Abstract-The Internet of Things (IoT) is now destroying the barriers between the real and digital worlds. However, one of the huge problems that can slow down the development of this global wave, or even stop it, concerns security and privacy requirements. The criticality of these latter comes especially from the fact that the smart objects may contain very intimate information or even may be responsible for protecting people's lives. In this paper, the focus is on access control in the IoT context by proposing a dynamic and fully distributed security policy. Our proposal will be based, on one hand, on the concept of the blockchain to ensure the distributed aspect strongly recommended in the IoT; and on the other hand on machine learning algorithms, particularly on reinforcement learning category, in order to provide a dynamic, optimized and selfadjusted security policy.
The main challenge facing the Internet of Things (IoT) in general, and IoT security in particular, is that humans have never handled such a huge amount of nodes and quantity of data. Fortunately, it turns out that Machine Learning (ML) systems are very effective in the presence of these two elements. However, can IoT devices support ML techniques? In this paper, we investigated this issue and proposed a twofold contribution: a thorough study of the IoT paradigm and its intersections with ML from a security perspective; then, we actually proposed a holistic ML-based framework for access control, which is the defense head of recent IT systems. In addition to learning techniques, this second pillar was based on the organization and attribute concepts to avoid role explosion problems and applied to a smart city case study to prove its effectiveness.
La sécurité est un des sérieux problèmes qui menace le développement de l'internet des objets. Cependant, cette mission devient plus complexe dans les environnements IoT vu qu'ils ont des exigences intrinsèques supplémentaires telles que l'hétérogénéité, les capacités limitées de stockage et de calcul ainsi que le grand nombre de dispositifs. Pour remédier à ce problème, cet article propose un processus inspiré du concept de l'émergence visant à tirer profit de ce grand nombre d'objets intelligents et à en extraire les caractéristiques significatives que nous ne pouvons pas capter dans les systèmes avec un petit nombre. Le papier propose ensuite un framework de contrôle d'accès dédié aux environnements IoT basé sur trois notions de base : Réseaux de Blockchain, systèmes de réputation et algorithmes d'apprentissage par renforcement. ABSTRACT. Securing the IoT world in not a luxury task; it is even a matter of urgency given this exponential growth of IoT market. In fact, one can easily imagine the catastrophic damages of an attack in the field of e-Health or in the smart cities and critical infrastructures management. That being said, serious problems derived from these constrained environments block the proposal of pertinent solutions. This paper is a contribution step in this direction. To address these problems, we expose a global framework inspired from the concept of emergence in order to take advantage of this large number of devices and extract the "emergent" characteristics that are nonexistent in smaller systems. The framework is built on top of two pillars: Blockchain as architecture and Reinforcement Learning as processing toolkit.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.