E-Mail Alert

Add your e-mail address to receive forthcoming issues of this journal:

Journal Browser

Journal Browser

Special Issue "Privacy and Security for Resource Constrained IoT Devices and Networks"

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: closed (31 December 2018)

Special Issue Editors

Guest Editor
Dr. Shancang Li

University of the West of England, Bristol, UK
Website | E-Mail
Interests: security; CPS; IoT security
Guest Editor
Prof. Dr. Houbing Song

Department of Electrical, Computer, Software, and Systems Engineering, Embry-Riddle Aeronautical University, Daytona Beach, FL 32114, USA
Website | E-Mail
Interests: Cyber-Physical Systems; Signal Processing for Communications and Networking; Cloud Computing/Edge Computing
Guest Editor
Dr. Muddesar Iqbal

School of Computing, London South Bank University, London, UK
Website | E-Mail
Interests: mobile security; IoT; privacy requirements

Special Issue Information

Dear Colleagues,

With the exponential growth of the Internet of Things (IoT) and cyber-physical systems (CPS), a wide range of IoT applications have been developed and deployed in recent years. To match the heterogeneous application requriements in IoT and CPS, many resource-constrained IoT devices are deployed, in which privacy and security have emerged as a big challenges because they have not been designed to have effective security features.

Despite the fact that many security solutions have been developed for the Internet, there are major concerns regarding the resource-constrained environments in IoT, including data encryption, privacy-preservation, vulnerabilities, threats, attacks, controls, etc. To address these privacy and security challenges, appropriate technologies have to be developed for resource-constrained environments in IoT.

This Special Issue aims to unveil and address the privacy-preservation and security issues and challenges in IoT and CPS. Suggested topics include, but are not limited to, the following.

  • Secure data sharing in IoT and CPS
  • Secure computation in resource constrained environment
  • Location privacy in IoT and CPS
  • Lightweight cryptography for low-resource devices in IoT and CPS
  • Searable encryption
  • Access control in IoT and CPS
  • Key mamagement
  • Information diffusion
  • Privacy and security in mobile devices and networks
  • Forensics in IoT and CPS
  • Privacy and security in healthcare-related IoT and CPS
  • Human aspects of security and privacy issues
  • Secure authentications of devices

Dr. Shancang Li
Prof. Dr. Houbing Song
Dr. Muddesar Iqbal
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access bimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1800 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • security and privacy-preserving
  • attack model
  • lightweight security solution

Published Papers (11 papers)

View options order results:
result details:
Displaying articles 1-11
Export citation of selected articles as:

Research

Open AccessArticle PPSDT: A Novel Privacy-Preserving Single Decision Tree Algorithm for Clinical Decision-Support Systems Using IoT Devices
Sensors 2019, 19(1), 142; https://doi.org/10.3390/s19010142
Received: 3 December 2018 / Revised: 20 December 2018 / Accepted: 29 December 2018 / Published: 3 January 2019
PDF Full-text (432 KB) | HTML Full-text | XML Full-text
Abstract
Medical service providers offer their patients high quality services in return for their trust and satisfaction. The Internet of Things (IoT) in healthcare provides different solutions to enhance the patient-physician experience. Clinical Decision-Support Systems are used to improve the quality of health services
[...] Read more.
Medical service providers offer their patients high quality services in return for their trust and satisfaction. The Internet of Things (IoT) in healthcare provides different solutions to enhance the patient-physician experience. Clinical Decision-Support Systems are used to improve the quality of health services by increasing the diagnosis pace and accuracy. Based on data mining techniques and historical medical records, a classification model is built to classify patients’ symptoms. In this paper, we propose a privacy-preserving clinical decision-support system based on our novel privacy-preserving single decision tree algorithm for diagnosing new symptoms without exposing patients’ data to different network attacks. A homomorphic encryption cipher is used to protect users’ data. In addition, the algorithm uses nonces to avoid one party from decrypting other parties’ data since they all will be using the same key pair. Our simulation results have shown that our novel algorithm have outperformed the Naïve Bayes algorithm by 46.46%; in addition to the effects of the key value and size on the run time. Furthermore, our model is validated by proves, which meet the privacy requirements of the hospitals’ datasets, frequency of attribute values, and diagnosed symptoms. Full article
Figures

Figure 1

Open AccessArticle On the Security and Data Integrity of Low-Cost Sensor Networks for Air Quality Monitoring
Sensors 2018, 18(12), 4451; https://doi.org/10.3390/s18124451
Received: 1 October 2018 / Revised: 5 November 2018 / Accepted: 7 November 2018 / Published: 16 December 2018
PDF Full-text (1097 KB) | HTML Full-text | XML Full-text
Abstract
The emerging connected, low-cost, and easy-to-use air quality monitoring systems have enabled a paradigm shift in the field of air pollution monitoring. These systems are increasingly being used by local government and non-profit organizations to inform the public, and to support decision making
[...] Read more.
The emerging connected, low-cost, and easy-to-use air quality monitoring systems have enabled a paradigm shift in the field of air pollution monitoring. These systems are increasingly being used by local government and non-profit organizations to inform the public, and to support decision making related to air quality. However, data integrity and system security are rarely considered during the design and deployment of such monitoring systems, and such ignorance leaves tremendous room for undesired and damaging cyber intrusions. The collected measurement data, if polluted, could misinform the public and mislead policy makers. In this paper, we demonstrate such issues by using a.com, a popular low-cost air quality monitoring system that provides an affordable and continuous air quality monitoring capability to broad communities. To protect the air quality monitoring network under this investigation, we denote the company of interest as a.com. Through a series of probing, we are able to identify multiple security vulnerabilities in the system, including unencrypted message communication, incompetent authentication mechanisms, and lack of data integrity verification. By exploiting these vulnerabilities, we have the ability of “impersonating” any victim sensor in the a.com system and polluting its data using fabricated data. To the best of our knowledge, this is the first security analysis of low-cost and connected air quality monitoring systems. Our results highlight the urgent need in improving the security and data integrity design in these systems. Full article
Figures

Graphical abstract

Open AccessArticle Security Cost Aware Data Communication in Low-Power IoT Sensors with Energy Harvesting
Sensors 2018, 18(12), 4400; https://doi.org/10.3390/s18124400
Received: 14 November 2018 / Revised: 3 December 2018 / Accepted: 10 December 2018 / Published: 12 December 2018
PDF Full-text (2499 KB) | HTML Full-text | XML Full-text
Abstract
Security is a critical concern in low-power IoT (Internet of Things) wireless sensors because these resource constrained devices are easy to attack and meanwhile the energy constraint sensors will consume a lot of energy to run algorithms for security purposes. We study the
[...] Read more.
Security is a critical concern in low-power IoT (Internet of Things) wireless sensors because these resource constrained devices are easy to attack and meanwhile the energy constraint sensors will consume a lot of energy to run algorithms for security purposes. We study the energy efficiency data transmission problem in IoT sensors that use capacitors to harvest wireless energy while considering the energy cost for running security algorithms. Energy harvesting with capacitors has the characteristic that the energy harvesting rate varies over time, and it is getting slower and slower as the capacitor gets more and more wireless energy. This observation will result in a trade-off for data transmission in two ways: (1) dividing data into more number of packets, thus the sensors can receive wireless energy at a higher harvesting rate, but it will result in extra energy consumption; (2) dividing data into less numbers of packets—in this way, the sensor cannot utilize the high harvesting rate, but the extra energy cost is less. We studied two sets of this problem where the low-power sensors can harvest enough wireless energy or not, and give algorithms to transmit all the data or as much data as possible, respectively, while taking into account extra cost. The theoretical performance of the proposed algorithms is also analyzed. Both theoretical analysis and extensive simulations show that the proposed algorithms have good performance. Full article
Figures

Figure 1

Open AccessArticle A Randomized Watermarking Technique for Detecting Malicious Data Injection Attacks in Heterogeneous Wireless Sensor Networks for Internet of Things Applications
Sensors 2018, 18(12), 4346; https://doi.org/10.3390/s18124346
Received: 11 November 2018 / Revised: 27 November 2018 / Accepted: 6 December 2018 / Published: 9 December 2018
PDF Full-text (3038 KB) | HTML Full-text | XML Full-text
Abstract
Using Internet of Things (IoT) applications has been a growing trend in the last few years. They have been deployed in several areas of life, including secure and sensitive sectors, such as the military and health. In these sectors, sensory data is the
[...] Read more.
Using Internet of Things (IoT) applications has been a growing trend in the last few years. They have been deployed in several areas of life, including secure and sensitive sectors, such as the military and health. In these sectors, sensory data is the main factor in any decision-making process. This introduces the need to ensure the integrity of data. Secure techniques are needed to detect any data injection attempt before catastrophic effects happen. Sensors have limited computational and power resources. This limitation creates a challenge to design a security mechanism that is both secure and energy-efficient. This work presents a Randomized Watermarking Filtering Scheme (RWFS) for IoT applications that provides en-route filtering to remove any injected data at an early stage of the communication. Filtering injected data is based on a watermark that is generated from the original data and embedded directly in random places throughout the packet’s payload. The scheme uses homomorphic encryption techniques to conceal the report’s measurement from any adversary. The advantage of homomorphic encryption is that it allows the data to be aggregated and, thus, decreases the packet’s size. The results of our proposed scheme prove that it improves the security and energy consumption of the system as it mitigates some of the limitations in the existing works. Full article
Figures

Figure 1

Open AccessArticle Joint Relay Selection and Power Allocation through a Genetic Algorithm for Secure Cooperative Cognitive Radio Networks
Sensors 2018, 18(11), 3934; https://doi.org/10.3390/s18113934
Received: 16 October 2018 / Revised: 8 November 2018 / Accepted: 12 November 2018 / Published: 14 November 2018
PDF Full-text (3360 KB) | HTML Full-text | XML Full-text
Abstract
In cooperative cognitive radio networks (CCRNs), there has been growing demand of transmitting secondary user (SU) source information secretly to the corresponding SU destination with the aid of cooperative SU relays. Efficient power allocation (PA) among SU relays and multi-relay selection (MRS) are
[...] Read more.
In cooperative cognitive radio networks (CCRNs), there has been growing demand of transmitting secondary user (SU) source information secretly to the corresponding SU destination with the aid of cooperative SU relays. Efficient power allocation (PA) among SU relays and multi-relay selection (MRS) are a critical problem for operating such networks whereas the interference to the primary user receiver is being kept below a tolerable level and the transmission power requirements of the secondary users are being satisfied. Subsequently, in the paper, we develop the problem to solve the optimal solution for PA and MRS in a collaborative amplify-and-forward-based CCRNs, in terms of maximizing the secrecy rate (SR) of the networks. It is found that the problem is a mixed integer programming problem and difficult to be solved. To cope with this difficulty, we propose a meta-heuristic genetic algorithm-based MRS and PA scheme to maximize the SR of the networks while satisfying transmission power and the interference requirements of the networks. Our simulation results reveal that the proposed scheme achieves near-optimal SR performance, compared to the exhaustive search scheme, and provides a significant SR improvement when compared with some conventional relay selection schemes with equal power allocation. Full article
Figures

Figure 1

Open AccessArticle BeeKeeper 2.0: Confidential Blockchain-Enabled IoT System with Fully Homomorphic Computation
Sensors 2018, 18(11), 3785; https://doi.org/10.3390/s18113785
Received: 12 September 2018 / Revised: 28 October 2018 / Accepted: 2 November 2018 / Published: 5 November 2018
PDF Full-text (1849 KB) | HTML Full-text | XML Full-text
Abstract
Blockchain-enabled Internet of Things (IoT) systems have received extensive attention from academia and industry. Most previous constructions face the risk of leaking sensitive information since the servers can obtain plaintext data from the devices. To address this issue, in this paper, we propose
[...] Read more.
Blockchain-enabled Internet of Things (IoT) systems have received extensive attention from academia and industry. Most previous constructions face the risk of leaking sensitive information since the servers can obtain plaintext data from the devices. To address this issue, in this paper, we propose a decentralized outsourcing computation (DOC) scheme, where the servers can perform fully homomorphic computations on encrypted data from the data owner according to the request of the data owner. In this process, the servers cannot obtain any plaintext data, and dishonest servers can be detected by the data owner. Then, we apply the DOC scheme in the IoT scenario to achieve a confidential blockchain-enabled IoT system, called BeeKeeper 2.0. To the best of our knowledge, this is the first work in which servers of a blockchain-enabled IoT system can perform any-degree homomorphic multiplications and any number of additions on encrypted data from devices according to the requests of the devices without obtaining any plaintext data of the devices. Finally, we provide a detailed performance evaluation for the BeeKeeper 2.0 system by deploying it on Hyperledger Fabric and using Hyperledger Caliper for performance testing. According to our tests, the time consumed between the request stage and recover stage is no more than 3.3 s, which theoretically satisfies the production needs. Full article
Figures

Figure 1

Open AccessArticle CS-FCDA: A Compressed Sensing-Based on Fault-Tolerant Data Aggregation in Sensor Networks
Sensors 2018, 18(11), 3749; https://doi.org/10.3390/s18113749
Received: 3 September 2018 / Revised: 26 October 2018 / Accepted: 1 November 2018 / Published: 2 November 2018
PDF Full-text (2751 KB) | HTML Full-text | XML Full-text
Abstract
When the nodes in the network are deployed in the target area with an appropriate density, the effective aggregation and transmission of the data gathered in the monitoring area remain to be solved. The existing Compressed Sensing (CS) based on data aggregation schemes
[...] Read more.
When the nodes in the network are deployed in the target area with an appropriate density, the effective aggregation and transmission of the data gathered in the monitoring area remain to be solved. The existing Compressed Sensing (CS) based on data aggregation schemes are accomplished in a centralized manner and the Sink node achieves the task of data aggregation. However, these existing schemes may suffer from load imbalance and coverage void issues. In order to address these problems, we propose a Compressed Sensing based on Fault-tolerant Correcting Data Aggregation (CS-FCDA) scheme to accurately reconstruct the compressed data. Therefore, the network communication overhead can be greatly reduced while maintaining the quality of the reconstructed data. Meanwhile, we adopt the node clustering mechanism to optimize and balance the network load. It is shown via simulation results, compared with other data aggregation schemes, that the proposed scheme shows obvious improvement in terms of the Fault-tolerant correcting capability and the network energy efficiency of the data reconstruction. Full article
Figures

Figure 1

Open AccessArticle Efficient Privacy-Preserving Access Control Scheme in Electronic Health Records System
Sensors 2018, 18(10), 3520; https://doi.org/10.3390/s18103520
Received: 8 September 2018 / Revised: 6 October 2018 / Accepted: 16 October 2018 / Published: 18 October 2018
PDF Full-text (1138 KB) | HTML Full-text | XML Full-text
Abstract
The sharing of electronic health records (EHR) in cloud servers is an increasingly important development that can improve the efficiency of medical systems. However, there are several concerns focusing on the issues of security and privacy in EHR system. The EHR data contains
[...] Read more.
The sharing of electronic health records (EHR) in cloud servers is an increasingly important development that can improve the efficiency of medical systems. However, there are several concerns focusing on the issues of security and privacy in EHR system. The EHR data contains the EHR owner’s sensitive personal information, if these data are obtained by a malicious user, it will not only cause the leakage of patient’s privacy, but also affect the doctor’s diagnosis. It is a very challenging problem for the EHR owner fully controls over own EHR data as well as preserves the privacy of himself. In this paper, we propose a new privacy-preserving access control (PPAC) scheme for EHR. To achieve fine-grained access control of the EHR data, we utilize the attribute-based signcryption (ABSC) mechanism to signcrypt data based on the access policy for the linear secret sharing schemes. Employing the cuckoo filter to hide the access policy, it could protect the EHR owner’s privacy information. In addition, the security analysis shows that the proposed scheme is provably secure under the decisional bilinear Diffie-Hellman exponent assumption and the computational Diffie-Hellman exponent assumption in the standard model. Furthermore, the performance analysis indicates that the proposed scheme achieves low costs of communication and computation compared with the related schemes, meanwhile preserves the EHR owner’s privacy. Therefore, the proposed scheme is better suited to EHR system. Full article
Figures

Figure 1

Open AccessArticle Exploring Risks Transferred from Cloud-Based Information Systems: A Quantitative and Longitudinal Model
Sensors 2018, 18(10), 3488; https://doi.org/10.3390/s18103488
Received: 30 August 2018 / Revised: 2 October 2018 / Accepted: 12 October 2018 / Published: 16 October 2018
PDF Full-text (1656 KB) | HTML Full-text | XML Full-text
Abstract
With the growing popularity of Internet of Things (IoT) and Cyber-Physical Systems (CPS), cloud- based systems have assumed a greater important role. However, there lacks formal approaches to modeling the risks transferred through information systems implemented in a cloud-based environment. This paper explores
[...] Read more.
With the growing popularity of Internet of Things (IoT) and Cyber-Physical Systems (CPS), cloud- based systems have assumed a greater important role. However, there lacks formal approaches to modeling the risks transferred through information systems implemented in a cloud-based environment. This paper explores formal methods to quantify the risks associated with an information system and evaluate its variation throughout its implementation. Specifically, we study the risk variation through a quantitative and longitudinal model spanning from the launch of a cloud-based information systems project to its completion. In addition, we propose to redefine the risk estimation method to differentiate a mitigated risk from an unmitigated risk. This research makes valuable contributions by helping practitioners understand whether cloud computing presents a competitive advantage or a threat to the sustainability of a company. Full article
Figures

Figure 1

Open AccessArticle An Incentive Mechanism in Mobile Crowdsourcing Based on Multi-Attribute Reverse Auctions
Sensors 2018, 18(10), 3453; https://doi.org/10.3390/s18103453
Received: 24 July 2018 / Revised: 1 October 2018 / Accepted: 11 October 2018 / Published: 14 October 2018
PDF Full-text (6719 KB) | HTML Full-text | XML Full-text
Abstract
In order to avoid malicious competition and select high quality crowd workers to improve the utility of crowdsourcing system, this paper proposes an incentive mechanism based on the combination of reverse auction and multi-attribute auction in mobile crowdsourcing. The proposed online incentive mechanism
[...] Read more.
In order to avoid malicious competition and select high quality crowd workers to improve the utility of crowdsourcing system, this paper proposes an incentive mechanism based on the combination of reverse auction and multi-attribute auction in mobile crowdsourcing. The proposed online incentive mechanism includes two algorithms. One is the crowd worker selection algorithm based on multi-attribute reverse auction that adopts dynamic threshold to make an online decision for whether accept a crowd worker according to its attributes. Another is the payment determination algorithm which determines payment for a crowd worker based on its reputation and quality of sensing data, that is, a crowd worker can get payment equal to the bidding price before performing task only if his reputation reaches good reputation threshold, otherwise he will get payment based on his data sensing quality. We prove that our proposed online incentive mechanism has the properties of computational efficiency, individual rationality, budget-balance, truthfulness and honesty. Through simulations, the efficiency of our proposed online incentive mechanism is verified which can improve the efficiency, adaptability and trust degree of the mobile crowdsourcing system. Full article
Figures

Figure 1

Open AccessArticle A Lightweight Cipher Based on Salsa20 for Resource-Constrained IoT Devices
Sensors 2018, 18(10), 3326; https://doi.org/10.3390/s18103326
Received: 23 August 2018 / Revised: 25 September 2018 / Accepted: 1 October 2018 / Published: 4 October 2018
PDF Full-text (845 KB) | HTML Full-text | XML Full-text
Abstract
The Internet of Things (IoT) paradigm envisions a world where everyday things interchange information between each other in a way that allows users to make smarter decisions in a given context. Even though IoT has many advantages, its characteristics make it very vulnerable
[...] Read more.
The Internet of Things (IoT) paradigm envisions a world where everyday things interchange information between each other in a way that allows users to make smarter decisions in a given context. Even though IoT has many advantages, its characteristics make it very vulnerable to security attacks. Ciphers are a security primitive that can prevent some of the attacks; however, the constrained computing and energy resources of IoT devices impede them from implementing current ciphers. This article presents the stream cipher Generador de Bits Pseudo Aleatorios (GBPA) based on Salsa20 cipher, which is part of the eSTREAM project, but designed for resource-constrained IoT devices of Class 0. GBPA has lower program and data memory requirements compared with Salsa20 and lightweight ciphers. These properties allow low-cost resource-constrained IoT devices, 29.5% of the embedded systems in the market, to be able to implement a security service that they are currently incapable of, to preserve the user’s data privacy and protect the system from attacks that could damage it. For the evaluation of its output, three statistical test suites were used: NIST Statistical Test Suite (STS), DIEHARD and EACirc, with good results. The GBPA cipher provides security without having a negative impact on the computing resources of IoT devices. Full article
Figures

Figure 1

Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top