Fuzzy Logic based security trust evaluation for IoT

environments
Ahmad Khalil Nader Mbarek Olivier Togni
Laboratoire Informatique de Bourgogne Laboratoire Informatique de Bourgogne Laboratoire Informatique de Bourgogne
(LIB) (LIB) (LIB)
University of Bourgogne Franche-Comté University of Bourgogne Franche-Comté University of Bourgogne Franche-Comté
21000 Dijon, France 21000 Dijon, France 21000 Dijon, France
[email protected] [email protected] [email protected]

Abstract - In the new technological era called the Internet of and trust challenges along with some research works from
Things (IoT), people, machines and objects communicate with literature concerning the trust management in IoT
each other via the Internet by exchanging information. In this environments. In Section III, we describe our framework in
context, trust plays an important role and is considered as a key terms of usage scenario as well as input parameters for the
factor in the success of the IoT services expansion. IoT services
and applications use in some cases data concerning the privacy of
evaluating system. Then in Section IV, we specify the Fuzzy
their users. Consequently, users should trust the entities Logic model on which our framework is based in order to
exchanging their personal information. In this paper, we present compute the global trust level of each IoT node. Afterwards, in
a framework that evaluates the security trust level of IoT nodes Section V, we present some results concerning the evolution of
based on a Fuzzy Logic model using different input parameters the nodes’ global trust level evaluation for different scenarios
such as Device Physical Security, Device Security Level and with different input values. Finally in Section VI, we conclude
Device Ownership Trust. The proposed Fuzzy Logic model our work and we present some perspectives.
evaluates a trust level for each node as an output. Then, based on
the threshold defined by users, the best node(s) in terms of trust
II. STATE OF THE ART
level, is/are selected to collect information, which could be critical
and concern privacy protection. Thus, the IoT service users are A. IoT security and trust challenges
able to play an active role in selecting the trusted nodes (trust
level greater than the threshold) to collect their data. To gain users’ trust, data collection must be reliable in the
IoT. Thus, special attention needs to be paid to trust properties
Keywords – Trust, Internet of Things (IoT), Security, Fuzzy in this type of environment. These properties include the
Logic, Privacy. sensitivity, the accuracy, the security, the reliability, and the
persistence of the object, as well as the effectiveness of data
I. INTRODUCTION collection. The collection generates a huge amount of data that
Trust means the belief in the reliability, truth, or ability of must be processed and analyzed in a trustworthy manner. The
someone or something and is influenced by many measurable data must be transmitted and communicated securely in an IoT
and unmeasurable properties [1]. In information technology environment. In addition, consideration must be given to the
systems, trust is closely related to security which is a necessary steps needed to address attacks that may affect all levels of the
condition. However, trust not only concerns security, but also IoT environment and to ensure that the system is robust to all
many other factors, such as the Quality of Service (QoS), types of attacks, in order to achieve sufficient user confidence.
availability, etc. Another important concept related to trust is Finally, an evolutionary and efficient identity management is
the privacy protection. A trusted system should preserve the expected [2].
privacy of its users. Therefore, trust, security, and privacy are The security of information systems is the set of technical,
critical issues in the emerging areas of information technology, organizational, legal and human means necessary to prevent
such as Internet of Things (IoT) [2]. In order to promote the the unauthorized use, misuse or modification of the
expansion of IoT applications and services, users trust information system. Several standards have focused on safety
regarding these services should be gained. Through this concepts such as the ITU-T Recommendation X.800 [3],
research work, we present a framework allowing an IoT which emphasizes the role of different security services and
system to evaluate autonomously the trust level of IoT nodes. their applicability. The Internet of Things is characterized by a
IoT services’ users are granted an active role in evaluating the multi-layered environment that makes it difficult to apply
nodes from which data will be collected, by giving them the security mechanisms designed for traditional systems. Indeed,
chance to define a threshold to be used for choosing the IoT an IoT environment includes objects with limited memory
nodes collecting the desired information. Our proposed resources and computing capabilities. The techniques typically
framework allows to quantify the security trust level of IoT used in legacy networks have been designed for systems with
nodes based on different input parameters and a Fuzzy Logic powerful microprocessors and large storage capacities [4].
model. In this paper, we present in Section II the IoT security Therefore, it is necessary to adapt the existing security

978-1-7281-5052-9/19/$31.00
Authorized licensed use©2019
limited IEEE
to: Advanced Micro Devices. Downloaded on May 06,2024 at 10:18:19 UTC from IEEE Xplore. Restrictions apply.
techniques. In addition, the large number of objects in an IoT a component that enables the encryption service and uses SED
environment makes difficult and cumbersome the task of (Self-Encrypting Drive) to provide continuous encryption with
adapting some existing security algorithms and mechanisms. no impact on system performance. This component protects
Regarding the privacy of users, data in IoT systems can be against physical attacks, loss or theft by providing instant
collected without the involvement of users. In this context, it is erasure of data and cryptographic suites. Security Automation
necessary to secure this data collection to ensure privacy while enables automatic processing of tasks related to security
collecting, transmitting, aggregating, storing, retrieving and operations. This automation is performed during all phases of
processing data. To meet these needs, appropriate mechanisms system security (incident detection, incident analysis, incident
for confidentiality, authenticity and data integrity must be response) [4]. This security automation is standardized in
provided within the IoT [5]. IEEE 802.1AR [10] and TAXII (Trusted Automated eXchange
of Indicator Information) [11] specifications. Finally, the
Various international organizations have dealt with the
research work described in [12] presents a trust management
concepts of security and privacy in the Internet of Things,
model in the IoT called TRM-IoT (Trust Model for IoT). In
either by proposing appropriate security mechanisms or by
this model, the measure of objects’ trust is necessary and is
proposing methodologies to be applied across the layers of
performed taking into account complex aspects such as
their IoT architectures. As recommended in [6], there are
credibility assessment of the nodes. Then, Fuzzy Logic theory
several specific security capabilities to consider in the IoT
is used to determine, not only the IoT object trust level but
environment such as the secure communication capability to
also the global IoT system confidence level by taking into
ensure confidentiality and data integrity during transmission as
account different Quality of Service input parameters like end-
well as the secure data management capability to ensure
to-end packet transmission ratio, power consumption, and
confidentiality and integrity during storage, etc. In addition,
packet delivery ratio.
the latter recommendation specifies a secure service
provisioning capability that guarantees the prohibition of Other studies consider the trust evaluation and the
fraudulent services and the ability to authenticate and mutually quantification process in different manners. First, there is a
authorize objects and users according to predefined policies in need to distinguish between trust management and trust
order to ensure secure access to the service. modelling. Indeed, the trust modelling describes the trust
establishment and computation techniques. It contributes to the
B. Trust evaluation in IoT environments specific development and realization of trust management.
Several studies have focused on trust, security and privacy According to [13], trust modelling estimates the reliability
in IoT environments. The IoT Alliance for Innovation (AIOTI) level among devices within a system. Whereas, trust
workshop report outlines the key security and privacy management is a service enabling self-organizing a set of items
requirements for different areas of IoT applications. These based on their trust status to take an informed decision. Trust
requirements concern essentially user's ability to control data, models are made of a set of properties, rules and methods.
user interface transparency and control, default encryption, They depend on one or more methods of extraction,
data isolation and continuous monitoring. On the other hand, evaluation, and transmission of trust information. In the
TCG (Trusted Computing Group) [8] is a group formed by literature, several trust models have been proposed. In [13],
AMD, HP, IBM, Intel and Microsoft, which aims to the authors proposed different types of trust models based on
implement the concepts of "Trusted Computing" in personal methods used to evaluate the trust. For instance, Bayesian
computers. In this context, the TCG's Internet of Things statistics, game theory, entropy, Fuzzy Logic, probability,
subgroup has defined, in a specific report [4], a trust system as neural network, swarm intelligence, directed/undirected graph,
a system designed to be predictable even under stress. In this arithmetic/weighting and Markov chain are the methods used
same report, it was specified that to build a trusted IoT system, to evaluate trust for routing algorithms, cluster head selection
it is essential to set up a trusted hardware root (RoT: Root of algorithms, etc. In [14], the authors introduced new classes of
Trust) along with the use of encryption during storage as well trust models. Thus, the authors classified trust models as:
as security automation in all IoT devices. The RoT can not socio-inspired (i.e., social networks, etc.), bio-inspired (i.e.,
only generate random numbers, store and use long-term keys, machine learning), and analytical. The analytical class includes
but also verify the integrity of the system to reduce any the different methods presented in the study [13].
security risk and provide strong system protection. In this Furthermore, trust management should be considered in
context, Trusted Platform Module (TPM) is an open and each layer of the IoT architecture in order to offer an end to
interoperable standard of ISO / IEC [9] that allows the end trusted system. In [15], the authors proposed a hierarchical
specification of a hardware RoT. The technical specification of trust management protocol for nodes based on both QoS trust
this standard has been written by the TCG group. TPM (energy, unselfishness) and social trust (intimacy, honesty)
provides security features such as authentication, encryption properties. These different metrics use reputation and update
and attestation (guaranteeing the security of software or models to compute the trust level of a node. To update trust
hardware to a third party). Currently, TPM is integrated into values, the proposed protocol uses both direct observations
billions of connected objects. Hardware Storage Encryption is based on nodes' knowledge and indirect recommendations

Authorized licensed use limited to: Advanced Micro Devices. Downloaded on May 06,2024 at 10:18:19 UTC from IEEE Xplore. Restrictions apply.
received from network's nodes. The criteria used for trust by the HL-Gw using predefined security service level
computing are the honesty, cooperativeness, community agreements and the others, such as the nodes’ positions, are
interest and recommendations. In order to compute the overall collected during runtime from the IoT nodes. The HL-Gw
trust, a mathematical model is used. communicates the global trust level values to the LL-Gw in
In this paper, we focus on the trust management at the order to allow the IoT node selection. Indeed, according to the
lowest layer of the IoT architecture (i.e., Sensing layer) formed HL-Gw IoT trust evaluation, the LL-Gw shall collect the
by the IoT nodes and the gateways. We describe in the desired data from the available nodes with the highest global
following sections our proposed trust management framework trust level in order to receive a trusted information.
enabling the specification and the evaluation of the IoT objects B. IoT Trust Level Parameters
security trust level based on a Fuzzy Logic model using
specific IoT trust level parameters. Different parameters are used to evaluate the global trust
level of the IoT nodes. In order to evaluate the security trust
III. IOT OBJECT TRUST LEVEL SPECIFICATION level of IoT nodes within the IoT sensing layer, we take into
consideration three parameters, which are the Device Physical
We propose an IoT trust level evaluation framework along Security (DPS), the Device Security Level (DSL) and the
with a usage scenario allowing to compute the global trust Device Ownership Trust (DOT), as input parameters in our
level of each IoT node and the selection of the highest trust Fuzzy Logic based trust evaluation proposed model (cf.
level node(s) to collect the desired data according to different Section IV). Different rating systems, with specific values, are
trust level parameters that we describe in this section. proposed to quantify these three parameters (DPS, DSL and
DOT) while using our Fuzzy Logic model. Each rating system,
A. IoT Trust Level framework concerning each trust input parameter, can be personalized
We specify in this paper a trust level management with different values, according to the IoT usage scenario and
the corresponding IoT service offer characteristics.
framework concerning the lowest layer of the proposed IoT
architecture in [16] (i.e., Sensing layer) formed by the IoT
1. Device Physical Security
nodes and the gateways (Low Level Gateway (LL-Gw) and
High Level gateway (HL-Gw)). As a usage scenario (see Fig. IoT nodes are implemented in different physical
1), we consider the sensing layer of the IoT architecture where environments that each have their own security characteristics
different IoT nodes are connected to a LL-Gw under the (i.e., protected area, highly controlled area, etc.). In addition,
control of a HL-Gw. Therefore critical information can be nodes can be protected via secure shields or can be
received by the LL-Gw from IoT nodes that are subject to a implemented freely with no protection. Consequently,
physical attack or from malicious nodes. Consequently, there depending on their implementation environment, nodes can be
is a need to evaluate the trust level of the different IoT nodes easily subject to physical attacks that can affect directly the
in order to request and/or accept the desired information from nodes operating systems and functionalities’ integrity.
nodes respecting a predefined global trust value threshold. Thereupon, the DPS is an essential trust parameter to compute
The specified global trust value threshold depends on the type the overall trust level of the node. A rating system is used in
of IoT applications. For example, a critical application needs order to determine the DPS grade. The rating system is based
an information from highly trusted nodes, whereas, a non- on a grade out of 100 that is computed according to 2 sub-
critical application tolerates to receive the information from parameters graded each out of 50: the physical environment
nodes with lower global trust values. and the physical secure shield as shown in Fig. 2.

Fig. 1 IoT Usage Scenario

In our trust management framework, each IoT node has Fig. 2 Device Physical Security grading system
its own set of characteristics used by the HL-Gw to compute
For the physical environment trust sub-parameter, an IoT
their global trust level. Some characteristics, such as the
node implemented in a protected area is affected 50 points.
security algorithms used by the nodes, are known in advance
Whereas, it is affected 25 point if it is implemented in a semi-

Authorized licensed use limited to: Advanced Micro Devices. Downloaded on May 06,2024 at 10:18:19 UTC from IEEE Xplore. Restrictions apply.
protected area and 0 points if it is implemented in an open area The comparison is based on parameters like key length,
(unsecure area). As for the physical secure shield trust sub- Gateway Equivalent (GE) expressing the hardware
parameter, the node is affected 50 points if it is secured with a implementation complexity and block size. Higher key length
shield and 0 points if it is not. The global grade is computed enables higher DSL. Consequently, we divided the encryption
by adding the grade for the two sub-parameters. For fixed algorithms into three classes depending on the key length and
nodes, the DPS value is fixed as the environment security and we affected each class a grade out of 30. The key length
the secure shield existence are fixed and does not change. If encryption algorithm of less than 80 bits are affected 10
the nodes are mobile, the DPS value may vary according to the points, the key length encryption algorithm between 80 bits
trajectory of the node. Consequently, the gateway coverage and 128 bits are affected 20 points and the key length
area range should be divided into sub-areas of different types encryption algorithm of higher than 128 bits are affected 30
(i.e., open, semi-protected or protected). To create the sub- points. Another 20 points are used to evaluate if the
areas, we take into consideration distance and orientation. encryption algorithm had been compromised. In case of
compromise 0 points are affected and if not 20 points are
2. Device Security Level affected.
DSL is the second trust parameter to be considered while As for the hashing algorithm, a similar rating system is
computing the overall node global trust level. In fact, data used. Three classes are created for the different hashing
transferred from nodes to gateways should be secured and algorithms used in the literature for IoT environments based on
hashed in order to be delivered securely without interception the digest size. Higher digest size enables higher DSL.
or modification. Therefore, the used encryption algorithm as Consequently, we divided the hashing algorithms into three
well as the used hashing algorithm allow to quantify this classes depending on the digest size and we affected each class
parameter with a grade out of 100. In fact, a rating system out a grade out of 30. The digest size of less than 80 bits are
of 50 is used to evaluate the encryption algorithm and a similar affected 10 points, the digest size between 80 bits and 160 bits
rating system out of 50 is used for the hashing algorithm as are affected 20 points and the digest size of higher than 160
shown in Fig. 3. The two grades (i.e., encryption algorithm bits are affected 30 points. Another 20 points are used also to
grade and hashing algorithm grade) are added in order to evaluate if the hashing algorithm had been compromised. In
compute the overall DSL grade. case of compromise 0 points are affected and if not 20 points
are affected. In Table II, we present a comparison between 3
IoT hashing algorithms based on 2 parameters that are the
digest size and the GE.
TABLE II
IOT HASHING ALGORITHMS COMPARISON

Fig. 3 Device Security Level grading system

In the literature different existing encryption algorithms

are adapted to the IoT environments and others are designed
specifically to this environment as IoT nodes have limitations
in terms of memory and processing capabilities. In Table I, we 3. Device Ownership Trust
present a comparison between IoT encryption algorithms. The third parameter is the DOT that has a direct impact on
TABLE I the global trust level of IoT nodes. Different IoT nodes can be
IOT ENCRYPTION ALGORITHMS COMPARISON used to collect the desired information. These nodes can be
owned by one of several owners. Moreover, Sensing layer IoT
nodes can be owned by the IoT Service Provider (IoT-SP), or
by the IoT Client (IoT-C) or by third parties. Furthermore,
untrusted device owners can manipulate IoT nodes and
consequently change the nodes’ functionalities and features,
which impact the reliability and accuracy of the collected
information. In order to quantify the DoT parameter, we used
a rating system out of 100 as shown in Fig. 4. In our DOT

Authorized licensed use limited to: Advanced Micro Devices. Downloaded on May 06,2024 at 10:18:19 UTC from IEEE Xplore. Restrictions apply.
rating system, IoT-SP nodes are granted 100 points, IoT-C in order to quantify the global trust level of IoT nodes in an
nodes are granted 90 points, whereas third parties nodes autonomous manner.
(untrusted parties) are granted 60 points if the IoT node had
B. IoT trust Fuzzy Logic design
been already used without security problems, or 50 points if
the node is used for the first time and 0 points if the node had 1. Fuzzy Logic TSK Model
been already used with security problems occurrence.
The Fuzzy Logic system uses one or different input parameters
(i.e., trust parameters in our research work) that consists of
numerical values (crisp values), in order to compute an output
value (i.e. global IoT node trust level value in our proposed
framework) based on the human reasoning inferred through the
Fuzzy Logic rules and the different membership functions of
the input parameters. Our proposed Fuzzy Logic system,
Fig. 4 Device Ownership Trust grading system enabling IoT node trust evaluation, is composed of different
components as shown in Fig. 5:
IV. FUZZY LOGIC BASED IOT OBJECT TRUST LEVEL
EVALUATION FRAMEWORK • Fuzzification interface: It transforms the input values
(crisp values) into fuzzy sets; each input is
In this section, we specify our Fuzzy Logic based trust represented through a graph that divides it into
evaluation model for IoT environments while using the trust different levels (e.g., the Device Physical Security
parameters proposed in the previous section. Thus, we detail input value can be divided into 3 levels: Low, Mid,
the rules, membership functions and output parameter of the High). As a result, the inputs are represented into
used Fuzzy Logic model. different fuzzy sets using different membership
A. Fuzzy Logic usage motivations functions for the different input levels. The most
widely used membership functions for Fuzzy Logic
Fuzzy Logic is a decision support tool for knowledge systems are triangular membership function and
representation. It is an extension of the classical logic. It helps, trapezoidal membership functions.
to a certain extent, to approximate the flexibility of human • Inference engine: It simulates the human reasoning
reasoning based on the degree of truth of a condition rather process by making fuzzy inference on the fuzzy input
than the usual Boolean logic (True or False). By introducing sets and the fuzzy rule base. This engine mimics the
the notion of truth degree in the verification of a condition, the real world behaviour.
Fuzzy Logic confers a flexibility to reasoning for making it • Fuzzy base inference rules: Store the IF-THEN rules
possible to take into account inaccuracies and uncertainties. required to select the output. The number of rules
Furthermore, Fuzzy Logic rules are stated in natural language, depends on the number of levels in each input as
which simplify the human reasoning formalization. Fuzzy defined in (1). Ki represents the number of levels in
Logic had been used in several application domains like the each input i and n represents the number of inputs. If
image stabilization, control of PH values, etc. [17]. Human all inputs have the same number of levels (K), then
mind is well equipped with the power of giving logical the number of rules will be equal to Kn.
n
thoughts to some hazy concepts, like the trust level evaluation (1)
of the IoT nodes. Thus, the human logical thoughts are needed
Number _ of _ rules = K ∏ 1
i

Fig. 5 IoT Trust Fuzzy Logic Framework

Authorized licensed use limited to: Advanced Micro Devices. Downloaded on May 06,2024 at 10:18:19 UTC from IEEE Xplore. Restrictions apply.
 As shown in Fig.5, we use the Takagi-Sugeno-Kang 2. IoT Trust Level Inference Rules
(TSK) method, as an inference engine, to compute the output
All trust input parameters have the same weight. We
value in order to evaluate the IoT node trust level. TSK
specify the inference rules based on the occurrence of
method allows to obtain a crisp value as an output for a
membership function levels (i.e., Low, Mid, High) as indicated
specific rule and corresponds to a Multiple Input Single Output
in Table III and we match each set of rules to a crisp output
(MISO) system. It offers more flexibility in system design and
value as indicated in Table IV. For example, a rule with a Low
is computational efficient [18]. The output to be used should
membership function for the three input parameters
be a crisp value; each triggered rule should determine a crisp
corresponds to the first entry of table III with an output value
trust value with a certain weight. TSK method allows to
of 1. In our proposed Fuzzy Logic based framework, we
compute for each triggered rule an output crisp level (z = ax +
specify 27 rules, determined through equation (1), as we have
by + cv + d) based on the crisp value of the input parameters
3 trust input parameters (i.e., DPS, DSL and DOT) that each
(x=DPS, y=DSL and v=DOT) and a weight (w) based on the
have 3 membership functions (i.e., Low, Mid, High).
fuzzy sets of the input parameters. The weight is calculated
through the AND method for the truth degree of the input TABLE III
membership functions. Each membership function in each rule INFERENCE RULES LOGIC
has its truth degree equal to the value of the ordinate axis Occurrence Output Value
corresponding to the value of the input parameter on the 3 Low 1
horizontal axis. The input parameters can trigger one or 2 Low & 1 Mid 2
several rules and consequently different weight and output 2 Low & 1 High 3
levels are computed. In order to compute the IoT node global 2 Mid & 1 Low 4
trust level (the maximum value is equal to 10), the weighted 3 Mid 5
average of all rules’ outputs are computed as indicated in (2). 1 Low & 1 Mid & 1 High 6
N represents the number of triggered rules and wi represents
2 Mid & 1 High 7
the weight of a triggered rule output zi.
N 2 High & 1 Low 8
w z
i =1
i i
2 High & 1 Mid 9
Final _ Output = N
(2) 3 High 10

w
i =1
i In order to illustrate our IoT trust evaluation Fuzzy Logic
system operations, we consider an IoT node implemented
within a semi-protected environment with a secure shield
1. IoT trust Fuzzy Logic Input membership functions
(resulting in a DPS of 75/100). Furthermore, the IoT node uses
a non-compromised encryption algorithm with a key length of
In our Fuzzy Logic based trust evaluation proposed
80 bits and a non-compromised hashing algorithm using a
framework, we use three input trust parameters (i.e., DPS,
digest size of 160 bits (resulting in a DSL of 80/100). Finally,
DSL, DOT specified in Section III). Each trust input parameter
the IoT node is owned by the IoT-C (resulting in a DOT of
has a fuzzy set formed by three linguistic variables offering
90/100). Consequently, the corresponding three trust inputs
three triangular membership functions (i.e., Low, Mid and
High) for each parameter. The membership functions that we parameters trigger 8 rules with specific weights, as represented
use for the three trust input parameters are represented in Fig. in Table IV.
TABLE IV
6: the blue curve ([0, 50]) corresponds to the Low membership TRIGGERED RULES OF THE EXAMPLE SCENARIO
function, the red curve ([0, 100]) corresponds to the Mid Rule DPS DSL DOT Weight Output
membership function and the green curve ([50, 100])
1 Mid Mid Mid 0.2 5
corresponds to the High membership function.
2 Mid Mid High 0.4 7
3 Mid High Mid 0.2 7
4 Mid High High 0.5 9
5 High Mid Mid 0.2 7
6 High Mid High 0.4 9
7 High High Mid 0.2 9
8 High High High 0.5 10
Global Trust Level 8.3

The weight of rule 1 is calculated as follows: the truth

Fig. 6 IoT trust membership functions degree of the DPS Mid membership function is equal to 0.5,
the truth degree of the DSL Mid membership function is equal

Authorized licensed use limited to: Advanced Micro Devices. Downloaded on May 06,2024 at 10:18:19 UTC from IEEE Xplore. Restrictions apply.
to 0.4 and the truth degree of the DOT Mid membership We evaluate in the second set of simulation scenarios the
function is equal to 0.2. Thus, we use the AND method to IoT node trust level according to the Device Ownership Trust
obtain a first rule weight equal to 0.2. As for the global trust (DOT) parameter with a fixed value of the Device Physical
level, we obtain a value of 8.3 while using (2). Security equal to 50 for all scenarios but different Device
Security Level values (DSL = 100 for scenario 5, DSL = 80
IV. IOT TRUST VALIDATION AND EVALUATION RESULTS
for scenario 6, DSL= 60 for scenario 7 and DSL = 0 for
We simulate our Fuzzy Logic model using the FISpro 3.5 scenario 8). The obtained results in Fig. 8 show that higher
simulator in order to validate our proposal and to study the values of DSL (i.e., scenario 5) with the same DOT value
evolution of the global trust level while considering different enables a better trust level for the IoT node. Moreover, a
scenarios depending on various values of the three considered higher DOT enables increasing the IoT node trust level for all
input trust parameters. We use the simulation results to scenarios with different DSL values (i.e., scenario 5, 6, 7 and
evaluate the effectiveness of our Fuzzy Logic based 8).
framework. In fact, in the presented scenarios, we consider all It is important to take into consideration the computed
triggered rules for each DOT value and we compute the global trust level while choosing the IoT nodes within the
corresponding weighted average trust level in order to Sensing layer for critical data collection. Our proposed
determine the global trust level of each node. framework enables choosing IoT nodes with higher trust level,
We evaluate in the first set of simulation scenarios the and as a consequence, the global trust level of the IoT system
IoT node trust level according to the Device Ownership Trust is enhanced as these nodes allow to better respect the IoT
(DOT) parameter. Indeed, we consider a fixed value of the user’s privacy and security. Indeed, the chosen IoT nodes
Device Security Level equal to 80 for all scenarios but provide better encryption and hashing algorithms and are
different Device Physical Security values (DPS = 75 for deployed in more secured physical environments while
scenario 1, DPS = 50 for scenario 2, DPS= 25 for scenario 3 belonging to more trusted owners.
and DPS = 0 for scenario 4). The obtained results in Fig 7
IV. CONCLUSION
show that higher values of DPS (i.e., scenario 1) with the same
DOT value enables a better trust level for the IoT node. Gaining users’ trust is an important challenge in order to
Moreover, a higher DOT enables increasing the IoT node trust spread the use of any new technology. Thus, IoT applications
level for all scenarios with different DPS values (i.e., scenario and services need to earn users’ trust as they operate
1, 2, 3 and 4). sometimes in areas concerning the privacy of users (e.g., e-
health applications). Specifically, security based trust should
be considered with great interest in the IoT domain. The IoT
architecture is based on several layers and consequently trust
management should be considered on all layers in order to
obtain a global trust provision. Our proposed trust management
framework allows to ensure that the trust level needed by the
IoT users is respected within the lowest layer of the IoT
architecture (i.e. Sensing layer) by evaluating the trust of the
IoT nodes collecting the data needed by the IoT applications
and services. Consequently, our Fuzzy Logic based
framework allows LL-Gws to request or accept data from
nodes respecting a minimum trust level defined by the IoT
Fig. 7 Trust level evolution in term of Device Ownership Trust user. In order to evaluate the trust level within the IoT Sensing
layer, we took into consideration different parameters
concerning the security of the IoT nodes while specifying our
Fuzzy Logic based model. To validate our proposal, we
conducted several simulations according to different scenarios.
The obtained results show that with higher values of the input
parameters, higher trust levels are affected to the IoT nodes.
In our future works, we aim to include this trust level output as
an input within a multiple attribute IoT access control method
allowing secure communication between IoT nodes and LL-
Gws.
ACKNOWLEDGMENT
Fig. 8 Trust level evolution in term of Device Ownership Trust This research was funded by the Conseil Régional de
Bourgogne Franche Comté through the “plan d’actions
régional pour l’innovation (PARI)” and the European Union

Authorized licensed use limited to: Advanced Micro Devices. Downloaded on May 06,2024 at 10:18:19 UTC from IEEE Xplore. Restrictions apply.
through the “PO FEDER-FSE Bourgogne 2014/2020”
programs.
REFERENCES
[1] English Oxford “Living Dictionaries, Definition of Trust.” [Online].
Available: https://en.oxforddictionaries.com/definition/trust, [Accessed:
04-Apr-2019].
[2] Z. Yan, P. Zhang, and A. V. Vasilakos, “A survey on trust management
for Internet of Things,” Journal of Network and Computer Applications,
vol. 42, pp. 120–134, Jun. 2014.
[3] “X.800 : Security architecture for open systems interconnection for
CCITT applications.” [Online]. Available: https://www.itu.int/rec/T-
REC-X.800-199103-I/fr. [Accessed: 04-Apr-2019].
[4] S. Hanna, “The untrusted IoT - A Path to Securing Billions of Insecure
Devices”, Trusted Computing Group, 2015
[5] “Y.2060 : Overview of the Internet of things.” [Online]. Available:
https://www.itu.int/rec/T-REC-Y.2060-201206-I. [Accessed: 04-Apr-
2019].
[6] “Y.2066 : Common requirements of the Internet of things.” [Online].
Available: https://www.itu.int/rec/T-REC-Y.2066-201406-I/en.
[Accessed: 04-Apr-2019].
[7] Alliance for Internet of Things Innovation, « Report on Workshop on
Security & Privacy in IoT », AIOTI, 2017
[8] “Welcome To Trusted Computing Group,” Trusted Computing Group.
[Online]. Available: https://trustedcomputinggroup.org/. [Accessed: 04-
Apr-2019].
[9] “ISO/IEC 11889-1:2015,” ISO. [Online]. Available:
http://www.iso.org/cms/render/live/en/sites/isoorg/contents/data/standar
d/06/65/66510.html. [Accessed: 04-Apr-2019].
[10] “IEEE 802.1AR-2018 - IEEE Standard for Local and Metropolitan Area
Networks - Secure Device Identity.” [Online]. Available:
https://standards.ieee.org/standard/802_1AR-2018.html. [Accessed: 04-
Apr-2019].
[11] “TAXII_Overview.pdf.” [Online]. Available: https://taxiiproj
ect.github.io/releases/1.1/TAXII_Overview.pdf. [Accessed: 04-Apr-
2019].
[12] D. Chen, G. Chang, D. Sun, J. Li, J. Jia, and X. Wang, “TRM-IoT: A
trust management model based on fuzzy reputation for internet of
things,” Comput. Sci. Inf. Syst., vol. 8, pp. 1207–1228, 2011.
[13] D. Airehrour, J. Gutierrez, and S. K. Ray, “Secure routing for internet of
things,” Journal of Network and Computer Applications, vol. 66, no. C,
pp. 198–213, Jan. 2016.
[14] H. Nunoo-Mensah, K. Boateng, D. Gadze and G. Klogo, “SoTRMSim:
Sociopsychological Trust and Reputation Models Simulator for Wireless
Sensor Networks”. Vol. 12. 2018.
[15] B. Fenye and I.R. Chen, “Dynamic trust management for internet of
things applications.” International workshop on Self-aware internet of
things Self-IoT '12 (2012).
[16] A. Khalil, N. Mbarek, and O. Togni, “Self-Configuring IoT Service QoS
Guarantee Using QBAIoT,” Computers, vol. 7, no. 4, p. 64, Nov. 2018.
[17] “Motivations of Fuzzy Logic.doc | Fuzzy Logic | Artificial Neural
Network,” Scribd. [Online]. Available:
https://www.scribd.com/document/172969317/Motivations-of-Fuzzy-
Logic-doc. [Accessed: 04-Apr-2019].
[18] “What Is Sugeno-Type Fuzzy Inference?”, [Online]. Available:
https://www.mathworks.com/help/fuzzy/what-is-sugeno-type-fuzzy-
inference.html. [Accessed: 04-Apr-2019].

Authorized licensed use limited to: Advanced Micro Devices. Downloaded on May 06,2024 at 10:18:19 UTC from IEEE Xplore. Restrictions apply.