Abstract
Internet of Things (IoT) is characterized, at the system level, by high diversity with respect to enabling technologies and supported services. IoT also assumes to deal with a huge amount of heterogeneous data generated by devices, transmitted by the underpinning infrastructure and processed to support value-added services. In order to provide users with valuable output, the IoT architecture should guarantee the suitability and trustworthiness of the processed data. This is a major requirement of such systems in order to guarantee robustness and reliability at the service level. In this paper, we introduce a novel IoT architecture able to support security, privacy and data quality guarantees, thereby effectively boosting the diffusion of IoT services.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Alcaide, A., Palomar, E., Montero-Castillo, J., & Ribagorda, A. (2013). “Anonymous authentication for privacy-preserving IOT target-driven applications.” Computers & Security, 37, 111–123.
Ali, M., Eltabakh, M., & Nita-rotaru, C. (2004). “Robust security mechanisms for data streams systems,” Purdue university, csd technical report 04-019.
Anton, A. (1996). “Goal-based requirements analysis,” in Proceedings of the Second International Conference on Requirements Engineering, pp. 136–144.
Atzori, L., Iera, A., & Morabito, G. (2010). “The internet of things: A survey.” Computer networks, 54(15), 2787–2805.
Ballou, D. P., & Pazer, H. L. (1985). Modeling Data and Process Quality in Multi-input, Multi-output Information Systems. Management Science, 31(2), 150–162.
Batini, C., Scannapieco, M. “Data quality: concepts, methodologies and techniques.” Data-Centric Systems and Applications, Springer 2006.
Bhargav-Spantzel, A., Squicciarini, A., and Bertino, E. “Trust negotiation in identity management,” Security Privacy, IEEE, vol. 5, no. 2, pp. 55 –63, march-April 2007.
Bovee, M., Srivastava, R. P., & Mak, B. (2001). “A Conceptual Framework and Belief-Function Approach to Assessing Overall Information Quality.” Proc. 6th Int. Conf. on Information Quality (ICIQ-2001), MA, USA, pp.311–32
Cao, J., Carminati, B., Ferrari, E., & Tan, K. (2011). “Castle: Continuously anonymizing data streams.” IEEE Transactions on Dependable and Secure Computing, 8(3), 337–352.
Chung, L. (1993). “Dealing with security requirements during the development of information systems,” in Advanced Information Systems Engineering, ser. Lecture Notes in Computer Science, C. Rolland, F. Bodart, and C. Cauvet, Eds. Springer
Evans, D., & Eyers, D. (2012). “Efficient data tagging for managing privacy in the internet of things.” In Proceedings - 2012 IEEE Int. Conf. on Green Computing and Communications, GreenCom 2012, Conf. on Internet of Things, iThings 2012 and Conf. on Cyber, Physical and Social Computing, CP- SCom 2012, Besancon, pp 244–248.
Guo, B., Zhang, D., Wang, Z., Yu, Z., & Zhou X. (2013). “Opportunistic IoT: Exploring the harmonious interaction between human and the internet of things”. Journal of Network and Computer Applications, 36(6), 1531–1539. doi:10.1016/j.jnca.2012.12.028
Huang, X., Fu, R., Chen, B., Zhang, T., Roscoe, A. (2012). “User interactive internet of things privacy preserved access control.” In 7th International Conference for Internet Technology and Secured Transactions, ICITST 2012, London, United Kingdom, pp. 597–602.
Internet of ThingsStrategicResearchRoadmap; available online at: http://ec.europa.eu/information_society/policy/rfid/documents/in_cerp.pdf
Kalloniatis, C., Kavakli, E., & Gritzalis, S. (2008). Addressing privacy requirements in system design: the PriS method. Requirements Engineering, 13(3), 241–255.
Kourouthanassis, P. E., Giaglis, G. M., & Vrechopoulos, A. P. (2007). Enhancing user experiencethroughpervasive information systems: The case of pervasiveretailing. International Journal of Information Management, 27(5), 319–335.
Li, F., Nastic, S., & Dustdar, S. (2012). Data Quality Observation in Pervasive Environments. In Proceedings of the 2012 I.E. 15th International Conference on Computational Science and Engineering (CSE ’12). IEEE Computer Society, Washington, DC, USA, 602–609. doi:10.1109/ICCSE.2012.88
Lindner, W., & Meier, J. “Securing the borealis data stream engine,” in Proceedings of the 10th International Database Engineering and Applications Symposium, ser. IDEAS’06. Washington, DC, USA: IEEE Computer Society, 2006, pp. 137–147. [Online]. Available: http://dx.doi.org/10.1109/IDEAS.2006.40
Manyika, J., Chui, M., Brown, B., Bughin, J., Dobbs, R., Roxburgh, C., & Hung Byers A. “Big data: The next frontier for innovation, competition, and productivity” Report McKinsey Global Institute 2011. [Online] Available: http://www.mckinsey.com/mgi/publications/big_data/
Metzger, A.; Chi-Hung Chi; Engel, Y.; Marconi, A., “Research challenges on online service quality prediction for proactive adaptation,” Software Services and Systems Research – Results and Challenges (S-Cube), 2012 Workshop on European, vol., no., pp.51,57, 5–5 June 2012 doi:10.1109/S-Cube.2012.6225512
Miorandi, D., Sicari, S., De Pellegrini, F., & Chlamtac, I. (2012). Survey internet of things: Vision, applications and research challenges. Ad Hoc Networks, 10(7), 1497–1516.
Mylopoulos, J., Chung, L., and Nixon, B. “Representing and using nonfunctional requirements: a process-oriented approach,” Software Engineering, IEEE Transactions on, vol. 18, no. 6, pp. 483 –497, Jun. 1992
Nehme, R., Rundensteiner, E., & Bertino, E. “A security punctuation framework for enforcing access control on streaming data,” in Data Engineering, 2008. ICDE 2008. IEEE 24th International Conference on, April 2008, pp. 406 –415
Papadopoulos, S., Yang, Y., & Papadias, D. “Cads: continuous authentication on data streams,” in Proceedings of the 33rd international conference on Very large data bases, ser. VLDB’07. VLDB Endowment, 2007, pp. 135–146. [Online]. Available: http://dl.acm.org/citation.cfm?id=1325851.1325870
Papazoglou, M. P., Traverso, P., Dustdar, S., & Leymann, F. (2007). Service-Oriented Computing: State of the Art and Research Challenges. IEEE Computer, 40(11), 38–45.
Sandhu, R. S., Coyne, E. J., Feinstein, H. L. and Youman, C. E. “Role-based access control models,” Computer, vol. 29, no. 2, pp. 38–47, Feb. 1996. [Online]. Available: http://dx.doi.org/10.1109/2.485845
Sicari, S., Grieco, L. A., Boggia, G., & Coen-Porisini, A. (2012). DyDAP: A dynamic data aggregation scheme for privacy aware wireless sensor networks. Journal of Systems and Software, 85(1), 152–166.
van Lamsweerde, A., & Letier, E. (2000). Handling obstacles in goal-oriented requirements engineering. IEEE Transactions on Software Engineering, 26(10), 978–1005.
Wang, R., & Strong, D. (1996). Beyond accuracy: What data quality means to data consumers. Journal of Management Information Systems; Armonk; Spring, 12(4), 5–33.
Wang, Y., & Wen, Q. (2011). “A privacy enhanced dns scheme for the internet of things.” IET International Conference on Communication Technology and Application, ICCTA, Beijing, pp. 699–702.
Yu, Q., Bouguettaya, A., & Medjahed, B. (2008). Deploying and Managing Web Services: Issues, Solutions, and Directions. The VLDB Journal, 17(3), 537–572.
Acknowledgments
The work of D. Miorandi leading to these results has received funding from PAT within the framework of the LOCOS project.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Sicari, S., Cappiello, C., De Pellegrini, F. et al. A security-and quality-aware system architecture for Internet of Things. Inf Syst Front 18, 665–677 (2016). https://doi.org/10.1007/s10796-014-9538-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10796-014-9538-x