Towards efficient and lightweight security architecture for big sensing data streams
- Publication Type:
- Issue Date:
A large number of mission critical applications from disaster management to health monitoring are contributing to the Internet of Things (IoT) by deploying a number of smart sensing devices in a heterogeneous environment. Resource constrained sensing devices are being used widely to build and deploy self-organising wireless sensor networks for a variety of critical applications. Many such devices sense the deployed environment and generate a variety of data and send them to the server for analysis as data streams. The key requirement of such applications is the need for near real-time stream data processing in large scale sensing networks. This trend gives birth to an area called big sensing data streams. One of the key problems in big data is to ensure end-to-end security where a Data Stream Manager (DSM) must always verify the security of the data before executing a query to ensure data security (i.e., confidentiality, integrity, authenticity, availability and freshness) as the medium of communication is untrusted. A malicious adversary may access or tamper with the data in transit. One of the challenging tasks in such applications is to ensure the trustworthiness of collected data so that any decisions are made on the correct data, followed by protecting the data streams from information leakage and unauthorised access. This thesis considers end-to-end means from source sensors to cloud data centre. Although some security issues are not new, the situation is aggravated due to the features of the five Vs of big sensing data streams: Volume, Velocity, Variety, Veracity and Value. Therefore, it is still a significant challenge to achieve data security in big sensing data streams. Providing data security for big sensing data streams in the context of near real time analytics is a challenging problem. This thesis mainly investigates the problems and security issues of big sensing data streams from the perspectives of efficient and lightweight processing. The big data streams computing advantages including real-time processing in efficient and lightweight fashion are exploited to address the problem, aiming at gaining high scalability and effectiveness. Specifically, the thesis examines three major properties in the lifecycle of security in big data streams environments. The three properties include authenticity, integrity and confidentiality also known as the AIC triad, which is different to CIA triad used in general data security. Accordingly, a lightweight security framework is proposed to maintain data integrity and a selective encryption technique to maintain data confidentiality over big sensing data streams. These solutions provide data security from source sensing devices to the processing layer of cloud data centre. The thesis also explore a further proposal on a lattice based information flow control model to protect data against information leakage and unauthorised access after performing the security verification at DSM. By integrating the access control model, this thesis provides an end-to-end security of big sensing data streams i.e. source sensing device to the cloud data centre processing layer. This thesis demonstrates that our solutions not only strengthen the data security but also significantly improve the performance and efficiency of big sensing data streams compared with existing approaches.
Please use this identifier to cite or link to this item: