Abstract
Next generation infrastructures will be deeply impacted by the introduction of the Internet of Things, with the objective of improving their current operating models and methods. This follows the trend of the Web of Things (WoT), which projects to seamlessly connect various smart devices and IoT frameworks due to its flexible nature, hence, enabling new innovative services and opportunities. However, it also means that more and more data need to be protected from external threats and unauthorized accesses. Therefore, additional security and privacy mechanisms need to be deployed, together with an efficient management of these IoT devices. This issue becomes more convoluted and hardly tractable when dealing with several devices of the infrastructure dispatched over different physical Local Area Networks (LAN)s that we call “Smart Spaces” (SS)s. Thus, this paper proposes to solve this issue by introducing an architecture based on a Software Defined Networking controller for providing a secure access to the different SSs of a smart infrastructure, in a centralized way. We argue that a centralized view can greatly simplify and improve the security management of such infrastructures. Moreover, to support our assumptions, a Proof of Concept, with a concrete implementation of all the components is provided.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abbas MT, Afaq M, Song W-C (2020) SD-IoV: SDN enabled routing for internet of vehicles in road-aware approach. J. Ambient Intell. Humaniz. Comput. 11(3):1265–1280. https://doi.org/10.1007/s12652-019-01319-w
Ahmad K, Mohammad OA, Atieh M, Ramadan H (2018) Iot: Architecture, challenges, and solutions using fog network and application classification. In: 2018 International Arab Conference on Information Technology (ACIT), pp 1–7
Ammar M, Russello , Crispo B (2018) Internet of things: a survey on the security of IOT frameworks. J Inf Secur Appl 38:8–27. https://doi.org/10.1016/j.jisa.2017.11.002. ISSN 2214-2126
Boussard M, Bui DT, Ciavaglia L, Douville R, Pallec ML, Sauze NL, Noirie L, Papillon S, Peloso P, Santoro F (2015) Software-defined lans for interconnected smart environment. In: 2015 27th international teletraffic congress, pp 219–227. https://doi.org/10.1109/ITC.2015.33
Bull P, Austin R, Popov E, Sharma M, Watson R (2016) Flow based security for IoT devices using an SDN gateway. In: 2016 IEEE 4th international conference on future internet of things and cloud (FiCloud), p 157–163. https://doi.org/10.1109/FiCloud.2016.30
Chakrabarty S, Engels DW (2016) A secure IoT architecture for smart cities. In: 2016 13th IEEE annual consumer communications networking conference (CCNC), pp 812–813. https://doi.org/10.1109/CCNC.2016.7444889
Chen J, Tian Z, Cui X, Yin L, Wang X (2019) Trust architecture and reputation evaluation for internet of things. J. Ambient Intell. Humaniz. Comput. 10(8):3099–3107. https://doi.org/10.1007/s12652-018-0887-z
El Jaouhari S, Bouabdallah A (2018) Dynamic security management of smart wot infrastructures using SDN. In: 2018 IEEE 88th vehicular technology conference (VTC-Fall), pp 1–7. https://doi.org/10.1109/VTCFall.2018.8690740
El Jaouhari S (2018) A secure design of WoT services for smart cities. Ph.D. Thesis, Ecole nationale supérieure Mines-Télécom Atlantique
ETSI (2013) Machine-to-machine communications (M2M); functional architecture. ETSI TS 102 690 V2.1.1. https://www.etsi.org/deliver/etsi_ts/102600_102699/102690/01.02.01_60/ts_102690v010201p.pdf. Accessed 16 Oct 2020
Feamster N, Rexford J, Zegura E (2014) The road to SDN: an intellectual history of programmable networks. SIGCOMM Comput. Commun. Rev. 44(2):87–98. https://doi.org/10.1145/2602204.2602219 (ISSN 0146-4833)
Ferraiolo David F, Kuhn D Richard (2009) Role-based access controls. CoRR arXiv:0903.2171
Flauzac O, González C, Hachani A, Nolot F (2015) SDN based architecture for IoT and improvement of the security. In: 2015 IEEE 29th international conference on advanced information networking and applications workshops, pp 688–693. https://doi.org/10.1109/WAINA.2015.110
Floodlight (2020) Project Floodlight. https://floodlight.atlassian.net/wiki. Accessed 16 Oct 2020
Fokus F (2020) OpenSDNCore—Research and Testbed for the carrier-grade NFV/SDN environment. https://www.opensdncore.org/. Accessed 16 Oct 2020
Hassija V, Chamola V, Saxena V, Jain D, Goyal P, Sikdar B (2019) A survey on IoT security: application areas, security threats, and solution architectures. IEEE Access 7:82721–82743. https://doi.org/10.1109/ACCESS.2019.2924045 (ISSN 2169-3536)
Hu P, Ning H, Chen L, Daneshmand M (2019) An open internet of things system architecture based on software-defined device. IEEE Internet Things J 6(2):2583–2592. https://doi.org/10.1109/JIOT.2018.2872028 (ISSN 2327-4662)
ITU (2012) Y.2060 : Overview of the Internet of things. https://www.itu.int/rec/T-REC-Y.2060-201206-I. Accessed 16 Oct 2020
Jararweh Y, Al-Ayyoub M, Darabseh A, Benkhelifa E, Vouk MA, Rindos A (2015) SDIoT: a software defined based internet of things framework. J Ambient Intell Humaniz Comput 6(4):453–461. https://doi.org/10.1007/s12652-015-0290-y
Jones M, Bradley J, Sakimura N (2015) JSON Web Token (JWT). RFC 7519 (proposed standard). http://www.ietf.org/rfc/rfc7519.txt. Updated by RFC 7797
Khan R, Khan SU, Zaheer R, Khan S(2012) Future internet: the internet of things architecture, possible applications and key challenges. In: 2012 10th international conference on frontiers of information technology, pp 257–260. https://doi.org/10.1109/FIT.2012.53
Kouicem DE, Bouabdallah A, Lakhlef H (2018) Internet of things security: a top-down survey. Comput Netw 141:199–221. https://doi.org/10.1016/j.comnet.2018.03.012. ISSN 1389-1286
Krčo S, Pokrić B, Carrez F (2014) Designing IoT architecture(s): a European perspective. In: 2014 IEEE world forum on internet of things (WF-IoT), pp 79–84. https://doi.org/10.1109/WF-IoT.2014.6803124
Lim KLA (2012) Computer security event management system. US Patent 8,245,297
Liu X, Zhao M, Li S, Zhang F, Trappe W (2017) A security framework for the internet of things in the future internet architecture. Future Internet 9(3). ISSN 1999-5903. https://doi.org/10.3390/fi9030027. https://www.mdpi.com/1999-5903/9/3/27
Mousavi SM St-Hilaire M (2015) Early detection of DDoS attacks against SDN controllers. In: 2015 international conference on computing, networking and communications (ICNC), pp 77–81. https://doi.org/10.1109/ICCNC.2015.7069319
OneM2M (2020) OneM2M : Standards for m2m and the internet of things. http://www.onem2m.org/. Accessed 16 Oct 2020
OpenDaylight (2020) Project OpenDaylight. https://www.opendaylight.org//. Accessed 16 Oct 2020
OWASP (2020) Open Web Application Security Project (OWASP). https://www.owasp.org. Accessed 16 Oct 2020
Patel ZD (2018) A review on service oriented architectures for internet of things (IoT). In: 2018 2nd international conference on trends in electronics and informatics (ICOEI), pp 466–470. https://doi.org/10.1109/ICOEI.2018.8553767
Pujolle G (2006) An autonomic-oriented architecture for the internet of things. In: IEEE John Vincent Atanasoff 2006 international symposium on modern computing (JVA’06), pp 163–168. https://doi.org/10.1109/JVA.2006.6
Rahimi H, Zibaeenejad A, Akbar SA (2018) A novel IoT architecture based on 5g-IoT and next generation technologies. vol 11, pp 81–88. https://doi.org/10.1109/IEMCON.2018.8614777
Ray PP (2018) A survey on internet of things architectures. J King Saud Univ Comput Inf Sci 30(3):291–319. https://doi.org/10.1016/j.jksuci.2016.10.003. ISSN 1319-1578. http://www.sciencedirect.com/science/article/pii/S1319157816300799
Salahuddin MA, Al-Fuqaha A, Guizani M, Shuaib K, Sallabi F (2017) Softwarization of internet of things infrastructure for secure and smart healthcare. Computer 50(7):74–79. https://doi.org/10.1109/MC.2017.195 (ISSN 0018-9162)
Shayokh MA, Abeshu A, Satrya GB, Nugroho MA (2016) Efficient and secure data delivery in software defined WBAN for virtual hospital. In: 2016 international conference on control, electronics, renewable energy and communications (ICCEREC), pp 12–16. https://doi.org/10.1109/ICCEREC.2016.7814973
Sidki L, Ben-Shimol Y, Sadovski A (2016) Fault tolerant mechanisms for SDN controllers. In: 2016 IEEE conference on network function virtualization and software defined networks (NFV-SDN), pp 173–178. https://doi.org/10.1109/NFV-SDN.2016.7919494
Siegel JE, Kumar S, Sarma SE (2018) The future internet of things: secure, efficient, and model-based. IEEE Internet Things J 5(4):2386–2398. https://doi.org/10.1109/JIOT.2017.2755620 (ISSN 2327-4662)
Silva H, Neto A (2016) A holistic SDN-capable session-plane tailored for efficient IOMT smart surveillance applications. In: 2016 IEEE globecom workshops (GC workshop), pp 1–6. https://doi.org/10.1109/GLOCOMW.2016.7848814
Sivaraman V, Gharakheili HH, Vishwanath A, Boreli R, Mehani O (2015) Network-level security and privacy control for smart-home IoT devices. In: 2015 IEEE 11th international conference on wireless and mobile computing, networking and communications (WiMob), pp 163–167. https://doi.org/10.1109/WiMOB.2015.7347956
Thuemmler C, Mueller J, Covaci S, Magedanz T, de Panfilis S, Jell T, Gavras A (2013) Applying the software-to-data paradigm in next generation e-health hybrid clouds. In: 2013 10th international conference on information technology: new generations. https://doi.org/10.1109/ITNG.2013.77
Tan L, Wang N (2010) Future internet: the internet of things. In: 2010 3rd international conference on advanced computer theory and engineering (ICACTE), vol 5, pp V5–376–V5–380. https://doi.org/10.1109/ICACTE.2010.5579543
Vallois V, Guenane F, Mehaoua A (2019) Reference architectures for security-by-design iot: Comparative study. In: 2019 fifth conference on mobile and secure services (MobiSecServ), pp 1–6. https://doi.org/10.1109/MOBISECSERV.2019.8686650
Vega-Barbas M, Casado-Mansilla D, Valero MA, de Ipiña D López, Bravo J, Flórez F (2012) Smart spaces and smart objects interoperability architecture (S3OiA). In: 2012 sixth international conference on innovative mobile and internet services in ubiquitous computing. https://doi.org/10.1109/IMIS.2012.99
Wu M, Lu T-J, Ling F-Y, Sun J, Du H-Y (2010) Research on the architecture of internet of things. In: 2010 3rd international conference on advanced computer theory and engineering (ICACTE), vol 5, pp V5–484–V5–487. https://doi.org/10.1109/ICACTE.2010.5579493
Xiaofeng Q, Wenmao L, Teng G, Xinxin H, Xutao W, Pengcheng C (2015) WoT/SDN: web of things architecture using SDN. China Commun 12(11):1–11. https://doi.org/10.1109/CC.2015.7366240 (ISSN 1673-5447)
Xu Y, Liu Y (2016) DDos attack detection under SDN context. In: IEEE INFOCOM 2016—the 35th annual IEEE international conference on computer communications, pp 1–9
Yan Q, Yu FR (2015) Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Commun Mag 53(4):52–59. https://doi.org/10.1109/MCOM.2015.7081075 (ISSN 0163-6804)
Yavatkar R, Pendarakis D, Guerin R (2000) A framework for policy-based admission control. RFC 2753 (informational). http://www.ietf.org/rfc/rfc2753.txt
Acknowledgements
We would like to thank our colleagues from Fraunhofer FOKUS, in particular, Christian Lueck for the valuable and substantial help in the implementation part of the OpenSDN modules, and Benjamin Reichel who provided insight and expertise.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
El Jaouhari, S., Bouabdallah, A. & Corici, A.A. SDN-based security management of multiple WoT Smart Spaces. J Ambient Intell Human Comput 12, 9081–9096 (2021). https://doi.org/10.1007/s12652-020-02601-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-020-02601-y