Core Concepts
A deep reinforcement learning-based framework that empowers users to specify their security and privacy requirements, and trains an agent to select the best service providers that satisfy these requirements.
Abstract
The proposed approach addresses the challenge of empowering users with the ability to acquire services in an Internet of Things (IoT) environment according to their security and privacy requirements. It leverages a deep reinforcement learning (DRL) technique to train an agent that interacts with the environment and selects the best service providers based on the user's expressed needs.
The key highlights of the approach are:
User empowerment: The framework allows users to specify their security and privacy requirements through a survey, which are then used to derive security classes for different service types.
Security-aware service selection: The agent, trained using DRL, interacts with the environment to select service providers that best match the user's security requirements, while also considering the time constraints for completing the required operations.
Formal security modeling: The approach formalizes the concept of security classes, security labels, and security loss to quantify the security level of services and map them to user requirements.
Adaptive decision-making: The DRL-based agent learns from experience by interacting with the environment, allowing it to adapt its decisions based on changes in the environment and user requirements.
The authors provide a detailed description of the underlying IoT model, the security level agreement mapping, and the DRL-based solution, including the definition of actions, rewards, and the observation space. The experimental analysis demonstrates the effectiveness of the proposed approach in empowering users and satisfying their security and privacy needs during service acquisition in IoT.