technologies of today represent the beginning of

enabling this type of cross-domain computing for the IoT.
Cognitive IoT
Cognitive IoT is another cloud-based technology that elevates the
performance of the IoT system. For instance, in health monitoring
applications, massive bio-dataset is coupled with various patient metadata
that allows cognitive systems to predict with much greater clarity the
probability of disease conditions or other health maladies before they
appear. Similarly, in a GPS-denied environment, cognitive IoT, with the
help of an Unmanned Aerial System (UAS), understands the surrounding
environment so as to have effective navigation techniques. The concept of
cognition is already discussed in Chapter 18, Security Protocols for IoT
Access Networks and its Impact on Mobile Networks.
Conclusion
Cloud technology elevates the performance of IoT systems. It resolves the
issue of storage, processing, and managing large amounts of data. The
popularity of the cloud in IoT systems requires security of the cloud so that
data stored, processed, and managed is secured and flawless. Considering
this aspect, the chapter discusses the cloud, cloud service provider
offerings, and the cloud’s enablement of the IoT. It presents the security
architectures and the spawning of the cloud with powerful directions for
connectivity and support of the Internet of Things. The comprehensive
details of the chapter are presented as follows:
Cloud services connect IoT devices, data, individuals, and
organizations together. Some of the cloud services that connect IoT
systems are asset management, real-time monitoring, customer
intelligence, digital marketing, digital transport, and many more.
Like other IoT systems, cloud-based IoT also suffers from several
threats and attacks. Therefore, there is a need to address the security
aspect of cloud IoT. Attacks basically take place in cloud
infrastructure. Cloud infrastructure that is open-ended and prone to
attacks are its virtual endpoints, cloud administrators, users, and
networks.
To overcome the attacks, security-as-a-service (SECaaS) is
provided by cloud service providers.
Some of the major SECaaS are AWS IoT, Microsoft Azure IoT suite,
Cisco Fog Computing, and IBM Watson IoT platform.
Implication of secured cloud-based services is vital for IoT
deployments. Therefore, there is a mandatory requirement to have
some security control on the cloud.
Basic controls offered by cloud service providers are authentication,
authorization, periodic software and firmware updates, end-to-end
security recommendations, maintenance of data integrity, security
monitoring, and bootstrapping.
The architecture of cloud security constitutes users, applications,
devices, interfaces, communication, and security.
Security controls and offerings are not enough for cloud security;
thus, there is a need to implement some new technologies for cloud-
enabled IoT.
SDN, data services, secure development, deployment, microservices,
on-demand computing, cognitive IoT, and many more are next-
generation applications of cloud-enabled IoT.
19.7. Questionnaire

1. Sensor Coordination cloud service includes ____________ IoT
protocol for implementing automated workflows in M2M
transactions.
a. RPL
b. CoAP
c. MQTT
d. XMPP
2. Cloud networking attackers, target the following cloud
component:
a. Virtual networking components
b. Insecure IoT gateways
c. Insecure IoT brokers

3. AWS IoT include the following services.
a. Kinesis
b. Lambda
c. S3
d. All of the above

4. Cisco’s IoT solutions for the cloud is based on the concept of:
a. Cloud computing
b. Edge Computing
c. Fog Computing
d. Block chaining
5. Docker is a:
a. Container tool
b. Application tool
c. Project tool
Answer key
1. (c) 2. (a) 3. (d) 4. (c) 5. (a)

1. Explain the architecture of IoT cloud security with the help of an
example.

1. What do you mean by cloud services? Give some examples of cloud-
based IoT services.
2. What is the future scope of cloud-enabled IoT computing? Brief with
the help of some latest technologies.
Keywords (†)
Key fobs: It is a small security hardware device with built-in
authentication that is used to control and secure access to network
services, data, mobile devices, and computer systems.
References
[1] “https://aws.amazon.com/iot/?nc=sn&loc=0.” .
[2] “https://aws.amazon.com/kinesis/?nc=sn&loc=0.” .
[3] “https://aws.amazon.com/lambda/.” .
[4] “https://aws.amazon.com/s3/.” .
[5] “https://aws.amazon.com/cloudwatch/.” .
[6] “https://aws.amazon.com/dynamodb/?refid=1e5631f8-a3e1-45eb-8587-
22803d0da70e.”
[7] “https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-
shadows.html.”
[8] “https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide.” .
[9] “http://www.docker.com/.” .
[10] “https://www.ravellosystems.com.” .
[11] “https://aws.amazon.com/iot-core/.” .
[12] “https://azure.microsoft.com/en-in/products/iot-hub#overview.” .
Things to check before moving to the upcoming chapter

Role of the cloud and its services in elevating the performance of IoT
IoT threats related to the cloud and its security controls
Cloud-based IoT security architecture
Future directions of cloud-enabled IoT computing

CHAPTER 20
Policy-Based Approaches for Informed
Consent in IoT
Several procedures and techniques for protecting data have been studied
throughout this book. Furthermore, the chapter discusses another element of
data protection known as Informed consent. In this method, the consent of a
subject (for example, a citizen) is taken by a third party to legitimately
process personal data. For this, citizens should have a clear understanding
of how his/her personal data is used by third parties. Understanding of the
third party by the citizen is a complex task as the complete details of the
third party are not known to the citizen. This issue is likely to be more
critical in the Internet of Things (IoT), where the collection of personal
data happens in various ways, which are often not evident to the user.
Considering this, the chapter discusses the idea of informed consent for IoT,
its issues, and solutions. It highlights a policy-based approach, where rules
and regulations are defined to know the details of third parties and the way
the subject’s data (that is, citizen) is used.
Structure
The idea of informed consent and how it maintains the privacy
Informed consent in IoT and its issues
Policy-based solution for informed consent
20.1 Informed consent

Informed consent is defined as a process where the individual is fully
informed about the nature and specific purpose of the application or project,
the data that is being collected, and how that data will be used subsequent to
their participation. The effective procurement of informed consent promotes
individual autonomy, engenders trust and confidence in the application or
project professionals, and reduces the risk of unnecessary legal claims
premised on incorrect assumptions regarding the appropriate way the data is
used.
The origin of informed consent took place in the medical community.
Informed consent in medical states the process of procuring permission
from a patient to perform a medical procedure on the basis that he/she has
been fully informed about the benefits and risks of the procedure, and has
agreed to the procedure being undertaken. Informed consent is given only
by patients who have adequate reasoning capability and are aware and in
possession of all relevant facts at the time the informed consent is given.
Apart from medical applications, the process of informed consent has now
been extended to various other fields, such as transport, infrastructure,
housing, and so on, and regulates the interactions of citizens within this
digital world. However, before the implication of future behaviors and
decision-making, the following queries are examined such as degrees of
individual awareness; data capture circumstances; data processing purposes;
ownership of system components; risks to the individual; risks to other
actors; liability; and legal mechanisms and their fit for purpose.
For better understanding; an example of medical consent can be referred at the

end of the chapter; labeled as Figure 20.5.
20.1.1. Informed consent in Internet of Things

Like other applications, informed consent for IoT is also an essential notch,
where consent of users or clients is mandatory. This can be explained with
the help of a botnet attack incident that occurred in Florida in 2013. It has
seriously affected the security and privacy of IoT users as botnet attackers
have not only collected personal information such as users’ names and
telephone numbers but also monitored user activities without the user being
aware of this data acquisition. Therefore, it is recommended that IoT should
always address the process of informed consent. Informed consent in IoT
requires that the user of IoT fully understands how/why their data will be
used and the advantages, disadvantages, and achievable outcomes
associated with the use of their data. However, due to the ubiquitous nature
of IoT, this is becoming more of a challenge as data may be collected
without being aware of the digital health of the citizen.
Traditionally from a legal perspective, the concept of informed consent is
essential for the data protection of information and communication
technology (ICT) systems as the consent of a data subject (for example, the
citizen) is often necessary for a third party to legitimately process personal
data. As per European Union, the informed consent must be “freely given,
specific, informed and unambiguous.” It means that the subject (for
example, a citizen) must have a clear understanding of how his/her personal
data will be used by the ICT systems and applications. However, this may
not be an easy task, especially for a citizen with a limited understanding of
the complexities of ICT that too before ICT applications are used.
The complexity of the system and the creation of effective informed
consent has resulted in the development of End User License Agreements
(EULAs). EULAs are often too lengthy (generally of 10 pages), complex,
and too generic for most users of ICT applications. They are generally the
same for all users regardless of the user’s role or proficiency in the use of
the ICT application. It has developed a consent fatigue†, where most users
accept the licensing agreement by default, often without reading it. In
addition, EULAs are often static artifacts and are not related to a specific
context or domain. It means the same EULA can be used for both personal
as well as business purposes. Moreover, it remains the same even if the
usage of personal data may change due to technology trends (for example,
cloud computing) or interaction with other applications.
Summarizing all factors of informed consent or EULAs, it can be stated that
informed consent should have the following features:
It should support different types of users across the spectrum of users
in the digital world, irrespective of the user’s roles.
It should be customizable so that the user can change settings if
he/she wishes to within pre-established parameters.
It should support different types of contexts or changes in the
environment.
Beyond the ICT domain, the creation of informed consent is complicated by
the evolution of the IoT. Moreover, the description of EULAs for end users
gets further complicated due to the limited processing capabilities of IoT
devices, the distributed nature of the IoT, and the integration of the digital
with the real world. In addition, the behavior of the informed consent
required would vary depending on the data generated by the IoT device and
its related data flow. Therefore, for effective execution of informed consent,
IoT device manufacturers are required to provide more decentralized
control over the processing of personal data in the new data-driven
environment. So that users could know what data of theirs is collected and
how it is used.
20.1.2. Implementation challenges of informed consent in IoT

Informed consent is found as a part of the data protection directive, which
protects the exploitation of data from unauthenticated systems.
Conventionally, as per Article 29 Working party, informed consent should
at least include the four points as follows: identity and contact details;
precise categories of data to be processed by the application, which requires
informed consent; information as to whether the data would be disclosed to
third parties; and, at last, the rights of users in terms of withdrawal of
consent and deletion of data.
The Article 29 Working Party (now known as European Data Protection Board) is
an independent party that deals with the issues related to the protection of
privacy and personal data.
Inculcation of the discussed points in any informed consent, though, shields

the small amount of data but is not enough to secure data generated by IoT
systems. Designing informed consent for IoT raises the following issues:
Lack of control and information asymmetry: Data generated by
IoT systems is too large and complex. Thus, the generation of data
flows can hardly be managed with the classical tools (for example,
Article 29) used to ensure the adequate protection of the data
subjects’ interests and rights.
Quality of the user’s consent: It may happen that users are not
aware of the data processing carried out by specific objects. They
also may not know when and if an object is connected or not.
Security versus efficiency: A trade-off between the need to design
and implement confidentiality, integrity, and availability measures
and the need to optimize the use of computational resources and
energy by objects and sensors is another major concern.
Similar text for all users: Informed consent information of EULA is
usually generic and the same for all categories of users, which makes
it unsecured.
Long and complex text: EULA (or informed consent) text is usually
very long and complex and often difficult for the users to read and
understand. Thus, not appreciated.
Data not always visible: Devices collecting data may not be fully
evident as this data could be embedded in other devices. For example,
future wearable sensors for healthcare could collect and transmit
information for health care purposes that the user is not aware of.
Lack of availability of informed consent: Sometimes, it becomes
difficult to request for informed consent. This is because of the lack
of identifiable places and times to implement consent mechanisms,
for example, when a driver uses an intelligent car, which provides
information to a remote server.
Difficulty in opting out for specific services: In an IoT environment
where devices support various applications. It is difficult to
understand when and how the user can opt out of some services and
maintain the consent for other services.
Difficulty in changing the informed consent based on the context:
It is difficult to obtain a changed informed consent for an application
if there is a change in the context of an application. For example, if
informed consent for home is available and by some means the role
of home is changed to office, then changing the same informed
consent for office will be a difficult task.
20.2. A policy-based solution for informed consent in IoT

EULA modeling approach for informed consent, though, protects data of
ICT application but has several limitations with respect to IoT system as
discussed preceding. For an effective solution to the informed consent
problem in IoT, a policy-based approach is adopted. Before the discussion
of the approach, let us have an overview of the policy-based system. The
system is considered as a user-centric system and is represented in Figure
20.1. It consists of the following elements:
Policy management GUI and its users: GUI enables the user to
define a set of rules that can be embedded in policies. Rules should
be both simple enough for the user to understand and complex
enough to enable advanced users to fine-tune them if necessary. The
user can also define when and how to be contacted by the system and
be notified about a change in the context.
Policy-based system: It is a semi-autonomous agent. Its main role is
to authorize or deny data operations on behalf of the user. For making
decisions, the agent evaluates the defined rules and policies chosen
by the user, operation context elements, information related to user
behavior, and the reputations of third parties.
Community: The community element is used to handle the
reputation of the system. Users are encouraged to participate in
communities and are asked to evaluate and rank IoT applications and
third parties based on their performance.
Policy enforcement component: This component is built upon the
IoT platform along with the policy framework. In order to enforce
this component, the following requirements are required to be
addressed:
Support of different types of users across the full spectrum of
users in the digital era, that is, from the most ICT literate to the
less and/or at the different roles. This requires the necessity of
providing users with easily understood information in the form of
a simple GUI and also setup of the mechanisms to train and
motivate the user to define policies so as to ensure regular usage of
the system.
It should be customizable so that the user can change settings if
he/she wishes.
Support different types of contexts or changes in the IoT
environment and ensure the enforcement of the policies chosen by
the user.
Detailed description of policy-based framework and policy enforcement

component along with the discussed requirements is addressed in the next
section.
Figure 20.1: Policy-based system

20.2.1. Policy-based framework
For the specification and enforcement of informed consent rules, the
Model-based Security Toolkit (SecKit) is used. SecKit includes a collection
of metamodels, runtime components, and technology-specific Policy
Enforcement Points (PEPs). Metamodels in the SecKit represent the IoT
data, identities, behavior, structure, context, roles, trust relationships, threat
scenarios for risk analysis, and security policy rules as reactive or
preventive security countermeasures for the identified threats. The runtime
component presents the actual behavior of the IoT system with the
implementation of a consent policy rule that defines the behavior of the user
consent. PEP is used for monitoring the behavior of IoT objects and taking
action, in case of receiving any event signal.
Steps for the specification of informed consent (metamodeling)

Step 1: To model the target IoT system
This is done by using a generic design language to represent the
architecture of a distributed system across application domains and levels of
abstraction. The system design is classified into two domains, named as
entity domain and behavior domain, along with an assignment relationship
between entities and behavior.
Entity domain: In the entity domain, the designer defines the entities and
the interaction points between entities representing communication
mechanisms.
Behavior domain: In the behavior domain, the behavior of each entity is
defined, which includes actions, interactions, data, identity, and causality
relationship of attributes. Activities in the behavior domain can handle both
user data and its identities. For example, an IoT weather station application
can provide the current indoor home temperature (that is, data) of a specific
person (that is, identity).
Step 2: Specification of the supporting model
In this step, supporting models are defined depending on the security
requirements that include business roles, context information and/or
situations, and trust relationships.
Context information: It is a simple type of information about an entity that
is acquired at a particular moment in time. For example, the “GPS
location.”
Context situations: It is of a complex type that models a specific condition
that begins and finishes at specific moments in time. For example, GPS “at
home” and “at work” are contextual situations where a person or employee
(target entity) is at their home or work environment. The person that is at
home or at work is assigned a role in that specific situation.
The results of the context situation monitoring are events generated when
the situation begins and ends. These events contain references to the entities
that participate in the situation and can be used to support the specification
of the policy rules.
Policy rules
Policy rules are defined as authorizations that are to be granted when a
situation begins and a data protection function that is fulfilled when the
situation ends. For example, access to the patient’s data can be allowed
when an emergency situation starts with the responsibility that all data is
deleted when the emergency ends. Similarly, in IoT, a security policy may
be specified to allow access to data when the situation starts and to trigger
the deletion of the data when the situation ends.
Security policies
Security policies are required to be disseminated to the devices that aims to
gather data in a secured way. Depending on the security policy, the device
triggers and applies the appropriate mechanism that transmits the data in the
exact format needed by the application. It includes a two-step process:
Step 1: The device maps the security policies for the application to the
specific data-gathering policies.
Step 2: The device identifies the encryption or security level of the data so
as to identify the proper transmission mechanisms. Also, considering the
energy efficiency requirements of the devices, that is, using an adaptive
encryption scheme.
This can be explained with the help of traffic-monitoring scenario.
In a traffic-monitoring system car user sends information regarding traffic to the
application server. Let us consider that this application should know only “how
much traffic is there at every street segment?” However, the users’ phone has the
ability to send various types of traffic-related data, that is, the exact location
every second, speed every second, direction of movement, and so on.
In order to maintain the privacy and prevent the leakage of locational data to the
application. The related policies should be considered by the devices of the
users, so that only an average speed per time period and street segment are sent.
So as to avoid disclosing the exact location of the user at each point of time.
Thus, ensuring the privacy by design.
These policies should also be considered by the intermediate nodes; for example,
gateways, so as to hide the location of the user from the application point of
view. However, other applications that need to know the exact location of the
user should be identified by devices and then depending on their access control
policies; exact location of the users should be transmitted. For example, for a
person to track his car if it is stolen.
Security rules
Security rules consist of security rule templates, also known as policy rules.
These rules are Event-Condition-Action rules. Action specifies the action
of allowing, denying, modifying, or delaying a service or data in the IoT
device or system. It also triggers the execution of additional actions that are
to be enforced. In addition, it also specifies the trust management policies to
increase/decrease the trust evidence for a specific trust aspect.
For informed consent, the execution of an Ask for User Consent abstract
activity is performed. It is instantiated by considering the previously
specified user preferences and the current user situation, such as whether
he/she is busy, available, in a meeting, and so on. Actually, users have two
alternatives: (1) to specify a priori the consent rules to allow, deny, modify,
or delay an activity or (2) to specify rules that declare when the users
should be explicitly asked for consent in an interactive way. For the
implication of a second alternative policy, language should be very
expressive and allows users to specify temporal and cardinality constraints
for the informed consent rules. For instance, that consent should be
explicitly asked once per hour or once per day if the data access requests
are not more than 10 per day.
20.2.2. Policy enforcement component

Policy Enforcement Architecture is represented in Figure 20.2. In the
enforcement model, the IoT framework and platform are monitored by a
technology-specific Policy Enforcement Point (PEP), which observes and
intercepts Virtual Objects (VO), Composite Virtual Objects (CVO), and
Service invocations, taking into account event subscriptions of a Policy
Decision Point (PDP).
The PEP component signals subscribe/notify events to the PDP and
receives enforcement actions/behavior inform of allow, deny, modify, or
delay. If required for policy evaluation, the PDP may implement custom
actions to retrieve status information of VOs and CVOs from the policy
repository via the policy server (PS). Policies can be updated by policy
management GUI. Then, subscription to context information and
situation events is done with the Context Manager component, both
using the existing functionality provided by the IoT framework.
Figure 20.2: Policy enforcement architecture
VO, CVO and service are part of security management (SM) cross-layer iCore
IoT architecture [1] represented in Figure 20.3, and is responsible for the
evaluation and enforcement of policies. Therefore, in this policy-based informed
consent iCore IoT architecture is considered.
Figure 20.3: iCore IoT architecture
VO, CVO, and service are used for object virtualization, service composition and
execution, and service creation and management respectively.
The actual objective of iCore project is to enable IoT node with multiple
functionalities based on its capability. Thus, supports reusability and
interoperability.
For example, the ambient light control in a smart building can use the projector
VO to realize that there is a movie or slide projected in a particular room, and
thus, can turn off the lights. The idea is simply to reuse IoT objects in multiple
applications. The CVO enable IoT devices to interact with other devices, and
infuse multiple VOs to offer any smart applications. For example, a smart home
has strict requirements regarding energy reduction, light control, climate control,
and security. By combining multiple VOs, these requirements could be served.
At the service object, multiple application requirements are addressed. Referring
to the same example, the service object enables an ambient light control
application to use information from the projector by querying IoT devices (or
services) in the vicinity, learning from the obtained information, and making
intelligent decisions. This satisfies the semantic interoperability on all respective
layers.
20.2.3. Implementation of the SecKit to IoT for informed

consent
In order to implement policy rules, the SecKit must be extended with
technology-specific runtime monitoring components. MQTT broker is used
for monitoring and enforcement of policies, which is the technology
adopted by most of the project partners to support communication between
VOs and CVOs. SecKit framework consists of the following design:
a. The design of the IoT system behavior
It states the behavior type of the Consent Manager, which instantiates
the action type “Ask For User Consent”. This action represents an
abstract activity that interacts with the user and requests consent for a
specific operation. Interactive consent policy rules instantiate this
behavior type to request user consent.
b. The design of context information and situation types
It models the activity that a person is currently performing and
highlights the current user situation such as whether he/she is busy,
available, working, or in a meeting.
c. The design of trust beliefs that are used in the policy rule language
Trust relationships are defined for a particular trust aspect, for
example, enforcement of privacy preferences and the assignment of
trust value to a specific entity. The measurement of trust beliefs is
implemented using the Subjective Logic opinion triangle, which
assigns belief, disbelief, and uncertainty values to an opinion, as
Figure 20.4: An opinion triangle

d. The design of an interactive consent policy rule template
In this rule, whenever access to user data is detected by an event, and
the relevant person found is currently not working, a consent manager
is then instantiated, to interactively request consent to allow, deny,
modify, or delay the data being accessed. It also specifies a variable
that represents the specific person for whom the template is
instantiated and enforced. Variables are also used to parameterize the
event being considered and to specify generic consent rules that apply
to all activities of a particular subtype. For example, a set of rules
could be specified to access all personal information, access to photos,
and so on.
Variable can be any specific user or entity or any other distinguishable

context.
e. The design of an informed consent rule template

An informed consent rule template is defined priori by users and
allows all data access but anonymizes (that is, hide/remove) the
identity of the users. By anonymization, it means simply replacing the
identity attribute with any anonymous string. Depending on the
specific requirements, anonymization can also include the replacement
or modification by a service-specific user pseudonym.
f. The design of a policy rule that allows any operation to be
performed by trustworthy entities
This design includes the most generic rule and does not allow any
specific activity. For example, any data access request would be
allowed. This type of generic rule allows more generality in the
specification of policy rules.
g. The design of a policy rule template that allows access in the case
of an identified user has given consent
This design presents the policy rule, where access is allowed only
when a specific user identified by a variable has previously given
consent. It is up to each user that represents this template; to specify
how often the system should require his consent, for example, every
day or every hour. An additional variable could also be specified in
this rule template to identify the specific activity where consent is
required more often than for others.
h. The design of a policy rule template that represents the previously
described policy rules in a more complex template
This design states the policy rule that represents the previously
described policy rules. It demonstrates the conflict resolution approach
for policy rule language. For example, access is denied by default to
all untrustworthy entities that try to access user data. However, in case
a trustworthy entity tries to access the data, or if consent was explicitly
given by the user in the previous time steps, then access is allowed.
The strategy for the combining algorithm adopted here is named as
“Allow overrides”, meaning that if any of the nested rules allow
access, this is the final result chosen by the container rule template.
By following the previously discussed design and implementing them in
IoT devices or objects, the privacy of data can be protected from
unauthorized users or buglers.
Conclusion
The chapter introduces the idea of informed consent for maintaining the
privacy of data. It presents an approach to handle the authorization of data
operation in the IoT. It illustrates the semi-autonomous policy-based
approach, which integrates context awareness and enforcement through the
“SecKit” mechanisms. The comprehensive details of the chapter are
presented as follows:
In informed consent, the individual is fully informed about the nature
and purpose of the application or project, the data that is being
collected, and how that data will be used subsequent to their
participation.
There are several applications where informed consent is used. The
most popular applications are health care, transport, infrastructure,
housing, and so on, and regulate the interactions of citizens within
this digital world.
Conventionally, informed consent in IoT was supported by End User
License Agreements (EULAs).
EULA is a user license agreement that states what and how the
application data will be used by the other party. It is quite long and
complex, thus not supported in the IoT system.
Therefore, a policy-based informed consent approach was formulated
so as to support IoT systems.
As per Article 29, working party informed consent should at least
include identity, contact, categories, information regarding the
disclosure of data to third parties, and information regarding
withdrawal and deletion of consent.
Implantation of these minimum points in IoT; still result in the
following issues such as lack of information symmetry, availability,
quality and efficiency issue, complexity, and so on.
In order to solve the issue of informed consent in IoT, a policy-based
approach is considered, where rules regarding the authorization of
data and devices are enforced and focused.
Policy-based IoT system consists of the following elements: Policy
Management GUI and its users (enables the user to define a set of
rules for policies), Policy-based System (to authorize or deny data
operations on behalf of the user), Community (handles the reputation
of the system), and Policy Enforcement component (enforces policies
as per the need).
Policy-based framework consists of Model-based Security Toolkit
(SecKit).
SecKit specifies the policy rules, security policies, security rules, and
so on.
This kit consists of several policy enforcement design templates.
Each template tends to execute in runtime mode and present an
application for the enforcement of policies to users. Designing of
each template is demonstrated in Section 20.2.3.
Finally, the implementation of these designs maintains the privacy of
IoT data.
20.3 Questionnaire

1. Informed Consent can be defined as:
a. A relational process between counselor and client
b. Signed and witnessed documents to provide sufficient

information for the client to make a decision about treatment
and to protect the counselor from liability.
c. a and b
2. Informed consent in IoT is challenging because of the following
reasons:
a. Lack of control and information asymmetry
b. Data not always visible
c. Difficulty in opting out of specific services

3. _______ are defined as authorizations that is to be granted when
a situation begins and data protection function that is fulfilled
when the situation ends
a. Policy rules
b. Security policies
c. Context situation

4. _______ is an abstract activity that is performed for the
informed consent of IoT
a. Ask for User Consent
b. Bypass user consent
c. Policy enforcement
Answer key
1. (c) 2. (a, b, c) 3. (a) 4. (a)
1. How policy-based solutions can create informed consent and
maintains the privacy of IoT?

1. What do you mean by informed consent, and how is it advantageous
to the Internet of Things?
Keywords (†)
Consent fatigue: Loading users with questions and forcing decisions
on them when they access a website for the first time.
References
[1] C. Sarkar, A. U. Nambi S. N., R. V. Prasad, A. Rahim, R. Neisse, and G.

Baldini, “DIAT: A Scalable Distributed Architecture for IoT,” IEEE
Internet Things J., vol. 2, no. 3, pp. 230–239, Jun. 2015, doi:
10.1109/JIOT.2014.2387155.

Informed consent and its role in securing data
Challenges in implementing informed consent in IoT
Policy-based solution for IoT informed consent
Figure 20.5: An example of informed consent

CHAPTER 21
Blockchains for Internet of Things
When it comes to the competitive advantages to industries, the Internet of

Things turns out to be the most powerful weapon. Where every piece of data
that is collected and transmitted is extremely important and requires both
privacy and security. It has been found that Blockchain technologies are an
excellent source that provision safety to IoT data and transactions. It
authenticates, standardizes, and protects the adoption of data handled by the
devices without the need for a trusted third party. In addition, it is able to
track and monitor the information collected by the sensors without
permitting them to be duplicated by any wrong data. Furthermore, it is the
technology behind Bitcoin, a virtual currency that is regarded as a type of
digital asset and can be bought, sold, and transferred between the two parties
securely over the internet. Contemplating these elements, the chapter
presents an introduction to Blockchain technology with Bitcoin
cryptocurrency as an application.
Structure
The idea of Blockchain technology and how it came into existence
Cryptocurrencies and their types
Key concepts of blockchain technology such as P2P network,
consensus, mining, distributed ledger, and many more
Classification of blockchain wallets
The idea of Altcoins and Anonymity
21.1. Blockchain technology: The introduction
The concept of Blockchain technology could be clear by first analyzing the
drawbacks of the current banking system and then knowing how
cryptocurrency can resolve these issues. Then it will be easy to dive into and
understand the technology with its architecture and features.
21.1.1. Issues with the current banking system and its solutions
Banks have been in the picture for centuries and have been acting as the
facilitator to multiple economic and financial activities, which include
lending, trading, transaction settlement, payment processing, and so on.
However, the longevity of the banking system has made it stagnant, leading
to it becoming slow in terms of adopting prevailing changes. They still
require a lot of paperwork, face security vulnerabilities, and have multiple
time-consuming and expensive processes in place. This can be
acknowledged with the following examples:
Nowadays, any transaction on a banking channel costs a very high
transaction fee. Suppose if one wishes to transfer an amount from
his/her account to someone’s else account through a banking channel;
then the bank might charge a fee; let us say for 200$, it might charge
5$, this will make the receiver to receive only 195$, which in
percentage terms is a very high percentage of transaction fee.
Furthermore, in the current scenario, people end up doing double-
spending. Double spending is a unique problem where digital money
is spent twice. For instance, let us suppose a sender has 800$ in his/her
account, but he/she ends up sending 1000$; 500$ each to two other
users. As the bank was not able to update its record time when the
transaction with the first user took place. So according to the sender,
there is still 800$ present in the account. Hence, it can be said that the
present banking system is not adequate enough to keep up-to-date
records of all transactions. Subsequently, the user is able to spend
more than the amount present in his/her account. Moreover, keeping
records updated requires a lot of paperwork which can be prone to
inconsistency and is time-consuming.
In addition, the banking systems are prone to hacking. Hackers attack
financial institutions and gain unauthorized access to data. They can
do transactions on our behalf, which we are not aware of, or they can
transfer money to some illegitimate account.
In 2017, the number of frauds in India through ATM cards and net banking was
about 1,785, each amounting to more than one lakh rupee.
The discussed issues are resolved by the usage of cryptocurrency known as

Bitcoin or the technology known as Blockchain.
Bitcoin is a decentralized system that allows one to do a value transfer
transaction at a very nominal transaction fee as low as 1$, whereas the
bank charges a fee of 5$, and at the end, the receiver receives the true
value of the amount (199$), which was sent by the sender. Bitcoin
follows a decentralized system where no third party, such as the
government, bank, or any other intermediaries, is involved during the
transaction between a sender and receiver. Therefore, reducing the
cost of transactions drastically. This is the primary objective of
cryptocurrency or technology called blockchain, which advocates the
removal of intermediaries.
Double spending is avoided through the basic structure of a
blockchain (that is, each block is linked to its previous block), which
involves the verification of transactions. It means the record of each
and every transaction is maintained without any changes. That is, once
the record is updated, it gets freeze, which means no one can make
any changes to it. Referring to the previous example, as soon as a user
transfers 500$ to the first person, immediately account is updated, and
remaining balance gets freeze in a block of blockchain, that is, in
his/her account. Now, before transferring the amount to a second
person, as per blockchain, the balance amount will be verified, and the
address identity will be validated. If suppose spending is more than the
remaining balance, then the miners and validators of the blockchain
network will discard that particular transaction. Therefore, double
spending becomes as good as impossible in the blockchain.
Blockchain technology uses the element of public ledgers. A public
ledger records all Bitcoin transactions, and it is accessible to everyone
who is associated with the system. It is a 100% transparent system.
It means any transaction happening is visible on the public ledger.
Once a user joins a blockchain network, he gets a copy of the
blockchain (all transactions) since its initiation or inception. Though
the public ledger is accessible to everyone, only the user’s address and
the transaction details are visible to the users of the Bitcoin network.
By looking at the address, the identity of the user cannot be known.
Thereby, it secures the identity of address owners and keeps the
blockchain safe from data tampering. As each block on the
blockchain is aware of who is its previous block, so even if the hacker
tries to hack one block, it would have to change the entire subsequent
chains ahead of this block. It will require a huge amount of
computation power for the hacker, which is next to impossible.
In-depth illustration of Bitcoin will be discussed in upcoming sections

Incase if the reader is not clear with the blocks or the formation of its chain. There
is no need to worry as architecture and working of blockchain will give the in-
depth illustration of the concept.
21.1.2. Architecture of the blockchain

Blockchain is a decentralized system of secure and trusted distributed
databases. It is a constantly growing distributed ledger that permanently and
chronologically records and shares the transaction details across the nodes
(or participants), which are part of the blockchain network. Every participant
has the same copy of the ledger, which is regarded as an immutable ledger.
The definition can be disintegrated as follows:
Ledger: It is a constantly growing file.
Permanent: It means once the transaction goes inside a blockchain, it can be
permanently put in the ledger.
Secure: Information in blockchain is secure. It uses very advanced
cryptography to make sure that the information is locked inside the
blockchain.
Chronological: It means every transaction happens after the previous one.
Immutable: It means once a record or a transaction is registered, it cannot
be modified.
Blockchain was originally introduced to timestamp digital documents and prevent

tampering of records.
Summarizing the preceding definition, in simple terms, a chain of blocks

that contains information is called a blockchain. When a transaction occurs,
its related information is recorded into a block. It means a transaction
initiated in any corner of the globe is registered on the block, and then that
block is verified and validated by the miners of the public ledgers. After
verification and validation, the block is added to the main blockchain
depending on its type. Each time a block gets completed, a new block is
generated. Each new block is linked to the previous block, and the chain is
created. The first block in the chain is called the Genesis block.
Components of block
Each block contains four major components named as data, hash, previous
hash, and nonce. It is presented in Figure 21.1.
Data attribute of the block contains the sender’s address, receiver’s address,
and the transaction amount or information. There can be multiple
transactions among multiple senders and receivers. So, each block can
contain “n” number of transactions, each with their sender’s address,
receiver’s address, and transaction amount.
Hash is like a digital fingerprint of the current block, which is unique to
each block. It means once a block is created, any change inside the block
will cause the Hash to change. It takes the previous hash, data, and nonce as
the input value and produces a fixed-length output. Commonly, the SHA256
hashing algorithm is used in blockchain technology; however, other hashing
algorithms can also be considered.
Previous hash is the attribute which is connecting a block to its previous
block. So along with its own hash value, a block also contains the hash value
of the previous block.
Nonce is a random value used to vary the output of the hash value whenever
any transaction takes place. It is used in a proof-of-work algorithm that
verifies the transactions done within the blockchain.
Proof-of-work is discussed in next section
Figure 21.1: The Blockchain block
Formation of blockchain
Formation of blockchain is represented in Figure 21.2. Let us consider a
blockchain of three blocks. The first block is a Genesis block and has no
previous hash. Block 2 contains a hash of Block 1, whereas Block 3 contains
Hash of Block 2, and so on. In this way, a chain of blocks is formed and is
known as blockchain.
Figure 21.2: Formation of Blockchain
This is the way that makes a blockchain secure. Let us assume, an attacker
changes the data of Block 2. Correspondingly, the Hash of the Block will also
change. However, Block 3 still contains the old Hash value of Block 2. This
makes Block 3, and all succeeding blocks invalid as they do not have the correct
Hash of the previous block. Therefore, changing a single block will make all the
following blocks invalid.
21.1.3. Features of blockchain

Now that the basics of blockchain technology is clear, let us review its
primary features as follows:
a. Public distributed ledger

Blockchain is a decentralized public distributed ledger that is used to record
transactions across many computers. It is a distributed database that is shared
among the legitimate users of the blockchain network. These legitimate
users access and verify the transactions within the block, thereby making it
less prone to cyber-attacks.
This can be explained with the help of the Bitcoin example, illustrated in
Figure 21.3. Let us consider four bitcoin users (Bella, John, Elsa, and Jack)
who are transferring money. Bella has 40$ and is transferring money to John,
and John is transferring to Elsa, and Elsa to Jack. There are three
transactions that are taking place. Before the arrival of blockchain
technology, these transactions were taking place at the central ledger, but the
central ledger was prone to attacks and could be corrupted, thereby can
easily tamper the data within the ledger. To solve this issue, public
distributed ledger plays a vital role. It ensures that each user within a
blockchain, have a copy of each transaction. That is, Bella, John, Elsa, and
Jack have the same ledger, which is distributed among them. Now in case if
Elsa has misplaced her transaction details, then she can easily be corrected
by the other participants because they have the original copy. Or in case if
either of the user attempts to alter the records. Then, alternate transaction
copies with the other user will negate the alteration because, among all the
participants, only one participant has a different copy; hence, it can be easily
detected.
Figure 21.3: Public distributed ledger of Blockchain technology
b. Encryption
Blockchain eliminates unauthorized access by using cryptographic
algorithms, such as SHA256, to ensure that blocks are secure. Each user in
the blockchain has their own keys. They are provided with two sets of keys,
a private key and a public key. The private key is known only to the sender
and confirms if the origin of the transaction is legitimate. The public key is
used to uniquely identify the sender and is shared by the sender with every
transaction that floats on the blockchain network. Let us take a look at the
transaction verification process.
At sender end
Suppose a sender wants to send a message; he will pass the message through
the hash function and generate a hash value of the message. After the hash
value is created, it is passed through the signature algorithm along with the
private key, and a digitally signed document is created. Illustrated in Figure
21.4:
Figure 21.4: Encryption at the sender end

Now the transaction message, digitally signed document and public key are
transmitted to the receiver, as given in Figure 21.5:
Figure 21.5: Data transmitted to the receiver

At receiver's end
At the receiver's end, the message received is passed through the hash
function, and a hash value is created, given in Figure 21.6:
Figure 21.6: Processing at the receiver end
This hash value obtained by passing the message is compared with the hash
value obtained by passing the digital signature and the public key through
the verification function. If both the hash values are matched means no
tampering with the message is done; else, the message is tampered with.
Figure 21.7: Comparison of the hash values
Working of the hash function is already discussed in Chapter 7, Crypto

Foundations-II.
c. Mining and Proof of Work

Hashes are an excellent mechanism that prevents tampering. In hashing, the
blockchain is declared invalid if any unauthorized modification is done.
However, computers nowadays are high-speed and can evaluate hundreds of
thousands of hashes per second. In a matter of a few minutes, an attacker can
tamper with a block and then can easily recalculate all the hashes of other
blocks and make the blockchain valid again. Without letting anyone know
that block is tampered. Thus, it can be stated that if the feature of hashes is
used all alone in the blockchain, then it cannot secure it from unwanted
alteration. To avoid the issue, the concept of Proof-of-Work is used.
Proof-of-work (PoW) is an algorithm that validates transactions in a
blockchain network by solving a complex mathematical puzzle. The process
of solving a mathematical puzzle is called mining, and the users who tend to
solve the puzzle are called miners.
Mining uses a computational problem (talking about mathematical puzzles)
that takes a certain amount of time to solve, but the time required to verify
the results of the computational problem is very less compared to the time it
takes to solve the computational problem itself. Therefore, it is a mechanism
that slows down the creation of the new blocks but makes it easy for users to
verify them.
Let us consider a Bitcoin (cryptocurrency) network, where finding a
nonce/random value is a mathematical puzzle that miners need to solve.
Solving a puzzle (that is, finding a nonce value) takes a huge amount of
computational power and resources for the users. Refer to Figure 21.8, and
the puzzle is solved by determining a nonce that generates a hash value and
produces an output lesser than a predefined target time. So, if the time
needed to solve the puzzle is less than the predefined target time, then it is
said that the mathematical puzzle is solved, and transactions within the block
are verified. Hence, the block can be added to the blockchain. However, if
the time required to solve the puzzle is not less than the predefined target
time, it means block transactions are not verified and cannot be added to the
blockchain. Consequently, the value of nonce is modified, and the process of
solving the computational puzzle is repeated. The cycle is repeated until the
miner solves the puzzle in less than the predefined target time.
Figure 21.8: Working of PoW algorithm
In Bitcoin, the average time of block formation is 10 minutes. It means, it takes

almost 10 minutes to calculate the required proof-of-work to add a new block to
the chain. Suppose, if a hacker changes data in Block 2, he would need to
perform proof-of- work (which would take 10 minutes) and only then can make
changes in Block 3 and all the succeeding blocks. Thus, recalculating PoW for all
the following blocks will make tampered blockchain invalid and the system
secure. Hence, hashing and proof-of-work both together make a blockchain
secure.
In blockchain the pre-defined target is adjusted after every 2016 blocks. It is
approximately after every 14 days.
d. Incentives of mining
With PoW, miners compete against each other to solve the mathematical
puzzle. That is, they aim to validate the block and transactions. Whenever
they validate any new transaction or block and record them on a public
ledger, they use their sources such as time, money, electricity, and so on. In
return for this effort, they get a reward or incentive.
An Incentive is basically a reward given to a Blockchain Miner for speeding
up the transactions and validating the decisions while processing the
complete transaction securely. When a group of miners create blocks
together for validating transactions and then share the incentives among all
the Miners with equality, then it is known as Incentive Pool.
In cryptocurrency networks, a reward is given in the form of Bitcoin digital
currency. As a reward, the miners get 12.5 BTC (bitcoins). The reward gets
halved after every 210,000 blocks, that is, approximately after every four
years. In 2012 the bitcoins given to miners was 25.00 BTC, which dropped
to 12.50 BTC in 2016, and which further dropped to 6.25 BTC in 2020. In
Bitcoin, incentives are of two types block rewards and transaction fees. The
block reward is a reward that miners get in exchange for the service of
creating a block on the blockchain. It is a special transaction within a block,
known as a coin-creation transaction. It is the block reward that is decreased
every four years. When the reward value reaches zero, the transaction fee
comes into play, and then it is the only incentive that is given to miners.
21.1.4. Use-case of Blockchain technology

The section presents an example of Bitcoin mining that uses blockchain
technology for performing transactions. Let us consider Bob, who wants to
share 10 bitcoins with Jennifer. The steps involved in transacting 10 BTC
from Bob to Jennifer are as follows:
Step 1:
Transaction data is shared with Bitcoin users and the miners from the
memory pool. The memory pool contains a set of unmined or unconfirmed
transactions until they are verified and included in a new block.
Step 2:
The miners who want to validate the transaction using Proof-of-Work,
compete with others by continuously pulling the unconfirmed transactions
from the memory pool. As soon as they pick up, they start validating those
transactions by solving the mathematical puzzle.
Step 3:
The miner who solves the puzzle first shares his result with the other nodes.
Step 4:
Once the block has been verified and the nonce has been generated. The
other set of miners starts granting their approval. If the maximum number of
nodes grant their approval, the block becomes valid and is added to the
blockchain. Simultaneously the miner who has solved the puzzle will receive
the reward of 12.5 BTC, which as of today, stands for 98k dollars.
Step 5:
Finally, the bitcoins for which the transaction was initiated now will get
triggered and will get transferred to Jennifer.
21.2. Crypto-currencies
Since man evolved, the currency has been a very important part of our lives.
In the caveman era barter system was used, which involved goods and
services being exchanged among each other. For example, a person having
ample oranges can exchange them with another person having a lot of
apples. However, the barter system fell out of use because it had some
glaring flaws. These flaws include requirements coincide; for instance, if a
person has five apples and his friend has five oranges. If he wants some of
the oranges, then he can exchange them with his friend until and unless his
friend has a requirement for the apples that he owns, or else he will not be
able to make an exchange. Another problem in the barter system is that there
is no common measure of value. It means the value of the commodity that
is to be exchanged cannot be expressed; that is, it is difficult to decide for
how many apples and how many oranges can be exchanged. The next issue
is not all goods can be divided or subdivided; for example, live animals
cannot be divided into smaller units. Another issue is that the goods cannot
be transported easily. Unlike today, where the modern currency is easily
adjusted in the wallet or mobile phone. It includes paper currency, coins,
credit cards, and digital wallets, for example, Apple Pay, Amazon Pay,
Paytm, PayPal, and so on.
Actually, after realizing that the barter system did not work very well, currency
went through a few iterations in 110 BC. An official currency was minted in 1250
AD then a gold-plated Florence was introduced, which was used across Europe
and from 1680 to 1980 paper currency gained a widespread popularity and was
misused across the world.
Modern currency is controlled by banks and governments, which means that

there is a centralized regulatory authority that regulates the working of paper
currency and credit cards. Though the modern currency is better than the
conventional currency system and is the most popular; however, it has
certain drawbacks. For instance, let us imagine the scenario of an online
transaction where a person has to transfer a certain amount to his friend’s
account. Usually, the transaction is successful, but there are several
situations where this could go wrong. There could have been a technical
issue at the bank that means theirs is a central point of failure, or user’s
accounts could have been hacked through a DDoS attack or identity theft, or
the transfer limits for that account could have been exceeded. In all these
situations, transactions will fail. For all these reasons, the future of currency
lies with cryptocurrency.
Imagine the future transaction that occurs between two people. Transactions
take place in the form of bitcoins. One of the two people has the Bitcoin
application, and there is a notification asking whether they are sure and are
ready to transfer five Bitcoins. If yes, then processing takes place for a
certain amount of time, where the user’s identity, required balance amount,
and other things are checked. After the verification, the payment is
transferred, and in a matter of minutes, the payment is received at the other
end.
The transaction is fast and is as simple as that it in turn removes all the
problems of modern banking, like there are no limits to the funds that can be
transferred, accounts cannot be hacked, and there is no central point of
failure. All these benefits make cryptocurrency the future of the currency
system.
From 2018 there is more than 1,600 cryptocurrencies available. Some of the
popular ones are bitcoin, Litecoin, Ethereum and zed cash.
Cryptocurrency is defined as a digital or virtual currency that is meant to be

a medium of exchange. It is quite similar to real-world currency except that
it does not have any physical embodiment. It uses cryptography to secure
and verify transactions and also to control the creation of new units. Unlike
traditional currencies, which are issued by central banks and backed by
government entities.
They are decentralized and operate on a peer-to-peer network. This means
that transactions are recorded on a public ledger called a blockchain, which
is maintained by a network of users rather than a centralized authority.
Cryptocurrencies are designed to be used as a medium of exchange, allowing
users to send and receive payments without the need for intermediaries such
as banks or payment processors. Transactions are validated by a network of
users using complex mathematical puzzles, ensuring that they are secure and
tamper-proof. Since the transactions are conducted on a decentralized
network, they are also faster and more efficient than traditional payment
methods.
One of the key features of cryptocurrencies is their limited supply. Most
cryptocurrencies have a finite number of units that can be created and are
defined in the network’s protocol; for example, the limit of bitcoins as of
now is 21 million; after this, no more bitcoins can be produced. This ensures
that the cryptocurrency cannot be subject to inflation like traditional
currencies. Additionally, cryptocurrencies can be easily divided into smaller
units, allowing for micro transactions and greater flexibility in pricing.
21.2.1. Cryptocurrency examples

There are several cryptocurrencies available in the market. As of now,
bitcoins and ether are the most popular ones and are discussed as follows:
Bitcoins
Bitcoin is a digital currency that is decentralized and works on the
blockchain technology. It uses a peer-to-peer network to perform
transactions involving goods and services. The transactions are manual,
which means one has to personally perform these transactions. It takes about
10 minutes to perform a transaction, which is the amount of time it takes for
a block to be added to the blockchain. The limit of Bitcoins is 21 million and
is supposed to hit this number by the year 2140.
Ether
Ether is a currency that is accepted in the Ethereum network. Ethereum
network also uses blockchain technology to create an open-source platform
for building and deploying decentralized applications. Ethers have the option
to make transactions manual or automatic, or programmable, which means
that transactions can take place when a certain condition has been met. It is
very fast and takes about 20 seconds to perform any transactions. Ether is
expected to be around not more than 100 million units.
Cryptocurrencies are often traded on online exchanges and are used to purchase
goods and services from merchants that accept them as payment. However, the
regulatory landscape around cryptocurrencies is still evolving, and there are
concerns about issues such as security, volatility, and potential illicit use cases.
21.3. Bitcoin P2P network

Bitcoin is a peer-to-peer (P2P) network that enables the transfer of bitcoins
between users without the need for a centralized intermediary. It is made up
of nodes, which are individual computers that run the Bitcoin software and
communicate with each other over the internet. Every node has a copy of the
blockchain, which is a public ledger that contains all of the transactions that
have ever occurred on the network. When a new transaction is broadcasted,
all nodes work to validate it by verifying that the sender has the necessary
funds and that the transaction is not fraudulent. Once the transaction is
validated, it is added to a block and broadcasted to the network for other
nodes, as illustrated in Figure 21.9.
Actually, all nodes within the network create a consensus or mutual agreement.
Where they agree about which blocks or transactions are valid and which are
invalid. They reject the blocks/transactions that are tampered with.
Figure 21.9: P2P network in Blockchain technology
21.4. Distributed consensus

A consensus algorithm is a program used in blockchain through which all
the peers of the blockchain network achieve a common distributed
agreement about the state of the distributed ledger. It establishes trust
between unknown peers in a distributed computing environment. The
objective of consensus algorithms is to yield agreement, collaboration,
cooperation, and equal rights for every node. In simple terms, it is a common
agreement where there is a win for the entire network.
21.4.1. Types of consensus algorithms

There are different kinds of consensus algorithms, each of which works on
different principles. Some of them are as follows:
a. Proof of work
This consensus algorithm is used to select a miner for the next block
generation. The central idea behind the PoW algorithm is to solve a complex
mathematical puzzle and easily give out a solution. This mathematical
puzzle requires a lot of computational power; therefore, it is always
recommended that the node that solves the puzzle as soon as possible gets to
mine the next block. Bitcoin uses this PoW consensus algorithm.
b. Proof of Stake
In the PoS system, users within the blockchain network stake a certain
amount of cryptocurrency and become the validator of the transactions.
Once selected as a validator, they are required to validate the transaction
based on the amount of cryptocurrency they have staked. This process gives
opportunity to the participants to act in the best interest of the network as if
any malicious activity is detected, and then it would result in the loss of their
staked cryptocurrency.
c. Byzantine Fault Tolerance

In a BFT system, nodes exchange messages to reach an agreement on the
current state of the system, with each node validating the messages it
receives from other nodes before accepting them as valid.
d. Proof of Burn
In PoB, validators “burn” coins by sending them to an address from where
they are irretrievable. Burning coins means that validators have a long-term
commitment in exchange for their short-term loss. The more coins they burn,
the better their chances of being selected to mine the next block. However,
the algorithm is good but wastes resources needlessly. Moreover, it is also
questioned that the mining power simply goes to those who are willing to
burn more money.
e. Proof of Capacity
In the PoC, validators invest their hard drive space for the selection of being
selected as miners for the next block. The more hard-drive space validators
have, the better is their chances of getting selected for mining the next block
and earning the block reward.
f. Proof of Elapsed Time
PoET is one of the fairest consensus algorithms, which chooses the next
block as per their wait time. In this algorithm, nodes wait for a random
amount of time and then add proof of their wait in the block. The created
blocks are then broadcasted to the network for others’ consideration. The
winner node is selected as the validator, which has the least timer value in
the proof part. The block that is validated by the winning validator node then
gets appended to the Blockchain. The algorithm has additional checks that
stop nodes from always winning the election and stop nodes from always
generating the lowest timer value.
21.5. Smart contracts

A smart contract is a self-executing program that automates the actions
required in an agreement or contract. Contracts are stored on a blockchain
network and are executed automatically when certain conditions are met.
Once completed, the transactions are trackable but are irreversible. They
permit only the trusted transactions and agreements that are to be carried out
among disparate, anonymous parties without the need for a central authority,
legal system, or external enforcement mechanism.
Smart contracts do not contain legal language, terms, or agreements. They only
have code that executes actions when specified conditions are met.
In 1998, Nick Szabo, an American computer scientist, defined smart contracts as
computerized transaction protocols that execute the terms of a contract.
Ethereum blockchain has the smart contract capabilities. However, the Bitcoin
blockchain can be used for building smart contracts only after its Taproot is
upgraded. Taproot allows to communicate to layers that have smart contracts
enabled on their blockchains.
Applications of smart contracts can vary from simple payments to complex

financial instruments and supply chain management. For example, a smart
contract can be used to automate the process of transferring ownership of a
property, ensuring that all conditions of the transfer are met automatically
and transparently without the need for intermediaries such as lawyers and
notaries. Real estate transactions, stock and commodity trading, lending,
corporate governance, supply chain, dispute resolution, and health care are
some of the examples where smart contracts can be used. One of the key
benefits of smart contracts is that they are immutable and help to reduce
transaction costs and increase efficiency. However, in case of any mistakes
in executable code, they cannot be corrected, as the coding is dependent on
human factors, which can give rise to loopholes.
21.6. Blockchain wallets

A blockchain wallet is a cryptocurrency wallet that allows users to manage
different kinds of cryptocurrencies such as Bitcoin, Ethereum, and so on.
These wallets maintain the privacy and identity of the user and help in
exchanging funds in a safe and secure manner between different parties.
They can be easily accessible from the Web or mobile devices and is very
similar to the process of sending or receiving money through PayPal or any
other gateway used today. Except that instead of modern currency,
cryptocurrency is transferred. The process of currency transmission is the
same as that of the e-mail-sending process, which uses both public and
private keys. Wallets are secured and allow instant transactions at a very low
charge across geographies that are barrier-free. A key feature of wallets is
that transactions can be done across multiple cryptocurrencies that allow
easy currency conversions. Some examples of blockchain wallets are
electrum, blockchain.info, jaxx, mycelium, samurai, and bitcoin paper.
21.6.1. Types of Blockchain wallets

Blockchain wallets are classified on the basis of the private key and on the
basis of application, which are further classified as follows and are
represented in Figure 21.10.
Figure 21.10: Classification of Blockchain wallets
a. Classification based on a private key

Based on private keys, blockchain wallets are classified as hot wallets and
cold wallets.
Hot wallets
Hot wallets are like normal user-friendly wallets that are carried out for day-
to-day transactions. These are online wallets available on the internet,
through which cryptocurrencies are easily and quickly transferred, for
example, coin-base blockchain.info. Since they are available online, so their
private keys are stored in the cloud for faster transfer. Though these wallets
are available 24 × 7, they have a risk of unrecoverable theft when hacked.
Cold wallets
Cold wallets are similar to a vault or repository where cryptocurrencies are
stored with a high level of security. These are digital offline wallets where
the transactions are signed offline and then are later disclosed online. Since
these are offline wallets, hence are neither maintained on the cloud nor on
the internet. These are maintained offline and have high security. Thus,
protects the wallet from unauthorized access and from hacking, and other
online vulnerabilities. Private keys of cold wallets are stored in a separate
hardware, which is disconnected from the internet. They can also be stored
in a paper-based document. Trezor and ledger are examples of cold wallets.
b. Classification based on application

According to applications, blockchain wallets are categorized into software
wallets, hardware wallets, and paper wallets.
Software wallets
Software wallet is an application that is downloaded on a device. Device can
be a desktop or a mobile, or any Web-based wallet that can be accessed
online. Jaxx, Bread-wallet, and Copay are examples of some popular
software wallets. Software wallets can further be categorized into desktop
wallet, online/Web wallet, and mobile wallets.
Desktop wallets: These are like cold wallets in which the private keys are
stored in cold servers. Cold servers can be desktop that is unplugged from
the internet. Transactions are performed in offline mode using keys and then
are brought back to online mode. In case the main server is lost, then a cold
server, that is, the desktop, is used as a backup server. These wallets can be
downloaded on any computer but can only be accessed from the system they
are installed on. Therefore, it is recommended that the desktop that is used
should be safe and sound. Electrum is one of the most popular examples of
desktop wallets.
Online/Web wallets: Online wallets are like hot wallets that run on the
cloud and are always available on the internet. Here users have the benefit of
accessing these wallets across any device, for example, a tablet, desktop, or
mobile browser. The private keys of these wallets are stored online and are
managed by a third party.
Mobile wallets: Mobile wallets are similar to online wallets except that they
are built only for mobile phone usage and accessibility. These are user-
friendly wallets that helps in doing transactions easily. Mycelium is the best
available mobile wallet.
Hardware wallets
The hardware wallet is a type of cold storage device, typically like a USB,
which stores the user’s private key in a protected manner. These wallets are
like portable devices that can be connected or plugged into the computer.
They are less prone to malware and malicious attacks. To make a transaction
from the hardware wallet, it should be ensured that the hardware wallet is
plugged into the computer system before the execution of any transaction.
Nano-Ledger, Trezor, and kiki are the top hardware wallets available in the
market.
Paper wallets
A paper wallet is an offline process for storing cryptocurrencies. This wallet
is a printed paper consisting of both a private key (also known as a
password) and a public key (also known as a public address), which are
accessed using a QR code. These wallets are the safest wallets and are
widely used for storing large numbers of cryptocurrencies. The paper wallet
works along with the software’s online wallets. For transferring funds to the
mentioned public address within the paper wallet. First, funds are parked in a
software wallet and then are transferred from the software wallet to the
public address that is printed on the paper wallet. Bitcoin paper wallets and
Myether wallets are widely used paper wallets.
21.7. Altcoins
Altcoins are alternative coins that represent all the cryptocurrencies or
tokens other than Bitcoin and sometimes Ethereum. Bitcoin and Ethereum
are excluded from altcoins because most cryptocurrencies are forked† from
one of the two. Altcoins are basically designed and released by developers
who have a different vision or use for their tokens or cryptocurrency. Like
Bitcoins, Altcoins too are referred to as mined cryptocurrencies, stablecoins,
security tokens, and utility tokens. They also share code and functions like a
giant computer that is capable of processing large amounts of data and
transactions at the same time.
Implementation of Bitcoins has several shortcomings; for example, the
consensus algorithm used to create blocks, known as Proof-of-Work, is
energy intensive and time-consuming. Therefore, Altcoins are used, which
have improved the limitations of Bitcoin by employing the Proof-of-Stake
(PoS) as their consensus algorithm. It minimizes the energy consumption
and the time required to create blocks and validate new transactions.
The first altcoin was Litecoin that was forked from the Bitcoin blockchain in 2011.
The consensus algorithm used in Litecoin is Scrypt, which is less energy-
intensive and quicker than Bitcoin’s SHA-256 PoW consensus mechanism.
Investing in altcoins can be a way for cryptocurrency enthusiasts to diversify
their portfolios and take advantage of emerging trends and technologies.
However, it is important to conduct thorough research and understand the
risks involved, as not all altcoins are created equally. Some altcoins may
have questionable development teams or lack a clear use case, whereas
others may be outright scams or Ponzi schemes†.
21.8. Anonymity
In this world of cryptocurrency, anonymity plays an important role in
helping users to protect their security and privacy. Transactions in
blockchain are always visible and traceable and can damage the security and
privacy of the system. Therefore, the idea of anonymity is used to enhance
the privacy and security of the blockchain.
Anonymity employs the use of anonymous addresses in order to keep the
identities of the users hidden on the blockchain. It states that no one is aware
of the user’s true identity but are undoubtedly aware of his online activity. It
means that the user can carry on with his movements while staying
anonymous. Actions and identity are kept separate by anonymity.
However, it can also be used for illegal activities such as money laundering,
terrorism financing, and drug trafficking. This has alarmed regulators and
law enforcement agencies, who argue that anonymity can hinder their ability
to investigate and prosecute criminal activity. Governments have
implemented regulations requiring cryptocurrency exchanges and other
service providers to collect user information and adhere to know-your-
customer (KYC) and anti-money laundering (AML) laws.
The Chapter discusses only the foundation of Blockchain technology. Detailed

discussion is out of scope of this book. However, if reader wishes to dive into
Blockchain then can refer the following paper [1].
Conclusion
Blockchain is one of the most popular and exciting technologies. It is used as
an alternative to the modern banking system that overcomes its limitations. It
is an underlying concept that cryptocurrencies work. The chapter
contemplates the components of blockchain technology with
cryptocurrencies as an application.
The issues of double spending, high transaction costing, and hacking
in the current banking system are resolved by Blockchain technology.
Blockchain is a decentralized, secured technology where details of the
transactions are kept in a constantly growing distributed ledger that is
permanent and immutable.
It is a chain of blocks that are linked with each other using a hash
function. Block consists of block number, data, nonce, hash value, and
the hash value of the previous block. This hash value of the previous
block links the upcoming block with each other and forms a chain of
blocks.
Blockchain is the most secure technology as any tampering in any of
the blocks will make blockchain invalid.
Distributed ledger, encryption, mining, an incentive of mining, and
consensus algorithm make blockchain the most secure technology.
Apart from other applications, cryptocurrency is the most popular
application that uses blockchain technology for transacting amounts
from one account to another. The most common examples of
cryptocurrencies are Bitcoin and Ethereum.
Cryptocurrency is a digital or virtual currency that is meant to be a
medium of exchange.
It is a peer-to-peer (P2P) network that allows users to send and receive
payments without the need for intermediaries such as banks or
payment processors.
Transactions are validated by a network of users using complex
mathematical puzzles, ensuring that they are secure and tamper-proof.
They are faster and more efficient than traditional payment methods.
To validate the block and the associated transaction, it is required that
all the peers of the blockchain network reach a common agreement.
This common agreement is termed as the consensus algorithm.
It is a program used in blockchain through which all the peers of the
blockchain network achieve a common distributed agreement about
the state of the distributed ledger.
There are various types of consensus algorithms that are available
such as Proof-of-Work, Proof-of-Stake, Byzantine Fault Tolerance,
Proof-of-Burn, Proof-of-Capacity, and so on.
A smart contract is a self-executing program that automates the
actions required in an agreement or contract. Contracts are stored on a
blockchain network and are executed automatically when certain
conditions are met.
In order to store the cryptocurrencies, various types of blockchain
wallets are used. These wallets are classified on the basis of keys and
applications.
These wallets are like normal wallets and are user-friendly. Based on
private keys, wallets are categorized as hot wallets and Cold wallets.
In Hot wallets are the wallets that are available online on the internet,
and transactions are performed when the system is connected to the
internet. On the other hand, Cold wallets are those where the
processing of transactions is performed offline, that is, after removing
the system from the internet. Once the transaction is done, the system
is connected to the internet for the execution of the complete
transaction.
Based on applications, wallets are classified as software wallets,
hardware wallets, and paper wallets. A software wallet is an
application that is downloaded on a device. The device can be a
desktop or mobile, or any Web-based wallet which can be accessed
online. The hardware wallet is a type of cold storage device, typically
like a USB, which stores the user’s private key in a protected manner.
A paper wallet is an offline process for storing cryptocurrencies. This
wallet is a printed paper consisting of both a private key (also known
as a password) and a public key (also known as a public address),
which are accessed using a QR code.
Altcoins are alternative coins that represent all the cryptocurrencies or
tokens other than Bitcoin and sometimes Ethereum. These coins are
forked from Bitcoin and Ethereum with their limited qualities.
Anonymity is an idea used in Blockchain technology where
anonymous addresses are used to keep the identities of the users
hidden on the blockchain. It states that no one is aware of the user’s
true identity but is undoubtedly aware of his online activity. It means
that the user can carry on with his movements while staying
anonymous. Actions and identity are kept separate by anonymity.
21.9. Questionnaire

1. Which technology is used in Bitcoin?
a. Information Technology
b. Business Technology
c. Blockchain Technology
d. Medical Technology
2. Which of the following is not a Blockchain component?
a. Ledger
b. Wallet
c. Hash
d. Certificate authority
3. What are the pillars of Blockchain technology?
a. Transparency
b. Immutability
c. Decentralization
d. All of the above

4. What does the block in Blockchain contain?
i. Transaction data ii. Hash point iii. Previous Hash Value
a. Only i
b. Only i and ii
c. Only i, ii, and iii

5. Paper wallet works in combination with
a. Hardware wallet
b. Software wallet
c. Both of the above
Answer key
1. (c) 2. (d) 3. (d) 4. (c) 5. (b)

1. What is Blockchain technology? How does it work?
2. Where and how are Blockchain stored?

1. Blockchain is a distributed database. How does it differ from
traditional databases?
2. What are the benefits of Blockchain that you know?
Reference
[1] A. Narayanan, J. Bonneau, E. Felten, A. Miller, and S. Goldfeder,
Bitcoin, and Cryptocurrency Technologies: A Comprehensive
Introduction. United States, 2016.
Keywords (†)
Forked: In Blockchain, a fork is defined as diverging blockchain, and
it is components into two different potential paths forward, such that
some of its properties are inherited.
Ponzi scheme: It is an investment fraud that pays existing investors
with funds that are collected from new investors. Scheme organizers
often promise to invest the money at high returns with little or no risk.

Blockchain technology and its architecture
Cryptocurrencies as the future of new banking system
How cryptocurrency works and what are its advantages and
disadvantages
Cryptocurrency storage and its alternative

CHAPTER 22
Game Theory Foundation
Game theory is a mathematical tool that estates the behavior of logical decision-
makers. It can model many real-world scenarios and is widely used in various
applications such as science, political science, economics, computer science, and
so on. In Chapter 5, IoT as Interconnection of Threats and in Chapter 13,
Preventing Unauthorized Access to Sensor Data and Authentication in IoT of this
book, we have highlighted the idea of the Game-Theoretic approach. However, the
detailed description is missing. Therefore, in this chapter, the foundation of game-
theory will be discussed along with real-life examples and strategic scenarios.
Structure
The concept of the Game-Theoretic approach with the help of examples
Need of best response and Nash-equilibrium
Idea of mixed-strategy
Demonstration of various types of games such as repeated games, Bayesian
games, and coalitional games with the support of examples
22.1. Introduction to Game-Theoretic approach

Game theory is a theoretical framework for formulating social situations among
competing players. It is the science of strategy, whose intention is to produce the
optimal decision-making of independent and competing actors in a strategic
setting. Using game theory, real-world scenarios such as auctions, pricing
competition, product releases, and many more can be laid out, and their outcomes
can be predicted. The focal point is the game, which serves as a model of an
interactive situation among rational players, and the key element is that one
player’s payoff is conditional on the strategy implemented by the other player.
In 1940s, the key pioneers of game theory were mathematician John von Neumann and
economist Oskar Morgenstern. Mathematician John Nash has provided the first
significant extension of the von Neumann and Morgenstern work.
22.1.1. Useful terms in Game Theory

Before diving into and playing the game, let us start by defining a few terms
commonly used in the study of the game theory given as follows:
Game: It is “A competitive activity in which multiple players contest or
compete to maximize their profit according to a set of rules”.
Multiple-Players/Agents: They are strategic decision-makers within
the context of the game.
Strategy: A complete plan of action a player will take given the set of
circumstances or assumptions that might arise within the game.
Payoff/aim of the game: It is a quantifiable profit (can be monetary or
serviceability) a player receives from arriving at a particular outcome. The
outcome depends on the other players’ actions. It means individually players
cannot optimize their objective without considering how the others would
act. When the aim is to maximize the payoff, it is known as receiving reward
or utility, and when the objective is to minimize the payoff, it is termed as
reducing loss.
Information set/Rules: Game is required to be played according to the set
of rules. It is the information available at a given point in the game. It is
sometimes also referred to as assumptions.
Equilibrium: The point in a game where both players have made their
decisions and an outcome is reached.
These elements of game can be better understood by real-life scenarios. So, let us
start with some basic scenarios:
Market game
A market is a structure where business or commercial activities are performed by
various firms and companies that make goods available to consumers.
Agents: Here, agents are firms or companies that compete with each other by
producing different goods such as soft drinks, soaps, and so on. For example,
nestle (dairy milk) and Cadbury (kit-kat).
Strategies: These agents compete by using strategy. Strategies can be as diverse as
setting prices or adjusting the quantity, such as increasing or decreasing the amount
of goods in a single packet.
Aim: Aim in this case is to maximize profit and market shares so as to build brand
loyalty.
Rules: In order to sell goods in the market, there are certain rules that are required
to be followed. These companies cannot collude (conspire) to artificially fix the
prices, or they cannot plot with the type of goods produced in the market. This law
is known as the Anti-collusion law.
Political game
Agents: They can be political parties or contestants of elections competing with
each other.
Strategies: Strategies can be companioning strategies, which means how they
attract voters toward themselves.
Aim: The aim of politicians is to maximize their vote share and achieve fame,
power, money, and so on by winning the game.
Rules: Elections include a certain set of rules, for instance, spending law.
Competing parties are allowed to spend a limited amount on their companioning
for a limited period of time.
Wireless communication game

Agents: Here, competing agents are the different people who own these wireless
devices. Thus, agents are owners of devices or can be devices themselves.
Strategies: Strategies can be to use algorithms such as consuming low energy and
power with a maximum allocation of device spectrum.
Aim: The aim is to maximize spectrum or bandwidth allocation to the device, as
available bandwidth channels for devices are limited.
Rules: Rules can be not everyone is allowed to use the spectra; only the set of
registered devices with a cellular operator can be allowed to access the spectrum.
There are rules on the kind of interference. For instance, a device cannot cause
more than a certain level of interference to other devices while transmitting data
through the common spectrum.
Auction game
The game includes selling items that are very precious such as arts and antiques.
Other precious items such as spectrum or mining resources such as coal. These are
required to be auctioned to the highest bidder.
Agents: Here, competing agents are the bidders that compete with each other for
attaining rights on miming, spectrum, antiques, and so on.
Strategies: The strategy can be to understand the situation and bid accordingly so
as to win the auction.
Aim: The aim is to maximize utility by achieving rights on auctioned items at a
reasonable price.
Rules: The auction is conducted by the auctioneer, who enforces the rules.
Everyone in the auction is allowed to speak but at the time when the auctioneer
allows. Next, there is some minimum bidding value for each item. If the bid is
accepted, then it is mandatory for the buyer to purchase the object.
22.1.2. Example 1- Prisoner’s Dilemma Game

Now that we have understood the basics of games. Let us discuss the most popular
game used in the game-theoretic model known as Prisoner’s Dilemma Game.
The players in this game are the two prisoners, prisoner1 (P1) and prisoner2 (P2),
who are arrested and imprisoned. These two prisoners are accused of a major
crime. However, there is no evidence or an eye witness that can state that these two
P1 and P2 has committed the crime. Therefore, officials have decided to give
punishment to both of them but before punishment they keen to offer each prisoner
with a deal either to confess (C) or deny (D) the crime. Condition applied that both
prisoners are interrogated in a separate room where no communication between
them is possible.
If any one of them confesses the crime, in other words, if one betrays the other,
then he/she will be released else imprisonment will be given. This leads to four
different possible outcomes:
a) If both P1 and P2 deny, then each one will get one year of imprisonment.
As there is no evidence, a minor punishment is given.
b) If both confess the crime, that is, both betray each other, then each one will
get three years of imprisonment.
c) If P1 confesses and P2 denies, then P1 will be released (zero years of
imprisonment), and P2 will get four years of imprisonment. This is
because P2 is not cooperating as well as now P1 has betrayed and has
given evidence against P2.
d) If P2 confesses and P1 denies, then P2 will be released (zero years of
imprisonment), and P1 will get four years of imprisonment. This is
because P1 is not cooperating as well as now P2 has betrayed and has
given evidence against P1.
Here, Agents are P1 and P2, Strategies (or action) can be either to confess or deny, aim is
to get minimum imprisonment, and rule is that no communication between P1 and P2 is
allowed.
Games with two players, and a finite number of actions, are often represented by a
table known as Game Table, illustrated in Table 22.1. Here, rows are set for P1,
and columns are set for P2. Since both P1 and P2 can either confess or deny, the
rows represent the action of P1, and the columns represent the actions of P2. The
cells of the table represent the payoff of each of the players depending on their
outcomes. For instance, the cell corresponding to CC has –3, –3, which means both
P1 and P2 have confessed to the crime, and both are getting imprisonment of three
years. Similarly, the cell corresponding to DD has –1, –1, which means both P1
and P2 have been denied, and both are getting minor imprisonment of one year.
Cell CD has 0, –4, which means P1 has confessed, and P2 has denied; therefore,
P1 will be released, and P2 will get an imprisonment of four years. Similarly, Cell
DC has –4, 0, which means P1 has denied and P2 has confessed; therefore, P1 will
be punished, and P2 will be freed. From all these, it can be concluded that the
payoff of P1 not only depends on the action of P1 but also the action of opponent
P2.
In general terms, games where the payoff of one player not only depends on
his/her own actions but also the actions of opponents is known as strategic
interaction and game is known as strategic game.
Table 22.1: Game table of Prisoner’s Dilemma Game

Mathematical formulation of the Prisoner’s Dilemma Game
Mathematically, Prisoner’s Dilemma Game (any general game) can be represented
by the following:
Set of players:
Set of rules: {no communication between two prisoners is allowed}
Set of actions of each player
Set of outcomes: It is the cartesian product of actions of player 1 and player 2,

represented as follows:
(1)
Payoff: Payoffs are utility functions of different players and are represented by the
function . For instance, is the payoff of player 1 and is the
payoff of player 2.
In general terms, it captures the rewards that the players have for different
outcomes. It is represented by , where is the action of ith player and
is the action of the rest of the players. For instance, is the utility
function of player P1, where is the action of P1 and is the action of P2.
Similarly, is the utility function of player P2, where is the action of
P1 and is the action of P2.
In our Prisoner’s Dilemma example, the payoffs of the two players are given as
follows:
is the utility/payoff of player P1, when P1 and P2 both confesses
is the utility/payoff of player P1, when P1 confesses and P2
denies
is the utility/payoff of player P1, when P1 denies and P2
confesses
is the utility/payoff of player P1, when P1 and P2 both deny
is the utility/payoff of player P2, when P2 and P1 both confesses
is the utility/payoff of player P2, when P2 confesses and P1
denies
is the utility/payoff of player P2, when P2 denies and P1
confesses
is the utility/payoff of player P2, when P2 and P1 both deny
22.2. Best response and Nash equilibrium

Once the game is defined, the problem of solving the game arises. It means the
behavior of players in various situations is required to be understood so that the
best decisions can be taken and objectives can be achieved.
Continuing the same example of the prisoner’s dilemma. We need to know how are
the prisoners going to behave in this situation? What are the strategies that the
prisoners are going to use? What is going on in their mind? What option are they
going to select? And how they are going to play this game? Answers to all these
questions can be obtained once the equilibrium is reached. However, before that,
let us look at the thought process of Prisoner 1(P1) and Prisoner 2 (P2). Refer to
Table 22.2 for analyzing the behavior of players.
According to Prisoner 1 (P1), if Prisoner 2 (P2) chooses to confess, it indicates
that his action is basically to confine the game to the first column. So, if Prisoner 2
(P2) confesses, then as per the game table, it can be seen that it is better for
prisoner 1(P1) to confess. As he will get less punishment of three years for
confessing as compared to denying when he will get four years of imprisonment
(marked with an orange box on the game table). This is known as the Best
Response (BR) of prisoner 1(P1) for confess action of prisoner 2(P2).
If prisoner 2 (P2) chooses to deny, it indicates that his action is to confine the
game to second column. So, if Prisoner 2 (P2) deny, then as per the game table, it
can be seen that it is again better for Prisoner 1 (P1) to confess. As he will be free
and will get zero years of punishment in confessing as compared to denying, when
he will get one year of imprisonment (marked with orange box in game table). This
is known as Best Response (BR) of prisoner 1(P1) for deny action of prisoner
2(P2).
According to Prisoner 2 (P2), if Prisoner 1 (P1) chooses to confess, it indicates
that his action is basically to confine the game to the first row. So, if Prisoner 1
(P1) confesses, then as per the game table, it can be seen that it is better for
prisoner 2(P2) to confess. As he will get less punishment of three years in
confessing as compared to denying, when he will get four years of imprisonment
(marked with a green circle on the game table). This is known as the Best
Response (BR) of Prisoner 2(P2) for confess action of Prisoner 1 (P1).
If prisoner 1 (P1) chooses to deny, it indicates that his action is to confine the
game to second row. So, if Prisoner 1 (P1) deny, then as per the game table, it can
be seen that it is again better for Prisoner 2 (P2) to confess. As he will be free and
will get zero years of punishment in confessing as compared to denying, when he
will get one year of imprisonment (marked with green circle in game table). This is
known as Best Response (BR) of Prisoner 2 (P2) for deny action of Prisoner 1
(P1).
The thought process of both players can be formulated as follows and is known as
the best response dynamics of this game:
Best Response (BR) of prisoner 1 when prisoner 2 chooses to confess is
Best Response (BR) of prisoner 1 when prisoner 2 chooses to deny is
Best Response (BR) of prisoner 2 when prisoner 1 chooses to confess is
Best Response (BR) of prisoner 2 when prisoner 1 chooses to deny is
Table 22.2: Game table for the analysis of the game

A generalized representation of the best response:
The Best Response of Player i for fixed action of combination all other players is
represented as , where “I” is the ith player and “–i” is all other players
involved in the game.
Let us move back to the game table marked with the best responses (Table 22.2).
From the table it can be seen that there is a cell, where the best responses of both
the players are intersecting (that is, a cell consisting of both box and circle; here it
is cell C, C). This is known as Nash Equilibrium (NE) of the game. It is an
important concept of Game Theory and is interpreted as follows:
In NE, each player plays his best response to the actions of all the other
players.
It can also be described as the “SELF SUSTAINING” or “SELF
ENFORCING” agreement. It means that this is the best strategy where
players cannot deviate from their actions. For example, suppose before
interrogation if prisoners decide and choose (D, D) as their strategies [since
they are getting the least punishment of (–1, –1)]. However, it can happen
that either of the prisoners can betray the other prisoner, which will reduce
the punishment of the betrayer to zero years and increase the punishment of
another prisoner to four years. In other words, players are provided with
incentives to reduce their punishment. Thus, it is not considered as optimal
strategy as it includes the chance of betraying. Nevertheless, if both
prisoners choose a strategy (C, C), then there is no chance for both of them
to deviate as it will increase their punishment. Thus, NE is considered as
“SELF ENFORCING”. For clarification, refer to Table 22.3.
NE is the outcome from which no player has the incentive to deviate
unilaterally. For clarification, refer to Table 22.3.
NE is “No Regret Outcome”. For instance, in a prisoner’s dilemma game, if
the outcome is (C, C) then none of the prisoners will have any regrets. This
is because no further payoff can be increased. However, suppose if the
outcome is (C, D), then prisoner 2 will always regret that he/she could have
chosen to confess instead of deny, and his/her punishment would have been
reduced. Similar is the case in other outcomes (D, C) and (D, D), where each
player will regret their decision. For clarification, refer to Table 22.3:
Table 22.3: Self-enforcing and self-regretting properties of Nash equilibrium
Formally, Nash equilibrium is defined as an action profile for “N” players
is called as Nash equilibrium, if for each player “i” and each
action , his payoff , where is the equilibrium
action of player “i” and is the equilibrium action of all the other players in the
game, is any action of player “i”.
22.2.1. Example 2- market game

Let us consider two online stores/firms that compete and sell the same goods.
Firms compete with each other by setting either high prices (H) or low prices (L)
of the commodities. If both firms set a high price (H), both will get a profit or
utility of Rs. 500 each; if both set a low price (L), both will get a lower payoff of
Rs. 250 each, and if one firm sets the high price (H) and other sets the low price
(L), then firm which sets a high price will get Rs. 0 payoffs, whereas firm with low
price (L) gets Rs. 750 since it has captured the entire market. Rule is that these two
firms have to follow Anti-Collusion law. To comprehensively summarize this
game, we represent it with the help of game table as illustrated in Table 22.4:
Table 22.4: Game table for the Market game

In order to analyze the game, let us look forward toward the best response
dynamics of the game. Refer to Table 22.5 for analyzing the behavior of firms.
According to Firm 1 (F1):
If Firm 2 (F2) chooses to set a high price (H), then from the game table, it
can be seen that if F1 sets a low price (L), then it will get a payoff of Rs. 750
else will get Rs. 500, which is low. Thus, the Best response of F1 when F2
sets the High price is the Low price ( . (Marked with orange
boxes).
If Firm 2 (F2) chooses to set a low price (L), then from the game table, it
can be seen that if F1 sets a low price (L), then it will get the payoff of Rs.
250 else will get nothing that is, Rs. 0 payoff. Thus, Best response of F1
when F2 sets a Low price is Low price ( . (Marked with
orange boxes).
According to Firm 2 (F2).
If Firm 1 (F1) chooses to set high price (H), then from the game table, it can
be seen that if F2 sets a low price (L), then it will get the payoff of Rs. 750
else will get Rs. 500 which is low. Thus, the Best response of F2 when F1
sets the High price is the Low price ( . (Marked with green
circles).
If Firm 1 (F1) chooses to set low price (L), then from the game table, it can
be seen that if F2 sets a low price (L), then it will get the payoff of Rs. 250
else will get nothing, that is, Rs. 0 payoff. Thus, Best response of F2 when
F1 sets Low price is again Low price ( . (Marked with green
circles).
Thus, best response dynamics of the market game is as follows:
Best Response (BR) of firm 1 when firm 2 chooses to set high price is
Best Response (BR) of firm 1 when firm 2 chooses to set low price is
Best Response (BR) of firm 2 when firm 1 chooses to set high price is
Best Response (BR) of firm 2 when firm 1 chooses to set low price is
Table 22.5: Nash-equilibrium of Market game
Now, when the market game table is referred to with all its best responses, it can be
seen that in cell (L,L), the best responses of both the firms are intersecting. Thus,
the outcome (L, L) is said to be the Nash Equilibrium of market game. From
this, it can be concluded that in order to get the best responses from the consumer,
firms should indeed set low prices, then only the market can be captured.
22.3. Mixed-strategy or randomized-strategy

Let us now extend the class of decisions that each player can take by allowing
them to randomize their action. This can be understood by the “Matching
Pennies” Game.
22.3.1. Example 3- Matching pennies game

The idea of the “Matching Pennies” game includes two players, P1 and P2. Each
player has one coin, and they are allowed to show any one of the faces of a coin.
They can choose either the head (H) or tail (T) face. Rules state that if both players
show the same face, then P1 wins, and P2 has to pay Rs. 1 to P1. On the other
hand, if both players show a different face, then P2 wins, and P1 has to pay Rs. 1
to P2.
Formulation of game in terms of game table is represented in Table 22.6:
Table 22.6: Game table of matching pennis game

Let us analyze the game and evaluate the Nash Equilibrium with the help of
dynamics of best responses. Refer to Table 22.7 for analyzing the behavior of
players.
According to player 1 (P1):
If Player 2 (P2) chooses head (H), then from the game table it can be seen
that if P1 also chooses head (H), then it will get the payoff of Rs. 1.
Otherwise, it will have a negative amount that is Rs. –1 which is low. Thus,
Best response of P1 when P2 chooses head is head ( .
(Marked with orange boxes.)
If Player 2 (P2) chooses Tail (T), then from the game table, it can be seen
that if P1 also chooses Tail (T), then it will get the payoff of Rs. 1.
Otherwise, it will have a negative amount that is Rs. –1, which is low. Thus,
Best response of P1 when P2 chooses tail is tail ( . (Marked
with orange boxes.)
According to player 2 (P2):
If Player 1 (P1) chooses head (H), then from the game table, it can be seen
that if P2 chooses tail (T), then it will get the payoff of Rs. 1. Otherwise, it
will have a negative amount that is Rs. –1 which is low. Thus, Best response
of P2 when P1 chooses head is tail ( . (Marked with green
circle)
If Player 1 (P1) chooses Tail (T), then from the game table, it can be seen
that if P2 chooses head (H), then it will get the payoff of Rs. 1. Otherwise, it
will have a negative amount that is Rs. –1 which is low. Thus, Best response
of P2 when P1 chooses tail is head ( . (Marked with green
circle.)
Table 22.7: Analysis of the Matching Pennis Game

Thus, the best response dynamics of the matching pennies game is as follows:
Best Response (BR) of P1 when P2 chooses HEAD is
Best Response (BR) of P1 when P2 chooses TAIL is
Best Response (BR) of P2 when P1 chooses HEAD is
Best Response (BR) of P2 when P1 chooses TAIL is
Now when the “matching pennies” game with all the responses is referred to, it can
be seen that there is no intersection of the best responses. Thus, this game consists
of no Nash-Equilibrium. The game where no Nash-Equilibrium is observed is
known as a pure strategy game.
In such a situation, a stochastic approach is contemplated. In a stochastic approach
player randomly choose between two different strategies with a certain probability
for each strategy. Since players are mixing two different actions with a certain
probability, therefore, is known as a Mixed Strategy. Also, here players are not
choosing any fixed actions (fixed Head or Tail) but are randomly choosing
between sets of actions (for example, the certainty of choosing Head varies from 0
to 1 and the same for tail); therefore, it is also known as Randomized Strategy.
Formally, Mixed Strategy is defined as “a stochastic strategy where a player
selects an action according to a probability distribution over the available action
set.”
Let us discuss it by referring to the same “matching pennies” example, where
players are allowed to choose between head or tail with a certain probability.
Referring to the same “matching pennies” game table, let us assume P1 is choosing
Head with probability “p”, then obviously probability of choosing Tail will be “1–
p”. Similarly, it is assumed that P2 selects Head with probability “q” and Tail with
probability “1–q”. Illustrated in Table 22.8:
Concept of probability is the pre-requisite in case of mixed-strategy. Readers are required

to refer probability before proceeding further. They can refer to the research paper [1],
[2].
Table 22.8: Game table with mixed-strategy
As the actions are selected by certain probability so, instead of calculating only the
payoff, here the average payoff with certain actions of each player is calculated.
From the discussed game table, it can be seen that P2 will meet P1 by playing with
Head, with probability “p”, and playing with Tail with probability “1–p”. Now,
If P2 always chooses Head, then “–1” is the normal payoff of P2 when P1
also opts for Head, and “1” is the normal payoff of P2 when P1 opts for Tail.
So, the net payoff of P2 for itself choosing head while P1 also chooses Head
will be “ ”. Similarly, the net payoff of P2 for itself choosing head
while P1 chooses Tail will be “ 1”.
Thus, the average payoff of P2 when always choosing Head can be computed as
follows:
(2)
If P2 always chooses Tail, then “1” is the normal payoff of P2 when P1 opts
for Head, and “–1” is the normal payoff of P2 when P1 opts for Tail. So, the
net payoff of P2 for itself choosing Tail while P1 chooses Head will be “
”. Similarly, the net payoff of P2 for itself choosing tail while P1
also chooses Tail will be “ ”.
Thus, the average payoff of P2 when always choosing Tail can be computed as
follows:
(3)
From equations (2) and (3), it can be deduced that

, then P2 will always choose “H” else P2 will always
choose “T” (4)
But for random choice (or mixture) of Head and Tail, the average payoff of
choosing both Head and Tail by P2 should be equal, that is:
and (1- (5)

It signifies that P1 is choosing both Head and Tail with probability 1/2. In other
words, P1 is randomly mixing Head and Tail with 50% probability. Thus, the
Nash-Equilibrium (NE) for player 1 in this mixed strategy game is (1/2,1/2)
Next again, from the discussed game table, it can be seen that P1 will meet P2 by
playing with Head with probability “q”, and playing with Tail with probability “1–
q”. Now,
If P1 always chooses Head, then “1” is the normal payoff of P1 when P2
also opts for Head, and “–1” is the normal payoff of P1 when P2 opts for
Tail. So, the net payoff of P1 for itself choosing head while P2 also chooses
Head will be “ ”. Similarly, the net payoff of P1 for itself choosing
head while P2 chooses Tail will be “ ”.
Thus, the average payoff of P1 when always choosing Head can be computed as
follows:
(6)
If P1 always chooses Tail, then “–1” is the normal payoff of P1 when P2

opts for Head, and “1” is the normal payoff of P1 when P2 opts for Tail. So,
the net payoff of P1 for itself choosing tail while P2 chooses Head will be “
”. Similarly, the net payoff of P1 for itself choosing tail while P2
also chooses Tail will be “ ”.
Thus, the average payoff of P1 when always choosing Tail can be computed as
follows:
(7)
From equations (6) and (7), it can be deduced that

, then P1 will always choose “H” else P1 will always
choose “T” (8)
But for random choice (or mixture) of Head and Tail, the average payoff of
choosing both Head and Tail by P1 should be equal, that is:
and (1- (9)
It signifies that P2 is choosing both Head and Tail with probability 1/2. In other
words, P2 is randomly mixing Head and Tail with 50% probability. Thus, the
Nash-Equilibrium (NE) for player 2 in this mixed strategy game is (1/2,1/2).
Finally, the Mixed-Strategy Nash-Equilibrium of this game can be formulated as
follows:
Where first is the mixed strategy of P1 and other is the

mixed strategy of P2.
22.3.2. Example 4- Paying taxes game

This is a game where the actions of the players are different. It is between
taxpayers (T) and the auditors (Au), where both have different actions to
perform. Taxpayers can be Honest (H) in reporting, or they can either Cheat (C)
the taxpayers. On the other hand, auditors have the option either to Audit (A) the
tax report or Not-to-Audit (N) the tax report. If the tax-payer is honest, then he
gets nothing. The payoff is Rs. 0, and if the auditor audits the honest tax-payer,
then he gets the payoff of Rs. 20 else he gets the payoff of Rs. 40. This is because
the auditor has saved time and money by not auditing honest the tax-payer.
Alternatively, if the tax-payer cheats and get audited by the auditor, then the tax-
payer will be fined Rs. 100, and the auditor will receive a payoff of Rs. 40. Besides
if the Cheated tax-payer does not get audited, then he gets the payoff of Rs. 40 (as
he is saved) and the auditor for not auditing gets nothing, that is, Rs. 0.
Formulation of game table (Table 22.9):
Table 22.9: Game table of paying tax game

Let us analyze the game and evaluate the Nash Equilibrium with the help of
dynamics of best responses.
According to Tax-payer (T):
If Au audits the tax report, then from the game table it can be seen that if
Tax-payer (T) is Honest then he will have the maximum payoff of Rs 0 else
he would have to pay the fine of Rs. 100 (or Rs. –100). Thus, Best response
of T when Au audits is that tax-payer should be Honest ( .
(Marked with orange boxes).
If Au does not audit, then from the game table, it can be seen that if Tax-
payer is a cheater then he will get the payoff of Rs. 40 else will get nothing.
Thus, the Best response of T when Au does not audit is that the tax-payer is
Cheater (C) ( . (Marked with orange boxes).
According to Auditor (Au):
If Tax-payer (T) is Honest (H), then from the game table it can be seen that
if Auditor (Au) do-not-audit (N) its tax, then he will get the payoff of Rs. 40
else Rs. 20. This is because lot of time and energy is saved while no-auditing
the tax-payer. Thus, Best response of Auditor (Au) when Tax-payer (T) is
honest is No-auditing (N) done ( . (Marked with green
circle.)
If Tax-payer (T) is Cheater (C), then from the game table, it can be seen that
if Auditor (Au) audits (A) its tax, then he will get the payoff of Rs. 40 else
will not get anything. Thus, Best response of Auditor (Au) when Tax-payer
(T) is cheater (C) is that audit (A) should be done ( .
(Marked with green circle.)
Thus, best response dynamics of the Tax game (Table 22.10) is as follows:
Best Response (BR) of tax-payer when auditor chooses to audits is
Best Response (BR) of tax-payer when auditor chooses to do no-auditing is
Best Response (BR) of auditor when tax-payer is honest is

Best Response (BR) of auditor when tax-payer is cheater is
Referring Tax game table states that there is no intersection of the best responses,
thus it is not a pure strategy game. Hence Mixed-strategy is preferred.
Table 22.10: Analysis of the paying tax game
Mixed strategy of paying tax game

Let “p” be the probability of the tax-payer to be Honest (H) so “1–p” is the
probability of the tax-payer to be a Cheater (C). Like this, let “q” be the probability
that the auditor audits the tax report and “1–q” be the probability that the auditor
does not audit the tax report. Illustrated in Table 22.11:
Table 22.11: Mixed strategy paying tax game

Now the average payoff of each player with each action (already discussed in the
matching pennies game) is computed as follows:
Average payoff of Auditor for auditing tax-payer
(10)
Average payoff of Auditor for not auditing tax-payer
(11)
Average payoff of Tax-payer for being Honest
(12)
Average payoff of Tax-payer for being Cheater
(13)
From equations (6) and (7), we can deduce that auditor will randomly choose
whether to audit or not; if:
(14)
Thus, mixture of tax-payer is (p, 1–p) = (2/3,1/3)

From equations (8) and (9), we can deduce that tax-payer will randomly choose to
be honest or cheater; if:
(15)
Thus, mixture of auditor is (q,1-q) = (2/7,5/7)

Finally, the mixed strategy Nash-Equilibrium of the tax game is (
)
22.4. Repeated games

Till now, we have discussed games where players were interacting with each other
only once. However, what happens if players interact multiple times with each
other? Actually, whenever there is repeated interaction, there is a strategy
consideration that comes into the picture. This can be understood with the use of
scenarios that are experienced in day-to-day life. For instance, we perform daily
activities in a repeated manner, for example, going to the same grocery store, same
barber shop, calling the same mechanic for repairing, and so on, and performing
almost the same types of activities every time we visit or do any other day-to-day
work. This strategic environment where activities are repeated is categorized as
repeated games.
Repeated Games constitute the concept of trust. Such as we tend to present the
same store or call the same mechanic every time. It is because we know their
history and their reputation and have built up long-term trust that the work will
always be done in our favor. We know the future actions that will be performed,
and the result will be maintained. In all these situations, interactions between
players are repeated finitely or infinitely over a discrete period of time. Games
with a finite or known number of repetitions are known as finitely repeated
games, and games that continue forever or end at random unknown time are
considered as infinitely repeated games.
Sometimes, repeated games are preferred over pure strategic single game with the
intention that may be after certain period of repetitions, the performance of the game in
terms of Nash-equilibrium gets improved. We will discuss it with examples.
Formally, repeated games are defined as “the games that are played over a discrete
period of time either finitely or infinitely depending on their historical trust or
reputation.” It is assumed that players observe and remember the outcome of all
the previous stage/level games. It signifies that repeated games are games of
perfect recall. For every different observation of the outcome of stage games,
players could have different responses. All this is pictured or visualized as a tree
known as the Game Tree.
Mathematically, a repeated game is constructed out of the base game “B” that
defines a single play of the game or the game that players repeat at each stage. A
base game in strategic form is represented as , where
is the set of players, is the set of actions available to each
player i and is the payoff function of player . Every repetition in the game is
termed as an iteration or round.
22.4.1. Example 5- Finitely repeated Prisoner’s Dilemma Game

In continuation with Example 1, the studied prisoner’s dilemma is a pure strategic
game played once with (C, C) as the only attained Nash equilibrium (refer to
section 22.1.2). Proceeding further, in this section, we will study the same
prisoner’s dilemma game in consideration of repeated games. It is assumed that the
game is repeated “T” times, where “T” can be any finite value.
Let us consider “T=2”, it means that the game is repeated twice. It is assumed that
the payoff is the sum of earnings on the two stages. The game tree of the repeated
prisoner dilemma is demonstrated as follows:
Initially, in level 0, there is a player 1, who can either confess or deny. In level 1,
there is player 2, who can also confess or deny without observing the details of
player 2. This is the stage 1 game whose payoffs are written in leaves of Stage 1 as
(–3, –3), (0, –4), (–4, 0), and (–1, –1), illustrated in Figure 22.1 (for payoff refer to
Table 22.1).
Figure 22.1: Game tree of Prisoner’s Dilemma (Stage 1)
The outcomes of Stage 1 are known to player 1, and the game is repeated again for
Stage 2. At every outcome of Stage 1 there is player 1 (level 3), who again repeats
his confess and deny actions. Then player 2 (level 4) comes into the role, who also
repeats his actions without observing the actions of player 1. The payoffs of the
players at Stage 2 are computed as the sum of all previous as well as present
outcomes. Represented in leaves of Stage 2 as (–6, –6), (–3, –7), (–7, –3), and (–4,
–4) in the first sub-tree, also known as subgame, (–3, –7), (0, –8), (–4, –4), and (–
1, -5) in second subgame, and so on (illustrated in Figure 22.2).
Figure 22.2: Game tree of Prisoner’s Dilemma (Stage 2)
Net payoff of Stage 2 is computed by adding outcomes of Stage 1 to the present outcomes
of Stage 2, resulting into net payoff outcome of Stage 2. For instance, in
subgame 1: (–3, –3) is added to all (–3, –3), (0, –4), (–4,0), and (–1, –1) resulting into (–
6, –6), (–3, –7), (–7, –3), and (–4, –4)
subgame 2: (0, –4) is added to all (–3, –3), (0, –4), (–4,0), and (–1, –1) resulting into (–3,
–7), (0, –8), (–4, –4), and (–1, –5)
subgame 3: (–4,0) is added to all (–3, –3), (0, –4), (–4,0), and (–1, –1) resulting into (–7,
–3), (–4, –4), (–8, –0), and (–5, –1)
subgame 4: (–1, –1) is added to all (–3, –3), (0, –4), (–4,0), and (–1, –1) resulting into (–
4, –4), (–1, –5), (–5, –1), and (–2, –2)
Finally, the actual game tree of the twice repeated prisoner’s dilemma game with
net payoff is represented in Figure 22.3.
Figure 22.3: Twice repeated game tree of Prisoner’s Dilemma Game
Nash-equilibrium and game table of twice repeated Prisoner’s Dilemma Game

In repeated games, the game table of each subgame is built, as shown in Figure
22.4, and the Nash equilibrium of every subgame is evaluated. It is observed that
the Nash equilibrium of every subgame is the same as that of the original game,
which is (C, C). Thus, it can be concluded that if the prisoner’s dilemma game is
repeated twice, then nothing changes. Even if this game is repeated a hundred
times, a thousand times, or ten thousand times, nothing will change. Both players
will always confess, resulting in three years of imprisonment.
Figure 22.4: Game tables of all the subgames
Basically, the intention of repeating prisoner’s dilemma game was that, it was hopeful
that may be at some stage the payoff of (–1, –1) could be received. So that imprisonment
of players could be reduced to one year. However, the result is very sad as better
punishment could be given but was not given.
22.4.2. Example 6- Finitely repeated games having multiple

equilibrium
In Example 5, we have seen that even if the Prisoner’s Dilemma game is repeated
many times. Players do not achieve any better results. So, this section presents
another class of game where some cooperation can be possible. This sort of game
consists of multiple Nash equilibrium.
The game has two players, player 1 and player 2, player 1 has two actions up and
down, and player 2 has three actions left, right, and center. The payoff of each
player for each action is mentioned in the game table, illustrated in Table 22.12:
Table 22.12: Game table of the given game
Now, let us find the best response and Nash equilibrium of this game. Refer to
game Table 22.13.
The best response dynamics of the given game is as follows:
Best Response (BR) of P1 when P2 chooses the action Left (L) is
(Marked with orange square)
Best Response (BR) of P1 when P2 chooses the action Right (R) is
Best Response (BR) of P1 when P2 chooses the action Center (C) is
Best Response (BR) of P2 when P1 chooses the action Up (U) is
(Marked with green circle)
Best Response (BR) of P2 when P1 chooses the action Down (D) is
(Marked with green circle)
Table 22.13: Game table with multiple Nash equilibrium

From the game table, we can see that this game has two Nash-equilibrium (U, C)
and (D, R) in pure strategies.
Finding of BR and NE is already discussed.
Let us assume that this game is repeated twice. The game tree of this game is
illustrated in Figure 22.5. The construction of the game tree is already discussed in
Example 5.
Figure 22.5: Game tree of the described game
This game has two NE, which means in every stage there will be two possible
outcomes, either (U, C) or (D, R). If the outcome in different stages is (U, C), then
it is considered to be good, but the outcome (D, R) is not regarded as an efficient
choice, though it is the NE of the game. It is because there is no other outcome
whose payoff is better than (U, C), that is, (1,4) for both players. On the other
hand, though (D, R) is the NE but there is another outcome (U, L) whose payoff is
better than (D, R). The payoff of (U, L) is (4, 3), which is better than the payoff of
(D, R), that is, (2,1) for both players.
Since it is not a one-stage game, so enforcement of having only NE as the outcome
can be revoked by modifying the interactions between the players. In the given
game, (U, L) can be attained as the outcome when P1 and P2 interact in the
following manner. P1 asks P2, let us cooperate on (U, L); that is, in Stage 1, he will
go for “U”, and P2 should go for “L”, as it will benefit P1 by the payoff of 4 (refer
table). If P2 does that, then in the next period, they will coordinate on (U, C),
which is a Nash equilibrium and is self in forcible. Considering P2 is having an
option or incentive to deviate to “C”, where he will have the higher payoff of 4.
However, if P2 does not help P1 in the first period, then in Stage 2, P1 can punish
P2 by playing “D”, and then, P2 will be forced to play “R”, and at the end, P2 will
be at the worst position in the second stage. Since the payoff of the attained
outcome (D, R) for P2 will be “1”, which is less for P2 in both situations of (U, L)
with the payoff of “3” as well as (U, C) with the payoff of “4”.
Finally, it is concluded that finitely repeated games with multiple NE can obtain
different outcomes in different stages and can improve the efficiency of the games
as and when required.
22.4.3. Infinitely repeated games

Referring to the studied iterated prisoner’s dilemma game (Example 5), it is
observed that the preferred strategy is not to play a Nash strategy of the stage game
but to cooperate and play a socially optimum strategy. So as to get the optimal
outcome (D, D) with a maximum payoff of (–1, –1), that is getting only one year
of imprisonment. However, the issue was not solved in a finitely repeated game, as
it was giving the same NE outcome at every stage. Therefore, the most widely used
infinitely repeated games are used, where games are repeated an infinite number of
times. These are the games with the following features:
At all stages players cooperate with each other.
The number of stages is unknown.
The players give no importance to the last stage of the game.
At every stage, the players believe that the game will continue for several
more stages.
The strategy adopted in this game is a contingent strategy, also known as the
Grim Trigger strategy. It states to punish the players who deviate from the
cooperative path. It means if someone does not cooperate in one round of the
game, then he will be punished forever in the next rounds. The punishment leads to
a reduced payoff for both players for the rest of the game.
In case if the threat of punishment is sufficient to change the non-cooperative
player’s strategies, then it signifies a new equilibrium known as trigger strategy
equilibrium. Therefore, players are recommended to cooperate, so as to have more
utility rather than acting selfishly now and facing the other player’s punishment in
future.
22.4.4. Example 7- Infinitely repeated Prisoner’s Dilemma Game

In this example, we will extend the same prisoner’s dilemma game for infinite
repeated games. The game table is already discussed in Example 1. It states that
though NE is (C, C) with payoff (–3, –3) but the optimal outcome is (D, D) with
payoff (–1, –1). So as per infinite repeated game, for efficient payoff, P1 will
choose action “D” and will also ask P2 to cooperate and choose option “D” in
every stage (or period) so that they get the minimum imprisonment of only one
year. If P2 cooperates, then it is well and good, and both will get the payoff of (–1,
–1). However, if P2 gets greedy and deviates from the cooperative path, and
chooses action “C” instead of “D” then his punishment for that particular stage
(period) will be reduced to 0, but for that misbehavior, P1 will punish P2, by
always pressurizing it to select “C” and itself will also choose “C”, obtaining the
punishment payoff of (–3, –3). It is concluded that the adopted strategy has
adequate Deterrence but lacks Credibility. It implies that the triggering strategy
encourages players to cooperate and do not cheat (high deterrence). However,
while improving others, it will punish itself along with others (low credibility).
The payoff stream of infinite repeated games is illustrated in Figure 22.6. The
figure presents the payoff stream of cooperative and non-cooperative behavior of
P1 and P2. When both P1 and P2 cooperate, then a payoff of “–1” is received
(shown by the blue line). However, if P2 does not cooperate, then initially at period
0, it will get the payoff of “0” imprisonment, but from the next round, that is, from
period 1 to “t” (“t” can be infinite value), he will be punished and will get the
payoff of “–3” along with P1 (shown by the red line).
Figure 22.6: Payoff stream of the infinite repeated game
Calculus of infinitely repeated triggering strategy

To always get the optimal (or cooperative) result, the preference of players should
be modeled. For this, the concept of discount factor and summation is used. The
discount factor (δ) is the factor by which a payoff must be multiplied to obtain the
net value.
Let 1,1,1,1,1……… be the infinite payoff stream. Then, the summation of the
payoff for infinite time will be given as follows:
(16)
Here, 1 is the earned payoff in 0th period, δ is the discount/interest earned in 1st
period, is the discount earned in 2nd period, is the discount earned in the 3rd
period, and so on. S is the net payoff.
Multiplying δ on both sides of equation (16), we get the following:
(17)
Subtracting equation (17) from equation (16):
(18)
Calculus of infinitely repeated Prisoner’s Dilemma Game

The minimum discount rate required to sustain the cooperative outcome for infinite
time in an infinitely prisoner dilemma game is derived as follows:
For always getting the cooperative result, the payoff stream of cooperation should
be larger than misbehavior stream. That is,
(refer graph in Figure 22.6) (19)
(20)
Referring to equation (16), summation of payoff series is evaluated as follows:
(21)
(22)
Thus, to maintain the cooperative sustainability of the prisoner’s dilemma game,

the value of the discount factor should be always less than 1/3. The value of the
discount factor in repeated games is also considered as Nash-equilibrium of
infinitely repeated games.
22.5. Bayesian games

So far, we have discussed games where it is assumed that each player knows the
exact payoff of other players. However, this assumption is not always true. For
instance, there are several games where there is uncertainty regarding the payoffs.
Players do not exactly know the payoffs of their competing players. For example,
in a game of Auction, competing players do not know the bidding number of other
players. They are always “UNCERTAIN” regarding their competing payoffs. Thus,
those games in which there is uncertainty regarding the payoffs of other players are
known as Bayesian Games.
22.5.1. Example 8- Battle of sexes game

This game is between a couple, such as a wife and a husband or a boy and girl.
They have to decide the plan for the evening and have two options. They can either
choose to go for a game [let us say cricket (C)], which boy prefers, or they can go
for a movie [say Harry Potter (H)], which girl prefers. The strategic interaction
between the behavior of couples states that if a boy and girl choose different
things, that is boy chooses to watch cricket, and the girl chooses to watch a movie
or vice versa. Then, the plan of evening is lost, and each gets a payoff of 0. On the
other hand, if both of them decide to do something together. Like, both the boy and
girl agree to watch either a cricket or a movie. If both of them decide to watch
cricket together, then the boy gets a payoff of 10, and the girl gets a payoff of 5.
The boy gets a slightly higher payoff, because the boy is doing something that he
prefers that the girl is just going along, even though she does not prefer it. On the
other hand, if both of them decide to watch a movie together, then in this case, the
payoffs are reversed. The boy gets a payoff of 5, and the girl gets a payoff of 10
because the girl is watching the movie, which she prefers, and the boy is going
along.
Extending further, the boy (or Player 1) is uncertain about the mood of the girl, and
whether she will go with him or not. Girl can either be interested (I) or uninterested
(U) in watching the cricket or the movie with the boy. Since there is uncertainty
about the mood of the girl, there will be two different game tables.
If Girl is Interested (I) is going with the boy, then the scenario and payoffs
discussed just now will be followed and are illustrated in Table 22.14:
Table 22.14: Game table of BoS when the girl is interested in going with the boy
If the Girl is not interested (U) is going with the boy it means girl prefers to
watch things alone while the boy prefers to watch together. In this case, the payoffs
are modeled as follows and are illustrated in game Table 22.15:
If both boy and girl want to watch cricket, then the payoff of the boy will be
10, but since the girl is not interested in going with boy so her payoff will be
0.
If both boy and girl want to watch movie, then payoff of boy will be 5
(because boy has no problem with girl but prefers cricket over movie so
payoff 5), but since girls is not interested in going with boy so her payoff is
0.
If a boy wishes to watch cricket and a girl wishes for a movie. As they both
wish differently, the payoff of boy will be 0, but as the girl is not interested
in the boy so she can go alone and watch the movie. Thus, the payoff of a
girl, in this case, is 10 as she also prefers to watch movies.
If a boy wishes to watch a movie and a girl wishes for cricket. As they both
wish differently so payoff of the boy will be 0, but as the girl is not
interested in the boy, so she can go alone and watch cricket. Thus, the payoff
of the girl in this case is 5 as she prefers to watch movies over cricket so the
payoff is a bit less.
Table 22.15: Game table of BoS when the girl is not interested in going with the
boy
Game has only one type of boy and two different types of girls. Let us assume the
probability of a girl being interested is 1/2 and for being uninterested is also 1/2. It
means there are 50% chance that a girl will go with a boy and 50% chance that she
will not go. Finally, Bayesian battle of sexes game is represented in Figure 22.7:
Figure 22.7: Game table of Bayesian BoS game
Analysis of the Bayesian game

In order to analyze the Bayesian game, we should first assign a strategy to each
player of each type and then compute the average payoff of the players with
respect to the probabilities of the type of each player. For evaluating the Bayesian
Nash-equilibrium (BNE) in this game, first, the average payoff of the boy with
respect to the probabilities of the type of girl player is evaluated, and then, the best
response followed by BNE is computed.
Average payoff of boy with respect to probabilities of girl type
This can be evaluated by computing the utility payoff of boy choosing “C” or “H”
with different probabilities of girl. This is because it is uncertain whether the boy is
playing against type I girl or type II girl.
The probabilities of type I and type II girl is given as: P(I) = ½ and P(U) = ½
Utility payoff of boy choosing “C” with respect to a girl with strategy (C, C) is stated as
Ub (C, (C, C)), where
a “boy” wishes to watch “C”, that is, cricket, a “Girl” of Type I (I) also wishes to watch
“C” and a “Girl” of Type II (U) too wishes to watch “C”
(C, C) within the utility payoff of boy is described as the strategy of girl, where first “C”
is of Type I girl and other “C” is of Type II girl.
Strategy combination of girl is (C, C), (C, H), (H, C) and (H, H).
The utility payoff of the boy for each action with respect to each strategy of the girl
is calculated by considering game tables in Figure 22.7 as follows:
Similarly, we can also calculate the utility payoff of the boy with other strategy
choices for the girl such as (H, C) and (H, H).
Computation of utility of boy with girl strategy choice (H, C) and (H, H) is left for the
readers to evaluate.
Finally, the average payoff table for boys is illustrated in Table 22.16:
Table 22.16: Average payoff table for boy

Best Responses and Bayesian Nash-equilibrium
Bayesian Best response is a payoff averaged with respect to probabilities of
various types of other players. For each player it is realized separately.
Best responses of Boy (refer table 22.16)
Best response of boy when strategy of girl is (C, C) =
Best response of boy when strategy of girl is (C, H) =
Best response of boy when strategy of girl is (H, C) =
Best response of boy when strategy of girl is (H, H) =
Best responses of Girl of type I (I) (refer table 22.14)
Best response of interested girl when boy chooses C=
Best response of interested girl when boy chooses H=
Best responses of Girl of type II (U) (refer table 22.15)
Best response of uninterested girl when boy chooses C=
Best response of uninterested girl when boy chooses H=
Deduction of Bayesian Nash-Equilibrium (BNE)
Compiled Bayesian Game Table of the BoS is demonstrated in Table 22.17:
Table 22.17: BNE of BoS

Best responses of boy is highlighted with orange color.
Best responses of girl type I is highlighted with green color.
Best responses of girl type II is highlighted with red color.
From the table, it can be observed that the best-responses of all players of each
type are intersecting at [C,(C, H)]. Thus, the BNE of the game is [C,(C,H)].
Bayesian games can also be extended for mixed-strategy Bayesian games. Concept is
same as discussed above. Readers can refer following research paper for their knowledge
[3], [4].
22.6. Coalitional games

Games that are discussed till date are non-cooperative games, where players
compete with each other with no external rules that can enforce their cooperation.
It means each player is having its own sufficient resources to be in the competition.
Extending further, in this section, we will discuss the concept of coalitional game
theory, also termed as cooperative game theory. In coalitional game theory, the
basic modeling unit is the group of players rather than individual players. Here,
players, instead of competing with each other, collaborate among themselves and
form a group. Each member of the group then shares the payoff according to their
contribution. Unlike non-cooperative games, in a coalitional game model, the
individual preferences of the players are group, not their possible actions.
Given a set of players, a coalitional game defines how well each group (or
coalition) of players can do for itself. It is not concerned with how the players
make individual choices within a coalition, how they coordinate, or any other such
detail; it is simply concerned with the given payoff of a coalition.
There are two types of coalitional games:
Games with Transferable Utility (TU): In this game, players can divide and
transfer utility perfectly among themselves in such a way that they all are getting
some benefit by forming a group. For example, sharing commodities such as
money among themselves.
Games with Non-transferrable Utility (NTU): It is the game, where a group or
coalition cannot perfectly divide the commodity among themselves. It can be due
to any reason, like players do not have sufficient money or commodity cannot be
divided like car.
In this chapter we will discuss only coalitional Games with Transferable Utility (TU).
22.6.1. Coalitional games with transferable utility

In this type of coalitional game, the payoffs to a coalition (or group) are freely
redistributed among its members, and each coalition/group is assigned with a
single value as its payoff. Generally, it is possible whenever there is a universal
currency that is used for exchange in the system.
Statistically, it is defined as a pair , where “N” is a finite set of “n” players
; and “v” is a characteristic function , where is
a subset of all players, and R is the real value payoff denoted as where
. If , then it is called a Grand Coalition. The coalition’s payoff
is also called its worth.
It is assumed that v(∅) = 0

The Grand coalition is considered as the best coalition; however, it depends how the
payoff is divided among its members.
22.6.1.1. Example 9- Voting game
A parliament is set up of four political parties, A, B, C, and D, which have 45, 25,
15, and 15 representatives, respectively. They are required to vote on whether to
pass a $100 million spending bill or not and how much of this amount should be
controlled by each of the parties. Majority of minimum 51 votes are required to
pass any bill, and if the bill does not pass, then every party gets zero spending.
Generally, in a voting game, there is a set of agents N and a set of coalitions
that are winning coalitions. It signifies coalitions are sufficient for the
passage of the bill if all its members choose to do so. To each coalition ,
where S a is the member of the coalition. Worth of coalition member is = 1,
while others who are not the member of coalition is = 0.
As per the definition,
(It is
because these coalition do not result in minimum 51 votes).
(It is because summation of votes in
these coalition result in minimum 51 votes or more).
and so on (same reason as previous).
22.6.2. Outcome of coalitional games

An outcome of any coalitional game is given as , where
a) is a coalition structure, partitioning the set N and is stated as

, satisfying,
b) is a payoff vector. Here, is payoff of first

member, is the payoff of the second member, and so on. It should satisfy the
following:
• Individual Rationality: It means payoff of every member should be greater

than or equal to its worth, that is, for all .
• Feasibility: It states for every coalition, the sum of payoff of its members
should be exactly equal to the worth of coalition, that is,
, for all .
For Example: In a voting Game, outcomes can be

(({A,B},{C},{D}),(1,0,0)) or (({A,B},{C,D}),(1,0)) or (({A},{B,C,D}),(0,1)), and
so on.
22.6.3. Classes of coalitional games

Coalitional games have some interesting properties, and based on these properties,
they are categorized into various classes:
a. Super additivity: A game is said to be super-additive, if,
, where S and
T are a subset of N.
It signifies that the value of the entire set of players (the “grand coalition”) is not
less than the sum of the value of any non-overlapping set of coalitions.
Example: The voting-game example is super-additive and can be shown by the
following:
[individual
votes of “A” and “B” cannot satisfy the minimum vote condition; however, the
union of A and B results in 70 votes, thus satisfying the condition, hence,
that is 1 ].
The grand coalition has the highest payoff among all coalitional structures.
b. Additive: A game is said to be additive or inessential, if,

, where S and
T are a subset of N.
It signifies that the coalitions can never affect one another, either positively or
negatively.
c. Constant sum: G is constant-sum if the worth of the grand coalition equals the
sum of the worths of any two coalitions that partition N. Mathematically, a game
is constant sum, if, ,
where subset of N.
Every additive game is necessarily constant sum, but not vice versa. This can be stated by
equation v(S) + v(N\S) = v(S ∪ (N\S)) = v(N).
d. Convex game: A game is said to be convex game, if,

, where
are subset of N.
From the definition of super additivity it is clear that every super-additive game is a
convex game.
e. Simple Games: Coalitional games with restrictions on the values that payoffs
are said to simple games. Statistically, A game is said to be simple
game, if, . Voting Game is the best example of
simple games as it says
G is a proper simple game if it is both simple and constant-sum. It implies if S is a
winning coalition, then N-S is a losing coalition.
Relationship between the different classes of games

This can be referred with the help of Figure 22.8
Figure 22.8: Relation between classes of games
22.6.4. Analyzing coalitional games

Coalitional games are analyzed for the purpose of dividing the payoff according to
their worth among the agents. Focus will be on the grand coalition since it achieves
the highest payoff over all coalitional structures. In addition, sometimes there may
be no choice for the agents to form separate groups; thus, the only option is to form
the grand coalition. For example, public project games, where the inculcation of all
participants is necessary. The section explores a variety of solution concepts that
propose different ways of performing this division. Payoff divisions are
categorized under three different sets:
Feasible payoff set: It is the set where all payoff profiles do not distribute more
than the worth of the grand coalition. Statistically, for a game , the feasible
payoff set is defined as a set {
Pre-imputation set (P): It is the collection of feasible payoff profiles that are
efficient and distribute the entire worth of the grand coalition. Statistically, for a
game , the Pre-imputation set (P) is defined as a set P= {
Imputation set (C): It is a set that consists of payoffs in P in which each agent
gets at least what he/she would get by going alone (that is, by forming a singleton
coalition). Statistically, for a game , the imputation set (C) is defined as a
set C= {
Payoffs division methods

There are two different methods by which payoffs can be divided among the
coalitional players, and they are the Shapley value and the core.
The Shapley value

Before diving into the Shapley value, we should know that whatever there will be
the division of payoffs, it should be fair. Fairness of payoffs is expressed by three
axioms, symmetry, dummy player, and additivity.
Axiom 1: Symmetry
The agents “i” and “j” are said to be interchangeable if they always contribute the
same amount to every coalition of the other agents. That is, for every “S” that
contains neither “i” nor “j” implies
As per symmetry axiom the fair division of the payoffs will be there, when
interchangeable agents will receive the same payments. Statistically, if “i” and “j”
are interchangeable and is the payoff profile, then
Axiom 2: Dummy player
An agent “i” is a dummy player if the amount that “i” contributes to any coalition
is exactly the amount that “i” is able to achieve alone. That is, for all S such that
As per dummy player axiom, the fairness would be achieved; if dummy players
receive a payment equal to exactly the amount that they achieve on their own.
Statistically, if “i” is a dummy player and is the payoff profile,
then
Axiom 3: Additivity
Let there be two different coalitional game theory problems, defined by two
different characteristic functions and , but involves the same set of agents. If
the game is remodeled into a single game, then for the combined game each
coalition S achieves a payoff of
As per additivity axiom, there will be a fair distribution of payoffs for G if the
agents get the sum of what they would get in the two separate games.
A Coalitional game that satisfies these three axioms consists of exactly one or a
unique pre-imputation set, which implies that the payoff division within the set is
feasible and efficient. To evaluate the unique pre-imputation set, the idea of the
Shapley Value is used.
Given a coalitional game , the Shapley value of player “i” is given by
equation (23):
(23)
Example: Considering the voting game (Example 9).

The Shapley value of player A
(24)
Here |N| = 4
(25)
For each element of set S in equation (25)

When S = {}, 0! 3! 0 = 0
When S = {B}, 1! 2! 100 = 200
When S = {C}, 1! 2! 100 = 200
When S = {D}, 1! 2! 100 = 200
When S = {BC}, 2! 1! 100 = 200
When S = {BD}, 2! 1! 100 = 200
When S = {CD}, 2! 1! 100 = 200
When S = {BCD}, 3! 0! 0 = 0
Adding all the values and putting in the equation:
The division of player A will be $50 million out of $100 million:

The Shapley value of player B = $16.66
The Shapley value of player C = $16.66
The Shapley value of player D = $16.66
Computation of Shapley value of player B, C and D is left for readers to solve.
Finally, the payoff division is (50, 16.66, 16.66, and 16.66), which adds up to the
entire $100 million.
The core
The Shapley value discussed till now provides a fair way of dividing the grand
coalition’s payment among its members. However, the analysis of stability is
ignored in this case. For instance, the question can arise whether the players in the
game are willing to form a grand coalition as computed by Shapley value and
divide payments, or would some of them prefer to form smaller coalitions?
Actually, smaller coalitions are found to be more attractive for subsets of the
players, even if they lead to lower value overall. Consider the majority voting
example, where A does not have a unilateral motivation to vote for a different split
while A and B have the incentive to defect and divide the $100 million between
themselves, for example, dividing it (75, 25). So instead of including all players,
only two players can combine and divide the amount.
This leads to the question of what payment divisions would make the agents want
to form the grand coalition. The answer is that they would want to do so if and
only if the payment profile is drawn from a set called the core, defined as follows:
“A payoff vector X is in the core of a coalitional game (N, v) if and only if
”
It means the sum of payoffs to any group of agents S ⊆ N must be at least as large
as the amount that these agents could share among themselves if they formed a
coalition on their own.
Since the core provides a concept of stability for coalitional games, therefore, it is
an analog of the Nash equilibrium from non-cooperative games. However, it forms
a stronger notion because Nash equilibrium describes stability only with respect to
deviation by a single agent, while core states stability with respect to deviation by
all players within the game. Thus, the core in coalitional games is known as strong
Nash equilibrium, which requires stability with respect to deviations by arbitrary
coalitions of agents/players.
Conclusion
Game theory is a mathematical tool used in research work for analyzing the
behavior of competing players. It is a logical decision-maker that produces optimal
decisions for independent and competing actors in a strategic setting. The chapter
illustrates the foundation of game theory with the help of varying real-life
scenarios.
The concept of game theory came into existence in 1940 by John von
Neumann and Oskar Morgenstern, which was further extended by John
Nash.
Game Theory includes the Game with its multiple competing players. Every
Game has its own set of rules, and players formulate their strategies
according to them. The objective of each player is to achieve maximum
payoff. Actions performed by players set their utility payoff.
Aim of each player is to achieve the Best Response from other players so
that maximum profit (or payoff) can be acquired.
The outcome of any Game is decided by the Nash-Equilibrium of the game.
NE is the point of stability, from where the players are not allowed to
deviate.
Strategy is a plan of action that players take while being part of the game.
In pure strategy games, the action of players is either yes or no. That is, the
probability of performing the action is either 1 or 0.
In Mixed strategy, players select their actions according to their probability
distribution over the available action set.
There are various types of games in real-time scenarios, such as repeated
games, Bayesian games, coalitional games, and so on.
In repeated games, the interaction between players is repeated more than
once. They are of two types: finitely repeated games and infinitely repeated
games.
In finitely repeated games, players interact with a finite number of times,
whereas in infinitely repeated games players interact infinite time.
Bayesian games are games where players take part with certain probability
and are uncertain of their competing payoff. For example, in a game of
Auction, competing players do not know the bidding number of other
players. They are always “UNCERTAIN” regarding their competing payoffs.
Coalitional games are games where players take part in groups. Here players
instead of competing with each other, collaborate among themselves and
form a group. Each member of the group then shares the payoff according to
their contribution.
Coalitional games are of two types: games with transferable utility (TU)
and games with non-transferable utility (NTU). In TU, players can share
the commodity among themselves, for example, money, while in NTU,
players cannot share their commodity among themselves, for example, a car
bought in sharing.
22.7. Questionnaire

1. A competitive situation is known as:
a. Competition
b. Marketing
c. Game
d. None of these
2. One of the assumptions in Game Theory is
a. All players act rationally and intelligently
b. The winner alone acts rationally
c. Loser acts intelligently
d. Both the players believe luck

3. In game theory, the outcome or consequence of a strategy is referred to
as the
a. Payoff
b. Penalty
c. Reward
d. Loss
4. Which of the following is an example of a game theory strategy?
a. You scratch my back, and I will scratch yours.
b. If the shoe fits, wear it.
c. Monkey see, monkey do.
d. None of the above.

5. Each player should follow the same strategy regardless of the other
player’s strategy in which of the following games?
a. Constant strategy
b. Mixed strategy
c. Pure strategy
d. Dominance strategy
Answer key
1. (c) 2. (a) 3. (a) 4. (a) 5. (c)
1. Consider the Market Game consisting of two different retail chains, R1 and
R2. These two retail chains have the option either to set price high or low. If
both retailers set a high price, then both will get the high profit of Rs. 500, if
both of them set a low price, then both of them will get a low profit of Rs.
250 each. However, if one set high and other low, then retailer setting high
price will get market share amounting to Rs. 0, and retailer with low price
will get the maximum market share profit of Rs. 750. Illustrate the game
table of this game and formulate the utility payoff of the two retail chains
R1 and R2 for every possible outcome.
2. Consider a “Cold War” game consisting of two countries, C1 and C2. Each
country has some sort of financial deposit, which they are required to spend
properly. However, these countries have two sets of actions either they can
invest their amount on military defense (D), or they can spend their amount
for improving the health of citizens (H). If both C1 and C2 spend their
amount on the health of the citizens then the outcome is 100, 100; if both
invest their amount on military then outcome received is 10, 10. However, if
one of them focuses on health and the other on defense, then a country
focusing on defense has a strategic advantage over the other country and
receives payoff of 150, while a country that focuses on health gets a payoff
of minus 100. Formulate the game table, best response dynamics, and NE
for the given cold war scenario.
3. Let us consider an “investment game” that includes investor (I) and the
stock market (SM) as the two players. Investors can invest in stock 1 (S1) or
stock 2 (S2) depending upon the past returns of the stock, R1 as last one
year’s return and R2 as last two years’ return. It is observed that Stock 1(S1)
has returned 5% rate to the investor corresponding to R1 and 6% rate
corresponding to R2. On the other hand, Stock 2 (S2) has returned 10% rate
to the investor corresponding to R1 and 3% rate corresponding to R2. As far
as the stock market is concerned, the payoff of market in each case will be
the minus of the payoff of the investor (for example, payoff of SM in case of
(S1, R1) will be –5, and so on). Formulate the game table of the “investment
game” and try to find out whether it is pure strategy game or not. If not, then
find the mixed strategy Nash equilibrium of this game.
4. There are three kids, A, B, and C, “A” has 6$, “B” has 4$ and “C” has 3$.
There are also three ice-cream tubs of different weights. A 500 g tub is of
7$, 750 g is of 9$ and 1000 g is of 11$. Kids do not care about money;
however, each one of them wants to have maximum ice-cream. Since none
of the kid is having sufficient money to buy any of the tub, so Which
coalition will be formed? And how should that coalition divide its payoff
(here ice-cream) among its members?
5. Given game involves the scenario of confrontation, where players either
fight (F) or surrender (Su). It includes two players P1 and P2. P1 is of one
type, while P2 is of two types. He can be strong (S) or weak (W). If he is
strong, he will fight else will surrender. The probability of P2 being strong
(S) is ¼, and probability of being weak (W) is ¾. In addition,
If both P1 and P2 surrender (Su), then payoff of both players is 0
If both P1 and P2 fight (F), then payoff of player who is strong is 1, and
payoff of player who is weak is -1.
If one player surrenders (Su) and other fights (F), then payoff of player who
fight is 1, and that who surrenders is 0.
Build the game table of each player of each type
Calculate the Average payoff table of P1
Evaluate the Bayesian Best responses of each player of each type
Find the Bayesian Nash-equilibriums of the game

1. State the difference between pure strategy game and mixed strategy game.
2. What are coalitional games? Explain with help of examples.
References
[1] E. Anderson, “Tutorial on probability theory,” in Business Risk Management,

no. 413, Chichester, UK: John Wiley & Sons, Ltd, 2013, pp. 323–339.
[2] M. L. Moeschberger and R. B. Ash, “Basic Probability Theory,”
Technometrics, vol. 14, no. 4, p. 983, Nov. 1972, doi: 10.2307/1267154.
[3] “Mixed Strategy Bayesian Games- An Introduction and Example.”
https://www.youtube.com/watch?v=FrInlsX4NpM&list=PLDlJ2nw7-
dHb3oowMJfwgleor6dwWsVZ1&index=39.
[4] A. Zanardi et al., “Game Theoretical Motion Planning Tutorial,” Icra, 2021.

Concept of Game Theory and how it acts as a decision maker.
How the stability in game can be achieved.
Mixed strategic and pure strategic games.
Idea of repeated games, Bayesian games, and coalitional games.
All games should be understood with help of examples.

CHAPTER 23
Security Products
As already known, IoT security involves solutions that safeguard smart

devices and centralized user hubs from unwanted access or manipulation.
All over this book, we have studied various security elements, security
protocols, and security mechanisms that have secured and maintained the
integrity and privacy of the IoT system. Throughout the varying chapters,
the internal functioning of the methods and mechanisms is discussed.
Augmenting further, in this chapter, we will learn about the diversifying
features of the existing security products and solutions that can be directly
applied to the IoT systems without considering their internal behavior.
Installing security products without testing and analyzing is again a matter
of concern, as different testing methodologies, including software and
hardware security testing approaches, are needed. Therefore, along with
security products, the chapter also presents the innovative security and
privacy testbed of IoT systems. Testbeds on IoT system aims at testing all
types of IoT devices with diversifying software/hardware configurations.
Moreover, the chapter also highlights secure IoT databases.
Structure
The existing security products with commercialized and
uncommercialized characteristics
Test-bed frameworks on security and privacy of IoTs
Secure IoT databases
23.1. Existing IoT security products
The Internet of Things is an advanced method of communication that is
incompatible with established methods of cybersecurity and is vulnerable to
threats that can easily corrupt software by overriding the executing
commands or can steal data. Therefore, it is an immediate requirement to
have secured IoT systems that are able to safeguard the devices from
unwanted access and intruders.
Security in IoT provides users with secured data and regularly updates the
threat awareness and protection of devices. A strong security structure
models the communication within the devices and connects the users that
can manage and draw data with minimal risk.
It is being perceived that the technologies of IoT security are expanding and
evolving to meet the demands of cybersecurity and IoT as a whole.
Products in this category incorporate core qualities of security software and
are escalated to integrate with IoT management tools. So as to provide
industries and companies; with an absolute and reliable use of the network.
To ensure optimum security while deploying IoT devices within the
organization, the best practice is to discuss and consult about the product
with cybersecurity consulting providers. It is always good to consider a
qualified IoT development team so as to complete the build and deployment
process. For qualifying the inclusion of a security product in the IoT
security category, a product must have the following features:
It must be compatible with the latest IoT devices and technologies
It must bolster security measures so as to inherent it in inter-device
communication and user access cases
Product must have extensive authentication service to verify device
ownership and administrative license
Product should always alert device owners whenever device
communication is interrupted, or other situations arise
Product must always be assisted with software updates whenever they
become available
Employment of the discussed features in security products, though,
increases its credibility; however, the impact of user satisfaction in any IoT
security product is regarded as the most important attribute. The top four
factors that positively impact user satisfaction with IoT Security products
are “Quality of Support”, “Ease of Admin”, “Ease of Setup”, and “A
virtuous partnership in business”. Some of the foremost existing
commercialized IoT security products are:
a. AWS IoT device defender

AWS defender is a thoroughly managed product that secures the fleet of IoT
devices by continuously auditing and monitoring the security policies
associated with the devices. So as to make sure that they are not deviating
from the respective security practices. Moreover, it provides a tool for
addressing the resource-constrained challenges of IoT, which responds
quickly whenever any device is compromised.
b. Microsoft Defender for IoT

This product accelerates digital transformation with comprehensive security
across IoT infrastructure. It offers agentless network detection and
response (NDR) that can be rapidly deployed and works with diverse IoT,
OT, and industrial control system (ICS) devices. In addition, it
interoperates with external security operations center (SOC) tools and can
be deployed on-premises or on the cloud. For IoT device builders, Defender
for IoT offers lightweight agents for stronger device-layer security.
c. McAfee embedded control

This maintains the integrity of the IoT devices by allowing the execution of
only the authorized code and blocking unauthorized applications. It comes
up with a simple, lightweight software technology that models the devices
to be resilient to malware infections and attacks. Besides, it extends a layer
of device security with a fixed CPU or memory, including point-of-sale
(POS) terminals, medical imaging systems, and ATMs that basically
perform critical functions and often store sensitive data.
d. Entrust IoT security
Entrust IoT Security allows organizations to secure IoT devices through
scalable machine and user identity management. It encourages IoT agents to
drive innovation with an assurance that their systems are provided with
highly secured IoT security mechanisms. It offers secure, remote, on-
demand upgrades and updates that enable users to take advantage of new
capabilities, comply with changing security requirements, and maximize
IoT investments.
e. IoT security
To introduce trust in the diversified IoT infrastructure, ZingBox originated
the IoT personality-based approach to secure and manage IoT devices
throughout their entire lifecycle, from discovery to retirement. Each IoT
device has a controlled set of functions, flow, and vulnerabilities no matter
where it is installed, also known as IoT personality. This approach perceives
the behavior of each device and detects unusual activities to administer trust
among the connected devices. Conventional security solutions emphasize
on data protection; ZingBox extends itself to provide service protection for
business continuity.
f. Cybeats
Cybeats delivers an integrated security platform designed to secure and
protect high-valued connected devices. Its unique approach eliminates
device downtime due to cyber-attacks and allows device manufacturers to
develop and maintain secure and protected devices in a timely and cost-
efficient manner.
g. KeyScaler
KeyScaler provides device authority through Identity and Access
Management (IAM) for the Internet of Things (IoT). It is a platform that
assures trust in IoT devices and the IoT ecosystem and addresses the
challenges of securing the Internet of Things. KeyScaler uses breakthrough
technology, including Dynamic Device Key Generation (DDKG) and PKI
Signature, which delivers unrivalled simplicity and trust to IoT devices.
h. Memfault
This product ensures security by monitoring the IoT system. It proactively
monitors the smart devices, their releases, their data, and their fleet-level
metrics, like the health of the battery, its connectivity, and its real-time
dashboards.
i. Quantum edge
It is a CloudGuard Edge that protects the premises of stores and offices with
top-rated threat prevention schemes. It can be deployed in minutes and can
be managed by a unified threat prevention and access platform.
j. Spartan
Spartan is a family of digital authentication products that is used for
authenticating IoT endpoints, enabling anti-counterfeiting and anti-cloning.
This product uses Intrinsic ID’s patented SRAM (Static RAM) PUF
technology† that gives microcontrollers and semiconductors a unique
identity, which serve as the foundation of a security subsystem. In addition,
with identification, it also enables a software approach to provide hardware-
based security that can be implemented virtually on any CPU.
These are only a few IoT security products. Apart from these, many other
products are available in the market. Readers can refer following websites to
explore other IoT security products [9]–[11].
23.2. Testbed on security and privacy of IoTs

Heterogeneity, resource constraint characteristic, and open-ended behavior
of the Internet of Things (IoT) are prime reasons that tamper the security
and privacy of IoT systems. To ensure the system is secure, testing of its
security is necessary. However, testing of IoT security and the analysis of
IoT devices is considered as a very complex task due to its varying security
testing methodologies. Therefore, there was a requirement for tools and
methods that would rigorously perform the testing of IoT security.
Testbed is regarded as an admirable means that test and analyze the devices
and systems. IoT testbed is a platform that conducts rigorous, transparent,
and replicable testing of IoT systems, their computing tools, and their
integrating technologies. It is a kind of development environment where
codes are implemented and modules are tested without any disturbances
from the testing team, which is in absolute confinement. They are regarded
as the flexible method that evaluates and perform the security testing and
analysis of IoT devices. A lot of research efforts have been made to develop
and deploy different IoT testbeds. Most of these testbeds are publicly
available and are openly accessible with diversifying facilities and
functionalities. However, limited IoT testbeds are available that cover the
security aspects. Some of the available IoT testbeds available that account
for security are:
a. Smart campus Testbed

This testbed is deployed in the Centre of Communication Systems
Research’s (CCSR) three-floor building at the University of Surrey, UK. It
is positioned in a real-world environment with rational operational
conditions. The testbed uses a user-centric design that validates the research
of user behavior in IoT environments and provides effective IoT solutions.
It is a three-tier model that connects various IoT nodes to different
gateways, which are then linked to a cloud. Each IoT node is administered
using a TelosB mote† with varying sensors and IEEE 802.1 5.4 radio
module. In addition, the testbed also contains 30 Android Smartphones
carried by the users and connected to the gateways. For configuring and
controlling the functionalities, the testbed depends on the management
framework. It provides a user interface that enables resource discovery,
resource reservation, topology display, experiment configuration,
experiment execution, and data analysis. The testbed also maintains the
security and privacy of the deployed system [1].
b. Supersensor testbed
This testbed is deployed at the University of Glasgow. It depends on a
distributed data collection system with flexible and scalable micro-
component design architecture. Its architecture is composed of a Raspberry
Pi and a set of sensor nodes, which are connected to a central server. The
sensor nodes are used for real-time data collection and network connectivity
establishment. On the server side, a publish/subscribe model with a queuing
system is executed for effective real-time data processing and storage in a
database. The server also provides a user interface that allows users to
access node and sensor data using REST APIs.
In addition, the Protocol Buffers language (proto3) is used for serializing
and parsing data. Moreover, a heartbeat mechanism is also implemented in
the server to support remote health and availability monitoring of the data
and devices [2].
c. MakeSense testbed
MakeSense testbed is introduced for real-life and large-scale IoT
experimentation for social research. It is used to test situation-aware
applications and real-time monitoring indoor activity applications. The
testbed design inculcates the client-server model, where a set of sensor
nodes is deployed as clients and connected to a server using the
Lightweight Machine-to-Machine protocol through Broadband Internet.
Next, the server is hosted in the cloud for IoT data analysis and
visualization. It provides API access to sensor nodes for remote
management and configuration of available resources. The MakeSense
testbed tests the security implementations of the Datagram Transport
Layer Security (DTLS), data encryption using Advanced Encryption
Standard (AES), and pre-shared key authentication [3].
d. INternational Future INdustrial Internet testbed

INFINITE is a software-defined infrastructure that drives the growth of an
Industrial Internet innovation platform, which is built specifically for the
development of Industrial Internet products and solutions. This testbed
permits multiple virtual domains to securely run via one physical network.
Thus, encouraging it to be ideal for mission-critical systems. Moreover, it
connects the virtual domains through mobile networks [4].
e. SmartSantander testbed
SmartSantander is a unique city-scale experimental testbed that facilitates
research facilities for common smart city applications and services. The
objective is to fuel the use of the experimentation facility among the end
users, scientific community, and service providers so as to reduce the
technical and societal barriers that hinder the IoT concept from becoming
an everyday reality. It supports the evaluation of the key building blocks of
the IoT architecture, like, interaction and management protocols,
mechanisms; device technologies; and key support services such as
discovery, identity management, and security [5].
f. ASSET testbed
ASSET is a testbed abbreviated as an Adaptive Security for Smart Internet
of Things in eHealth. It is a testbed that develops risk-based adaptive
security methods and mechanisms for IoT in eHealth. It accurately
evaluates the adaptive security solutions in a realistic simulation and use
cases. It also includes an estimation strategy of the energy consumption
using the Holt-Winters prediction† method and is useful while studying the
feasibility of adaptive lightweight security solutions [6].
g. Stanfords testbed
This testbed is a cross-disciplinary research effort of Stanford University,
the University of California, and the University of Michigan. It focuses on
the following three key areas: analytics, security, and hardware and
software systems. Analytics states how to integrate the enormous streams of
physical world instrumentation with the existing data? Security signifies
how can pervasive sensing and analytics systems preserve and protect user
security? And Hardware and software systems express what hardware and
software will make developing new intelligent and secure IoT applications
as easy as a modern Web application? [7].
h. Siboni’s security testbed for IoT devices

The testbed is responsible for security testing and analysis operations of IoT
devices and configurations, including open-source operating systems and
applications. The objective of the security testbed is to test any embedded-
based IoT device using a combination of standard security testing
mechanisms along with advanced monitoring and analysis tools. It
examines the internal status of the Device Under Test (IoT-DUT), which
includes CPU utilization, memory consumption, file system operation, and
more. It also investigates the implication/impact of the device on the
environment where the IoT device is deployed, generally, by using traffic
analysis operation. Security testing is performed by means of
communication supported by IoT devices, including Wi-Fi, Bluetooth,
ZigBee, and others. It uses both standard and advanced software and
hardware-based analysis tools, such as Wireshark, Ubertooth, and so on, to
analyze the incoming and outgoing traffic patterns to/from the IoT DUT [8].
These are some of the IoT testbeds. Apart from these, research work on several
other testbeds is going on. Readers can refer following research papers and can
explore other available and upcoming IoT testbeds [12], [13].
23.3. IoT databases and its security

IoT databases are a new class of databases that are designed to control and
manage the huge amount of data generated by IoT devices. Unlike
traditional databases, which are designed for structured data, IoT databases
can handle unstructured data, ranging from simple sensor readings to highly
complex images and video streams. The volume (that is, the size) and the
velocity (that is, rate of data generation and movement) of data ingestion
create unique challenges for IoT databases. These challenges are handled by
key features such as scalability, reliability, flexibility, integration, high
performance, and security.
Scalability refers that IoT databases can control large volumes of data and
can scale horizontally across multiple nodes without surrendering their
performance or availability. Moreover, they can store it efficiently in a cost-
effective way. These databases pose high-performance computing features
and storage systems that can process and analyze real-time IoT data which
is of high velocities and volumes. In addition, IoT databases are highly
reliable as they can easily drive through hardware and software failures and
make sure that data is neither lost nor corrupted. Data is often collected
from multiple data sources and destinations; thus, IoT databases have a
special feature of integration, which states that databases can be easily
integrated with other enterprise systems, such as CRM, ERP, and data
warehouses. Further, IoT databases have robust security features like
authentication, encryption, and access control. It protects the unauthorized
access, tampering, and theft of sensitive and confidential IoT data.
IoT databases hold distributed architectures that scale horizontally across
nodes and use specialized data storage techniques such as graphs, time-
series, and NoSQL databases that can handle specific data types and
workloads. IoT databases provide infrastructure to store, process, and
analyze massive amount of data in real-time. It also enables IoT
applications to make data-driven decisions and take automated actions.
23.3.1 Threats and challenges of IoT databases with their

feasible solutions
The security of IoT databases is a crucial aspect of database administrator.
Though the IoT database creates fresh opportunities for data-driven
innovation; however, it also creates new threats and challenges in protecting
the integrity, confidentiality, and the availability of data. The section
explores some of the emerging threats and challenges for IoT database
security and recommends the best practices and solutions to mitigate them.
a. Data privacy and compliance

One of the prime challenges for IoT database security is ensuring data
privacy and compliance with varying regulations and standards. IoT
produces and stores a massive amount of data, generally from personal or
sensitive sources, such as transactions, locations, preferences, behavior,
health records, and biometrics. This type of personal data is used for
beneficial purposes, such as boosting customer experience, optimizing
operations, or increasing security. However, it can also be misused,
exploited, or breached by malicious actors or unauthorized parties. Thus, it
is the duty of database administrators to carry out robust data protection
measures, such as access control, encryption, anonymization, auditing, and
backup, and go along with relevant laws and frameworks, such as HIPAA,
PCI DSS, and NIST.
Comply relevant laws are already discussed in Chapter 3, Security Engineering

for IoT development.
b. Data quality and integrity

Another challenge for IoT database security is the maintenance of data
quality and integrity. Often, IoT depends on large and diverse data sets.
These datasets are then used to perform complex tasks, such as automation,
analytics, and prediction. However, if the dataset is incomplete, inaccurate,
corrupted, tampered, or outdated, the results can be unreliable, misleading,
or harmful. It can affect the performance, accuracy, and fairness of IoT
devices, which may be malfunctioned or may behave unpredictably.
Database administrators can ensure the quality and integrity of the data by
administering data verification, validation, cleansing, and monitoring
processes. They can also carry out the detection and prevention of data
errors, anomalies, or attacks.
c. Data security and resilience

The next challenge for IoT database security is the enhancement of data
security and resilience. The proliferation of IoT systems has intensified the
complexity and scalability of data environments, which has created extra
entry points and vulnerabilities for cyberattacks, such as denial-of-service,
ransomware, injection, or sabotage. These attacks aim to compromise the
functionality, availability, and safety of data systems and may result in
significant damage or disruption to customer trust, business operations, or
public welfare.
IoT database administrators can strengthen data security and resilience by
implementing data defense mechanisms, such as the installation of
antivirus, authentication, authorization, firewalls, encryption, and data
recovery strategies, such as replication, backup, failover, and disaster
recovery.
d. Data governance and ethics

The fourth challenge for IoT database security is the establishment of data
governance and ethics. IoT has created new ethical dilemmas and
responsibilities for data management systems, such as data ownership,
consent, accountability, transparency, and fairness. These issues basically
affect the reputation, trustworthiness, and legality of data practices and have
economic, social, and environmental implications. In addition, these issues
lay a remarkable impact on IoT devices on privacy, sustainability, and
human rights.
To deal with this challenge, database administrators are required to adopt
data governance and ethics principles and policies, such as impact analysis,
quality assurance, risk assessment, data stewardship, and stakeholder
engagement.
e. Data innovation and collaboration

Promoting data innovation and collaboration across different sectors,
domains, and organizations is another challenge for IoT database security.
However, IoT has created several new products, services, and solutions,
which have improved the system’s efficiency and productivity. However, it
has also posed new risks and challenges for data security, such as
integration, data sharing, standardization, interoperability, and many more.
To encourage data innovation and collaboration, database administrators are
recommended to implement data platforms, architectures, protocols, and
formats that support data access, data exchange, data analysis, or data
integration while ensuring data quality, security, privacy, and governance.
f. Data skills and awareness

Last but not least, developing data skills and awareness is also a major
challenge of IoT database security. Skills and knowledge, such as data
science, analytics, and engineering, help database administrator to
strengthen the potential of data for innovation, optimization, and decision-
making. However, it can be misused and can negatively raise new
competencies and tools for data security, such as data anonymization,
auditing, or encryption.
To resolve this issue, database administrators are required to acquire and
update data skills and awareness by engaging in continuous learning,
training, or certification programs and using data security best practices,
standards, or guidelines.
Conclusion
Security professionals are always used to continually defend IoT systems
against different types of threats and attacks. Several security products and
test beds are used by them to secure IoT devices and data. Considering this,
the chapter presents various IoT security products and testbeds along with
the measurements of the security of IoT databases. The comprehensive
details of the chapter are illustrated as follows:
Security products are the tools that protect IoT from threats and
breaches, identify and monitor risks, and help to fix vulnerabilities.
Before the installation of any IoT security product, it should have the
features of inheritance, alertness, compatibility, authenticity, and
updated availability.
The opted security product should be user satisfied and should
support “Quality of Support”, “Ease of Admin”, “Ease of Setup”, and
“A virtuous partnership in business”.
Examples of existing commercialized IoT security products are AWS
defender, Microsoft defender, entrust product, cybeats security
product, and so on.
Testbeds are the means of testing the security of IoT devices and
systems. These are the platforms that conduct rigorous, transparent,
and replicable testing of IoT systems, their computing tools, and their
integrating technologies.
Some of the deployed IoT testbeds are smart campus testbed,
supersensor testbed, makeSense testbed, and so on.
Along with the devices, the protection of IoT databases is also
mandatory, as the data generated by IoT devices is huge and
unstructured.
IoT databases can be protected by database administrators, who
should have the property of implementing robust data protection
measures, data verification, validation, cleansing, and monitoring
processes, data defense mechanisms, data platforms, architectures,
protocols, formats, and the ability of continuous learning and
training.
23.4. Questionnaire

1. IoT security products should always be
a. Updated
b. Compatible with latest technologies
c. Have the facility to alert the device owner in case of

mishappening
d. All of the above

2. Testbeds are the _____ of testing security of IoT systems
a. Tools
b. Platforms

3. User satisfaction for IoT Security products include
a. Quality of Support and virtuous partnership
b. Ease of Admin and Ease of Setup

4. IoT databases are not secure because
a. Data generated by IoT devices is vast and unstructured
b. Sometimes low-quality data is generated
c. Data generated is simple
Answer key
1. (d) 2. (b) 3. (c) 4. (a)

1. What are IoT databases and how it can be secured from threats and
attacks?

1. State some properties of IoT security products.
2. What are IoT testbeds? Illustrate some of its properties.
References
[1] M. Nati, A. Gluhak, H. Abangar, and W. Headley, “SmartCampus: A

user-centric testbed for Internet of Things experimentation,” Int. Symp.
Wirel. Pers. Multimed. Commun. WPMC, 2013.
[2] K. Hentschel, D. Jacob, J. Singer, and M. Chalmers, “Supersensors:
Raspberry Pi Devices for Smart Campus Infrastructure,” in 2016 IEEE
4th International Conference on Future Internet of Things and Cloud
(FiCloud), Aug. 2016, pp. 58–62, doi: 10.1109/FiCloud.2016.16.
[3] J. Jiang, R. Pozza, N. Gilbert, and K. Moessner, “MakeSense,” ACM
Trans. Internet Things, vol. 1, no. 3, pp. 1–25, Aug. 2020, doi:
10.1145/3381914.
[4] “https://www.iotone.com/case-study/iic-international-future-industrial-
internet-infinite-testbed/c573.” .
[5] “https://www.smartsantander.eu/.” .
[6] Y. Berhanu, H. Abie, and M. Hamdi, “A testbed for adaptive security for
IoT in eHealth,” Proc. Int. Work. Adapt. Secur. ASPI 2013, no. 0314,
2013, doi: 10.1145/2523501.2523506.
[7] “http://iot.stanford.edu/.” .
[8] S. Siboni et al., “Security Testbed for Internet-of-Things Devices,” IEEE
Trans. Reliab., vol. 68, no. 1, pp. 23–44, Mar. 2019, doi:
10.1109/TR.2018.2864536.
[9] “https://www.g2.com/categories/iot-security.” .
[10] “https://www.trustradius.com/iot-security?f=0#products.” .
[11] “https://www.firstpoint-mg.com/blog/top-19-iot-security-solutions/.” .
[12] I. S. Alsukayti, “A Multidimensional Internet of Things Testbed
System: Development and Evaluation,” Wirel. Commun. Mob.
Comput., vol. 2020, 2020, doi: 10.1155/2020/8849433.
[13] A. Tekeoglu and A. Ş. Tosun, “A Testbed for Security and Privacy
Analysis of IoT Devices,” Proc. - 2016 IEEE 13th Int. Conf. Mob. Ad
Hoc Sens. Syst. MASS 2016, pp. 343–348, 2017, doi:
10.1109/MASS.2016.051.
Keywords (†)
PUF technology: PUF stands for Physically unclonable functions
(PUFs). It is a technique in hardware security that takes advantage of
variations of inherent devices to produce an unclonable and unique
device response for a given input.
TelosB mote: The TELOSB mote is simulated as an IoT node and
constitutes a sensor processor and radio device.
Holt-Winters prediction: The Holt-Winters is a time-series
forecasting method that uses exponential smoothing to make
predictions based on past observations.

IoT security products
IoT testbeds
IoT databases and their security measurements

Index
A
access control
about 497
within communication protocols 499
within publish/subscribe protocol 499
Access Control List (ACL) 64, 499
Adaptive Security for Smart Internet of Things (ASSET) 675
Advanced Encryption Standard (AES)
about 35, 225, 675
structure 225-227
aggregated data decryption control center 511
algorithm types, distributed consensus
Byzantine Fault Tolerance (BFT) 614
Proof of Burn (PoB) 615
Proof of Capacity (PoC) 615
Proof of Elapsed Time (PoET) 615
Proof of Stake (PoS) 614
Proof of Work (PoW) 614
Altcoins 619
Amazon AWS
authentication mechanism 568
Amazon Lambda
about 563
features 563
Amazon Web Services (AWS) 120, 562
analysis, bargaining-based dynamic game model for cooperative authentication
about 445
with complete information 446-448
with incomplete information 448-453
Anonymity 620
anonymization techniques
about 296
K-anonymity technique 296, 297
L diversity 298
anti-money laundering (AML) 620
application classification
desktop wallet 618
hardware wallet 618
mobile wallet 618
online/web wallet 618
paper wallet 619
software wallet 618
arbiter 262
arbitrated digital signature 262
Architecture Reference Model (ARM) 403
ASSET testbed 675
asymmetric key encryption algorithm 233
attacks
tools 70
types 67-70
attack tree
about 70
building 70-78
attack vectors, Smart Home System (SHS)
Central digitalSTROM Server 174, 175
remote third-party services 176
smart control devices (SCD) 175
smart home communication bus 175, 176
attribute authority (AA) 423
attribute-based encryption (ABE) 423
auditing process
overview 108, 109
Authenticated Encryption (AE)
about 254
approaches 255, 256
Authenticated Encryption with Associated Data (AEAD) 254
authentication credential
about 492
biometrics 494
certificates 493
IoT authorization 495
symmetric keys 493
usernames and passwords 493
Authentication Layer (AH) 33
authorization
about 497
OAuth 2.0 497
AWS IoT
about 562
Amazon Lambda 563
AWS Thing Shadow 564
CloudWatch 563
DynamoDB 564
Kinesis 562
simple storage service (S3) 563
AWS IoT device defender 671
AWS Thing Shadow 564
Azure Active Directory (AD) 568
Azure Device Update component for IoT Hub 565
Azure IoT Hub 565
Azure's group management service 565
B
background knowledge attack 296, 297
bargaining-based dynamic game model 435
bargaining-based dynamic game model for cooperative authentication
about 435
analysis 445
bargaining-based price 438, 439
bargaining procedure 439, 440
dynamic game 440
performance 442
pre-requisite 436
price factors affect 436-438
Bayesian games
about 652
analysis 654-656
battle of sexes game example 652, 653
Bayesian Nash-equilibrium (BNE) 654
behavior domain 587
Best Response (BR) 631-633
big data 517
big data analytics 43
biometrics 494
Bitcoin 601, 612
Bitcoin P2P network 613
Blockchain 601
Blockchain architecture
about 602
block components 603
formation 604
Blockchain technology
about 600
banking system issues 600-602
banking system solutions 600-602
features 604
use case 609, 610
blockchain wallet 616
blockchain wallet, types
about 617
application classification 618
private key classification 617
block cipher
about 217, 218
modes of operation 227
schemes 221
block component
data 603
hash 603
previous hash 603
block reward 609
Bluelog tool 142
BlueMaho tool 142
Bluetooth-LE (BLE)
about 8, 282
bonding options 282
security concept 282
security services, providing 283
bootstrapping
threat mitigation 490
with PKI 489
boundary defense 121
Building Automation System (BAS) 314, 315
Building Energy Management and Grid Interaction System (BEMGS) 314, 315
Building Management Information Technology (IT) System (BMITS) 314, 315
Business-to-Business (B2B) 560
Business-to-Customer (B2C) 560
Business-to-Infrastructure (B2I) 560
Byzantine Fault Tolerance (BFT) 614
C
Caesar Cipher
about 199-202
limitations 200
mathematical representation 199
capability token 421
Central Authority (CA) 157, 159
Central Business District (CBD) 335
about 174
hardening 176, 177
centralized architecture 386, 387
Centre of Communication Systems Research’s (CCSR) 674
Certificate Authority (CA) 24, 494
Certificate-Based Key Establishment (CBKE) 282
Certificate Revocation Lists (CRL) 497
Certification and Accreditation (C&A) 103
Chlorofluorocarbons (CFCs) 517
Cipher Block Chaining Mode (CBC) 228, 229
Cipher Feedback Mode (CFB) 217, 229-231
Cipher suite 259, 260
cipher text 193
Ciphertext Policy-Attribute Based Encryption (CP-ABE) 423
Cisco Application Framework (CAF) 566
Cisco fog computing 566
classical IoT-architectural framework
about 410
application component 410
core component 410
device component 410
classification, Trust Management System (TMS)
about 383
conceptual architecture 388
layered architecture 383
propagational architecture 385
client-server-based data aggregation mechanism 505
centralized-server-based data aggregation mechanism 506
cluster-based data aggregation mechanism 505
tree-based data aggregation mechanism 506
cloud computing
about 43, 44
interoperability 44
reliability 44
synchronization 43
cloud-enabled directions
about 576
Cognitive IoT 576
On Demand Computing (ODC) 576
cloud-enabled IOT computing
about 573
container for secure deployment of IoT environment 574, 575
container for secure development of IoT environment 574, 575
data service 574
microservices 575
software defined networking 574
cloud IoT security controls
about 567
authentication 567
authorization 567
data integrity, maintaining 570
end-to-end security recommendation 569
secure bootstrap and enrollment of IoT devices 570
security monitoring 570
software/firmware update 569
cloud security
IoT threats 560, 561
cloud service provider (CSP)
about 562
AWS IoT 562
Cisco fog computing 566
exploring 562
IBM Watson IoT platform 566, 567
Microsoft Azure IoT suite 565
CloudWatch
about 563
features 563
Cluster node (CN) 386
coalitional game theory
about 656
analyzing 660
classes 659, 660
classes of games, relationship between 660
core 663
outcome 658
payoffs division method 661
shapley value 661, 662
voting game example 658
with transferable utility 657
CoAP security modes
Certificate 284
PreSharedKey 284
RawPublicKey 284
cognitive security 550-552
cold wallet 617
communication module 413
complex system
about 467
characteristics 468
Internet of Things (IoT) 468, 469
security challenges 470
complex systems, with security characteristics
about 471
computer network 473
economic network 473
social network 471
wireless network 471
compliance 102
Composite Virtual Objects (CVO) 589
computational model 466
computational security
about 466
future scope 477, 478
need for 466, 467
computational tools for complex systems
about 474
network controllability and observability 476
network science tools 475
network tomography 476, 477
signal processing tools 474, 475
computer network 473
Concept of Operations (CONOPS) 131
conceptual architecture
about 388
Direct trust model 388
Indirect trust model 389
Confidentiality, Integrity, and Availability (CIA) 28
Consistency Check (CC) 35
Constrained Application Protocol (CoAP) 30
container technology
example 575
content-oriented privacy threats
about 293
data aggregation threat 293
data querying threat 294
context information 587
context manager
architecture 416, 417
context-oriented privacy threats
identity privacy threat 294
location-based privacy threat 294
privacy policy and access control threat 294
context situations 587
contextual-oriented privacy threats 294
Continuous-Time Markov Chain (CTMC) 166
control-delegation services 176
controllability 476
conventional encryption 198
Convergent Information Architecture (CIA) model 393
Cooperation (CP) strategy 446
implementing 433, 434
Cooperative Communication (CC) 429, 431
cooperative game theory 656
cooperative incentive 432
core component
about 411
communication module 413
IoT Process Management module 411
IoT service module 412
management module 413
service organization module 411
virtual entity module 411, 412
Core Network (CN) 36
Counter Mode 232
Crackle tool 142
credential issuance process 418, 419
credential presentation process 419, 420
cryptanalysis 193
Cryptocurrency
about 610-612
Bitcoin 612
Ether 612
cryptographic controls for IoT protocols
examining 280
cryptographic controls into IoT communication protocols
building 281
Near Field Communication 283
ZigBee 281
cryptographic controls into IoT messaging protocols 283, 284
cryptographic key management
about 268
Diffe-Hellman Key-Exchange algorithm 273
key management fundamentals 268-272
Public Key Infrastructure (PKI) 278
Cryptography
about 192
features 192
Cryptography primitives 193, 194
Cryptography security role 192
Cumulative Distribution Function (CDF) 158
Cybeats 672
cyber-physical system (CPS)
about 14
versus cybersecurity 14, 15
versus IoT security 14, 15
cybersecurity
about 14
versus cyber-physical systems (CPS) 14, 15
versus IoT security 14, 15
D
data 603
data aggregation gateways 510
data aggregation mechanisms on IoT system
about 504
client-server-based data aggregation mechanism 505
mobile-agent-based data aggregation mechanism 506
time-series-based data aggregation mechanism 506, 507
data aggregation threat 293
data analysis 520
Data Centric Trust Establishment (DCTE) 392
Data Distribution Standard (DDS) 284
data encryption nodes 510
Data Encryption Standard (DES) 222
Datagram Transport Layer Security (DTLS) 31, 675
Data Owner privacy 294
data querying threat 294
DCapBAC strategy 421-423
decryption 197
Denial of Service (DoS) 61
desktop wallet 618
Destination Oriented Directed Acyclic Graph (DODAG) 34
device layer 383, 384
Device-to-Device (D2D) communication 517
Device Under Test (IoT-DUT) 676
Diffe-Hellman Key-Exchange algorithm 273-275
Digital Signature Algorithm (DSA)
about 265, 266
advantages 268
mathematical formulation 267
digital signatures scheme
about 262
Digital Signature Standard (DSS) 265
Elgamal digital signatures scheme 262, 263
Schorr digital signatures scheme 264
Digital Signature Standard (DSS) 265
digitalSTROM chip (dSC) 173
digitalSTROM (dSS) 171, 173, 174
digitalSTROM meter (dSM) 173
direct digital signature 261, 262
Direct Sequence Spread Spectrum (DSSS) 35
Direct trust model 388
Discrepancy Reports (DRs) 135
distributed architecture 385, 386
Distributed Capability-based Access Control (DCapBAC) 421
distributed consensus
about 614
algorithm types 614
distributed graph coloring scheme 308
DODAG Destination Advertisement Object (DAO) 34
DODAG Information Object (DIO) 34
DODAG Information Solicitation (DIS) 34
domain-specific IoT, security concerns
about 36
agriculture 39, 40
Enterprise Information Systems (EIS) 38
home automation 39
IoT-based healthcare 42
SCADA systems 36, 37
smart cities 40, 41
social IoT 41, 42
dynamic data masking 298
Dynamic Device Key Generation (DDKG) 672
dynamic game
about 440
players 440
strategy 440, 441
utility function 441, 442
DynamoDB
about 564
features 564
E
economic network 473
edge computing 45, 46
edge layer 45
edge nodes 45
Efficient XML Interchange (EXI) 10
EIS security pillars
access control 38
security awareness 38
security policy 38
Top Level Management Support (TLMS) 38
ElasticSearch (ES) 562
Electronic Code Book (ECB) 217, 228
Electronic Product Codes (EPC) 5, 6
Electronic Serial Numbers (ESNs) 488
Electronic Toll Collection (ETC) 8
Elevation of Privilege 61
Elgamal digital signatures scheme 262, 263
Elliptic Curve Cryptography (ECC)
about 275
background explanation 276
decryption algorithm 278
encryption algorithm 277, 278
key-exchange algorithm 276, 277
Elliptic Curve Diffie-Hellman (ECDH) 494
Elliptic Curve Digital Signature Algorithm (ECDSA) 494
Encapsulating Security Payload (ESP) 33
encryption 605
encryption algorithm
about 197
symmetric key encryption algorithm 198
transposition technique 213
encryption and authentication mechanism 340
Encryption-Decryption algorithm 235
End User License Agreements (EULAs) 583
Enterprise Resource Planning (ERP) 38
entity domain 587
Entrust IoT security 672
Ether 612
Event-Condition-Action rules 589
Event-Data-Recorder (EDR) 334
event prediction 520
Expected Transmissions (ETX) 34
Extensible Messaging and Presence Protocol (XMPP) 32, 33
F
Face-to-face (F2F) enabler 416
Fault Tree Analysis (FTA) 74
features, Blockchain technology
encryption 605-607
mining 607, 608
mining incentives 609
Proof-of-Work (PoW) 607
public distributed ledger 604, 605
Feistel cipher 218
Feistel decryption algorithm 220
Feistel encryption algorithm 219, 220
Field Programmable Gate Array (FPGAs) 9
final permutation 223
finitely repeated game
multiple equilibrium 647-649
Prisoner’s Dilemma Game example 644, 645
finitely repeated games 643
fog computing 46, 566
fog layer 566
Front-Computing-Unit (FCU) 334
futuristic data dissemination (FDD) approach 305, 306
G
Galois Counter Mode (GCM) 260
Game-Theoretic Analysis
using, in network robustness 180-182
Game-Theoretic approach
about 626
auction game 628
market game 627
political game 627
Prisoner’s Dilemma Game 628, 629
terms 626
wireless communication game 628
Geographic Information System (GIS) 73
GIoT components
about 519
Green architecture 520
Green communication 520
Green hardware 519, 520
Green software 520
GIoT open issues
about 524
GIoT technical challenges 525
security and privacy 525
standardization 525
Global Passive Adversary (GPA) 336
green cloud computing architecture 521
green fog computing architecture 521
Green IoT (GIoT)
about 517, 518
application layer 519
communication layer 519
contribution 524
issues 526
power management layer 519
real-time application 526
real-time query process 527
things layer 519
Green IoT technologies
about 521
Green cloud computing 522
Green coding 522, 523
Green data centers 523
Green M2M 523
Green sensing networks 522
Green tags 521, 522
Grim Trigger strategy 649
ground control station (GCS) 72
group identity (GID) 342
group manager 423, 424
group signature 339
H
hacking 601
hardware-based authentication 120
hardware vulnerability 62
hardware wallet 618
hash 603
Hash function
about 242
applications 243-245
Message Digest-version5 (MD5) 245
properties 242, 243
hash tree 249
heterogeneous IoT systems 13
Hill cipher 205-209
homogeneity attack 296
Homogeneity attack 297
Horizontal operators 406
hot wallet 617
human-machine interface (HMI) 37
Hypertext Transfer Protocol Secure (HTTPS) 287
I
IAM for IoT application development
credential abuse 486
cross-domain IoT 486
default password risks 486
implementing 485
virtual eavesdropping 486, 487
IBM Watson IoT platform 566, 567
Identity and Access Management (IAM)
about 120, 483, 484, 672
need for 485
identity lifecycle
about 487
account deactivation 492
account deletion 492
account monitoring and control 491
account suspension 492
account updates 492
credential and attribute provisioning 490
credential deactivation 492
credential deletion 492
secure bootstrap 488
with unique requirement 488
Identity Management (IdM)
about 418
credential issuance process 418, 419
credential presentation process 419, 420
IEEE 802.15.4 35
IEEE 1609.2 494
Impulse Free Model (IFM) 165, 166
Indirect trust model 389
industrial control system (ICS) 37, 671
infinitely repeated game
about 643, 649
Prisoner’s Dilemma Game 650, 651
triggering strategy 651
information and communication technology (ICT) 583
Information Assurance (IA)
about 58
authentication 58
availability 59
confidentiality 58
integrity 58
non-repudiation 58
resilience 59
safety 59
Information-Centric Networking (ICN) 393
information disclosure 61
information technology (IT) 313
informed consent
about 582
challenges, implementing 584, 585
in Internet of Things (IoT) 582, 583
Infrared (IR) 322
initialization vector (IV) 499
Initial Permutation (IP) 222, 223
Initial Vector (IV) 229, 257
Insecure Access Control
about 63
Access Control List-Based Systems 64
access control threats 65
availability threats 66
Capability-Based Access control 64
challenges 64, 65
Discretionary Access control 64
Key-based Access control system 64
privacy threats 65, 66
Role-Based Access control 64
Intelligent Transportation Systems (ITS) 327, 333, 334
Internal Betrayal Adversary (IBA) 336
Internal Tricking Adversary (ITA) 337
INternational Future INdustrial Internet testbed 675
International Telecommunication Union (ITU) 2, 494
Internet Engineering Task Force (IETF) 33, 495
Internet of People
about 404
features 404
Internet of Things (IoT)
about 2, 3, 291
authentication 23-25
authorization 23-25
constrained system resources 12
device heterogeneity 13
growth trends 3-5
informed consent 582, 583
insufficient authentication 25, 26
insufficient authorization 25, 26
interoperability 13
limitations 11, 12
malware control strategy 170
malware propagation 164, 165
malware propagation, modeling 165-169
market opportunity 3-5
network robustness 179
Over-The-Air firmware update 13, 14
Internet of Things (IoT), security technologies
communication technologies 28, 29
enabling 26
hardware technologies 26, 27
network technologies 29
software technologies 27, 28
Internet of Vehicles (IoV) 327
Intrusion Detection System (IDS) 40
IoT architecture 15
IoT architecture, factors
business factors 15
security factors 15
technical factors 15
IoT architecture layers
about 16
application/interface layer 17
network layer 16
perception/sensing layer 16
security requirements 21-23
security threats 17-20
service/processing layer 16
IoT-cloud platforms
characteristics 44
edge computing 46
features 44
IoT cloud security architecture
about 571-573
architecture components 571
IoT cloud services
about 558
asset/inventory management 558
customer intelligence and marketing 559, 560
entitlement management 559
information sharing 560
message transport/broadcast 560
real-time monitoring 559
samples 558
sensor coordination 559
service billing 559
service provisioning 559
IoT cooperation
about 430
conflict balancing 433
cooperative authentication 431, 432
cooperative communication 430, 431
cooperative incentive 432
IoT databases
about 676, 677
security 676
threats and challenges 677
IoT device networking
about 5
communication 8
computation 9
identification 5
semantics 10, 11
sensing 7
services 9, 10
IoT devices
identity 488, 489
IoT IAM infrastructure
about 495
PKI, implementing 495, 496
IoT naming schemes
Electronic Product Codes (EPC) 6
Ubiquitous Codes (uCode) 6, 7
IoT network
security protocol/algorithm 546
IoT networking protocols
about 30
application protocol 30
Link Layer protocol 35
Network Layer protocol 33
Physical Layer protocol 35, 36
Routing protocol 34
Transport Layer protocol 34
IoT node authentication
signature algorithm 260, 261
IoT platforms
Cisco IoT Cloud Connect 117
Google Xively 118
IBM Watson IoT 117, 118
ThingWorx 118
IoT Process Management module 411
IoT protocols
security features 544, 545
IoT security
about 14, 672
versus cyber-physical systems (CPS) 14, 15
versus cybersecurity 14, 15
IoT security and privacy testbed
about 673
ASSET testbed 675
INternational Future INdustrial Internet testbed 675
MakeSense testbed 674, 675
Siboni’s security testbed 676
smart campus testbed 674
SmartSantander testbed 675
stanfords testbed 675, 676
supersensor testbed 674
IoT Security CONOPS document
about 131
access control 132
authentication 132
compliance and reporting 132
confidentiality and integrity 131
disposal 132
incident response and forensics 132
monitoring 132
operations and maintenance 132
IoT security lifecycle
about 97
features 130
implementation and integration 130
operations and maintenance 137
processes and agreements 110-114
secure design 98-103
technology selection 115-123
IoT security lifecycle, implementation and integration
about 130, 137
asset and configuration management 143
data archiving and records management 146
data purging 145
dispose 144
forensics 144
incident management 143, 144
inventory control 145
IoT device management 138, 139
IoT Security CONOPS document 131
network implementation and security integration 132-135
penetration testing 141, 142
secure configuration 136, 137
secure device disposal and zeroization 145
security monitoring 140
security training 135, 136
system security verification and validation (V&V) 135
IoT security on mobile networks
cost of mobile network 552
delay in mobile network 553
impact 552
risk and complexity of mobile network 553
scope restriction of mobile network 553
IoT security products
about 670, 671
AWS IoT device defender 671
Cybeats 672
Entrust IoT security 672
features 670
IoT security 672
KeyScaler 672
McAfee embedded control 671
Memfault 672
Microsoft Defender for IoT 671
Quantum edge 673
Spartan 673
IoT service module
about 412
IoT service resolution 412
IoT services 412
IoT systems
threat modeling 78-86
IoT techniques, challenges
about 389
identifier/locator splitting 391
naming and name resolution 389, 390
resources and services 391
security and privacy 392
IoT technologies
about 42, 43
big data analytics 43
cloud computing 43
edge computing 45
fog computing 46
IoT threats
from cloud security 560, 561
IOx architecture
fog director 566
fog nodes 566
Host OS 566
IPV6-based Low power Personal Area Network (6LowPAN) 33
K
K-anonymity technique 296, 297
key agreement 269
key encryption key (KEK) 270
key generator function 224
KeyScaler 672
key transportation 270
Kinesis
about 562
features 562
know-your-customer (KYC) 620
L
layered architecture
about 383
device layer 383, 384
other layers 385
support layer 384
L diversity 298
Lightweight and Robust scheme for maintaining Trustworthiness and Privacy (LRTP) scheme 369-
374
Linear Congruential Generator (LGR) 257, 258
Link Layer protocol 35
Lithium-Ion (LI) 114
Local Area Networks (LAN) 8
Local Eviction of Attackers by Voting Evaluators (LEAVE) protocol 454
Local Routing Depth (LRD) 170
location privacy
about 328
requirements 328, 329
location-privacy preservation solutions
about 329
group signature 331
mix-zone 330
pseudonyms 329, 330
silent period 331, 332
Long-range Wide Area Networks (LoRaWAN) 571
Long-Term Evolution-Advanced (LTE-A) 35
Long-Term Evolution (LTE) 9
LowPAN Border Router (LBR) 34
M
Machine-to-Machine (M2M) communication 517
MakeSense testbed 674, 675
management module
about 413
cost reduction 413
fault handling 413
flexibility 413
unexpected usage issues 413
market game
example 634, 635
Master Node (MN) 386
matching pennies game
example 636-640
Maximum Transmission Unit (MTU) 33
McAfee embedded control 671
Memfault 672
Merkle tree
about 249, 250
significance 250-252
message authentication 252, 457
Message Authentication Code (MAC)
about 192, 253, 254, 493
limitations 254
Message Digest-version5 (MD5) 245
Message Queue Telemetry Transport (MQTT) 31
metamodeling
specification 587-589
microservices 575
Microsoft Azure
authentication mechanism 568
Microsoft Azure IoT suite 565
mining 607
mixed-strategy 636, 637
MixGroup approach
about 332, 333
experimental analysis 349-351
pre-requirements 333
security analysis 345
MixGroup key mechanism
encryption and authentication mechanism 340
group signature 339
pseudonym mechanism 339
temporary in-group identity 340
MixGroup process
about 341
group join 342
group leaving 344
pseudonym exchange 343
revocation protocol 344, 345
RSU signing protocol 343, 344
system initialization and key generation 341
mix-zone area 319
mobile-agent-based data aggregation mechanism
about 506
drawbacks 506
Mobile Gateway (MG)
about 363
characteristics 363
mobile wallet 618
mobile WBSN
about 359
architecture 359
issues 360, 361
mobile WBSN privacy protection
One Time Mask (OTM) scheme 365, 366
One Time Permutation scheme 366, 367
Mobile Wireless Body Sensor Networks (Mobile WBSN) 357
monitoring services 176
multicasting data dissemination 528
N
Nash Equilibrium (NE) 446, 631-633
National Institute of Standards and Technology (NIST) 103, 265
Natural Language Names (NLNs) 393
Near Field Communication (NFC) 8, 283
network controllability and observability
about 476
features 476
network detection and response (NDR) 671
Network Layer protocol 33
network robustness
Internet of Things (IoT) 179
with Game-Theoretic Analysis 180-182
network science tools
about 475
features 475
network tomography 476, 477
network vulnerability 62
nodes, network model
mobile sink 301
sensor node 300, 301
storage node 301
Non-Cooperation (NC) strategy 446
North American Electric Reliability Corporation (NERC) 103
Nova-Genesis (NG) model
about 393
identifier/locator splitting 394, 395
naming and name resolution 393, 394
resources and services 395-397
security and privacy 398, 399
O
observability 476
On-Board Communication unit (OBU) 153
onboard units (OBUs) 328
On Demand Computing (ODC) 576
One Time Mask (OTM) scheme
about 363-366
comparative analysis 368
one-time pad technique
fundamental 213
One Time Permutation (OTP) scheme
about 363-367
comparative analysis 368
online wallet 618
Open Authorization (OAuth 2.0)
about 497
components 497, 498
working 498
OpenID Connect (OIDC) 568
Open Web Application Security Project (OWASP) 111
Orthogonal Frequency Division Multiple Access (OFDMA) 35
Output Feedback Mode (OFB) 231
Over-The-Air (OTA) 14
P
paper wallet 619
about 358, 361
architecture 361, 362
issues 362
participatory sensing privacy protection
about 368
Lightweight and Robust scheme for maintaining Trustworthiness and Privacy (LRTP) scheme 369-
374
Password based key derivation (PBKDF) 270
paying taxes game
example 640, 641
mixed strategy 642, 643
Payment Card Industry (PCI) 103
Pay-Per-Use (PPU) 114
peer-to-peer (P2P) network 613
People as a Service 406
Perfect Bayesian Nash Equilibrium (PBNE) 449
Perfect Forward Secrecy (PFS) 273
performance analysis, variants of entity authentication
about 454, 455
average risks 456, 457
average vulnerability time 455
performance, bargaining-based dynamic game model for cooperative authentication
energy consumption 443
location privacy leakage 442
network survivability 444
Personal IoT (PIoT) network
about 358
architecture WBSN 360
concept 358
mobile WBSN 359
participatory sensing 361
security aspect 363
Personally Identifiable Information (PII) 100
Physical Cyber Social Computing (PCSC) 406
Physical Layer protocol 35
PKIX management function 280
PKIX model
about 279
elements 279
plain text 193
Platform-as-services (PaaS) 44
Playfair cipher 202-204
Playfair square 202
point-of-sale (POS) 671
policy-based solution for informed consent
about 585
elements 585, 586
policy-based framework 587
policy enforcement component 589-591
SecKit, implementing 592-594
Policy Decision Point (PDP) 589
policy enforcement component 589-591
Policy Enforcement Points (PEPs) 587
polyalphabetic cipher 209, 210
pre-requirements, MixGroup approach
about 333
network model 333, 334
social model 335
theory 338
threat model 336
traces of vehicles 337, 338
vehicular social network 337
pre-requirements, privacy preservation data dissemination
about 300
network model 300
threat model 301, 302
prerequisites, time-series data aggregation privacy preservation scheme
about 507
Group Z*p2 properties 509
IoT scenario 507, 508
security consideration and design goals 508
PreSharedKey mode 31
price-based incentive mechanism 432
Prisoner’s Dilemma Game
example 628, 629
game table 646
mathematical formulation 630
Privacy Impact Assessment (PIA) 100
privacy preservation 292
privacy preservation data dissemination approach
about 299
futuristic data dissemination (FDD) approach 305, 306
implementing 307
pre-requirements 300
resolution of uncertainty 302-305
privacy preservation for IoT
in smart buildings 313
privacy preservation techniques
about 294, 295
anonymization techniques 296
cryptographic techniques 296
dynamic data masking 298
privacy-preserving approaches
in smart buildings 318
Radio Frequency Identification (RFID) 320, 321
Video surveillance 321
Wireless LAN 318, 319
privacy threats classification
about 293
content-oriented privacy threats 293
contextual-oriented privacy threats 294
private key classification
cold wallet 617
hot wallet 617
probability of correct authentication (PCA) 431, 432
procedural vulnerability 62
process execution 411
processing layer 384
process modeling 411
Product-As-A-Service (PaaS) 95
programmable logic controllers (PLCs) 37, 144, 559
Proof of Burn (PoB) 615
Proof of Capacity (PoC) 615
Proof-Of-Concept (POC) 139
Proof of Elapsed Time (PoET) 615
Proof of Stake (PoS) 614, 619
Proof of Work (PoW) 614, 607
propagational architecture
about 385
centralized architecture 386, 387
distributed architecture 385, 386
proxy gateway controllers (PGCs) 393
pseudonym mechanism 339
Pseudo Random Number Generators (PRNGs)
about 257
process 258, 259
pseudo random numbers 257
public distributed ledger 604, 605
public key infrastructure (PKI)
about 278, 495
bootstrapping 489
implementing, for IoT IAM infrastructure 495, 496
revocation support 496, 497
Public Key Infrastructure X.509 (PKIX) 278
Pulsed-Index Communication (PIC) 519
pure strategy game 637
Q
Quality of Service (QoS) 46, 504
Quantum edge 673
Query plan (QEP) 528
R
Radio Access Network (RAN) 36
Radio Frequency Identification (RFID)
about 6, 8, 320
approaches 320, 321
Randomized Strategy 637
random number generation 257
RawPublicKey mode 31
real-time query process, GIOT
about 527
mathematical representation 529-531
query execution path, deriving 535, 537
query processing 528
secure path generation scheme 531-535
real-time query-processing (RTQP) 531
Registration Authority (RA) 120, 329
remote terminal units (RTUs) 37, 559
remote third-party services
hardening 178
repudiation 61
reputation-based incentive mechanism 432
Resource Description Framework (RDF) 10
Respondent privacy 294
Restricted Passive Adversary (RPA) 336
risk 63
Roadside Equipment (RSU) 152, 494
Roadside Unit (RSU) 153, 159, 328, 334
Role-Based Access Control (RABC) 64, 138
RSA asymmetric cryptosystem 234, 235
S
Safety Impact Assessment (SIA)
about 102
factors 102
scalability 677
Schorr digital signatures scheme 264
secret key 198
secret-key capacity 195-197
Secure Hash Algorithm (SHA) 246-249
Secure Multiparty Communication (SMC) 322
Secure Socket Layer (SSL) 286
security analysis, MixGroup approach
about 345
attack and defense analysis 346
conditional tracking 345
entropy optimal pseudonym exchange 347, 348
security-as-a-service (SECaaS) 562
security aspects, Personal IoT (PIoT) network
mobile WBSN privacy protection 363
participatory sensing privacy protection 368
Security Credential Management System (SCMS) 139
security engineering
building 94
operation management 95-97
requirement management 94, 95
Security Information and Event Management (SIEM) 122
security operations center (SOC) 671
security protocol/algorithm, IoT network
time-based secure key generation and renewal 546-548
security system integration
about 104
accounts and credentials 106
audit and monitoring 107
concern 104
patching and updates 107
secure bootstrap 104-106
Security Toolkit (SecKit)
about 587
implementing 592-594
Self-Driving Vehicles (SDVs) 113
Self-Verifying Names (SVNs) 393
sensor location diversity 299
Service-Centric Networking (SCN) 393
Service Level Agreement (SLA) 112, 391
service organization module
about 411
service choreography 411
service composition 411
service orchestration 411
Service-Oriented Architecture (SOA) 393, 575
SHS hardening
about 176
Central digitalSTROM Server, hardening 176, 177
remote third-party services, hardening 178
Smart Communication Bus, hardening 177
smart control devices (SCD), hardening 177
SHS system
attack scenarios 178, 179
solution analysis 178, 179
Siboni’s security testbed 676, 677
Signal-Noise-Rate (SNR) 196
signal processing tools
about 474
features 474
signatures types
about 261
arbitrated digital signature 262
direct digital signature 261, 262
signature verification 261
signing function 266
silent period 319
similarity attack 298
Simple Authentication and Security Layer (SASL) 33
Simple Storage Service (S3)
about 562, 563
features 563
single round function 224
smart buildings
concept 313
IoT technologies 316
privacy preservation for IoT 313
privacy-preserving approaches 318
privacy threats 316, 317
subsystem 314
smart campus testbed 674
Smart Communication Bus
hardening 177
smart contract 615, 616
smart control devices (SCD)
about 175
hardening 177
smart home communication bus 175, 176
Smart Home System (SHS)
about 171
attack vectors 174
digitalSTROM example 172
digitalSTROM technical structure 173
solution-based analysis of attack vectors 171
SmartSantander testbed 675
Social Internet of Things (SIoT)
about 41, 405
components 405
features 405
social network
about 471
multimedia content threats 472
social threats 472
traditional threats 472
Social Network Analysis (SNA) 475
social threats 472
Society of Automotive Engineers (SAE) 103
SocIoTal framework
about 409
classical IoT-architectural framework 410
SocIoTal security framework
about 413
authentication 414
authorization 421
context manager 416
group manager 423, 424
Identity Management (IdM) 418
key-exchange management 415
trust and reputation 415
software-based authentication
centralized authentication 120
distributed authentication 120
one-way authentication 119
three-way authentication 119
two-way authentication 119
Software-Defined Networking (SDN) 121, 393, 408
Software Development Kits (SDKs) 117
software vulnerability 62
software wallet 618
Spartan 673
Spatial Light Modulator (SLM) 322
Spatial Privacy Graph (SPG) 299, 307
SPG-based data dissemination 307-312
spoofing 60
stanfords testbed 675, 676
strategic game 630
strategic interaction 630
stream cipher 217
Subgame Perfect Nash Equilibrium (SPNE) 446
substitution technique
about 199
types 199
Super Node (SN) 386
supersensor testbed 674
Supervisory Control and Data Acquisition (SCADA) 36
support layer 384
Sybil attack detection, in vehicular network
about 152
challenges and attacks 154, 155
concept 152-154
consequences 156, 157
schemes 157-163
Vehicular Ad-Hoc Network (VANET) 152-154
symmetric key encryption algorithm
about 198
Cipher Block Chaining Mode (CBC) 228, 229
Cipher Feedback Mode (CFB) 229-231
Counter Mode 232
Electronic Code Book (ECB) 228
Output Feedback Mode (OFB) 231
substitution technique 199
Symmetric Key Establishment (SKKE) 282
symmetric keys 493
System on Chip (SOC) 9, 38
T
tampering 60
Tamper-proof-device (TPD) 334
Temporary In-group Identity (TID) 340
Third Generation Partnership Project (3GPP) 36
threat
about 60
associated terms 60
classification 60
threat model 301, 302
threat modeling
about 100
for IoT systems 78-86
threats and challenges, IoT databases
about 677
data governance and ethics 678, 679
data innovation and collaboration 679
data privacy and compliance 677, 678
data quality and integrity 678
data security and resilience 678
data skills and awareness 679
time-based secure key generation and renewal
about 546, 548
cognitive security 550-552
key features 547
security protocol for bidirectional data transmissions 550
security protocol for unidirectional data transmissions 548, 549
time-series-based data aggregation mechanism 506, 507
time-series data aggregation privacy preservation scheme
about 507
aggregated data decryption control center 511
computational cost 513
data aggregation gateways 510
data encryption nodes 510
prerequisites 507
privacy maintenance 512
scheme 510
system settings 510
traces of vehicles
observations 337, 338
transport encryption
about 284
Hypertext Transfer Protocol Secure (HTTPS) 287
Secure Socket Layer (SSL) 286
Transport Layer Security (TLS) 284, 285
Transport Layer Security (TLS) 259, 284
transposition technique
about 213
modern symmetric encryption technique 216
rail fence technique 214
row column transportation 214-216
trigger strategy equilibrium 649
true random numbers 257
trust
concept 380
role 380
Trusted Platform Module (TPM) 10
Trust Management System (TMS)
about 381
classification 383
information gathering 381
trust computation 381
trust propagation 382
trust update 382
U
Ubiquitous Codes (uCode) 6, 7
Ultra-Low Voltage (ULV) 519
Ultra-Wide Band 8
Ultra-Wide Band (UWB) 8
Uniform Resource Identifier (URI) 389
Unmanned Aerial System (UAS) 576
Unmanned Aircraft System (UAS) 72
uploaded data
properties 364
user-centric IoT, concept
about 404
advantages 407
Internet of People 404
People as a Service 406
Physical Cyber Social Computing (PCSC) 406
Social Internet of Things (SLoT) 405
user-centric IoT, issues
about 407
big data analysis 408
data models 408
fault tolerance 408
interoperability 408
nomenclatures 408
trust and privacy 408, 409
utility and usability 407
User privacy 294
US Postal Service (USPS) 103
V
VANET(VOR4VANET) 458, 459
variants of entity authentication
about 453
abstinence 454
performance analysis 454
police 454
reputation 453
vote 454
Vehicle To Infrastructure (V2I) 154
Vehicle To Vehicle (V2V) 154
Vehicular Ad-hoc Network (VANET) 328
Vehicular Sensor Network (VSN)
about 154, 333
characteristics 337
verification function 266
Vernam cipher 211-213
Vertical operators 406
Video surveillance 321
Vigenere cipher 210, 211
virtual entities (VE) 411
virtual entity module
about 411, 412
VE and IoT service monitoring 412
VE resolution 412
VE service 412
Virtual Objects (VO) 589
visual privacy preservation mechanism
solutions 322, 323
vulnerability
about 62
hardware vulnerability 62
network vulnerability 62
procedural vulnerability 62
software vulnerability 62
W
Web Ontology Language (OWL) 10
web wallet 618
Wheatstone-Playfair cipher 202
Wi-Fi 8
Wireless LAN
about 318, 319
conditions 319
factors 319
key challenges 320
wireless network 471
WireShark tool 142
wiretap channel 195
X
X.509 certificate 494
Z
Zero Day Initiative (ZDI) 37
ZigBee
about 281
keys 282
link keys 282
master keys 281
network keys 282
Z-Wave 9, 36

Enhancing IoT Security

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Enhancing IoT Security

Uploaded by

Copyright:

Available Formats

Enhancing IoT

First published: 2024

UK | UAE | INDIA | SINGAPORE

Lord Shiva and Guru Sai – My Torch Bearer

❖ Dr. Vidushi Sharma has received the Ph.D. degree in computer

❖ Gamini Joshi is pursuing Ph.D. at Gautam Buddha University,

Anuj Gargeya Malkapuram is an accomplished Security Practitioner

❖ I want to express my deepest gratitude to the Almighty lord for

Thanks & Regards

❖ I would like to extend my sincere thanks to some people who have

Thanks & Regards

Internet of Things is an emerging technology, which has changed our life

If you are interested in becoming an author

Join our book’s Discord space

1. The Internet of Things and its Security Requirements

2. IoT Security - Vulnerabilities, Attacks, and Countermeasures

3. Security Engineering for IoT Development

4. IoT Security Lifecycle

5. IoT as Interconnection of Threats

8. Privacy Preservation for the Internet of Things

9. Location Privacy Enhancement in the Internet of Vehicles

10. Privacy Protection in Key Personal IoT Applications

11. Trust and Trust Models for the IoT

12. Framework for Privacy and Trust in IoT

13. Preventing Unauthorized Access to Sensor Data and

14. Computational Security for the IoT and Beyond

15. Identity and Access Management Solutions for the IoT

16. Privacy-Preserving Time Series Data Aggregation for IoT

17. Path Generation Scheme for Real-Time Green IoT

19. Cloud Security for the IoT

20. Policy-Based Approaches for Informed Consent in IoT

21. Blockchains for Internet of Things

22. Game Theory Foundation

23. Security Products

The Internet of Things is an emerging technology that is spreading rapidly

1.1 Internet of Things - A brief introduction

Figure 1.1: Classification of IoT market

1.1.1 Growth trends and market opportunity

1.2 Networking in the IoT device - The framework

IoT Elements Examples

Figure 1.3: Electronic Product Code

1.3 Need to secure IoT - Its limitations

Smart Connected Cars is another example of a sensor-enabled IoT

A practical loophole in smart cars was observed by security researchers in 2013,

The examples studied above conclude that consumers, operators, enterprises,

Reason 1 - Constrained system resources

Reason 2 - Device Heterogeneity

Reason 3 - Interoperability in IoT

Reason 4 - Over-the-Air firmware update

1.4 Cyber security versus IoT security and cyber-physical

Figure 1.5: Cyber Physical System Vs Internet of Things

(a) Three Layer (b) Four Layer IoT Architecture Model

Figure 1.6: IoT Architecture

Layer 1 - Perception/Sensing layer

Layer 2 - Network layer

Layer 3 - Service/Processing layer

Layer 4 - Application/Interface layer

1.5.1 Security threats in IoT architecture layers

Information Theft of personal information such as location, private

Threats Technology Explanation

Tag/ID Cloning RFID The attack generates replicas of

Fuzzer Responsible for breaking the

Sinkhole Attack Malicious node attracts and captures

Flooding This attack is similar to DoS attacks in the cloud where an