Abstract
Web of Things (WoT) is the most promising application model of Internet of Things (IoT). Current IoT systems urgently need extendibility and loose coupling, which are easily provided by WoT. However, some concerns about WoT security have been raised by academic researchers as well as industrial engineers. This paper provides a review of WoT literature especially on security issues. Moreover, this paper proposes an architecture that regards smart gateways as ideal devices to achieve WoT security. Smart gateways are classified into five types, and security functions are suggested for each type.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Leiba, B.: OAuth web authorization protocol. Internet Comput. IEEE 16, 74–77 (2012)
Duquennoy, S., Grimaud, G., Vandewalle, J.J.: The Web of Things: interconnecting devices with high usability and performance. In: International Conference on Embedded Software and Systems, 2009, ICESS 2009, pp. 323–330 (2009)
Castro, M., Jara, A.J., Skarmeta, A.F.: Enabling end-to-end CoAP-based communications for the Web of Things. J. Netw. Comput. Appl. 59, 230–236 (2016)
Bormann, C., Castellani, A.P., Shelby, Z.: CoAP: an application protocol for billions of tiny internet nodes. IEEE Internet Comput. 16, 62–67 (2012)
Levä, T., Mazhelis, O., Suomi, H.: Comparing the cost-efficiency of CoAP and HTTP in Web of Things applications. Decis. Support Syst. 63, 23–38 (2014)
Guinard, D., Trifa, V.: Towards the web of things: Web mashups for embedded devices. In: Workshop on Mashups, Enterprise Mashups and Lightweight Composition on the Web (MEM 2009), in proceedings of WWW (International World Wide Web Conferences), Madrid, Spain, p. 15 (2009)
Guinard, D., Trifa, V., Pham, T., Liechti, O.: Towards physical mashups in the web of things. In: 2009 Sixth International Conference on Networked Sensing Systems (INSS), pp. 1–4. IEEE (2009)
Fielding, R.: Representational state transfer. In: Architectural Styles and the Design of Network-based Software Architecture, pp. 76–85 (2000)
Guinard, D., Trifa, V., Karnouskos, S., Spiess, P., Savio, D.: Interacting with the SOA-based internet of things: Discovery, query, selection, and on-demand provisioning of web services. IEEE Trans. Serv. Comput. 3, 223–235 (2010)
Stirbu, V.: Towards a restful plug and play experience in the web of things. In: 2008 IEEE International Conference on Semantic Computing, pp. 512–517. IEEE (2008)
Pfisterer, D., Römer, K., Bimschas, D., Kleine, O., Mietz, R., Truong, C., Hasemann, H., Kröller, A., Pagel, M., Hauswirth, M.: SPITFIRE: toward a semantic web of things. IEEE Commun. Mag. 49, 40–48 (2011)
Scioscia, F., Ruta, M.: Building a Semantic Web of Things: issues and perspectives in information compression. In: 2009 IEEE International Conference on Semantic Computing, pp. 589–594. IEEE (2009)
Ruta, M., Scioscia, F., Di Sciascio, E.: Enabling the semantic Web of Things: framework and architecture. In: 2012 IEEE Sixth International Conference on Semantic Computing, pp. 345–347. IEEE (2012)
Guinard, D., Fischer, M., Trifa, V.: Sharing using social networks in a composable web of things. In: 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 702–707. IEEE (2010)
Cheng, C., Zhang, C., Qiu, X., Ji, Y.: The Social Web of Things (SWoT)-structuring an integrated social network for human, things and services. J. Comput. 9, 345–352 (2014)
Guinard, D., Trifa, V., Wilde, E.: A resource oriented architecture for the web of things. In: Internet of Things (IOT), 2010, pp. 1–8. IEEE (2010)
Dillon, T.S., Zhuge, H., Wu, C., Singh, J., Chang, E.: Web-of-things framework for cyber–physical systems. Concurrency Comput. Pract. Exp. 23, 905–923 (2011)
Lee, E.A.: Cyber physical systems: design challenges. In: 2008 11th IEEE International Symposium on Object Oriented Real-Time Distributed Computing (ISORC), pp. 363–369. IEEE (2008)
Ostermaier, B., Schlup, F., Romer, K.: Webplug: a framework for the web of things. In: 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 690–695. IEEE (2010)
Chen, Y., Xu, M., Gu, Y., Li, P., Shi, L., Xiao, X.: Empirical study on spatial and temporal features for vehicular wireless communications. EURASIP J. Wireless Commun. Netw. 2014, 1–12 (2014)
Lv, P., Wang, X., Xue, X., Xu, M.: SWIMMING: seamless and efficient WiFi-based internet access from moving vehicles. IEEE Trans. Mob. Comput. 14, 1085–1097 (2015)
Lu, X., Dong, D., Liao, X., Li, S., Liu, X.: PathZip: a lightweight scheme for tracing packet path in wireless sensor networks. Comput. Netw. 73, 1–14 (2014)
Guinard, D., Trifa, V., Mattern, F., Wilde, E.: From the internet of things to the web of things: resource-oriented architecture and best practices. In: Architecting the Internet of Things, pp. 97–129. Springer (2011)
Guinard, D., Floerkemeier, C., Sarma, S.: Cloud computing, REST and mashups to simplify RFID application development and deployment. In: Proceedings of the Second International Workshop on Web of Things, p. 9. ACM (2011)
Bröring, A., Remke, A., Lasnia, D.: SenseBox – a generic sensor platform for the web of things. In: Puiatti, A., Gu, T. (eds.) MobiQuitous 2011. LNICST, vol. 104, pp. 186–196. Springer, Heidelberg (2012)
Turner, S.: Transport layer security. IEEE Internet Comput. 18(6), 60–63 (2014)
Rescorla, E., Modadugu, N.: Datagram transport layer security, RFC 4347, in progress, IETF draft-rescorla-dtls-04 5246 (2006)
Raza, S., Shafagh, H., Hewage, K., Hummen, R., Voigt, T.: Lithe: Lightweight secure CoAP for the internet of things. Sens. J. IEEE 13, 3711–3720 (2013)
Kushalnagar, N., Montenegro, G., Schumacher, C.: IPv6 over low-power wireless personal area networks (6LoWPANs): overview, assumptions, problem statement, and goals. RFC 4919 (Informational), Internet Engineering Task Force (2007)
Hummen, R., Ziegeldorf, J.H., Shafagh, H., Raza, S., Wehrle, K.: Towards viable certificate-based authentication for the internet of things. In: Proceedings of the 2nd ACM workshop on Hot topics on wireless network security and privacy, pp. 37–42. ACM (2013)
Heuer, J., Hund, J., Pfaff, O.: Toward the web of things: applying web technologies to the physical world. Computer 48(5), 34–42 (2015)
Gerdes, S., Bergmann, O., Bormann, C.: Delegated CoAP authentication and authorization framework (DCAF). Laryngoscope 108, 679–682 (1998)
Oh, S.W., Kim, H.S.: Decentralized access permission control using resource-oriented architecture for the Web of Things. In: 2014 16th International Conference on Advanced Communication Technology (ICACT), pp. 749–753. IEEE (2014)
Jindou, J., Xiaofeng, Q., Cheng, C.: Access control method for web of things based on role and SNS. In: 2012 IEEE 12th International Conference on Computer and Information Technology (CIT), pp. 316–321. IEEE (2012)
Bai, G., Yan, L., Gu, L., Guo, Y., Chen, X.: Context-aware usage control for web of things. Secur. Commun. Netw. 7, 2696–2712 (2014)
Barka, E., Mathew, S.S., Atif, Y.: Securing the web of things with role-based access control. In: El Hajji, S., Nitaj, A., Carlet, C., Souidi, E.M. (eds.) C2SI 2015. LNCS, vol. 9084, pp. 14–26. Springer, Heidelberg (2015)
Raggett, D.: The web of things: challenges and opportunities. Computer 48, 26–32 (2015)
Cheng, C., Zhang, C., Qiu, X.: A security-enhanced discovery model for WoT system based on reputation. Adv. Inf. Sci. Serv. Sci. 4, 434–442 (2012)
Chang, E., Dillon, T.: Trust, reputation, and risk in cyber physical systems. In: Papadopoulos, H., Andreou, A.S., Iliadis, L., Maglogiannis, I. (eds.) AIAI 2013. IFIP AICT, vol. 412, pp. 1–9. Springer, Heidelberg (2013)
Baronti, P., Pillai, P., Chook, V.W., Chessa, S., Gotta, A., Hu, Y.F.: Wireless sensor networks: survey on the state of the art and the 802.15. 4 and ZigBee standards. Comput. Commun. 30, 1655–1695 (2007)
Acknowledgments
This work is partially supported by the National Natural Science Foundation of China under Grant nos. 61379148 and 61472437.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Xie, W., Tang, Y., Chen, S., Zhang, Y., Gao, Y. (2016). Security of Web of Things: A Survey (Short Paper). In: Ogawa, K., Yoshioka, K. (eds) Advances in Information and Computer Security. IWSEC 2016. Lecture Notes in Computer Science(), vol 9836. Springer, Cham. https://doi.org/10.1007/978-3-319-44524-3_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-44524-3_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-44523-6
Online ISBN: 978-3-319-44524-3
eBook Packages: Computer ScienceComputer Science (R0)