Sage Journals: Discover world-class research

Abstract

The Internet of Things provides visions of innovative services and domain-specific applications. With the development of Internet of Things services, various structural data need to be transferred over the Internet. However, protecting structural information that contains sensitive data has raised concerns against Internet of Things services. For a publish/subscribe scenario consisting of sensors, fog nodes, and subscribers, we propose a model that (1) expands the present XML Encryption standard for data with string and numeric types implemented in the sensors, (2) efficiently and discreetly filters matched streaming data and performs summation in the fog nodes, and (3) decrypts the filtered and aggregated data in the subscribers without revealing privacy data. The experimental results of the performance on fog node implemented by PC or Raspberry Pi show that the proposed model can rapidly process multiple encrypted XML streams generated by sensors in a parallel manner without revealing privacy data to subscribers. Therefore, the proposed model is a solution to the fog computing applications in which the privacy preservation of sensor data is of great concern.

Keywords

Streaming data XML filtering Internet of Things security privacy-preserving

Introduction

With advancements in information technology, many objects with embedded electronics are connected through the Internet. This connectivity generates the basic idea of the Internet of Things (IoT). Through the use of IoT technologies, unknown phenomena can be identified early. For example, anomalous heartbeats can be detected using wearable devices that monitor a person’s heart rate; an agriculture company can predict crop productivity using long-term data on humidity, temperature, and images of growing crops.

To expedite procedures for domain-specific analysis, cloud computing has been widely used in the IoT. Cloud computing services result in high network latency for users and involve high economic costs of computing resources for immediate services. By contrast, fog computing plays a critical role between users and cloud servers because of its low latency, widespread geographical distribution, mobility, low economic costs, and real-time processing.^1,2 Fog computing offers some services close to users or connected devices that collect data such as billable services and simple analytics.³ In smart grids, fog computing has been shown to improve efficiency of energy consumption in houses and buildings.^4,5 A smart grid usually consists of smart meters, concentrators, and meter data management systems (MDMS). The smart meters collect private data, for example, power consumption, household ID, and other private information, and transmit them to the concentrators. Concentrators can act as fog nodes, which perform necessary data aggregation and then send the aggregated results to subscribers for visualization or advanced analytics. In smart city, smart street lights can serve as fog nodes to interact locally with sensors and detect presence of pedestrians and bikers, and measure the distance and speed of approaching vehicles and send warning signals to approaching vehicles.⁶

In this article, we discuss the following system-related and privacy concerns of IoT technologies: (1) the prevention of privacy leakage, (2) a mechanism by which devices transmit comprehensive data specifically related to structural information, and (3) the efficient and secure processing of data in fog computing.

First, privacy leakage may be caused by malware, software vulnerabilities, and man-in-the-middle attacks.⁴ We may assume that the fog nodes are semi-trusted and can honestly execute lightweight computational services such as aggregations. For aggregations in fog nodes, general encryption methods such as the Advanced Encryption Standard (AES)⁷ and RSA (Ron Rivest, Adi Shamir and Leonard Adleman) are unsuitable because sensitive information may be captured by malware when the fog nodes decrypt the encrypted data. Second, XML technologies, such as Extensible Messaging and Presence Protocol (XMPP), are widely used in the IoT to transmit structural information.⁸ For secure communication, RSA or AES is used in XML Encryption, as recommended by the World Wide Web Consortium (W3C).⁹ Because of legislative concerns about data collection,¹⁰ client privacy should be protected. However, decryption should be performed for aggregation. Private data may be accessed by attackers after decryption. Third, streaming processing technologies enable efficient data processing. XML filtering has been introduced to process XML streams. However, XML filtering focuses on processing a single stream, but rarely processes multiple streams.^11–15 Computational ability can be enhanced if these filters concurrently process multiple streams.

To solve the aforementioned problems, we propose a computational model that (1) provides an XML encryption algorithm (XEA) that expands existing XML Encryption in sensor nodes and (2) efficiently and securely filters multiple encrypted XML streams that matched the queries of subscribers and performs aggregation operations without decryption in the fog node. The major contributions of this article are as follows: (1) we propose a model for encrypting XML documents by expanding the current XML Encryption standard, (2) we provide an approach that enables multicore processing of multiple XML streams, (3) we propose secure aggregation for encrypted XML streams without any decryption to support secure aggregation, and (4) we detail experiments in which three XML filtering and two aggregation methods were used on both devices of PC and Raspberry Pi.

The remainder of this article is organized as follows. Preliminary knowledge is introduced in section “Preliminary knowledge.” Related work is discussed in section “Related work,” and our proposed model is described in section “The proposed model.” Performance and security analysis are discussed in section “Performance and security analysis.” Section “Experiments” explains the experimental results and, finally, section “Conclusion” offers the conclusion of this study.

Preliminary knowledge

XML data model and tree pattern query

To represent XML documents in this article, we used the data model from parts of the XPath query model (XDM),¹⁶ which is a tree-like representation model for XML. For example, a source XML document is presented in Figure 1(a) and the corresponding XML data model is presented in Figure 1(b). In Figure 1(b), the tree nodes without rectangles or the prefix “@” are the elements of the source XML document; the attributes of elements are denoted by the prefix “@” and the values consisting of element contexts and attribute contents are enclosed in rectangles. For each element node, its depth means the number of edges following from the root node to it. For instance, the nodes with element name c have depth of 2. We assumed that the values in the XML document were composed of string and numeric types. To easily explain our proposed method, we assumed that several string-type values and only one numeric value were present in the XML document.

Figure 1.

A simple XML document and its TPQ: (a) source structure of XML, (b) XML data model, and (c) examples of TPQ.

For queries in XDM, tree pattern query (TPQ) was used, as shown in Figure 1(c). The TPQ/a/b/c/@e is for determining the values of attribute e, which has ancestor elements following the order of a, b, and c. The “/” denotes the parent–child relationship. The other TPQ/a//d/text() is for determining the text of element d, which has an ancestor element a. The “//” denotes the ancestor–descendent relationship. In particular, the TPQ/a/b[d = ”v₂”]/c/@e represents a twig query. It selects the path/a/b such that the element b has a child element d of value v₂ and another child element c. Then, it returns the value of attribute e of the element c.

XML streams

An XML document can be transferred in a byte stream manner. In other words, the XML document will be sequentially transferred byte by byte from the beginning to the end to the Internet. In this study, we assumed that a sensor node generates a single XML stream. Each XML stream consists of timestamped XML documents with each XML document representing the sensed data of a sensor at the time specified by the timestamp. To embed a timestamp in an XML document, we placed a simple element called time in each XML document.

Related work

IoT technology and security

An IoT platform may consist of components such as sensor nodes, fog nodes, and cloud computing nodes. The capabilities of various components in IoT application platforms such as communication protocols, services, and computation were widely discussed in Al-Fuqaha et al.⁸ In some applications of smart city, Jayaraman et al.¹⁷ proposed context-aware real-time data analytics platform called CARDAP to enable the dynamic integration of application-specific analytics for fulfilling the needs of crowd-sensing applications, such as monitoring citizen activities. Giordano et al.¹⁸ designed the Rainbow platform for monitoring, managing, and controlling IoT devices remotely. They built a multi-agent system operating on the top of Rainbow to create smart services. To build a data mining system over the IoT, F Chen et al.¹⁹ suggested five layers comprising IoT devices, integration of raw data, data gathering, data processing, and data mining services. They also mentioned adding a vertical layer for security and privacy. To format messages in instant messaging, XMPP was introduced by the Internet Engineering Task Force. Laine and Säilä²⁰ evaluated the performance of XMPP over HTML5 WebSocket and proved that XMPP was an efficient solution for real-time communication. Bendel et al.²¹ proposed an XMPP-based service model for the IoT, which enabled nearly real-time processing and dynamically deployable services. Although these platforms exist,^17–19 Bendel et al.²¹ proposed solutions for data analytics on IoT platforms, where security concerns have not been discussed.

To enhance data secrecy, the Transport Layer Security (TLS) protocol²² is used in developing IoT applications for communication security.⁸

Wang et al.²³ discussed the differences between fog computing and cloud computing in terms of security issues. They further introduced the solution to prevent illegal access by monitoring the attack pattern and prompting SMS alerts to users. Stojmenovic and Wen⁶ presented the man-in-the-middle attack by replacing the fake fog node and successfully hijacking the victim’s video communication. If a malware or a backdoor is on the computing nodes of smart grid, the attacker may use the malware or backdoor to steal the decrypted data while performing aggregation services. A solution to this problem is developing a secure mathematical operation for encrypted data. Because homomorphic encryption enables mathematic operations to operate on encrypted data, it is frequently used to preserve privacy in various applications. Jiang et al.²⁴ used a random-matrix-based approach and homomorphic encryption approach with the Paillier system²⁵ to discreetly calculate the similarities between documents. For smart grids, Garcia and Jacobs²⁶ proposed an approach that combines the Paillier additive homomorphic encryption and additive secret sharing. This approach can aggregate user energy consumption. However, it must periodically use shared random numbers in meters. A drawback of Paillier-based systems is the requirement to perform partial homomorphic encryption. Paillier-based systems claim to add two encrypted values and multiply the target value with one plain value. Gentry and Halevi²⁷ proposed a fully homomorphic encryption; however, its implementation yielded slow performance. Selection of partial or complete encryption depends on the type of application used. Considering the execution efficiency, we selected the approach described in Paillier²⁵ as our homomorphic encryption system.

XML filtering and querying on encrypted XML documents

XML filtering is used to remove unnecessary information, and it can capture the required data for further computation. YFilter, an XML filtering system, uses a novel nondeterministic finite automata approach to combine multiple XPaths for filtering on a single XML stream.¹² However, YFilter does not support position or twig queries. To support twig queries, EFilter was proposed,²⁸ which efficiently processes twig queries by utilizing QLinkedList. XMLDog²⁹ proposed an event-based approach to efficiently sniff and process XML documents, and this approach can be used to process XML streams. The Saxon processor³⁰ provides a utility for querying and filtering either XML documents or streams. However, these filtering systems can process only a single XML stream.³¹

To encrypt XML documents, XML Encryption⁹ is recommended by W3C. As mentioned in section “Introduction,” decryption should be performed when a content-based analysis is required. Therefore, performing queries securely on encrypted XML documents is very challenging. Brinkman et al.³² used a relational database to store the structural information of XML documents. In their search protocol for pattern queries, the Data Encryption Standard was used, which has been considered insecure.³³ Wang and Lakshmanan³⁴ proposed a group approach for encrypting the selected blocks of an XML document with user security constraints. This approach supported range and twig queries on encrypted XML documents. However, the group approach may be unsuitable for users who cannot decide which part contains sensitive data. Attackers can obtain information from other non-encrypted blocks of the XML document. To support range queries without revealing the structural information, Cao et al.³⁵ proposed an encoding vector to hide the XML queries and implemented numeric value encryption based on asymmetric scalar-product preserving encryption.³⁶ The approach proposed by Cao et al.³⁵ is closely related to the approach proposed in our study, but their method supports only range queries, and the XML encoding technology is not compatible with present XML filtering tools. In summary, these approaches^32,34,35 support only range queries but not aggregation operations.

The proposed model

To process multiple encrypted XML streams, filter the corresponding contents based on query patterns, and perform aggregation operations on encrypted content, we propose a model consisting of encryption for XML stream modules, XML filtering modules, and aggregation modules. Encryption for XML stream module enables the encryption of the XML document and generation of XML streams. The XML filtering module can filter the required information according to the given tree pattern queries. The aggregation module performs the aggregation operations on the basis of the encrypted contents filtered by the filtering module. The system architecture of the proposed model is presented in Figure 2. The system includes a third-party server, multiple sensor nodes, a fog node, and several subscribers. The sensor nodes discussed in this article have stronger computational abilities than typical sensor nodes. Platforms such as Raspberry Pi can act as sensor nodes.

Figure 2.

System architecture.

Third-party server

For simplicity, we refer to third-party servers as “servers” hereafter. Servers deploy public or secret keys and common parameters of selected encryption algorithms to sensors and subscribers. They have full access to the fog nodes to control which data should be passed to subscribers. Moreover, servers can store a large amount of sensitive data. Users who deploy sensors in their household or industrial area can access the server to observe the data collected from their sensors. The subscribers have access to the server and can request permission to obtain data according to the agreement among the users, third-party servers, and subscribers. After the request for acquiring and aggregating data is confirmed, the server encrypts the related query patterns for the subscribers and installs the patterns into the fog nodes and the keys and parameters to provide decryption operations to the subscribers in a secure manner. Subsequently, the subscribers receive the encrypted and filtered data from the fog nodes and decrypt the data using the keys and parameters provided by the server.

Sensor node

Sensor nodes generate encrypted XML documents using the proposed encryption algorithm. The sensor nodes must obtain secret keys, common parameters, and encryption functions from the server via a secret channel and execute the algorithm to encrypt the contents and attributes for the indicated XML elements and then generate the encrypted XML documents. The secret channel between the sensor node and server can be established using standard encrypted communication protocols such as Secure Shell or Secure Socket Layer (SSL).

For compatibility, the output format of our XEA is an extended version of the XML Encryption standard. The detailed design of the encryption in the sensor node is introduced in section “XEA.” Each sensor node transfers the encrypted XML streams to the fog node.

Fog node

The role of the fog node is to process the encrypted temporal XML streams from a group of specific sensor nodes. A fog node consists of five main components: (1) Encrypted tree pattern query (ETPQ): for filtering the contents of encrypted XML streams, TPQs are used. To prevent the fog node from identifying TPQ metadata, encrypting the names of the elements and attributes of the TPQs is reasonable. ETPQs can be set up by servers via a secret channel that can be implemented using the same protocol between the sensor and server. The TPQ design is briefly described in section “ETPQ.” (2) Task dispatcher: the task dispatcher receives several XML streams and dispatches each XML stream to unused XML filters. The detailed design of the task dispatcher is described in section “Task dispatcher and XML filter.” (3) XML filter: the filters load ETPQs provided by the servers to support subscription. To support stream processing and manage the filters, each filter should be able to process the XML stream and should be annotated in either the used or unused state by the task dispatcher. The filtered information was categorized into two types: string and numeric. The types of information can be defined using the built-in XPath patterns in the aggregator. The string data are directly pushed into the result producer. The numeric data are sent to the aggregation processor. We detail the functionality of this XML filter module in section “Task dispatcher and XML filter.” (4) Aggregation processor: after the aggregation processor collects sufficient numeric data, it triggers the aggregation operations. In this study, we used the summation function for encrypted numeric values. The summation function is introduced in section “Aggregation processor.” (5) Result producer: the result producer should compose the encrypted values from the XML filter and aggregation processor and annotate the corresponding types of data. The implementation of this component is straightforward; therefore, we do not go into detail. In this article, we describe the designs of the following components: XML encryption for sensors, and the task dispatcher, XML filters, and aggregation processor for fog nodes.

Subscriber

To decrypt the encrypted data sent from the fog node, the decryption module must be installed in subscriber nodes. This module can decrypt data using the corresponding decryption algorithm according to the uniform resource identifiers (URIs) specified by the sensor node. We detail the decryption in section “Decryption by subscriber.”

XEA

For security and efficiency, the sensor nodes always generate encrypted XML documents and transfer the XML streams. The XEA is used to encrypt the raw data of XML documents. To conform to present standards, we adopted XML Encryption version 1.1³⁷ as the XEA output.

We assumed that any XEA contains an XML schema, which is shared by the server and sensor nodes. The XEA procedure is described as follows:

XEA fetches the preliminary settings from the server, including the hash functions, encryption keys, and common parameters. To protect the information from leakage, the encryption keys are protected and shared only with the server, subscribers, and sensor nodes.

XEA fetches presenting values and encrypts them according to their data types:

Numeric. To perform operations supported by homomorphic encryption on the fog nodes, the numeric values must be encrypted using appropriate homomorphic encryption methods. In this study, we considered summation as the aggregation operation. In this study, we suggest two revised methods, namely, random-matrix-based and homomorphic-encryption-based approaches, for developing the XEA. Originally, these two methods were proposed by Jiang et al.²⁴ to discreetly compute the inner product of two vectors u and v, known separately by two parties. In our case, because we considered only the summation of user data, we can easily reduce these data from the vector product by setting one of the vectors consisting of identity elements. The workflow of the random-matrix-based approach among the sensor, fog node, subscriber, and the third-party server is presented in Listing 1, and that of the homomorphic-encryption-based approach is presented in Listing 2. Detailed operations and proofs of the security of these two approaches are discussed in Jiang et al.²⁴

String. The aggregation of the string-type values is presumed to be simple concatenation in our approach. For compatibility, the values can be encrypted using the standard encryption method recommended by XML Encryption. For efficiency, we used the AES encryption method with 256-bit keys (also known as AES-256).

XEA follows the specification of XML Encryption and generates XML streams according to the given XML schema. The encrypted values should be placed into the EncryptedData elements. To prevent fog nodes from obtaining the actual query patterns, the element and attribute names of each XML stream should be encrypted by the hash function, which are previously provided by the server. To efficiently encrypt the XML, the hash values of the element names can be previously settled. Because the W3C XML Encryption standard does not support homomorphic encryption, the URIs of homomorphic encryption algorithms are not defined in the EncryptionMethod elements. We expanded the URIs by including this option, which is recognizable by the fog nodes. Usually, a sensor data record consists of sensor ID, location, timestamp, the readings of the sensor, and so on. For example, a data record for smart meter may consist of three string-type attributes including the household ID, device ID, timestamp, and another numeric-type attribute representing the reading of energy consumption. The formats of a sample sensor data record and its encrypted form using our proposed algorithm are shown in Figure 3(a) and (b), respectively. Clearly, the element names of the source XML document are encrypted. The contents of each element are also encrypted by the corresponding encryption algorithms. The encryption algorithms for numeric data are indicated by the Algorithm attribute of the EncryptionMethod element, http://example.com#paillier-crypto.

Figure 3.

Example of XML Encryption for power metering data: (a) records of power consumption and (b) snapshot of an encrypted XML document.

Listing 1. Workflow of the random-matrix-based approach.
1. Server prepares a matrix A with $n \times m$ dimensions, where m > n.2. Server generates m random numbers R = {R₁, …, R_m} as key.3. Server sends row A_i and R to the sensor node with ID i via a secret channel for i = 1, …, n.4. Server sends A to the fog node.5. For each sensor node with ID i and a value v_i, the sensor node calculates $z_{i} = v_{i} + \sum_{j = 1}^{m} a_{i, j} * R_{j}$ , where $a_{i, j}$ is the element of A at the ith row and jth column, and sends z_i to fog node.6. Fog node computes $S = \sum_{i = 1}^{n} z_{i}$ .7. Fog node computes $y_{k} = \sum_{i = 1}^{n} a_{i, k}$ for each k = 1, …, m and sends y and S to the subscriber.8. Subscriber computes $S' = \sum_{j = 1}^{m} y_{j} * R_{j}$ .9. Subscriber obtains the summary S″ = S – S′.
Listing 2. Workflow of the homomorphic-encryption-based approach
1. Server generates a pair of public key pk and private key pr.2. Server sends pk to each sensor node via a secret channel.3. For each sensor with ID i and a value v_i, the sensor node calculates $z_{i} = Encryp t_{pk} (v_{i})$ and sends z_i to fog node.4. Fog node computes $S' = z_{1} +_{h} z_{2} +_{h} \dots +_{h} z_{n}$ and sends S′ to the subscriber.5. Subscriber obtains the summary $S = Decryp t_{pr} (S')$ .

ETPQ

To prevent the revelation of TPQ metadata to the fog node, encrypting the TPQs in the server is reasonable. We termed such encrypted TPQs as ETPQs. ETPQs are used to filter the values according to their type, which is required by the server for it to perform further operations. ETPQ consists of the following: (1) TPQ: an XPath whose elements and attributes are encrypted by the server. (2) Type: it denotes the type of the corresponding value of each TPQ. (3) Operation: it denotes which operation can be executed. After the ETPQs are created by the server, they can be installed in the fog node. If a strong hash function is used, decryption of the ETPQs by the fog node becomes difficult. After ETPQs are generated by the server, they are installed in the corresponding fog nodes.

Example 1

In Table 1, elements a, b, c, d, and e are hashed into ae87, b810, dp02, and ed70. The original TPQs /a/b/c/@e and /a//d/text() can be easily transformed into/ae87/b810/@ed70 and/ae87//dp02/text(), respectively.

Table 1.

Example of ETPQ.

ETPQ			Original TPQ
TPQ	Type	Operation
/ae87/b810/@ed70	String	Output	/a/b/c/@e
/ae87//dp02/text()	Numeric	Summarization	/a//d/text()

TPQ: tree pattern query; ETPQ: encrypted tree pattern query.

Task dispatcher and XML filter

The task dispatcher was designed to execute a sequence of dispatching jobs including receiving multiple incoming streams, constructing a task for filtering the streams, and assigning the corresponding tasks for the filtering data. The pseudocode of the task dispatcher is shown in algorithm 1, where a thread pool consisting of XML filters given by ETPQs is prepared in line 1. The algorithm continuously listens to the incoming XML streams in lines 2–13. In lines 3–11, once an XML stream is received, a task for this stream is created and an available XML filter is sought to process the task. The task is placed into the queue of the thread pool if no XML filter is available.

Algorithm 1. Task dispatcher algorithm
Input: The number of XML filters N_f, aggregators N_a, and result producers is the same as N_a.Output: NoneBEGIN1. Initiate a thread pool P_f with N_f XML filters by given ETPQs;2. while (true)3. if an encrypted temporal XML stream S comes:4. Prepare a filter task T_f consisting of a unique TaskId, S.timestamp t and S.5. If there is an available XML filter F in P_f:6. Denote F is in use state.7. Execute F(T_f);8. Assign the tasks for results of F(T_f) to the aggregation processor and result producer.9. else10. Put T_f c into P_f’s waiting queue.11. end12. end if13. endEND

Algorithm 1. Task dispatcher algorithm

Input: The number of XML filters N_f, aggregators N_a, and result producers is the same as N_a.Output: NoneBEGIN1. Initiate a thread pool P_f with N_f XML filters by given ETPQs;2. while (true)3. if an encrypted temporal XML stream S comes:4. Prepare a filter task T_f consisting of a unique TaskId, S.timestamp t and S.5. If there is an available XML filter F in P_f:6. Denote F is in use state.7. Execute F(T_f);8. Assign the tasks for results of F(T_f) to the aggregation processor and result producer.9. else10. Put T_f c into P_f’s waiting queue.11. end12. end if13. endEND

For a given ETPQ, the XML filter performs the following:

Prepare the mapping table for ETPQ. The table entry is indexed by the ETPQ’s TPQ.

Read the given XML stream.

Push each value of the XPath matching ETPQ into the entry indexed by the matched ETPQ in the mapping tables. If the value’s corresponding URI of the attribute EncryptionMethod is found, the URI is pushed into the entry of the mapping table.

After the filter processes the XML stream, execute the mapping table’s entries as follows. (a) Numeric type: outputs the values of the entries and their corresponding URIs of the attribute EncryptionMethod to the aggregation processor. (b) String type: outputs the values and their corresponding URIs of the attribute EncryptionMethod to the result producer.

Aggregation processor

To aggregate the encrypted numeric values without decryption, we propose two approaches: random-matrix-based and homomorphic-encryption-based approaches for the aggregation processor. According to the results from the XML filters (the encrypted values and corresponding URI of EncryptionMethod), the aggregation processor executes algorithm 2 to complete the summation operation homomorphically.

Algorithm 2. Aggregation algorithm
Input: A set of values V = {v₁, v₂, …, v_n}, for each v_i is the value filtered from sensor v_i’s XML stream. The URI of EncryptionMethod of V, uri.Output: The encrypted summation result S.BEGIN1. ifuri matches “Random-Matrix-based”:2. Execute computation of random-matrix-based approach with V.3. else ifuri matches “HomomorphicEncryption”:4. Execute computation of homomorphic-encryption-based approach with V;5. end6. Return the encrypted summation result S from the executed computation procedure and the uri. Additionally, returns the computed vector y if the random-matrix-based approach executed.END

Algorithm 2. Aggregation algorithm

Input: A set of values V = {v₁, v₂, …, v_n}, for each v_i is the value filtered from sensor v_i’s XML stream. The URI of EncryptionMethod of V, uri.Output: The encrypted summation result S.BEGIN1. ifuri matches “Random-Matrix-based”:2. Execute computation of random-matrix-based approach with V.3. else ifuri matches “HomomorphicEncryption”:4. Execute computation of homomorphic-encryption-based approach with V;5. end6. Return the encrypted summation result S from the executed computation procedure and the uri. Additionally, returns the computed vector y if the random-matrix-based approach executed.END

Decryption by subscriber

When the subscriber receives the set of outputs O from the fog node, it executes the decryption algorithm according to each output in O. Each output in O consists of URI for EncryptionMethod, the encrypted data D, and the vector y, which exists only if the random-matrix-based approach is selected in EncryptionMethod. The pseudocode is shown in algorithm 3, where the corresponding decryption method is executed according to the URI in lines 2, 4, and 6.

Algorithm 3. Decryption algorithm
Input: The URI of describing EncryptionMethod, the encrypted data D, and the vector y.Output: The decrypted results S.BEGIN1. ifURI matches “Random-Matrix-based”:2. Execute decryption of random-matrix-based approach with D and y as inputs.3. else ifURI matches “HomomorphicEncryption”:4. Execute decryption of homomorphic-encryption-based approach with D as inputs;5. else ifURI matches the URIs of standards of “symmetric” or “asymmetric” encryption in XML Encryption:6. Execute the corresponding decryption method with D.7. end if8. Return the decrypted results S.END

Algorithm 3. Decryption algorithm

Input: The URI of describing EncryptionMethod, the encrypted data D, and the vector y.Output: The decrypted results S.BEGIN1. ifURI matches “Random-Matrix-based”:2. Execute decryption of random-matrix-based approach with D and y as inputs.3. else ifURI matches “HomomorphicEncryption”:4. Execute decryption of homomorphic-encryption-based approach with D as inputs;5. else ifURI matches the URIs of standards of “symmetric” or “asymmetric” encryption in XML Encryption:6. Execute the corresponding decryption method with D.7. end if8. Return the decrypted results S.END

Performance and security analysis

In this section, we analyze the time complexity of fog node, and security and privacy schemes of the proposed model in sections “Time complexity of fog node” and “Security analysis,” respectively.

Time complexity of fog node

To analyze the overall time complexity of a fog node, we calculate the time complexities of task dispatcher, XML filters, and aggregation processor. Assume that we have N streams and M concurrent XML filters. Assume these N streams contain K numeric values in total. We calculate the time complexity for processing each stream and then calculate the overall time complexity for processing N streams. We also assume that the time complexity for XML filter to process an XML document with E XML elements is O(E) and the time complexity of aggregating two encrypted values is constant, that is, O(1). Therefore, the time complexities for processing N streams are calculated below.

For task dispatcher, its execution is simple and assume it takes O(1) for each stream; therefore, O(N) in total. For concurrent XML filters, because the XML filters are running in concurrent manner, the overall complexity is O(N × E/M).

For aggregation processor, given K numeric values, it performs O(K) aggregations. The time complexities of encryption approaches based on random matrix and homomorphic encryption are described in Jiang et al.²⁴ Their time complexities seem to be the same but the actual execution time of homomorphic encryption is slower than that of using random-matrix-based approach.

Based on the above time complexities, the overall time complexity for processing N streams is O(N+N × E/M+K).

Security analysis

The main purpose of the proposed scheme is to provide a secure and privacy-preserving mechanism for fog computing. We assumed the fog node to be semi-trustable, that is, it was assumed to do the data aggregation operations without decryption honestly.

We consider two attack models. First, attackers may attempt to decrypt the encrypted sensor readings from the data communications between fog nodes and sensor nodes or between fog nodes and subscribers. Second, attackers aim to decrypt the encrypted sensor readings in the fog node. Both attack models address the problem of decrypting encrypted data consisting of encrypted strings and numeric data.

In the proposed model, the string-type data are encrypted using AES-256, and the encryption keys are transmitted to the sensor nodes and subscribers using the standard SSL protocol. The time complexity of breaking AES-256 using biclique method is 2^254.4,³⁸ which can be considered as a very difficult problem for attackers.

Second, numeric data can be encrypted using two approaches. If numeric data are encrypted using the random-matrix-based approach, the numeric values are masked by m random numbers, which are unknown to the attackers. Consequently, attackers cannot decrypt the data by simply obtaining the data in the fog node. If the numeric data are encrypted using the homomorphic-encryption-based approach proposed by Jiang et al.,²⁴ to decrypt the sensor data, attackers must break the underlying Paillier system, which has been proved to be as difficult as solving the discrete logarithm problem.²⁵

To further improve the security of the scheme, the server should periodically change the settings of the encryption system (i.e. the random numbers in the random-matrix-based approach or the public and private keys in the homomorphic-encryption-based approach).

Experiments

Experimental setup

To evaluate our proposed approach, the implementation of fog node is based on either PC or Raspberry Pi platforms. The PC environment was based on an Intel E3-1200 quad-core system with 4-GB memory and a 1-Gbps LAN, operated on Ubuntu 14.04 LTS with Linux kernel 3.19. The Raspberry Pi platform consists of a 1.2-GHz 64-bit quad-core ARMv8 CPU, a 10/100 Ethernet network card, and 802.11n wireless network; it operates on Raspbian OS with Linux kernel 4.4.9. We used Java to implement all algorithms on the fog node. The network environment was built on an Ethernet 100-Mbps LAN. Because deploying numerous sensors is difficult, we prepared a standalone PC to simulate the environment of several sensors.

In these experiments, we regard a smart meter with non-intrusive load-monitoring capability as a powerful sensor, which can simultaneously monitor and read the power consumption readings of 10 electric devices. The actual number of electric devices monitored by the smart meter depends on the interface design of the smart meter. The smart meter reads the readings of 10 devices and then generates encrypted XML document every second. The data format for each reading in XML document is described in Figure 3(a), which includes three string-type elements (householder ID, smart meter ID, and timestamp of the read operation) and one numeric-type element representing the reading of an electric device. Since each XML document contains data for 10 electric devices, it has 40 elements in total. The data size of the encrypted XML document is about 38 KB in average.

The worst case for fog node to process an XML document is to filter all of the contents of elements and perform necessary aggregation for readings. Therefore, we prepare 40 ETPQs for retrieving the contents of elements for 10 electric devices in an XML document. We evaluated the performance of the fog node by comparing the experiments of combinations of three XML filters (i.e. XMLDog, Saxon, and YFilter) on random-matrix-based and homomorphic-encryption-based approaches. We compared the performances by varying the number of concurrent XML filters (1, 5, 10, 15, and 20).

We compared the performance of concurrent processing of multiple XML streams by simulating 100, 300, and 500 sensor nodes. Given that N sensors generated a total of N XML streams every second, the execution time was measured from the time of processing the first stream in the fog node until the time of completing the aggregation computations on N XML streams.

Experimental results

We evaluated the performance of the combinations of XML filters and the cryptosystem, the results of which are shown in Tables 2 –5. The labels S, X, and Y in these tables represent Saxon, XMLDog, and YFilter, respectively. Run time is measured in milliseconds.

Table 2.

Random-matrix-based approach on PC.

No. of sensor nodes	100			300			500
No. of filters	Filter type
	S	X	Y	S	X	Y	S	X	Y
1	805.9	501.5	440.4	1733.3	1276.3	1203.5	2654	2041.1	1962.5
5	514.5	341.7	306.9	1086.1	894.7	862.7	1670.7	1453.5	1422.2
10	493.9	327.7	295.2	1056.1	888	851.6	1619.6	1442	1408.5
15	488	327.6	297.5	1048.8	886.6	855.8	1613.8	1445.1	1412.7
20	509	331.9	303.9	1066.7	886.4	859.8	1632.5	1446.4	1419.6

Table 3.

Random-matrix-based approach on Raspberry Pi.

No. of sensor nodes	100			300			500
No. of filters	Filter type
	S	X	Y	S	X	Y	S	X	Y
1	4141.5	1712.4	1067.5	9026	3862	2630.5	13876	6120.5	4138.1
5	3208.1	1211.8	805	5538.1	2151.7	1395.4	7905.5	3183	2028.9
10	3364.6	1367.3	805.1	6547.5	2555.4	1412.1	8491.9	3595.1	2093.5
15	3557.1	1459	861.6	6898	2745.5	1541	9273.9	3585.9	2185.5
20	3695.6	1412.1	890.6	7117.6	3381.6	1523.5	9508.3	4597.8	2086

Table 4.

Homomorphic-encryption-based approach on PC.

No. of sensor nodes	100			300			500
No. of filters	Filter type
	S	X	Y	S	X	Y	S	X	Y
1	871.5	565.2	491.2	1915.6	1457.4	1368.1	2881.3	2293.1	2222.8
5	579.3	393.6	355	1247.3	1045.3	1017.3	1877.1	1699.4	1675.2
10	555.2	385.5	344.1	1225.2	1034.3	1005.8	1841.8	1695.9	1661
15	553.7	384.6	344	1219.4	1033.7	1008.3	1848.7	1694.3	1664.3
20	583.8	382.2	352.5	1214.7	1036.6	1016.9	1847.6	1698.2	1674.7

Table 5.

Homomorphic-encryption-based approach on Raspberry Pi.

No. of sensor nodes	100			300			500
No. of filters	Filter type
	S	X	Y	S	X	Y	S	X	Y
1	4446	1776.4	1115.9	9265.4	3935.1	2704.7	14081	6265.7	4243.8
5	3297.5	1319	873.8	5830.3	2350.7	1611.2	8138.8	3338.3	2800.9
10	3896.5	1691.3	1137.9	7054.3	3272.7	2210.8	9380.6	4632.7	3067.4
15	4186.4	1810.2	1144	8009.8	3543	2255.9	10389.4	5269.5	3218
20	4348.3	1827.7	1208.8	8189.1	3797.2	2120.7	10897.8	6023.4	3245.5

The evaluation of the random-matrix-based approach on the PC platform revealed that the performance of Saxon was lower than that of XMLDog and YFilter (Table 2) because, compared with XMLDog and YFilter, Saxon must initiate a higher number of running objects and create a complex data model to perform filtering. YFilter outperformed XMLDog in many cases because YFilter does not need to construct complex data objects and it has fewer event calls than XMLDog. The similar experiment on IoT device—Raspberry Pi (Table 3)—shows that the run time is longer than that of PC because of the limited computational abilities on Raspberry Pi. In Tables 2 and 3, the results indicate that with larger number of streams, the processing time is longer, but execution time can be reduced by properly increasing the number of concurrent filters. This situation actually coincides with our time complexity analysis.

The performance of the homomorphic-encryption-based approach was evaluated for PC (Table 4) and the IoT device (Table 5). The performance relationship between these filters remained unchanged. However, the run times were longer than those of the random-matrix-based approach because heavy product operations are executed in homomorphic encryption. In Table 4, although the filters benefit from increasing the number of concurrent XML filters, the overheads increase with the number of concurrent XML filters (≥5) because of resource competition. Similar results were observed in the homomorphic encryption on Raspberry Pi (Table 5). However, the performance was lower than that on PC. This can be attributed to the poor computational ability on Raspberry Pi. All three XML filters serving for 500 sensors cannot be accomplished within 2800 ms because of the poor performance. We also compare the approaches using AES-256, which is a built-in java library, for PC and Raspberry Pi. This AES-based implementation does not support aggregation with encryption. We perform the aggregation operations after decrypting the filtered numeric values. Then, the aggregated values are encrypted and sent to result producer. The corresponding results are shown in Tables 6 and 7, respectively. In most cases of running AES-256, the performance is worse than that of using homomorphic encryption. But the approach based only on AES-256 encryption should decrypt the sensor reading data for aggregation. It may have privacy leak if the malwares are put in the fog nodes. The proposed approaches using either random matrix or homomorphic encryption can provide privacy protection because no decryption is involved for aggregation.

Table 6.

AES-256 approach on PC.

No. of sensor nodes	100			300			500
No. of filters	Filter type
	S	X	Y	S	X	Y	S	X	Y
1	870.7	752.5	596.8	1843.5	1820.3	1481.3	2646.1	2374.5	2327.1
5	584.1	677.9	446.9	1331.9	1480.1	1095.7	1860.3	1761.5	1737.9
10	774.5	505.3	413.3	1504.3	1383.6	1102.6	1850.2	1752.9	1735.5
15	827.1	471.7	408.5	1343.3	1553.6	1121.6	1849.4	1756.3	1731.3
20	481	407.2	534.7	1348.1	1297.5	1051.7	1830.3	1753.5	1733.8

Table 7.

AES-256 approach on Raspberry Pi.

No. of sensor nodes	100			300			500
No. of filters	Filter type
	S	X	Y	S	X	Y	S	X	Y
1	2952.6	1778.5	1318.7	5876.9	4456.1	2825.8	8703.7	6033	4346.3
5	2791.3	1735.1	1538.6	4048.3	2788.2	1956.7	5182.4	3129.5	2399
10	3015.8	1953	1665.2	4632.9	3033.1	2229.1	6149.3	3815.3	2812.5
15	3147.9	2190.8	1700.9	4930.9	3794.7	2538	6451.9	4121.9	2971.5
20	3227.2	2190.4	1698.4	5009.5	4228.9	2674.6	6552.7	4646.7	3000.7

To overcome the computation challenge on Raspberry Pi, we propose the following solutions: (1) select lightweight encryption functions when the incoming data are not very sensitive, (2) use native programs (despite the virtual-machine-embedded solution, using a native program can directly accelerate processing), and (3) collaborative execution (use several homogeneous or heterogeneous devices and compose them as an alliance to execute filters and aggregations in a map-reduce manner). These solutions may enable enhancing the performance.

Conclusion

In this article, we propose a model that (1) provides an XEA by expanding the XML Encryption standard⁷ in sensor nodes, and (2) efficiently and securely filters multiple encrypted XML streams and performs aggregation operations without decryption in the fog node. We performed experiments on PC environments and IoT devices. Our experimental results show that although Raspberry Pi supports lower computing power than PC, its run time is satisfactory. However, because the computation resources of Raspberry Pi are limited, using too many concurrent XML filters easily results in resource competition. Nevertheless, efficiency is obtained by appropriately increasing the number of concurrent XML filters, particularly for consuming multiple XML streams.

The solution we proposed can not only be applied to the scenario of XML data exchange for publish/subscribe service but also provide a secure method for data protection and privacy-preserving. For IoT applications, JavaScript Simple Object Notation (JSON) has been a popular format, and JSON Web Encryption (JWE),³⁹ which utilizes standard cryptographic algorithms, is a proposed standard for encrypting JSON data. However, JWE requires the base64url encoding. To adjust our system for the JSON data, we can add a streaming decoder for base64url and use appropriate JWE filter modules in this system.

Our future study will address the following issues: (1) implement a collaborative computation model for several IoT devices, (2) support more aggregation operations, and (3) implement the proposed model on IoT communication protocols and compare their performance.

Footnotes

Acknowledgements

The authors thank the Institute of Information Science, Academia Sinica, Taiwan, for their support to this research while Dr I-En Liao was a visiting scholar during the period from 1 October 2016 to 31 December 2016.

Academic Editor: Davide Brunelli

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) disclosed receipt of the following financial support for the research, authorship, and/or publication of this article: This research was partially supported by the Ministry of Science and Technology, Taiwan, under the grant number MOST 103-2221-E-005052-MY2 and by the Taiwan Information Security Center at NCHU (TWISC@NCHU), Ministry of Science and Technology, Taiwan, under the grant numbers MOST 105-2221-E-005-070 and MOST 105-2218-E-001-001.

References

Bonomi

Milito

Zhu

. Fog computing and its role in the Internet of Things. In: Proceedings of the first edition of the MCC workshop on mobile cloud computing, Helsinki, 13–17 August 2012, pp.13–16. New York: ACM.

Vaquero

Rodero-Merino

. Finding your way in the fog: towards a comprehensive definition of fog computing. ACM SIGCOMM Comput Commun Rev 2014; 44(5): 27–32.

Cisco Systems Inc. Fog computing and the Internet of Things: extend the cloud to where the things are. San Jose, CA: Cisco Systems Inc., https://www.cisco.com/c/dam/en_us/solutions/trends/iot/docs/computing-overview.pdf

Komninos

Philippou

Pitsillides

. Survey in smart grid and smart home security: issues, challenges and countermeasures. IEEE Commun Surv Tut 2014; 16(4): 1933–1954.

Yan

Qian

Sharif

. A survey on smart grid communication infrastructures: motivations, requirements and challenges. IEEE Commun Surv Tut 2013; 15(1): 5–20.

Stojmenovic

Wen

. The fog computing paradigm: scenarios and security issues. In: Proceedings of the 2014 federated conference on computer science and information systems, Warsaw, 7–10 September 2014, pp.1–8. New York: IEEE.

Specification for the Advanced Encryption Standard (AES), no. 197. FIPS, 2001, http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf

Al-Fuqaha

Guizani

Mohammadi

. Internet of Things: a survey on enabling technologies, protocols, and applications. IEEE Commun Surv Tut 2015; 17(4): 2347–2376.

Imamura

Dillaway

Simon

. XML encryption syntax and processing. W3C Recomm 2002, https://www.w3.org/TR/xmlenc-core/

10.

Weber

. Internet of Things–new security and privacy challenges. Comput Law Secur Rev 2010; 26(1): 23–30.

11.

Diao

Altinel

Franklin

. Path sharing and predicate evaluation for high-performance XML filtering. ACM T Database Syst 2003; 28(4): 467–516.

12.

Diao

Fischer

Franklin

. Yfilter: efficient and scalable filtering of XML documents. In: Proceedings of the 18th international conference on data engineering, San Jose, CA, 26 February–1 March 2002, pp.341–342. New York: IEEE.

13.

Ning

Liu

. XML filtering with XPath expressions containing parent and ancestor axes. Inform Sciences 2012; 210: 41–54.

14.

Saxena

Kamal

. System architecture and effect of depth of query on XML document filtering using PFilter. In: Proceedings of the 2013 sixth international conference on contemporary computing (IC3), Noida, India, 8–10 August 2013, pp.192–195. New York: IEEE.

15.

Zhao

Xia

Zhao

. The research on XML filtering model using lazy DFA. J Softw 2012; 7(8): 1759–1766.

16.

Fernández

Malhotra

Marsh

. XQuery 1.0 and XPath 2.0 data model. W3C. Cambridge, MA: World Wide Web Consortium, 2002, http://www.w3.org/TR/query-datamodel

17.

Jayaraman

Gomes

Nguyen

. CARDAP: a scalable energy-efficient context aware distributed mobile data analytics platform for the fog. In: Proceedings of the 18th East European conference on advances in databases and information systems (ADBIS 2014) (eds Manolopoulos

Trajcevski

Kon-Popovska

), Ohrid, 7–10 September 2014, pp.192–206. Cham: Springer International Publishing, http://dx.doi.org/10.1007/978-3-319-10933-6_15

18.

Giordano

Spezzano

Vinci

. Smart agents and fog computing for smart city applications. In: Proceedings of the international conference on smart cities, Trento, 12–15 September 2016, pp.137–146. New York: IEEE.

19.

Chen

Deng

Wan

. Data mining for the Internet of Things: literature review and challenges. Int J Distrib Sens N 2015; 2015: 12.

20.

Laine

Säilä

. Performance evaluation of XMPP on the web. CiteSeerX, 2012, http://media.tkk.fi/webservices/personnel/markku_laine/performance_evaluation_of_xmpp_on_the_web.pdf

21.

Bendel

Springer

Schuster

. A service infrastructure for the Internet of Things based on XMPP. In: Proceedings of the 2013 IEEE international conference on pervasive computing and communications workshops (PERCOM Workshops), San Diego, CA, 18–22 March 2013, pp.385–388. New York: IEEE.

22.

Dierks

. The transport layer security (TLS) protocol version 1.2. 2008, https://www.ietf.org/rfc/rfc5246.txt

23.

Wang

Uehara

Sasaki

. Fog computing: issues and challenges in security and forensics. In: Proceedings of the 2015 IEEE 39th annual computer software and applications conference (vol. 3), Taichung, Taiwan, 1–5 July 2015, pp. 53–59. New York: IEEE.

24.

Jiang

Murugesan

Clifton

. Similar document detection with limited information disclosure. In: Proceedings of the 2008 IEEE 24th international conference on data engineering, Cancun, Mexico, 7–12 April 2008, pp.735–743. New York: IEEE.

25.

Paillier

. Public-key cryptosystems based on composite degree residuosity classes. In: Proceedings of the international conference on the theory and application of cryptographic techniques: advances in cryptology (EUROCRYPT ’99) (ed Stern

), Prague, 2–6 May 1999, pp.223–238. Berlin, Heidelberg: Springer, http://dx.doi.org/10.1007/3-540-48910-X_16

26.

Garcia

Jacobs

. Privacy-friendly energy-metering via homomorphic encryption. In: Proceedings of the 6th international workshop on security and trust management (STM 2010) (eds Cuellar

Lopez

Barthe

.), Athens, 23–24 September 2010, pp.226–238. Berlin, Heidelberg: Springer, http://dx.doi.org/10.1007/978-3-642-22444-7_15

27.

Gentry

Halevi

. Implementing Gentry’s fully-homomorphic encryption scheme. In: Proceedings of the 30th annual international conference on the theory and applications of cryptographic techniques: advances in cryptology (EUROCRYPT 2011) (ed Paterson

), Tallinn, 15–19 May 2011, pp.129–148. Berlin, Heidelberg: Springer, http://dx.doi.org/10.1007/978-3-642-20465-4_9

28.

Hsu

Liao

. EFilter: an efficient filter for supporting twig query patterns in XML streams. In: Proceedings of the 2013 international conference one-Business (ICE-B), Reykjavik, 29–31 July 2013, pp. 1–8. New York: IEEE.

29.

Tekuri

. XMLDog, https://github.com/santhosh-tekuri/jlibs/wiki/XMLDog

30.

Saxon processor. Saxonica, http://www.saxonica.com/welcome/welcome.xml

31.

Theodoratos

. A survey on XML streaming evaluation techniques. VLDB J 2013; 22(2): 177–202.

32.

Brinkman

Feng

Doumen

. Efficient tree search in encrypted data. Inf Syst Secur 2004; 13(3): 14–21.

33.

Agrawal

Sharma

. Implementation and analysis of various symmetric cryptosystems. Indian J Sci Technol 2010; 3(12): 1173–1176.

34.

Wang

Lakshmanan

LVS

. Efficient secure query evaluation over encrypted XML databases. In: Proceedings of the 32nd international conference on very large data bases, Seoul, Korea, 12–1 September 2006, pp.127–138. VLDB Endowment, http://dl.acm.org/citation.cfm?id=1182635.1164140

35.

Cao

Rao

F-Y

Kuzu

. Efficient tree pattern queries on encrypted xml documents. In: Proceedings of the Joint EDBT/ICDT 2013 workshops, Genoa, Italy, 18–22 March 2013, pp.111–120. New York: ACM.

36.

Wong

Cheung

Kao

. Secure kNN computation on encrypted databases. In: Proceedings of the 2009 ACM SIGMOD international conference on management of data, Providence, RI, 29 June–2 July 2009, pp. 139–152. New York: ACM.

37.

XML encryption syntax and processing version 1.1. W3C, https://www.w3.org/TR/xmlenc-core1/

38.

Bogdanov

Khovratovich

Rechberger

. Biclique cryptanalysis of the full AES. In: Proceedings of the 17th international conference on the theory and application of cryptology and information security: advances in cryptology (ASIACRYPT 2011) (eds Lee

Wang

), Seoul, South Korea, 4–8 December 2011, pp.344–371. Berlin, Heidelberg: Springer, http://dx.doi.org/10.1007/978-3-642-25385-0_19

39.

JSON Web Encryption (JWE) no. 7516. Internet Engineering Task Force (IETF), https://tools.ietf.org/html/rfc7516.

A model for aggregation and filtering on encrypted XML streams in fog computing

Abstract

Keywords

Introduction

Preliminary knowledge

XML data model and tree pattern query

XML streams

Related work

IoT technology and security

XML filtering and querying on encrypted XML documents

The proposed model

Third-party server

Sensor node

Fog node

Subscriber

XEA

ETPQ

Example 1

Task dispatcher and XML filter

Aggregation processor

Decryption by subscriber

Performance and security analysis

Time complexity of fog node

Security analysis

Experiments

Experimental setup

Experimental results

Conclusion

Footnotes

Acknowledgements

Declaration of conflicting interests

Funding

References