Prov-IoT: a security-aware iot provenance model

Fariha Tasmin Jaigirdar, Carsten Rudolph, Chris Bain

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

16 Citations (Scopus)

Abstract

A successful application of an Internet of Things (IoT) based network depends on the accurate and successful delivery of a large amount of data collected from numerous sources. However, the highly dynamic nature of IoT network prevents the establishment of clear security perimeters and hampers the understanding of security aspects. Risk assessment in such networks requires good situational awareness with respect to security. Therefore, a comprehensive view of data propagation including information on security controls can improve security analysis and risk assessment in each layer of data propagation in an IoT architecture. Documentation of metadata is already used in data provenance to identify who generates which data, how, and when. However, documentation of security information is not seen as relevant for data provenance graphs. In this paper, we discuss the importance of adding security metadata in a data provenance graph. We propose a novel IoT Provenance model, Prov-IoT, which documents the history of data records considering data processing and aggregation along with security metadata to enable a foundation for trust in data. The model portrays a comprehensive framework and outlines the identification of information to be included in designing a security-aware provenance graph. This can be beneficial for uncovering system fault or intrusion. Also, it can be useful for decision-based systems for security analysis and risk estimation. We design an associated class diagram for the Prov-IoT model. Finally, we use an IoT healthcare example scenario to demonstrate the impact of the proposed model.

Original languageEnglish
Title of host publicationProceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020
EditorsGuojun Wang, Ryan Ko, Md Zakirul Alam Bhuiyan, Yi Pan
Place of PublicationPiscataway NJ USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages1360-1367
Number of pages8
ISBN (Electronic)9780738143804
ISBN (Print)9780738143811
DOIs
Publication statusPublished - 2020
EventInternational Workshop on Collaborative Computing with Cloud and Client 2020 - Virtual, Guangzhou, China
Duration: 29 Dec 20201 Jan 2021
Conference number: 11th
http://ieee-trustcom.org/C4W2020/ (Website)
https://ieeexplore-ieee-org.ezproxy.lib.monash.edu.au/xpl/conhome/9342897/proceeding (Proceedings)

Publication series

NameProceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020
PublisherThe Institute of Electrical and Electronics Engineers, Inc.
ISSN (Print)2324-898X
ISSN (Electronic)2324-9013

Conference

ConferenceInternational Workshop on Collaborative Computing with Cloud and Client 2020
Abbreviated titleC4W 2020
Country/TerritoryChina
CityGuangzhou
Period29/12/201/01/21
Internet address

Keywords

  • Data propagation
  • IoT provenance model
  • IoT-Health scenario
  • Provenance graph
  • Provenance-based security
  • Security metadata

Cite this