You are here

A Trust Prediction Model for the Internet of Things (IoT)

Learning thermostats are one example of IoT systems.

The IoT paradigm promises to be a disruptive technology that will revolutionize our day-to-day lives. These IoT systems consist of dynamic networks of omnipresent "things", which are encapsulated as software services, which vary from refrigerators, thermostats, toasters, to baby monitors. As our dependence of such the IoT systems is expected to grow significantly in near future, the trust of such systems needs to be a major consideration and evaluated apriori.

Due to the time-sensitive nature of these IoT systems and the associated trust, predicting the trust of these systems before they are created is a research challenge that must be soon solved. This S2ERC research effectively addresses this prediction challenge by creating a trust model based on the principles of machine learning, service computing, software services and associated quality of service (QoS), and the context of such IoT Systems. This model advocates the "trust-by-construction approach" - where trust from the onset is an integral part of the design of such IoT systems. Preliminary results indicate that the proposed trust model is accurate and robust, and generalizable to many application domains.

One of the factors that cause security vulnerabilities in the IoT systems is that systems are too often developed by composing many independently developed software services; some of which can be malicious and untrustworthy. A majority of the prevalent techniques used to compose these IoT systems consider neither the notion of trust from the beginning nor the context of the constituent software services. These approaches also, too often ignore the personalized trust requirements of end users. Although these assumptions do simplify the composition of IoT systems, in practice, the behaviors of "things" (and hence, the associated software services) in IoT systems is highly depend on their contexts and on the personalized trust requirements of users.

The proposed model can assess trust of the individual software services and composed IoT systems and identify the minimum information required by each service to enforce better access control to sensitive data and detect anomalies. Furthermore, the proposed model will continuously adapt itself, in response to changes in the contexts of the IoT systems. It will also suggest alternative compositions with optimum QoS and functionality. Hence, this model will allow the developers of IoT systems to prune unwanted alternatives in the early developmental stages and will not only increase the confidence about these systems but also will reduce the associated costs.

Major benefits of this research will be for companies who are building or looking to build IoT systems by assembling multiple third party services. These IoT systems impact encapsulated software services. In such situations, ensuring that each IoT end point is safe and trustworthy is of paramount importance. This breakthrough trust model has the potential of helping several companies build a variety of IoT-based services and systems on top of a trusted security model that can deal with dynamic ensembles of "things." In addition, due to the strong theoretical underpinnings of this research, companies will be able to assess the trust of their IoT systems to obtain high confidence in their solutions.

Economic Impact:

One of the key factors to challenging the full potential of IoT is its security aspect. Because the scale of IoT is extremely large, the damages that can accrue due to IoT security flaws can be massive. Hence, a simple to use, yet highly secured IoT solution is a MUST to facilitate largescale commercial adoption of IoT. A step towards that vision is this validated trust prediction model. The model will not only enforce the "trust-by-construction" approach for developing the IoT systems, but also will conserve the design efforts by eliminating infeasible alternatives in the early stages of development cycles. In addition, a tool suite that employs this model will make the process of analyzing the trust of individual services and their ensembles semi-automatic, thereby, increasing the productivity of the developers and engineers. The pruning of inappropriate choices and automation will result in significant cost savings while developing the future generation of IoT systems.



For more information, contact Rajeev Raje at Indiana University-Purdue University, Indianapolis, rraje@cs.iupui.edu, Bio http://cs.iupui.edu/~rraje/, 317.274.5174 and/or Dimuthu Gamage, dcundupi@cs.iupui.edu, Bio http://cs.iupui.edu/graduate/students/dimuthu-undupitiya-gamage, 317.702.3489.

PDF icon S2ERC-2016.pdf