Webinos approach in IOT

1. INTRODUCTION

During the past few years, in the area of wireless communications and networking, a novel

paradigm named the Internet of Things (IoT) which was first introduced by Kevin Ashton in the year

1998, has gained increasingly more attention in the academia and industry. By embedding short-range

mobile transceivers into a wide array of additional gadgets and everyday items, enabling new forms of

communication between people and things, and between things themselves, IoT would add a new

dimension to the world of information and communication.

Unquestionably, the main strength of the IoT vision is the high impact it will have on several

aspects of every-day life and behaviour of potential users. From the point of view of a private user, the

most obvious effects of the IoT will be visible in both working and domestic fields. In this context,

assisted living, smart homes and offices, e-health, enhanced learning is only a few examples of possible

application scenarios in which the new paradigm will play a leading role in the near future. Similarly,

from the perspective of business users, the most apparent consequences will be equally visible in fields

such as automation and industrial manufacturing, logistics, business process management, intelligent

transportation of people and goods.

However, many challenging issues still need to be addressed and both technological as well as

social knots need to be united before the vision of IoT becomes a reality. The central issues are how to

achieve full interoperability between interconnected devices, and how to provide them with a high degree

of smartness by enabling their adaptation and autonomous behaviour, while guaranteeing trust, security,

and privacy of the users and their data. More-over, IoT will pose several new problems concerning issues

related to efficient utilization of resources in low-powered resource constrained objects.

Several industrial, standardization and research bodies are currently involved in the activity of

development of solutions to fulfill the technological requirements of IoT. The objective of this paper is to

provide the reader a comprehensive discussion on the current state of the art of IoT, with particular focus

on what have been done in the areas of protocol, algorithm and system design and development, and what

are the future research and technology trends.

Definition: The Internet of Things (IoT) is a computing concept that describes a future where everyday

physical objects will be connected to the Internet and will be able to identify themselves to other devices.

The term is closely identified with RFID as the method of communication, although it could also include

other sensor technologies, other wireless technologies, QR codes, etc.

In the context of “Internet of Things” a “thing” could be defined as a real/physical or digital/virtual

entity that exists and move in space and time and is capable of being identified. Things are commonly

identified either by assigned identification numbers, names and/or location addresses.

The Internet of Things allows people and things to be connected Anytime, Anyplace, with

Anything and Anyone, ideally using Any path/network and Any service.

The IoT has been defined from various different perspectives and hence numerous definitions for

IoT exist in the literature. The reason for apparent fuzziness of the definition stems from the fact that it

is syntactically composed of two terms—Internet and things. The first one pushes towards a network

oriented vision of IoT, while the second tends to move the focus on generic objects to be integrated into

a common framework. However, the terms ‘Internet’ and ‘things’, when put together assume a meaning

which introduces a disruptive level of innovation into the ICT world.

The Internet of Things implies a symbiotic interaction among the real/physical, the digital/virtual

worlds: physical entities have digital counterparts and virtual representation; things become context aware

and they can sense, communicate, interact, exchange, data, information and knowledge.

The sequel of this report is structured as follows: Section 2 explains the literature survey , two

major components in the Internet of Things – Global Sensor Networks and RFID, Three research results

from other fields that we believe are worth investigating for the Internet of Things are introduced and an

analysis of the components in the Internet of Things, their sensitivity to security and privacy, as well as an

analysis of the state in research for topics considered as highly sensitive. In Section 3, Webinos approach

is introduced and detailed on related security and privacy work using Createnotes and Baseline in Section

4. In Section 5,Challenges and future trends are explained. Concluding remarks are given in Section 6.

Future works are mentioned in section 7.

2. LITERATURE SURVEY

In the research communities, IoT has been defined from various different perspectives and hence

numerous definitions for IoT exist in the literature. In fact, IoT semantically means a “world-wide

network of interconnected objects uniquely addressable, based on standard communication protocols” .

This implies that a huge number of possibly heterogeneous objects are involved in the process. In

IoT, unique identification of objects and the representation and storing of exchanged information is the

most challenging issue. This brings the perspective of IoT—semantic perspective.

2.1 Government, Academia and Industry:

Rodrigo Roman , Jianying Zhou , Javier Lopez “ On the features and challenges of security and privacy in distributed internet of things” Institute for Infocomm Research, ,in Elsevier journal,Malaga 29071,spain

In this work, the author is of the opinion that, the concept of a distributed IoT is not novel. In

fact, various official documents consider it as one of the possible strategies that can push the dream of the

IoT into the real world, and it has been explicitly mentioned that the development of decentralized

autonomic architectures and the location of intelligence at the very edge of the networks are issues that

need to be addressed. Still, some key questions have been answered to make the most of this strategy in

the real world, such as the specific situations on which the network intelligence should be distributed. In

order to answer these questions, it is necessary to study the specific requirements of applications. For

exam ple, whether an application needs support for distributed ownership of data. This and other issues

that have been raised by these governmental studies are being carefully considered by the research

community.

There are various research articles that study different instances of distributed IoT architectures.

A.Gómez-Goiri, D. López-de-Ipiña, “On the complementarity of Triple Spaces and the Web of Things,” in: 2nd International Workshop on Web of Things (WoT’11), San Francisco, USA, 2011.

In this work, the authors Go mez-Goiri and López-de-Ipiña combine the concept of the web of

things (using web protocols to implement the IoT) with the concept of triple spaces (using semantic web

techniques to exchange knowledge in a distributed local shared space) to create a distributed environment

where devices located in two or more spaces can collaborate with each other through Internet services. In

another example, which follows a more holistic point of view, describe a heterogeneous system known as

U2IoT that comprises two subsystems: Unit IoTs, which are basic local cells that provide solutions for

special applications, and Ubiquitous IoT, which comprises the different Unit IoTs plus other managers

and controls the collaboration between all entities.

There are also many research projects funded by various government bodies that, directly or

indirectly, are studying as of 2012 the needs of a distributed IoT architecture. Precisely, one of these

projects, IoT-A, is aiming to provide an architectural reference model for the interoperability of Internet

of Things systems. Note that such a reference architecture does not mandate how all entities

should collaborate, or who should analyze the data and provide the different services.

Still, the communication model provides the foundations for the creation of distributed

applications, allowing digital entities to directly connect and interact with other digital entities.

Moreover, the location of intelligence at the edge of the network is implicitly considered, as digital

entities range from simple devices to abstract entities made up of various distributed devices. Therefore,

its building blocks could be used in the future to create fully distributed IoT applications.

Some concrete building blocks, which can help to build a distributed IoT, have been indirectly

studied in other research projects. For example, the HYDRA project developed an open source

middleware that allows legacy devices to provide web services over the Internet – directly or indirectly.

HYDRA also provides some tools that can be used to enable collaboration, such as a device and service

discovery interface. This interface can make use of anontology to describe the available services,

achieving semantic consistency. Another project, SENSEI, was more focused on providing a consistent

interface to access the services of Wireless Sensor Networks (WSN) islands. But it produced other

relevant results, such as semantically-enabled resource directories, and local management systems that

benefit of the existence of such directories.

Finally, other projects, like CUBIQ and SMARTPRODUCTS, studied and developed various

P2P-based distributed mechanisms, such as a distributed publish/subscribe system and a distributed

storage system.

Beyond theoretical research, there are numerous companies and start-ups that are making use of

cloud technologies to provide IoT services. The key idea is that all edge devices and intranet of things

will send their information periodically to an application platform located in the cloud. This platform

stores all the data and provides specialized API interfaces that can be used by 3rd parties to create their

IoT applications.

There are various approaches for implementing these types of platforms: from closed

environments where even the sensors are controlled by the company to more open platforms that allow

the integration of external devices and databases. Most of these solutions are completely centralized:

edge systems act mainly as data acquisition networks, and application plat forms from different vendors

are not prepared to interact with each other.

Yet there are some platforms that, pursuing the idea of creating private and hybrid clouds, can be

deployed in a local environment. These platforms not only enable the existence of local intelligence but

also can exchange information and services with external systems, thus they can easily become instances

of the distributed IoT.

2.2 Research from other Domains :

The current Internet has failed in many ways to provide adequate security and privacy. We

present three research results that are worth considering in the Internet of Things. We shortly present

these approaches and motivate in investigating them for the use in the Internet of Things.

B. Schneier, Weitzner et al “The Future of Privacy,” Presentation at RSA Conference Europe,

Oct. 2008

In this work, the author describes the concept of “ Information Accountability” relating it to the

concepts in Internet of Things. Since first information systems have been set up and the Web has taken

its way to reach millions of people, the dilemma of privacy in the digital world has begun. Using the

same techniques to protect privacy of people – and maybe the privacy of ‘things’ in the Internet of

Things – will maybe end in the same results: uncontrolled information flow and uncontrolled privacy.

The current large-scale databases storing personal data will get filled up even more in the days of the

Internet of Things and record our every steps.

As Schneier explained we have quite no way of controlling the collection and use of personal

data. Worse, lots of data is linked to personal information – which is often not necessary. All of this data

is collected and stored, but not deleted, which inevitably result in data garbage that goes uncontrolled.

Weitzner et al. present a new concept to privacy which they call Information Accountability

The main principle of information accountability is not to try to prevent the leakage of data – and being

helpless once data leaks – but rather being able to control the usage of the data. Therewith being able to

call persons to account that misuse the data – which is not able with the current concept of privacy that

is based on keeping information secret

G. Montenegro, C. Castelluccia Crypto-based Identifiers(CBIDs): Concepts and Applications.

ACM Transactions on Information and System Security 7(1):97-127 Feb.2004

Here, the authors present a concept which known as “Cryptographic Identifiers” .

Cryptographic Identifiers are used within several newer networking protocols to prove ownership of an

address. The IPv6 Secure Neighbour Discovery (Send), e. g., uses Cryptographically Generated

Addresses to prevent address spoofing, as possible in the Address Resolution Protocol (ARP) used in

LANs. Furthermore, given the large size of Overlay identifiers, the use of Cryptographic Identifiers can

there be used to prove the ownership of ones identifier. The Host Identity Protocol (HIP), e. g., bases its

security highly on Cryptographic Identifiers.

The Cryptographic Identifiers as RFID IDs would enable tags to prove that they really own the

ID. With current RFID solutions mainly deployed in self-contained systems, the need to ownership

proof does hardly arise. Having public databases that store all information about a tags and are publicly

queriable, brings up the problem of tag ID spoofing as an attacked can gather all tag information from

the database and then prepare a tag that spoofs its identity as some other tag. Cryptographic Identifiers

can help detect tags that spoof their ID as other tags. Furthermore, the scheme can be deployed for

sensor nodes that take part in an overlay network where identifiers are long enough to use Cryptographic

Identifiers. These nodes can then prove ownership of their identifier. This allows to detect rogue sensors

that spoof as another tag and possible give out corrupted sensing data.

E.Blab, M. Zitterbart. Towards Acceptable Public-Key Encryption in Sensor Networks. In

roceedings of 2nd Interntional Workshop on Ubiquitous Computing.Pp. 88-93. May 2005

In this work, the authors has given a menthod of solving the Cryptographic Identifiers. These

Cryptographic Identifiers are based on asymmetric-key cryptography and therefore have a large

overhead compared to symmetric-key cryptography in terms of computational power and key-size. As it

has been shown that sensor nodes can be able to perform asymmetric-key cryptography, the use of

Cryptographic Identifiers in sensor nodes is possible. RFID tags are quite some time away from

performing asymmetric-key cryptography, but will eventually be able. Therefore, interesting results are

to arise when using the RFID tags ID in combination with Cryptographic Identifiers.

S. Mathur, W. Trappe, N. Mandayam, C. Ye, A. Reznik. Radio-telepathy: Extracting a Security

Key from an Unauthendicated Wireless Channel. In Proceedings of MobiCom. Pp. 128-139. Sept.

2008

Here, S. Mathur has given an approach for “Key Extraction from Wireless Channel

Characteristics”. As a large part of communication in the Internet of Things will occur over wireless

channels – that are susceptible to eavesdropping – key establishment is necessary to provide confidential

communication.

The work of Mathur et al. provides the establishment of a common cryptographic key for two

users by the use of characteristics of the wireless channel. As the wireless channel characteristics for a

communication context between A and B are the same only for exactly A and B, it is possible to use this

characteristic to extract bits from stochastic processes. These bits can then be used to form a symmetric

cryptographic key. So, A and B independently calculate the same symmetric key for their

communication– solely through the fact that A talks to B and B talks to A. This scheme seems

promising when it comes to wireless communication in the Internet of Things, because (1) it is based

only on symmetric-key cryptography, and (2) it would be expensive to establish key infrastructures or

distribute keys in the Internet of Things that is made up of such large numbers of ‘things’.

Fig 2.1: Shows convergence of different visions of IoT

While the perspective of things (shown in figure1) focuses on integrating generic objects into a

common framework, the perspective of ‘Internet’ pushes towards a network-oriented definition.

According to IPSO (IP for Smart Objects) alliance , a forum formed in the year 2008, the IP stack is a

light-weight protocol that already connects a large number of communicating devices and runs on battery-

operated devices.

This guarantees that IP has all the qualities to make IoT a reality. It is likely that through an

intelligent adaptation of IP and by incorporating IEEE 802.15.4 protocol into the IP architecture, and by

adoption of 6LoWPAN, a large-scale deployment of IoT will be a reality.

As mentioned earlier in this section, semantic oriented IoT visions have also been proposed in the

literature . The idea behind this proposition is that the number of items involved in the future Internet is

designed to become extremely high. Therefore, issues pertaining how to represent, store, interconnect,

search, and organize information generated by the IoT will become very challenging. In this context,

semantic technologies will play a key role. in fact, these technologies can exploit appropriate modelling

solutions for things description, reasoning over data generated by IoT, semantic execution environments

and architectures that accommodate IoT requirements and scalable storing and communication

infrastructure .

Marina ruggieri, homayoun nikookar “Internet of Things: Converging Technologies for Smart

Environments and Integrated Ecosystems”,University of Roma “Tor Vergata” Delft University of

Technology,Italy The Netherlands

The authors of Clusterbook 2012, did research on IoT technologies. They clearly stated that the

InternetofThings(IoT) has reached many different players and gained further recognition. Out of the

potential Internet of Things application areas, Smart Cities (and regions), Smart Car and mobility, Smart

Home and assisted living, Smart Industries, Public safety, Energy & environmental protection,

Agriculture and Tourism as part of a future IoT Ecosystem (shown in figure2) have acquired high

attention.

Fig 2.2: IoT Ecosystem

As the Internet of Things continues to develop, further potential is estimated by a combination

with related technology approaches and concepts such as Cloud computing, Future Internet, Big Data,

robotics and Semantic technologies. The idea is of course not new as such but becomes now evident as

those related concepts have started to reveal synergies by combining them.

2.3Security And Privacy Issues:

Christoph P. Mayer “ Security and Privacy Challenges in the Internet of Things” Institute of

Telematics Universitat¨ Karlsruhe (TH), Germany

In this work, Mayer explains the IoT categorization which serves as base to detail on the security

and privacy sensitivity in the respective fields. The Internet of Things can be categorized into eight

topics(see figure2.1):

Communication to enable information exchange between devices

Sensors for capturing and representing the physical world in the digital world

Actuators to perform actions in the physical world triggered in the digital world

Storage for data collection from sensors, identification and tracking systems

Devices for interaction with humans in the physical world

Processing to provide data mining and services

Localization and Tracking for physical world location determination and tracking

Identification to provide unique physical object identification in the digital world

Fig2.3: Categorization of topics and technologies in the Internet of Things


Here, the author presents one of the major challenges that must be overcome in order to push

the Internet of Things into the real world is security. IoT architectures are supposed to deal with an

estimated population of billions of objects, which will interact with each other and with other entities,

such as human beings or virtual entities. And all these interactions must be secured somehow, protecting

the information and service provisioning of all relevant actors and limiting the number of incidents that

will affect the entire IoT.

However, protecting the Internet of Things is a complex and difficult task. The number of

attack vectors available to malicious attackers might become staggering, as global connectivity (‘‘access

anyone’’) and accessibility (‘‘access anyhow, anytime’’) are key tenets of the IoT. The threats that can

affect the IoT entities are numerous, such as at tacks that target diverse communication channels,

physical threats, denial of service, identity fabrication, and others. Finally, the inherent complexity of the

IoT, where multiple heterogeneous entities located in different con texts can exchange information with

each other, further complicates the design and deployment of efficient, inter operable and scalable

security mechanisms.

Some of the previously mentioned challenges, alongside with the security mechanisms that

should be integrated into the Internet of Things, have been already enumerated by the research

community. They are as follows:

• Heterogeneity has a great influence over the protocol and network security services that must be

implemented in the IoT. These protocols require credentials, thus optimal key management systems

must be implemented to distribute these credentials and to help in establishing the necessary session

keys between peers.

• The existence of billions of heterogeneous objects also affects identity management. Another

important aspect related to authentication is authorization. If there is no access control whatsoever,

everything will be accessed by everyone, which is neither viable nor realistic.

• The size and heterogeneity of the IoT also affects its trust and governance. There are actually two

dimensions of trust: (a) trust in the interaction between entities, where we have to deal with

uncertainty about the future actions of all collaborating entities, and (b) trust in the system from the

point of view of the user, as users must be able to manage their things so as to not feel under some

unknown external control.

• The number of vulnerable systems and attacks vectors will surely increase in the context of the IoT,

thus fault tolerance becomes essential. Not only we must strive for security by default (robust

implementations, usable systems, etc.) in the IoT, but also we need to develop awareness mechanisms

that can be used to create the foundations of intrusion detection and prevention mechanisms, which

will help IoT entities to protect or even gracefully degrade their services. Finally, recovery services

must be able to locate unsafe zones (i.e. zones affected by attacks) and redirect the functionality of the

systems to other trusted zones.


As aforementioned, in order to understand how the different approaches presented in Section

2.3 should be secured in the future, it is firstly necessary to enumerate and analyze the attacker models.

These models have been defined in a way that they can be applied to both centralized and distributed IoT

approaches. Note, however, that the concept of ‘perimeter’ in the Internet of Things is a bit fuzzy: an

attacker can control part of the network, but due to the inherent distributed nature of the IoT, it is nearly

impossible for an attacker to fully control the whole system. As a result, an attacker can be both ‘internal’

and ‘external’ at the same time. These attacker models, categorized by threats, are introduced in the

following paragraph.

Denial of service (DoS): There are a wide number of DoS attacks that can be launched against the

IoT. Beyond traditional Internet DoS attacks that exhaust service provider resources and network

bandwidth, the actual wireless communication infrastructure of most data acquisition networks can

also be targeted (e.g. jamming the channels). Malicious internal attackers that take control of part of

the infrastructure can create even more mayhem.

Physical damage: This threat can be seen as a subset of the DoS threat. In this attacker model, active

attackers usually lack technical knowledge, and can only hinder the provisioning of IoT services by

destroying the actual ‘things’. This is a realistic attack in the IoT context, because things might be

easily accessible to anyone (e.g. a street light). If that is not possible, the attacker can simply target the

hardware module in charge of creating the ‘virtual persona’ of the thing.

Eavesdropping: Passive attackers can target various communication channels (e.g. wireless networks,

local wired networks, Internet) in order to extract data from the information flow. Obviously, an

internal attacker that gains access to a particular infrastructure will be able to extract the information

that circulates within that infrastructure.

Node Capture: As aforementioned, things (e.g. household appliances, street lights) are physically

located in a certain environment. Instead of destroying them, an active attacker can try to extract the

information they contain. Note also that, instead of things, active attackers can also target other

infrastructures that store information, such as data processing or data storage entities.

Controlling: As long as there is an attack path, active attackers can try to gain partial or full control

over an IoT entity. The scope of the damage caused by these attackers depends mainly on (a) the

importance of the data managed by that particular entity, (b) the services that are provided by that

particular entity.

However, the Internet of Things is still maturing, in particular due to a number of factors, which

limit the full exploitation of the IoT. Among those factors the following appear to be most relevant:

No clear approach for the utilisation of unique identifiers and numbering spaces for various

kinds of persistent and volatile objects at a global scale.

No accelerated use and further development of IoT reference architectures like for example the

Architecture Reference Model(ARM) of the project IoT-A.

Less rapid advance in semantic interoperability for exchanging sensor information in

heterogeneous environments.

Difficulties in developing a clear approach for enabling innovation, trust and ownership of data in

the IoT while at the same time respecting security and privacy in a complex environment.

Difficulties in developing business which embraces the full potential of the Internet of Things.

Overcoming those hurdles would result in a better exploitation of the Internet of Things potential

by a stronger cross-domain interactivity, increased real-world awareness and utilization of an infinite

problem-solving space.

In addition eight new projects from the recent call on SMARTCITIES in the scope of the

European Research Program FP7, including a support and coordination action on technology road-

mapping, will reinforce this year the research and innovation on a safe/reliable and smart Internet of

Things, and complete the direct IoT related funding of 70M in FP7. Furthermore, a project resulting

from a joint call with Japan will explore the potential of combining IoT and Cloud technologies. The

further vision correlated with the IoT is the so called web of things (Webinos). According to this vision of

IoT, web standards are reused to connect and integrate into the web every-day-life objects that contain an

embedded device or computer.

3. PROPOSED SYSTEM

Webinos is a collective project to make the web work for applications. Webinos has a vision to

build a multi-device, applications platform based on web technology that:

allows web apps to run seamlessly across multiple devices and to use resources across devices

allows web applications to communicate with other web applications and (non web components)

over multiple device

links the application experience with the social network

achieves all of the above in a security preserving manner

explicitly targets the four distinct “screens”: the mobile, the PC, the in-car (automotive) and the

home media (TV) devices

The intent in webinos is to translate the success of the web as a distributed document publishing

system into a successful, distributed applications platform.

The webinos platform should be built upon and move forward the required open standards. This

platform should have a concrete implementation that is accessible to all as an open source asset.

Technically, all of this should be achieved reusing the core development technologies that have

already proven themselves on the Web (HTML and JavaScript), affording the benefits of speed of

development and access to a large developer talent pool.

The innovation webinos brings shall not just be technical; by embracing an open web culture, we

hope to create an application framework that does not favour any particular corporation, and on which

may parties can collaborate, and from which many companies benefit.

Webinos approach is an EU-funded approach aiming to define and deliver an Open Source

Platform and software components for the Future Internet in the form of web runtime extensions, to

enable web applications and services to be used and shared consistently and securely over a broad

spectrum of converged and connected devices, including mobile, PC, home media (TV) and in-car units.

By promoting a “single service for every device” vision, webinos will move the existing baseline

of web development from installed applications to services, running consistently across a wide range of

connected devices, ensuring that the technologies for describing, negotiating, securing, utilizing device

functionalities and adapting to context are fit to purpose.

One of the main focuses for Telefónica R&D in webinos approach is to provide SMEs with

innovative tools to help them to work more efficiently. This motivation is aligned with the interests of

different business units at Telefónica for SMEs and several initiatives which have been already launched

such as Wayra and Amérigo.

Benefits provided by webinos platform enabling web applications and services to be used and

shared consistently and securely over a broad spectrum of converged and connected devices, Telefónica

R&D is being developing an innovative collaboration tool to be used by SMEs.

Webinos platform provides developers with integrated and powerful tools and interfaces to

create applications able to work in different contexts of use. It is therefore easy to devise a huge range of

possible use cases suitable to use this platform, such as:

A new vision of social networks interaction, i.e., collaboratively writing of “tweets” with the

help of a large TV screen as visualization device and using two or more mobile phones or tabs as

input devices to enter the data through them.

Integrating mobile phone to control the home entertainment, i.e. using the mobile phone to

replace the TV remote control, providing different functionalities such as channel selection.

Device-to-device communication, i.e. using the geolocation capabilities of devices with built-in

GPS to provide another device (such as a camera) with that information.

3.1 Webinos architecture

Webinos architecture (see Figure 3.1) is based on the concept of personal zones. A personal

zone includes all the devices associated to a specific user and it provides a framework for managing all

these devices, together with the services able to run on them.

To enable external access to personal zones as well as managing communications, Webinos

implements a Personal Zone Hub (PZH). The rest of the devices have a Web Runtime (WRT), e.g. a

browser, intended to present the applications, and a Personal Zone Proxy (PZP) that might be connected

to the PZH to offer specific local services to the rest of components of the personal area.

The interaction between devices is implemented through a common discovery service and an

event system. The discovery service is in charge of finding the services offered by remote devices, and

once they have been identified, accessing them through specific APIs. The event system is used for

solving the different communication needs among the applications. An application could either publish

its own events or subscribe to a type of event published by others.

Webinos APIs can be categorized as follows :

Webinos base and generic objects/interfaces: for example, the webinos core module that defines

a common interface which all webinos APIs can be accessed through.

APIs for service discovery and remote access: APIs allowing applications to discover other

devices and services/applications on other devices and on network servers.

Hardware resources APIs: APIs to access information and functionality relating to specific

device hardware such as GPS, camera, microphone, sensors, etc.

Application data APIs: application capabilities such as contact items, calendar information,

messages, files, etc.

Communication APIs: APIs allowing applications to communicate with other applications in the

same or another device.

Application execution APIs: in order to let webinos applications to launch other webinos and

native applications.

User profile and context APIs: APIs allowing applications access to user profile data and user

context.

Fig3.1: Webinos architecture overview

4. TOOLS AND TECHNOLOGIES

4.1 Creativenotes :

CreativeNotes has been designed taking advantage of several features of webinos platform,

namely:

Webinos apps are implemented using the most modern web technology (e.g. HTML5 or Javascript),

taking advantage of all the interactive capabilities offered by these technologies. Besides, the User

Interfaces (UIs) developed using webinos are written in standard languages such as HTML5,

making it possible an easy migration to another environments if needed.

Webinos extends the capabilities offered by traditional Web technologies. In this sense, webinos

allows the developers to access to services offered by the devices such as the browsing of own

personal files. On the contrary, this flexibility would not be allowed using HTML5 due to its

security policies.

“A single service for every device" vision. UIs are implemented once, and they are able to run on

several different devices. This vision is extremely useful nowadays, because of the great amount of

existing heterogeneous devices.

Webinos platform offers interesting security features including a policy of access control for APIs,

multi-level authentication modelling and encrypted communication channels. These features are

actually quite useful for the creation of different layers of allowed people & devices able to access

several different personal services (e.g. different teams involved in a creativity/brainstorming

process could access to the services related with a specific creation process).

Furthermore, Webinos API is intended to support the information collection from the users’

perspective (e.g. the temperature to that some food is being boiled, the anxiety level experienced

from the participants in an evaluation session, etc.). Thanks to the incorporation of user’s

perspective, application designed will have a much higher acceptance degree among their users

4.1.1 Creativenotes Application Workflow:

The basic scenario of CreativeNotes(see figure 4.1) consists of a session of creativity or

brainstorming where several participants are involved. The participants would have mobile devices (e.g.

tablets or smart phones) in order to create individually contents through several input modalities such as

voice, photos or videos. Besides the different devices used by the different users involved in the creation

process, there will be a large main screen where certain contents can be sent and it will be used for

sharing ideas among the participants. This main screen would be present in the creation lab and it is not

needed that all participants were physically present there, on the contrary, some of them would

contribute remotely to the brainstorming process, but their contributions and ideas will be displayed in

the main screen.

In this scenario, special attention should be paid to the information sharing, the event handling

and the privacy management. The workflow supporting this scenario would be the following:

The information sharing will

contents provided by the different participants. Once a note is sent to the server, it will inform to the

content creator about the resource location (i.e. a URL).

Then, using the event handling mechanisms implemented in the

will let the other participants know about the new provided

would be very important that the content creator could have the possibilit

to be applied. For example, according to a

restricted to only some specific users or group of users.

In the figure, workflow about a simple case of note sharing is represented, showing the different

components and their interactions in the process.

Fig4.1

The workflow would be:

Firstly, the PZP (Personal Zone Proxy) uploads a note into the Web Server

After that, the web server sends back to the PZP a URL for the note previously uploaded.

An event is sent to the PZH (Personal Zone Hub)

The PZH will inform another participants about the just created content

4.2 Implementation of security in Baseline

The following architectural details(see figure 4





The information sharing will be supported by a web server which will be in charge of storing the


about the resource location (i.e. a URL).

he event handling mechanisms implemented in the webinos

will let the other participants know about the new provided content and its location

content creator could have the possibility to manage the

to be applied. For example, according to a specific profile, the access to the notifications sent can be

restricted to only some specific users or group of users.

workflow about a simple case of note sharing is represented, showing the different

eir interactions in the process.

.1: Workflow diagram of notes sharing



An event is sent to the PZH (Personal Zone Hub)

l inform another participants about the just created content

.2 Implementation of security in Baseline

itectural details(see figure 4.2) are a snapshot of current work in progress. The





which will be in charge of storing the


webinos platform, the creator

location. At this point, it

y to manage the privacy profile

specific profile, the access to the notifications sent can be

workflow about a simple case of note sharing is represented, showing the different



are a snapshot of current work in progress. The

key technologies are still under development and therefore subject to change. This should, however, give a

strong indication of direction and technology.

Fig4.2: Security implementation in Baseline architecture

The baseline of webinos architecture

current state of the art, this encompasses BONDI, WAC, ChromeOS, HP WebOS, Nokia implementations

and is the most probable implementation for the W3C Widget and DAP specifications.

It resolves all the challenges raised in IoT through

1. A packaging layer for physically distributing the web application, adding descriptive meta data to

the application and embedding identity and least privilege s

2. Web interpretation layer: this maps closely to a chrome

can be found within Webkit or Mozilla code bases. It consists of HMTL interpretation, and

JavaScript interpreted and an obj

including the XHR communication mechanism

3. There exists a policy layer, to mediate security sensitive action. A basic security layer is to be

found in standard browser. This is the policy element that c

inhibit scripts or plugins running on the web runtime. More advanced policy mechanisms are to

be found in widget implementations and extended runtimes. These advanced policy layers will

mediate access to remote networ

development and therefore subject to change. This should, however, give a

strong indication of direction and technology.

: Security implementation in Baseline architecture

webinos architecture - existing and already used today



It resolves all the challenges raised in IoT through its four coarse grained conceptual layers:

A packaging layer for physically distributing the web application, adding descriptive meta data to

the application and embedding identity and least privilege security elements to a web application.

Web interpretation layer: this maps closely to a chrome-less web browsing component, such as


JavaScript interpreted and an object model on to key dynamic elements of the web page,

including the XHR communication mechanism

There exists a policy layer, to mediate security sensitive action. A basic security layer is to be

found in standard browser. This is the policy element that can intercept popups, file downloads or



mediate access to remote network components (e.g. WARP) on a least privileged basis. Or may

development and therefore subject to change. This should, however, give a

: Security implementation in Baseline architecture

existing and already used today - is informed by the



four coarse grained conceptual layers:

A packaging layer for physically distributing the web application, adding descriptive meta data to

ecurity elements to a web application.

less web browsing component, such as


ect model on to key dynamic elements of the web page,

There exists a policy layer, to mediate security sensitive action. A basic security layer is to be

an intercept popups, file downloads or



k components (e.g. WARP) on a least privileged basis. Or may

implement global (user preferences) on access to sensitive capabilities such a location access or

contacts etc.

4. Finally there exists an extensible framework for adding new and exciting APIs that enhance the

standard web browsing experience.

These layers are copiously documented with respect to current state of the art implementation

in the webinos state of the art analysis documents .

4.3 Relationship to existing initiatives Webinos does not exist in a vacuum. It explicitly recognises and has a concrete plan to coordinate

with the other bodies and technologies that are relevant to its execution. These include but are not

limited to

W3C HTML5

The HTML5 emergent standards, are one of the foundations upon which webinos is built.

HTML5 itself is a vital part, but insufficient in itself to address all the issues that webinos has identified

as vital for multi device web applications to be successful. webinos will actively feedback

implementation experience on some of the wider multi device problems to the HTML5 working group

to facilitate wider and long term adoption.

W3C DAP

Similarly, the Device APIs and Policy working group, forms one of the principle foundations of

webinos specifically definitions of APIs, but is insufficient in its own right to deliver web applications.

webinos will engage to provide direct implementation feedback to this process as it evolves.

W3C Widgets

The 1.0 widget specifications are complete and form one of the principle cornerstones of a web

application: how to package and secure a web application. To deliver the innovations webinos envisions,

these specifications will have to be enhanced and webinos shall feed into the Widget 2.0 specifications

to make this happen.

WAC (BONDI-JIL)

The WAC specifications, which subsume both the BONDI and JIL specifications, shall be used as a

basis for delivering the first version of the webinos platform.

4.4 Web Technology and Web Foundations:

webinos, is of course based upon pre-existing web standards. In the course of it’s development it

will review and make change recommendations to some of these foundation components. Likely areas

for consideration are:

Widget related:

To attempt to reconcile the use of local JavaScript APIs with access to remotely define web

based APIS. webinos will look to creating common abstractions, delivered as local JavaScript,

but implemented in both remotely and locally, but dealing with the security and performance

optimization issues in sensible ways.

Extending the outreach of a widget to other devices

Provide possibility to make 1:1 installations of web applications/widgets on another device

(transportable widgets) which allows to use an application further on another device (which

might have some special additional features needed by the application)

Partially code outsourcing to another device which only contains code suitable for a given

task, e.g., take a picture or send an SMS (including code created at runtime). Here we could

have an API that allows the creation of widgets on the client site. The newly created widget

can then be installed on other devices where it is executed. Providing the application to

outsource as common web pages may also an approach in conjunction with HTML5 app

cache. However, this may also influences W3C Widget Update over HTTP procedure.

To make dynamically created or statically provided widgets available to other devices we could

provide web server functionality via JavaScript to widgets. Thus widgets could act as common

web server and provide the code exchange/widget download functionality by their own.

Even if we allow very huge payload sizes for the webinos Eventing/Messaging/Notification API

it would not allow streaming communication between widgets. For proper Widget2Widget

communication, especially for streaming data communication, we could provide some kind of

data pipe / socket API to widgets.

With socket and http/web server APIs we would enable web applications to be first class citizens

in the web like native applications.

5. RESULT

Webinos is a powerful but well balanced consortium, bringing together key players (industry and

academia) across the four domains. It currently comprises 22 organisations and secured funding to the

tune of €14 million over 3 years. It is made up from

Mobile Operators: Telecom Italia, Telefonica, Docomo, Deutsche Telekom

Handset/Vehicle Manufacturers: Samsung, Sony Ericson and BMW

Universities: University of Oxford, Instituto Superiore Mario Boella, National Technical

University of Athens, Politecnico di Torino, Technische Universität München, Università di

Catania

Research Insititutes: Fraunhofer-Institute FOKUS, IBBT , TNO

Analyst houses and Consultancies: VisionMobile Futuretext

SME: AmbieSense, Antenna Volantis Systems, Impleo

Standards bodies: W3C

This approach has proved successful, as demonstrated by the number of implementations now

employing it; however, it has been designed with the single application on the single device, connected to

a standard web server in mind.

And this sums up the technical scope of webinos: to build upon the existing foundations of web

applications, and to extend this with the architectural elements necessary

to allow web apps to run seamlessly across multiple devices and to use resources across devices

to allow web applications to communicate with other web applications and (nonweb

components) over multiple device

to link the application experience with the social network

and to do all of this in a security preserving manner.

In the new world of the cloud where provenance of data and applications can be hard to detect,

the fundamentals that bridge the gaps become essential. It is not a insignificant challenge!

So some of the key components through which webinos is achieved are as follows:

Webinos Browsers features:

The webinos Platform extends the browser with new capabilities to discover and access services

on other devices whether they are local or remote. This allows your tablet to stream audio to your room's

speakers, or to work in tandem with your TV to enrich the viewing experience with live discussions with

your friends including access to ancillary information, e.g. where to locally get the ingredients for a

cooking program. The webinos Platform enables applications to expose services for other devices to use

through lightweight discovery and connection mechanisms. The browser thus also acts as a server.

Webinos Servers features:

Not all webinos devices will include a browser. Some will instead provide specific services, such

as the room's speakers above. Other roles include communication hubs that bridge different interconnect

technologies; basic sensors and actuators, e.g. to control heating and lighting; media servers, and context

managers. Public servers are needed to support wide scale discovery and access to services, including

establishing P2P communication paths.

webinos creates a world where:

A mobile device runs a web application, e.g. an Electronic Program Guide (EPG) viewer, and the

set-top box runs a web application (also an EPG viewer). But the mobile would like to make use of

the set-top box data, so it must also act as a server providing information to the mobile. This scenario

is not a new one. On Android and iPhone you can find an ecosystem of mobile native applications,

set-top box native applications, and background set-top box servers that deliver this service. The

webinos vision is to bring this basic use case and deliver it all through a single technology, and an

integrated, easy to build web technology. But all of this delivered under a common security model.

A second example shows how, again using web technology, we have a media player a rich HTML5

based application – wants to make use a “dumb device” – a set of speakers. In this scenario the

mobile device runs the master, but using web technology HTTP, can securely connect to and stream

to the speakers, as a webinos server. It is also worth noting here that what makes a webinos browser

is its ability to interpret an execute webinos packaged programming script, and the server is remotely

executable services. We can also fit native applications into this model, which may not be able to

execute webinos script (cannot be the browser) but can expose services, ie act as a server.

A third and final example, simply shows how a classic web server can be thought of as webinos

server. webinos service exposure, is little more than a web service or restful interfaces, packed more

effectively. This is the traditional model. However, we can start to see some interesting opportunities

when we enhance the classic server role so that it can act as a browser role also. Interestingly a web

server implemented using node.js has almost all the technical components required to allow it to act

in browser mode.

. Discovery, messaging and identity are three distinct concepts, and are developed as such within

the webinos project .

Download any “remote” application from app-store and you will see this familiar experience

Discovery: usually enter the raw IP address of the set-top box on the mobile phone. If you are lucky,

a local network name will resolve.

Identify: generally the server generates a secret pin that has to be entered manually on the phone,

and this doubles as security (policy) also.

Messaging: is either a custom made asymmetric protocol over HTTP, or a symmetric protocol

implemented over TCP.

However, this is only the start. To succeed webinos must cast its net wider. The long term vision

is to create the webinos foundation, to which organisations can join. This shall be the long term

resourcing model, to evolve and administer the webinos collective assets. In the shorter term the

webinos consortium shall be opening its doors to external parties through two different models:

webinos affiliate program: whereby organisation can apply, get access and contribute to webinos

deliveries, code assets and meetings

Invited expert program: for individuals with profound expertise and vision who wish to

participate and contribute to the work program

6. CONCLUSION

The Internet of Things is quickly coming closer. The incremental deployment of the technologies

that will make up the Internet of Things must not fail what the Internet has failed to do: provide

adequate security and privacy mechanisms from the start. The introduction of e-passports, e. g., has been

pushed by politics into deployment with back then insufficient privacy mechanism. We must be sure that

adequate security and privacy is available before the technology gets deployed and becomes part of our

daily live.

In this report, we presented a categorization of topics and technologies in the Internet of Things

with analysis of sensitivity and state in research to different security and privacy properties. We see this

(1) as a basis for coming up with an integrated systems approach for security and privacy in the Internet

of Things, and (2) as stimulator for discussion on the categorization and sensitivity rating in the Internet

of Things. Furthermore, we presented research in security and privacy for two major technologies in the

Internet of Things – GSN and RFID – and finally pointed out research from other fields that is worth

considering for use in the Internet of Things.

An innovative application running under the Webinos platform has been created to enhance

collaborative working and information sharing.

This application is able to run in different mobile devices and in the ultimate touch-screen

tablets, following the principle of “a single service for every device”.

Given the flexible approach, the application could be adapted to many different domains, making

it possible that SMEs form different business sectors could benefit from the developed architecture and

approach.

FUTURE WORK

There are several areas in which further research is needed for making deployment of the

concept of Webinos approach reliable, robust and efficient. Some of the areas are identified in the

following. In identification technology domain, further research is needed in development of new

technologies that address the global ID schemes, identity management, identity encoding/ encryption,

pseudonimity, revocable anonymity, authentication of parties, repository management using

identification, authentication and addressing schemes and the creation of global directory lookup

services and discovery services for webinos applications with various identifier schemes.

In architecture design domain, some of the issues that need attention are: design of distributed

open architecture with end-to-end characteristics, interoperability of heterogeneous systems, neutral

access, clear layering and resilience to physical network disruption, decentralized autonomic

architectures based on peering of nodes etc. In communication protocol domain, the issues that need to

be addressed are: design of energy efficient communication by multi frequency protocol,

communication spectrum and frequency allocation, software defined radios to remove the needs for

hardware upgrades for new protocols, and design of high performance, scalable algorithms and

protocols.

In network technology domain further research is needed on network on chip technology

considering on chip communication architectures for dynamic configurations design time parameterized

architecture with a dynamic routing scheme and a variable number of allowed virtual connections at

each output.

In addition, power-aware network design that turns on and off the links in response to burst and

dips of traffic on demand, scalable communication infrastructures design on chip to dynamically support

the communication among circuit modules based on varying workloads and /or changing constraints are

some of the important research issues.

Security objectives (requirements) were assigned to assets using the CIA (Confidentiality,

Integrity, and Availability) model:

Confidentiality means that the asset (or information about the asset) must only be accessible by

authorized parties.

Integrity means that the asset must not be modifiable; in case of software, it must not deviate

from normal operation.

Availability means that the asset must be ready for use whenever it is needed.

webinos is still in its first year. The first batch of use cases, requirements and landscape technology

analysis deliveries has been produced. This is just the first step; a necessary one in order to generate the

consensus and shared vision to help such a diverse community in a common direction. The next 6 -12

months shall be essential in driving forward the technical platform, at a concrete implementation level.

Future measures can be analyzed as follows:

Table: Future technological developments

Development 2012–2015 2016–2020 Beyond 2020

IdentificationTechnology

• Unified framework for unique identifiers Open framework for the IoT

• URIs

• Identity management • Soft Identities• Semantics• Privacy awareness

• “Thing/Object DNA” identifier

Internet of Things Architecture

Technology

• IoT 1architecture developments architecture in the FI

• Network of networks architectures

• F-O-T platforms interoperability

• Adaptive, context based architectures

• Self- properties

• Cognitive architectures

• Experimental architectures

Internet of Things Infrastructure

• Special purpose IoT infrastructures Application specific deployment Operator specific deployment

• Integrated IoT infrastructures

• Multi application infrastructures

• Multi provider infrastructures

• Global, general purpose IoT infrastructures

• Global discovery mechanism

REFERENCES

[1] E.Blab, M. Zitterbart. “Towards Acceptable Public-Key Encryption in Sensor Networks”. In proceedings of 2nd Interntional Workshop on Ubiquitous Computing.Pp. 88-93. May 2005

[2] B. Schneier, The Future of Privacy. Presentation at RSA Conference Europe, Oct. 2008

[3] S. Mathur, W. Trappe, N. Mandayam, C. Ye, A. Reznik. Radio-telepathy: Extracting a Security Key from an Unauthendicated Wireless Channel. In Proceedings of MobiCom. Pp. 128-139. Sept. 2008

[4] G. Montenegro, C. Castelluccia Crypto-based Identifiers(CBIDs): Concepts and Applications. ACM Transactions on Information and System Security 7(1):97-127 Feb.2004

[5] Ro4drigo Roman, Jianying Zhou, Javier Lopez:’On the features and challenges of security and privacy in distributed internet of things’.Institute for Infocomm Research,in Elsevier journal,singapore 2013

[6] Chakib Bekera:’Security and challenges for IOT’,center for development and technologies,in Elsevier journal,Baba Hassen,Alger,Algeria,2014

[7] Antonio Marcos Alberti,Dhananjaysingh:’Internetofthings:perspectives.challenges and opportunities’Instituto nacional de telecommunicacoes,MinasGerais,Brazil,Department of Electronicsengineering,south korea

[8] Hui Suo,Jiafu Wan,Caifeng Zou,Jianqi Liu:’Security in the Internet of things’Guangzhou,china

[9] Kevin Ashton: That 'Internet of Things' Thing. In: RFID Journal, 22. Juli 2009. Abgerufen am 8. April 2011

[10] Tobias Heer,Oscar Garcia-Morchon,Rene Hummen,Sye Loong Keoh,Sandeep S.Kumar and Klaus Wehrle:’Security challenges in the IP based Internet of things’,In sringer journal,Netherlands

[11] H. Chan, A. Perrig, and D Song. Random key predistribution schemes for sensor networks. In in Proceedings of the 2003 IEEE Symposium on Security and Privacy, 2003.

[12] Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D Tygar. Spins: Security protocols for sensor networks. In in Wireless Networks Journal, September 2002, 2002.

[13] R. H. Weber, “Internet of things – new security and privacy challenges,” Computer Law & Security Review, vol. 26, pp. 23-30, 2010.

[14] J. F. Wan, H. H. Yan, H. Suo, and F. Li, “Advances in cyber-physical systems research,” KSII Transactions on Internet and Information Systems, 2011, 5(11): 1891-1908.

[15] M. Chen, J. F. Wan, and F. Li, “Machine-to-machine communications: architectures, standards, and applications,” KSII Transactions on Internet and Information Systems, to appear, January 2012.

[16] G. Yang, J. Xu, W. Chen, Z. H. Qi, and H. Y. Wang, “Security characteristic and technology in the internet of things,” Journal of Nanjing University of Posts and Telecommunications (Natural Science), vol. 30, no. 4, Aug 2010.

[17] Z. H. Hu, “The research of several key question of internet of things,” in Proc. of 2011 Int. Conf. on Intelligence Science and Information Engineering, pp. 362-365.

[18] G. Gan, Z. Y. Lu, and J. Jiang, “Internet of Things Security Analysis,” in Proc. of 2011 Int. Conf. on Internet Technology and Applications (iTAP), Aug. 2011.

[19] M. Langheinrich, “Privacy by design-principles of privacy-aware ubiquitous systems,” In Proc. of Ubicomp, pp. 273-291, Oct. 2001.

[20] C. P. Mayer, “Security and privacy challenges in the internet of things,” Electronic Communications of the EASST, vol. 17, 2009.

[21] T. Polk, and S. Turner. “Security challenges for the internet of things,” http://www.iab.org/wp-content/IAB-uploads/2011/03/Turner.pdf

[22] C. Ding, L. J. Yang, and M. Wu, “Security architecture and key technologies for IoT/CPS”, ZTE Technology Journal, vol. 17, no. 1, Feb. 2011.

[23] D. Evans. “Internet of Things”, Cisco, white paper, https://www.cisco.com/.../IoT_IBSG_0411FINAL.pdf (accessed on 5/02/2014)

[24] CERP-IoT Cluster, Visions and Challenges for Realising the Internet of Things, European Commission, 2010.

[25] O. Vermesan, P. Friess, P. Guillemin, S. Gusmeroli, H. Sundmaeker, A. Bassi, I.S. Jubert, M. Mazura, M. Harrison, M. Eisenhauer, P. Doody, Internet of Things Strategic Research Roadmap, Cluster of European Research Projects on the Internet of Things, CERP-IoT, 2011.

[26] Gómez-Goiri, D. López-de-Ipiña, On the complementarity of Triple Spaces and the Web of Things, in: 2nd International Workshop on Web of Things (WoT’11), San Francisco, USA, 2011.

[27] H. Ning, H. Liu, Cyber-physical-social based security architecture for future internet of things, Advances in Internet of Things 2 (1) (2012) 1–7.

[28] Cisco: Over 50 billions of devices connected to Internet http://blogs.cisco.com/news/the-internet-of-things-infographic/

[29] “Telefónica bets on tech with venture capital” Amérigo related news. Accessible at: http://in.reuters.com/article/2012/09/04/telefonica-venture- capital-idINL6E8K42TB20120904

[30] Grief I. (Ed) 'Computer Supported Cooperative Work: A Book of Readings', Morgan Kaufmann Publishers, San Mateo CA., 1988, ISBN 0-934613-57-5.

[31] H. Sundmaeker, P. Guillemin, P Friess, S. Woelfflé–Cerp‐IoT: Vision and Challenges for Realising the Internet of Things, 2010 (http://www.grifs‐project.eu/data/File/CERP‐ IoT%20SRA_IoT_v11.pdf)

[32] Website: http://www.webinos.org

Webinos approach in IOT

Internet

Transcript of Webinos approach in IOT