Revision as of 14:35, 16 September 2013

Publications

• Denis Trcek and Andrej Brodnik. 2013. Hard and Soft Security Provisioning For Computationally Weak Pervasive Computing Systems in E-Health. IEEE Wireless Communications, August 2013, pp. 2-9
• Reijo M. Savola. 2013. “Quality of security metrics and measurements”. In Computers & Security, Vol. 37, Sept. 2013, pp. 78-90, http://dx.doi.org/10.1016/j.cose.2013.05.002
• Mohamed Hamdi. 2013. Secure Cooperative Physical-layer Coding for the Internet of Things. Int. Workshop on Adaptive Security & Privacy Management for the Internet of Things (ASPI) 2013, Sept. 8, 2013, Zürich, Switzerland, 8 p. http://dx.doi.org/10.1145/2523501.2523505
• Yared Berhanu Woldegeorgis, Habtamu Abie, and Mohamed Hamdi. 2013. A Testbed for Adaptive Security for IoT in eHealth. Int. Workshop on Adaptive Security & Privacy Management for the Internet of Things (ASPI) 2013, Sept. 8, 2013, Zürich, Switzerland, 8 p. http://dx.doi.org/10.1145/2523501.2523506
• Reijo Savola and Habtamu Abie, Metrics-Driven Security Objective Decomposition for an E-Health Application with Adaptive Security Management. ”, Int. Workshop on Adaptive Security & Privacy Management for the Internet of Things (ASPI) 2013, Sept. 8, 2013, Zürich, Switzerland, 8 p. http://dx.doi.org/10.1145/2523501.2523507
• Stefan Poslad, Mohamed Hamdi, and Habtamu Abie. 2013. International Workshop on Adaptive Security & Privacy management for the Internet of Things (ASPI 2013). In Proc. of UbiComp '13 Adjunct Proceedings of the 2013 ACM conference on Pervasive and ubiquitous computing adjunct publication, ACM New York, NY, USA, 2013, Pages 373-378, http://dx.doi.org/10.1145/2494091.2499770
• Stefan Poslad. 2013. "ERSP: An Energy-efficient Real-time Smartphone Pedometer". 2013. In IEEE Systems, Man, Cybernetics Computing (SMC), on the theme of energy-efficiency and ambulatory mobility monitoring, October 2013.
• Stefan Poslad. 2013. A New Post Correction Algorithm (PoCoA) for Improved Transportation Mode Recognition. In IEEE Systems, Man, Cybernetics Computing (SMC), on the theme of energy-efficiency and ambulatory mobility monitoring, October 2013.
• Waqas Aman and Einar Snekkenes, An Empirical Research on InfoSec Risk Management in IoT based eHealth. The Third International Conference on Mobile Services, Resources, and Users Mobility 2013

• Habtamu Abie and Ilangko Balasingham, Risk-Based Adaptive Security for Smart IoT in eHealth. In: BODYNETS 2012 - 7th International Conference on Body Area Networks. Brussels: ICST - Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering 2012 ISBN 978-1-4503-1997-3. s. 269-275
• Reijo Savola, Habtamu Abie, and Markus Sihvonen, Towards Metrics-Driven Adaptive Security Management in E-Health IoT Applications. In: BODYNETS 2012 - 7th International Conference on Body Area Networks. Brussels: ICST - Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering 2012 ISBN 978-1-4503-1997-3. s. 276-281

Public Deliverables

• Leister, Wolfgang; Abie, Habtamu; Poslad, Stefan, Defining the ASSET Scenarios,Norsk Regnesentral 2012 17 s. NR-notat(DART/17/2012), NR
• Leister, Wolfgang; Floor, Pål Anders; Woldegiorgis, Yared Berhanu; Balasingham, Ilangko; Abie, Habtamu, Defining the ASSET Lab, Norsk Regnesentral 2012 43 s. NR-notat(DART/16/2012), HIOA NR OUS

Workshops and Conferences

• ASSET at IoT Conference, Tuesday 19th of March 2013, Telenor, Oslo, Norway
• Call For Papers - Workshop on Security Tools and Techniques for Internet of Things (SeTTIT) 2013 co-located with the BodyNets 2013 Conference sponsored by IEEE EMB, ACM SIGCHI, and CREAT-NET. Consider to submit and publish original scientific results to the SeTTIT 2013 in Boston, Massachusetts, United States, September 30–October 2, 2013.
• Call For Papers SeTTIT 2013 in PDF
• International Workshop on Adaptive Security & Privacy Management for the Internet of Things (ASPI 2013) Co-located with the 15th ACM International Conference on Ubiquitous Computing (UbiComp2013], September 8th (Sunday) 2013, Zurich, Switzerland

The successful completion of the ASPI 2013 Workshop

The ASPI 2013 (International Workshop on Adaptive Security & Privacy Management for the Internet of Things 2013) in conjunction with the 15th ACM International Conference on Ubiquitous Computing (UbiComp2013] concluded on Sunday September 8, 2013, Zurich, Switzerland. The workshop featured 2 keynote speeches and 6 regular papers and 1 short paper. The program of the workshop was as follows:

• Welcome & Introduction to the Workshop, Dr. Stefan Poslad

Keynote speech: Let us Develop a Secure IoT Environment, Peter Mueller, IBM Zurich

• Session 1: Resilient & Transparent Security Schemes for the IoT'', Chair Dr. Mohamed Hamdi:*6LoWPAN Security: Adding Compromise Resilience to the 802.15.4 Security Sublayer (K-F Krentz)
• Delay Sensitive Distributed Sensor Data Exchange for an IoT (R. Tao, S. Poslad)

Keynote speech: Towards Adaptive Risk Management for the IoT, Dr. Mohamed Hamdi, Sup'Com

• Session 2: Trust, Metrics and Adaptive Security Approaches for the IoT,  Chair Dr. Habtamu Abie
• Trusted Tiny Things: Making Internet of Things More Transparent to Users (E. Pignotti, P. Edwards)
• Metrics-Driven Security Objective Decomposition for an E-Health Application with Adaptive Security Management (R. Savola, H. Abie)

• Session 3: Security implementation issues in the IoT, Chair Dr. Stefan Poslad
• Lightweight Security Vehicle Tracking System Using CoAP (A. Ukil, S. Bandyopadhyay, A. Bhattacharyya, A. Pal)
• Secure Cooperative Physical-layer Coding for the Internet of Things (M. Hamdi)
• A Testbed for Adaptive Security for IoT in eHealth (Y. B. Woldegeorgis, H. Abie, M. Hamdi)
• Closing remarks and discussion (S. Poslad)

The first keynote speech, "Let’s Develop a Secure IoT Environment" by Peter Mueller has the abstract: Thirty years ago, the idea of ‘Connecting Every-Thing’ was just a topic of science fiction, but with the introduction and technological advancements and introduction of the Internet, the fiction has become reality. Up to now, communications systems, and also the Internet, have predominantly been used by and for individuals. With IoT we all experience a domain shift towards connected devices and machines – the Things – which are autonomously requesting and supplying information via networks. This development leads to a series of great challenges not only for future technology and its standardization, but also for the whole of society. This talk will focus on one of the absolutely critical aspects within the IoT environment – Security. Security functions and attributes are required at every level, from a tiny sensor device ranging up to a high performance data center on a backbone. Today’s new requirements regarding technology, policies and standards will be reviewed, and some conjectures will be given on where advanced security might take us and the IoT in the future.

The second keynote speech, "Towards Adaptive Risk Management for the IoT" by Dr. Mohamed Hamdi, has the abstract: In the Internet of Things (IoT), physical objects become virtual, meaning that they have locatable, addressable, and readable counterpart on the Internet. The evolution of multimodal sensing, wireless communication, and convergent services enable these objects, called things, to produce and consume network services. In spite of the huge potential brought by this paradigm, several significant obstacles remain to fulfill the IoT vision, among them security. This presentation addresses the application of risk management methodologies and risk analysis processes to the IoT. The intrinsic features of the IoT will first be underlined. Then, the shortcomings of the traditional frameworks to address these specific needs will be discussed. Particularly, the need for real-time reactivity and the support of a dynamic context will be emphasized. Several new methodologies, protocols, and algorithms that have been recently developed to apply adaptive security to the IoT will be reviewed. Finally, some open issues will be highlighted.

The successful completion of the SeTTIT 2012 Workshop

The SeTTIT (Security Tools and Techniques for Internet of Things) Workshop in conjunction with the BodyNets 2012 Conference concluded on Wednesday September 26, 2012, Oslo, Norway. The workshop featured 2 keynote speeches and 4 regular papers. The program of the workshop was as follows:

• Chair: Dr. Habtamu Abie NR, Norway
• Keynote speech: Information Management Challenges in a context-aware Internet of Things Towards a Healthy You, Prof. Stefan Poslad, Queen Mary University of London, UK
• Security and Privacy Threats in IoT Architectures, D. Kozlov, J. Veijalainen and Y. Ali, University of Jyväskylä, Finland
• Towards Metrics-Driven Adaptive Security Management in E-Health IoT Applications, R. M. Savola, H. Abie and M. Sihvonen, VTT Finland
• Keynote speech: Game Theory and Trust Models for the Internet of Things, Dr. Mohamed Hamdi, School of Communication Engineering, Tunisia
• Risk-Based Adaptive Security for Smart IoT in eHealth, H. Abie and I. Balasingham, Norwegian Computing Center, Norway
• Managing Access Control for Things: a Capability Based Approach, D. Rotondi and S. Piccione, TxT e-solutions S.p.A., Italy

The first keynote speech, "Information Management Challenges in a Context-Aware Internet of Things (ioT) towards a Healthy You" by Prof. Stefan Poslad, has covered the ‘Old’ Internet of Devices vs the ‘New’ IoT, IoT Architecture Models, IoT Apps in eHealth, and the objectives and challenges of information management including how IoT such as sensors and RFID tags add more low resource digital things, and single-task OS & RTOS devices that run vertical services are networked but not IP networked and cannot easily be orchestrated, and how the use and value of sensor data and the ways can be orchestrated can be enhanced if the appropriate contexts for the sensor data are defined, can be captured, linked to, browsed and post-processed which represent key information management challenges in a context-aware IoT towards a healthy you.

The second keynote speech, “Game Theory and Trust Models for the IoT" by Dr. Mohamed Hamdi, analyzed the threat sophistication in the IoT based on real attack cases, discussed relevant examples including coalition attacks and impersonation in online gaming applications, reviewed the mathematical foundations of game theory with a listing of the different categories of games and their main features, and a discussion of the categories that better fit the requirements for IoT trust management, and explored potential use cases of game theory for IoT trust management with three scenarios the interception of a message by an intruder, the propagation of a worm in a networked system, and the use of game theory to assess the vulnerability of an ad hoc topology against denial of service attacks.

The four regular papers addressed security and privacy threats in IoT architectures by Prof Jari Veijalainen, metrics-driven adaptive security management in eHealth IoT applications by Mr Reijo Savola, risk-based adaptive security for IoT in eHealth by Dr. Habtamu Abie, and managing access control for things-a capability-based approach by Mr Domenico Rotondi, respectively.

Both the presentations and discussions were instructive and fruitful. In sum, the workshop has achieved its main objectives of bringing experts from science and industry together to discuss new insights from work in progress, technological and scientific breakthroughs and practical aspects of securing the IoT. The audience had the opportunity to take part in the discussion of protection tools and techniques for the IoT.

Workshop Chairs

Dr. Mohamed Hamdi, School of Communication Engineering, Tunisia

Dr. Habtamu Abie, Norwegian Computing Center, Norway

Sponsors