Core Concepts
Data provenance is crucial for ensuring data trustworthiness in IoT networks, and this paper systematically reviews existing security approaches, highlighting the need for more robust solutions that address a wider range of attacks and security requirements.
Abstract
Security Approaches for Data Provenance in the Internet of Things: A Systematic Literature Review (2010-2023)
Bibliographic Information: Faraj, O., Megías, D., & Garcia-Alfaro, J. (2024). Security Approaches for Data Provenance in the Internet of Things: A Systematic Literature Review. 1, 1 (November 2024), 40 pages. https://doi.org/10.1145/nnnnnnn.nnnnnnn
Research Objective: This paper presents a systematic literature review of security approaches for data provenance in the Internet of Things (IoT), aiming to provide a comprehensive overview of existing techniques, identify research gaps, and suggest future research directions.
Methodology: The authors conducted a systematic literature review following the methodology proposed by Kitchenham et al. (2009). They searched six electronic databases (IEEEXplore, Science Direct, Scopus, Web of Science, ACM Digital Library, and Springer Link) using a predefined search query and selection criteria. The search focused on studies published between 2013 and 2023, with two highly cited papers from 2010 and 2011 included due to their relevance. This resulted in the selection of 40 primary studies for analysis.
Key Findings:
- Data provenance is crucial for ensuring data trustworthiness in IoT networks, especially given their vulnerability to security attacks.
- Existing data provenance techniques can be categorized into several groups, including watermarking, data sanitization, blockchain-based solutions, cryptography-based techniques, and more.
- The reviewed studies address various security requirements, such as data integrity, confidentiality, availability, privacy, freshness, non-repudiation, and unforgeability. However, no single solution fully satisfies all requirements.
- Most research focuses on specific attack vectors like data forgery and modification, while other threats like replay attacks, packet drop, and provenance chain tampering receive less attention.
- There is a need for more robust and comprehensive data provenance solutions that address a wider range of attacks and security requirements in the context of resource-constrained IoT environments.
Main Conclusions:
- Data provenance is an active research area with significant implications for IoT security.
- While existing solutions offer valuable contributions, there are still open challenges and research gaps to be addressed.
- Future research should focus on developing holistic security approaches that consider the unique constraints and vulnerabilities of IoT networks.
Significance: This systematic literature review provides a valuable resource for researchers and practitioners working on data provenance and IoT security. It offers a comprehensive overview of the field, identifies key challenges, and highlights promising research directions.
Limitations and Future Research:
- The review focuses primarily on technical aspects of data provenance and could benefit from exploring legal and ethical considerations.
- Future research should investigate the integration of different data provenance techniques to create more robust and comprehensive security solutions.
- Further exploration of lightweight and energy-efficient data provenance mechanisms is crucial for wider adoption in resource-constrained IoT devices.
Stats
The search process yielded 2706 papers, which was narrowed down to 40 relevant studies after applying inclusion and exclusion criteria.
The time range for the selected studies was 2013-2023, with two exceptions from 2010 and 2011 due to their high citation count and relevance.
The study found that no single data provenance solution addressed all the necessary security requirements for a fully robust system.
According to Jayapandian et al. (2016), the provenance data associated with 270 MB of data in their MiMI system amounted to approximately 6 GB.
Quotes
"Data provenance, which tracks the origin and flow of data, provides a potential solution to guarantee data security, including trustworthiness, confidentiality, integrity, and availability in IoT systems."
"The objective of data provenance is not only to ensure data quality but also to address specific security requirements, including confidentiality, availability, and the prevention of unauthorized access."
"Provenance, also referred to as pedigree, or genealogy, is a form of metadata that documents the origin and use of a given entity."