Security as a Service for Cloud-Enabled Internet of Controlled Things under Advanced Persistent Threats: A Contract Design Approach

Juntao Chen, Quanyan Zhu

Research output: Contribution to journalArticlepeer-review

Abstract

In this paper, we aim to establish a holistic framework that integrates the cyber-physical layers of a cloud-enabled Internet of Controlled Things (IoCT) through the lens of contract theory. At the physical layer, the device uses cloud services to operate the system. The quality of cloud services is unknown to the device, and hence the device designs a menu of contracts to enable a reliable and incentive-compatible service. Based on the received contracts, the cloud service provider (SP) serves the device by determining its optimal cyber defense strategy. A contract-based FlipCloud game is used to assess the security risk and the cloud quality of service (QoS) under advanced persistent threats. The contract design approach creates a pricing mechanism for on-demand security as a service for cloud-enabled IoCT. By focusing on high and low QoS types of cloud SPs, we find that the contract design can be divided into two regimes (regimes I and II) with respect to the provided cloud QoS. Specifically, the physical devices whose optimal contracts are in regime I always request the best possible cloud security service. In contrast, the device only asks for a cloud security level that can stabilize the system when the optimal contracts lie in regime II. We illustrate the obtained results via case studies of a cloud-enabled smart home.

Original languageEnglish (US)
Article number7954676
Pages (from-to)2736-2750
Number of pages15
JournalIEEE Transactions on Information Forensics and Security
Volume12
Issue number11
DOIs
StatePublished - Nov 2017

Keywords

  • Internet of Controlled Things
  • Security as a service
  • advanced persistent threats
  • cloud computing
  • contract design

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Security as a Service for Cloud-Enabled Internet of Controlled Things under Advanced Persistent Threats: A Contract Design Approach'. Together they form a unique fingerprint.

Cite this