Search for: All records

Enforcing overarching policies such as safety norms and energy restrictions becomes critical as IoT scales and integrates into large systems. These policies should be applied preemptively and capable of adapting to system changes. Traditional IoT systems, reliant on fixed device identities, limit reliability, scalability, and resilience. Thus, we propose Identity-Independent IoT (I3oT), centered on adopting flexible descriptors to enforce policies. I3oT introduces a separate management plane on top of the standard operational workflow, thereby enhancing safety in scalable and integrated IoT systems. 

IoT devices have significantly altered the methods of interaction, operation, and functionality within home environments. However, individuals, particularly those with limited technical proficiency who stand to gain the most from these advancements, likely encounter challenges stemming from the intricate setup processes, a critical stage with the potential to limit their widespread adoption. Thus, we focus on the user experience during the setup phase of mainstream smart home devices and conduct an empirical study of 15 representative smart home IoT devices. We scrupulously examine their setup processes, as well as accompanying instructions and user manuals, to assess multi-faceted usability concerns. Our findings reveal 19 usability issues, indicating notable barriers, inconsistencies, and a lack of intuitiveness, which may deter consumers from successfully configuring and using these devices. 

Edge computing attempts to deliver low-latency services by offloading data storage and processing from remote data centers to distributed edge servers near end users, whereas network protocols, designed for centralized management, do not internally scale to distributed edge scenarios. In this paper, we establish the message dissemination support of MQTT, a de facto protocol for Internet of Things, for fully distributed edge networks. We summarize and formulate existing mechanisms, namely publication flooding and subscription flooding, and propose a topic-centric solution called selective subscription forwarding, which forwards subscriptions only when necessary by leveraging the topic containment of MQTT messages and therefore reduces inter-broker traffics. Evaluation results demonstrate that compared with existing solutions, more than 40% subscription traffic can be reduced with the proposed mechanism. 

We propose and implement Directory-Based Access Control (DBAC), a flexible and systematic access control approach for geographically distributed multi-administration IoT systems. DBAC designs and relies on a particular module, IoT directory, to store device metadata, manage federated identities, and assist with cross-domain authorization. The directory service decouples IoT access into two phases: discover device information from directories and operate devices through discovered interfaces. DBAC extends attribute-based authorization and retrieves diverse attributes of users, devices, and environments from multi-faceted sources via standard methods, while user privacy is protected. To support resource-constrained devices, DBAC assigns a capability token to each authorized user, and devices only validate tokens to process a request. 

Since the monitoring of environmental emissions is mostly in the hands of regulatory authorities, collected data may not be easily observed by the interested public. Centrally stored data may also tempt the authorities or others to manipulate the historical record for political or liability reasons. To enable timely, transparent and integrity-protected collection and presentation of emission data, we propose and implement Tremble, an emission monitoring system based on blockchain and IoT sensors. Tremble employs a hybrid storage approach to lower the cost of storage compared to using a pure blockchain without losing data integrity. It provides web interfaces and visualizations for end users to query emission values they are concerned about. Qualitative and quantitative studies involving a total of 62 subjects demonstrate the usability of the system. 

To scale the Internet of Things (IoT) beyond a single home or enterprise, we need an effective mechanism to manage the growth of data, facilitate resource discovery and name resolution, encourage data sharing, and foster cross-domain services. To address these needs, we propose a GlObaL Directory for Internet of Everything (GOLDIE). GOLDIE is a hierarchical location-based IoT directory architecture featuring diverse user-oriented modules and federated identity management. IoT-specific features include discoverability, aggregation and geospatial queries, and support for global access. We implement and evaluate the prototype on a Raspberry Pi and Intel mini servers. We show that a global implementation of GOLDIE could decrease service access latency by 87% compared to a centralized-server solution. 

As IoT services scale up from single homes to smart cities, directories and mapping services are needed to manage potentially millions of devices. However, directory service providers will likely struggle to accommodate the increasing number of IoT devices, made more challenging by their heterogeneous metadata and the large volume of queries. One of the critical challenges, the high heterogeneity of IoT, is being addressed by a working standard of W3C, which formalizes a physical or virtual device as a formatted Thing Description (TD).We propose a local directory service architecture with a series of design requirements. With a focus on query performance, we build a proof-of-concept system to store metadata of IoT devices as TDs in terms of the working standard. A Raspberry Pi is configured to investigate the query performance of relational database and non-relational database as the classic choices for internal directories. Evaluation results demonstrate that compared with relational database, non-relational database can achieve 2.9 times higher resilience on property query and 2.35 times faster processing on spatial query, with mild loss on aggregation query.