A Survey on Trust Management for Internet of Things

Published on Jun 1, 2014in Journal of Network and Computer Applications5.273
· DOI :10.1016/j.jnca.2014.01.014
Zheng Yan22
Estimated H-index: 22
(Aalto University),
Peng Zhang7
Estimated H-index: 7
Athanasios V. Vasilakos90
Estimated H-index: 90
(Kuniv: Kuwait University)
Internet of Things (IoT) is going to create a world where physical objects are seamlessly integrated into information networks in order to provide advanced and intelligent services for human-beings. Trust management plays an important role in IoT for reliable data fusion and mining, qualified services with context-awareness, and enhanced user privacy and information security. It helps people overcome perceptions of uncertainty and risk and engages in user acceptance and consumption on IoT services and applications. However, current literature still lacks a comprehensive study on trust management in IoT. In this paper, we investigate the properties of trust, propose objectives of IoT trust management, and provide a survey on the current literature advances towards trustworthy IoT. Furthermore, we discuss unsolved issues, specify research challenges and indicate future research trends by proposing a research model for holistic trust management in IoT.
  • References (145)
  • Citations (478)
📖 Papers frequently viewed together
533 Citations
435 Citations
4,389 Citations
78% of Scinapse members use related papers. After signing in, all features are FREE.
#1Zhengguo ShengH-Index: 18
#2Shusen Yang (Imperial College London)H-Index: 17
Last. Kin K. Leung (Imperial College London)H-Index: 43
view all 6 authors...
435 CitationsSource
Nov 1, 2013 in ADHOCNETS (Ad Hoc Networks)
#1Thomas Kothmayr (TUM: Technische Universität München)H-Index: 6
#2Corinna Schmitt (UZH: University of Zurich)H-Index: 9
Last. Georg Carle (TUM: Technische Universität München)H-Index: 25
view all 5 authors...
In this paper, we introduce the first fully implemented two-way authentication security scheme for the Internet of Things (IoT) based on existing Internet standards, specifically the Datagram Transport Layer Security (DTLS) protocol. By relying on an established standard, existing implementations, engineering techniques and security infrastructure can be reused, which enables easy security uptake. Our proposed security scheme is therefore based on RSA, the most widely used public key cryptograph...
160 CitationsSource
Nov 1, 2013 in ADHOCNETS (Ad Hoc Networks)
#1Shahid RazaH-Index: 16
#2Linus WallgrenH-Index: 2
Last. Thiemo Voigt (Uppsala University)H-Index: 42
view all 3 authors...
In the Internet of Things (IoT), resource-constrained things are connected to the unreliable and untrusted Internet via IPv6 and 6LoWPAN networks. Even when they are secured with encryption and authentication, these things are exposed both to wireless attacks from inside the 6LoWPAN network and from the Internet. Since these attacks may succeed, Intrusion Detection Systems (IDS) are necessary. Currently, there are no IDSs that meet the requirements of the IPv6-connected IoT since the available a...
239 CitationsSource
#1Sabrina SicariH-Index: 15
Last. Roberto RiggioH-Index: 17
view all 3 authors...
Abstract Typical wireless sensor networks (WSNs) applications are characterized by a certain number of different requirements such as: data accuracy, localization, reputation, security, and confidentiality. Moreover, being often battery powered, WSNs face the challenge of ensuring privacy and security despite power consumption limitations. When the application scenario allows their use, data aggregation techniques can significantly reduce the amount of data exchanged over the wireless link at th...
16 CitationsSource
#1Yan Ding (USTB: University of Science and Technology Beijing)H-Index: 4
#2Xianwei Zhou (USTB: University of Science and Technology Beijing)H-Index: 10
Last. Fuhong Lin (USTB: University of Science and Technology Beijing)H-Index: 9
view all 4 authors...
A particular challenging problem in designing Internet of Things is that how to detect and prevent internal attacks, because all nodes try their best to save their limited network resource. So it is difficult to achieve optimal objectives simultaneously, game theory provides an appropriate tool. In this paper, we propose a non-cooperative differential game model, which allows all nodes to choose the optimal amount of network resource to invest in information security contingent upon the state of...
14 CitationsSource
#1Sergio Gusmeroli (TXT e-solutions)H-Index: 6
#2Salvatore Piccione (TXT e-solutions)H-Index: 3
Last. Domenico Rotondi (TXT e-solutions)H-Index: 6
view all 3 authors...
Abstract Resource and information protection plays a relevant role in distributed systems like the ones present in the Internet of Things (IoT). Authorization frameworks like RBAC and ABAC do not provide scalable, manageable, effective, and efficient mechanisms to support distributed systems with many interacting services and are not able to effectively support the dynamicity and scaling needs of IoT contexts that envisage a potentially unbound number of sensors, actuators and related resources,...
134 CitationsSource
#1Rodrigo RomanH-Index: 19
#2Jianying ZhouH-Index: 39
Last. Javier López (UMA: University of Málaga)H-Index: 41
view all 3 authors...
533 CitationsSource
#1Ming Li (USU: Utah State University)H-Index: 29
#2Shucheng Yu (UALR: University of Arkansas at Little Rock)H-Index: 30
Last. Wenjing Lou (VT: Virginia Tech)H-Index: 66
view all 4 authors...
Making new connections according to personal preferences is a crucial service in mobile social networking, where an initiating user can find matching users within physical proximity of him/her. In existing systems for such services, usually all the users directly publish their complete profiles for others to search. However, in many applications, the users' personal profiles may contain sensitive information that they do not want to make public. In this paper, we propose FindU, a set of privacy-...
43 CitationsSource
#1Huansheng Ning (Beihang University)H-Index: 22
#2Hong Liu (Beihang University)H-Index: 15
Last. Laurence T. Yang (HUST: Huazhong University of Science and Technology)H-Index: 18
view all 3 authors...
A proposed Internet of Things system architecture offers a solution to the broad array of challenges researchers face in terms of general system security, network security, and application security.
121 CitationsSource
Mar 1, 2013 in ISADS (International Symposium on Autonomous Decentralized Systems)
#1Fenye Bao (VT: Virginia Tech)H-Index: 14
#2Ing-Ray Chen (VT: Virginia Tech)H-Index: 36
Last. Jia Guo (VT: Virginia Tech)H-Index: 9
view all 3 authors...
An Internet of Things (IoT) system connects a large amount of tags, sensors, and mobile devices to facilitate information sharing, enabling a variety of attractive applications. It challenges the design and evaluation of IoT systems to meet the scalability, compatibility, extendibility, dynamic adaptability and resiliency requirements. In this paper, we design and evaluate a scalable, adaptive and survivable trust management protocol in dynamic IoT environments. Recognizing that entities in an I...
70 CitationsSource
Cited By478
#1Nabil DjedjigH-Index: 4
#2Djamel TandjaouiH-Index: 6
Last. Imed Romdhani (Edinburgh Napier University)H-Index: 10
view all 4 authors...
Abstract The resource-constrained nature of IoT objects makes the Routing Protocol for Low-power and Lossy Networks (RPL) vulnerable to several attacks. Although RPL specification provides encryption protection to control messages, RPL is still vulnerable to internal attackers and selfish behaviours. To address the lack of robust security mechanisms in RPL, we design a new Metric-based RPL Trustworthiness Scheme (MRTS) that introduces trust evaluation for secure routing topology construction. Ex...
#1Mazen Juma (British University in Dubai)
#2Azza Abdel Monem (Ain Shams University)H-Index: 5
Last. Khaled Shaalan (British University in Dubai)H-Index: 22
view all 3 authors...
Abstract The End-to-End VPN security has an essential role especially in connecting smart objects in the Internet of Things (IoT) environments. It noted that security is a crucial issue in the End-to-End VPN approach. IPSec/IPv6 and OpenSSL are the most common VPN approaches used separately to secure smart IoT objects in different environments. These approaches have strengths and weaknesses. This paper addresses the development of a Hybrid End-to-End VPN security approach achieved by combining t...
#2Sangram RayH-Index: 5
Last. Mou DasguptaH-Index: 3
view all 5 authors...
#1Raimo Kantola (Aalto University)H-Index: 13
Trust in a network context is about expected outcomes of decisions to communicate with a remote party, to click on a link or to believe in what an email says. The possible outcomes are either the positive value of the communication or being hacked or cheated in some way. Trust spans all protocol layers from the IP layer to applications and content. ITU - T is working on the framework architecture for trust networking. The White Paper after 1st IEEE 6G Summit advocated embedding trust into the 6G...
#1Mahmoud Elkhodr (Central Queensland University)H-Index: 10
#2Belal Alsinglawi (USYD: University of Sydney)H-Index: 3
#1Esubalew Alemneh (Bahir Dar University)H-Index: 1
Last. Tesfa Tegegne (Bahir Dar University)
view all 4 authors...
Abstract Fog computing is the next frontier of cloud computing since it can compute and store a massive amount of data generated by IoT devices near their sources. Indeed, transmitting all these data to the cloud will take up a huge amount of bandwidth. However, its features and flexibility of deployment make fog computing vulnerable to security and privacy attacks. The high-mobility support, dynamic environment, geographical distribution, location awareness, proximity to end users, and lack of ...
2 CitationsSource
#1Costas VassilakisH-Index: 18
#2Konstantinos KotisH-Index: 13
Last. Volha PetukhovaH-Index: 11
view all 16 authors...
This paper presents SemMR, a semantic framework for modelling interactions between human and non-human entities and managing reusable and optimized cultural experiences, towards a shared cultural experience ecosystem that might seamlessly accommodate mixed reality experiences. The SemMR framework synthesizes and integrates interaction data into semantically rich reusable structures and facilitates the interaction between different types of entities in a symbiotic way, within a large, virtual, an...