Computer Networks: Ola Salman, Imad Elhajj, Ali Chehab, Ayman Kayssi

Computer Networks 143 (2018) 221–246
Contents lists available at ScienceDirect
Computer Networks
journal homepage: www.elsevier.com/locate/comnet
Review article
IoT survey: An SDN and fog computing perspective

Ola Salman∗, Imad Elhajj, Ali Chehab, Ayman Kayssi
Department Electrical and Computer Engineering, American University of Beirut, Beirut 1107 2020, Lebanon
a r t i c l e i n f o a b s t r a c t
Article history: Recently, there has been an increasing interest in the Internet of Things (IoT). While some analysts dis-
Received 18 January 2018 value the IoT hype, several technology leaders, governments, and researchers are putting serious efforts
Revised 21 June 2018
to develop solutions enabling wide IoT deployment. Thus, the huge amount of generated data, the high
Accepted 12 July 2018
network scale, the security and privacy concerns, the new requirements in terms of QoS, and the hetero-
Available online 17 July 2018
geneity in this ubiquitous network of networks make its implementation a very challenging task. SDN, a
Keywords: new networking paradigm, has revealed its usefulness in reducing the management complexities in to-
IoT day’s networks. Additionally, SDN, having a global view of the network, has presented effective security
Survey solutions. On the other hand, fog computing, a new data service platform, consists of pushing the data to
SDN the network edge reducing the cost (in terms of bandwidth consumption and high latency) of “big data”
Fog transportation through the core network. In this paper, we critically review the SDN and fog computing-
Cloud
based solutions to overcome the IoT main challenges, highlighting their advantages, and exposing their
5G
weaknesses. Thus, we make recommendations at the end of this paper for the upcoming research work.
© 2018 Elsevier B.V. All rights reserved.
1. Introduction develop IoT solutions has resulted in proposing disjoint ones. Lack-
ing interoperability between the different IoT platforms limits their
One of the all-time most impactful innovations is the Internet. potential. We all know that the root enabler of the Internet suc-
Internet has permitted the interconnection of all traditional com- cess and wide adoption is its openness and its standardized archi-
puting devices and it was natural for this desire for access and tecture. Having different IoT architectures and platform resulted in
control to extend to non-traditional devices. Here came the evo- having heterogeneous silos of networks. In addition to this kind
lution into Internet of Things (IoT). Mentioned seventeen years ago of heterogeneity, different formats of data are used, and different
by Kevin Ashton [1], IoT draws the lines of the second digital revo- types of communication technologies are invoked. This makes the
lution [2,3]. Cisco expected that, by 2020, 50 billion objects would IoT a vertically fragmented network. Therefore, the heterogeneity
be connected to the Internet [4]. This large scale is one of the un- is another important challenge facing IoT.
avoidable challenges for the IoT domain. The high scalability is ac- Moreover, the large number of connected devices will naturally
companied with an increased complexity in the management of result in enormous amount of data, which challenges the ability
this large number of things/gateways, and network devices. Man- of today’s networks to handle. The current centralized paradigm of
aging all these devices in the traditional way (manually and each data processing and storage is not feasible. New ways to analyze,
device separately) is no longer viable. filter and aggregate this data at the network edges will be essential
As the Metcalfe’s law states, the importance of a communi- in any upcoming IoT solution. The IoT “Big Data” is not only about
cation network increases exponentially with the number of con- the size of the generated data, but it is more about the variety of
nected devices [5]. Therefore, with billions of connected things in this data in terms of type, semantic, frequency, place and time.
the future network, the IoT value is extremely high [6]. In addi- Finally, security and privacy guarantees present one of the
tion, IoT is depicted as one of the most disruptive technologies most important challenges that effectively hinders any real IoT
[7,8]. Many firms and technology leaders (Intel, Microsoft, Cisco, wide deployment. In addition to the current security vulnerabili-
InterDigital, etc.) have taken note of the IoT economical value [9], ties, IoT poses new ones.
and put serious efforts to enable IoT real deployment (Table 1 lists In the light of the cited challenges, there is a need for new
some of the important ongoing projects). However, this drive to approach to networking. Software Defined Networking (SDN), a
new networking paradigm, aims to separate the control and data
∗
planes. This separation provides the network controller with a
Corresponding author.
global view of the network, facilitating traffic engineering and net-
E-mail addresses: [email protected] (O. Salman), [email protected] (I. Elhajj),
[email protected] (A. Chehab), [email protected] (A. Kayssi). work management at runtime [10]. On the other hand, fog comput-
https://doi.org/10.1016/j.comnet.2018.07.020
1389-1286/© 2018 Elsevier B.V. All rights reserved.
222 O. Salman et al. / Computer Networks 143 (2018) 221–246
Table 1
IoT commercial projects.
Company Project
Intel [11] Intel IoT Platform

Microsoft [12] Azure IoT Suite
Libelium [13] Smart World Sensor Applications
Frankhaufer FOKUS [14] OpenMTC
Cisco [15] Cisco IoT System
Hewlett Packard Enterprise [16] vCore
Dell [17] Edge Gateway
AT&T [18] AT&T IoT
InterDigital [19] M2M/IoT
IBM [20] Watson IoT
ing (a cloud computing complement) aims at bringing the cloud to

the network edge making it more scalable and more responsive. In
this survey, we will investigate how these technologies have been
applied in the IoT field and how their application will enable the Fig. 1. The different IoT related concepts.
IoT wide deployment.
In the literature, several surveys have tackled different IoT re-
lated subjects (see Table 2): IoT applications, challenges, and op- have been proposed resulting in a storm of terms and definitions.
portunities [21–31], IoT frameworks [32–37], IoT security [38–43], Important work is being done by the IEEE Internet initiative in or-
IoT standardization [44–48], SDN application in IoT [49–54], IoT der to find a conceptual IoT definition [58]. ITU defines IoT as be-
and cloud integration [55,56]. ing an infrastructure that will connect physical and virtual devices
However, the existing surveys do not comprehensively review [59]. IETF defines IoT as being the Internet that considers TCP/IP
the main IoT challenges. The Internet already presents QoS and se- and Non-TCP/IP suites at the same time and the things as being
curity related challenges, but in the IoT case, some of the existing “objects” identified by unique addresses [60]. IEEE, in its special
challenges become more crucial. Thus, the existing work includes report on Internet of Things, defines it as a network that connects
specific and non-specific-IoT challenges. In addition, the IoT chal- devices having sensing capabilities [58]. In [58], the IEEE Internet
lenges are listed without including the related proposed solutions. initiative gives its own definition as follows: The Internet of Things
However, in this work, we presented the four main IoT-specific is a network that connects uniquely identifiable virtual and physi-
challenges and we reviewed the proposed solutions coping with cal devices, using existing or new communications protocols. These
these challenges. In this context, new technologies emerge in the Things are dynamically configurable and have interfaces that must
network, communication, and IT domains. These technologies can be accessible distantly through the Internet [58].
enable innovative IoT applications and help in coping with many Actually, IoT is not the exclusive name for this new concept.
of the IoT challenges. However, the existing work does not cover In the IoT storm, there are different and confusing terms such
the most recent technologies and the role of these technologies in as: Machine-to-Machine (M2M), Industrial Internet of Things (IIoT),
alleviating the IoT challenges. Thus, this work presents the most Internet of Anything (IoA), Internet of Everything (IoE), Web of
recent enabling technologies, and how these technologies can be Things (WoT), and Social Internet of Things (SIoT). An inclusion
employed to cope with the presented IoT challenges. Specifically, relation can be established between these different concepts as
this paper reviews the application of SDN, NFV, cloud computing, shown in Fig. 1. In the following, we will try to present the defini-
and fog computing to handle the main IoT challenges. tions of these concepts IoE, coined by Cisco [61], consists of con-
This paper is organized as follows: In Section 2, we discuss the necting things, devices, humans, and data to a global network [62].
most relevant IoT definitions and we list the main related IoT con- IoA, presented in [63], consists of connecting not only the exist-
cepts. In Section 3, we investigate the IoT enabling technologies. In ing well-known things as implied in the IoE definition, but also
Section 4, we review the most important IoT, SDN, NFV, and edge it refers to connect all possibly “imagined” things. M2M is a sub-
computing standardization efforts. In the subsequent sections, we set of IoT [64], which includes the M2M communications as well
present the IoT main challenges (as shown in Table 3): IoT secu- as Machine-to-Human interaction. ETSI defines M2M in [65] as: an
rity, IoT Big Data, IoT heterogeneity, and IoT scalability, and the automated communication between two devices without a human
corresponding SDN/NFV and cloud/edge-based solutions. Thus, in intervention [65]. While IoT focuses on the physical objects’ repre-
Section 5, we review the IoT security related work and we show sentation, M2M is connectivity centric. Thus, moving from M2M to
how SDN can alleviate the IoT security concerns. Section 6 reviews IoT necessitates further considerations [66].
the IoT “Big Data” and the application of cloud and fog comput- While IoT applications tackle different human life domains, the
ing to manage it. The IoT gateway is an essential part to cope with industrial field remains one of the most critical ones. Applying IoT
the heterogeneity challenge, so in Section 7, we review the propo- in the industrial domain requires careful attention and special ef-
sitions of IoT gateways. IoT scalability imposes new architectural forts [67,68]. Talking about industries means that we include busi-
considerations, so Section 8 reviews the most known IoT architec- nesses ranging from small ones to large ones. Security and privacy
tures and the SDN integration into a general IoT architecture. In are the most challenging issues in this context [69]. Recently, a
Section 9, we present the main limitations of the current IoT solu- consortium for the industrial IoT, IIoT, has been established [70].
tions and we make some recommendations for the future research This consortium, founded by AT&T, Cisco, GE, IBM, and Intel in
directions. Finally, we conclude in Section 10. March 2014, aims at pushing the standardization in this area [71].
In the Auto-ID Labs white paper presented in [72], a compari-
2. IoT definition son between IoT and Web of things, WoT, is performed. It is stated
that IoT is a wider concept than WoT, having structural concerns
Beyond the IoT hype, a real definition is essential to highlight (e.g. unique identity for the things), which cannot be resolved by
the characteristics of this new concept [57]. Several definitions the web technology. Essentially, WoT is a web framework to which
O. Salman et al. / Computer Networks 143 (2018) 221–246 223
Table 2
IoT surveys summary.
Subject Reference Contributions Limitations
IoT applications, challenges, and opportunities [21–31] The main IoT benefits, applications The challenges are just mentioned
(smart home, healthcare, connected without presenting the enabling
cars), and challenges are presented. technologies and solutions.
IoT frameworks [32–37] The different proposed IoT frameworks The SDN and fog-based frameworks are
are presented. not included.
IoT Security [38–43] The IoT security challenges and the The SDN benefits in terms of security
proposed protocols are presented. are not considered.
IoT Standardization [44–48] The standardization efforts in the IoT The standardization efforts for the new
domain are reviewed. emerging technologies like SDN and
fog computing are not presented.
SDN application in IoT [49–54] The SDN application at different IoT The role of SDN in alleviating the IoT
levels are presented. challenges is not included.
Cloud/Edge computing for IoT [55,56] The cloud related application to enable The focus is on the big data related
different IoT applications are presented. challenge. However, the networking
aspect of the different data nodes is
not considered (the application of SDN
for data networking).
Table 3
IoT challenges, benefits, and limitations.
IoT challenges Benefits Limitations
Scalability • Connecting new kinds of devices • Management complexity

• Gain more control over the connected • Network capacity
devices
• QoS
Big Data • Enabling innovative applications • Big Data management

• Getting useful insights from Big Data • Data centralization: high latency,
analysis redundancy, etc.
• Data at the network edge: security,
management, networking, etc.
Heterogeneity • Integrating different IoT vertical silos • Interoperability

• Integrating different communication
technologies, devices’ types, data types,
etc.
Security and Privacy • Enabling innovative applications using • New types of attacks
sensitive data
• Private data inspection
the things are connected through the Internet and have their col- 3. Enabling technologies
lected data pushed to it. Web data analysis, and user interfaces are
keys to provide services that enable innovative applications. The In this section, we present the recent technologies designated
web can be used to access data but the communication between to play an essential role in the IoT realization.
devices, automation, auto-configuration, and management capabil-
ities are outside the scope of the existing web.
SIoT, which allows the things to have their social networks 3.1. SDN & NFV
[73,74], is a related concept to WoT. Inheriting the success of so-
cial networks (e.g. Facebook), that can be considered as “banks of SDN, an emerging technology in the network domain, aims
data”, the socialization concept can be employed in the IoT con- at separating control and data planes. The control plane consists
text. The projection of the IoT world in the social one results in of the SDN controller (Network Operating System (NOS)) which
the projection of the things into the social world, which requires has the role of network orchestration; most of the computations
new things’ definitions (social objects) [75]. are done there, which gives it a special importance being the
The Future Internet (FI) is a global network that will encompass network brain. The data plane consists of the network devices
all the above-mentioned networks. Six principles (C6) will enable (routers/switches) being responsible for simple matching opera-
this innovation. The C6 annotation refers to: Connectivity, Content, tions to know how to forward the packets. These simple devices
Cloud, Context, Collaboration, and Cognition [76]. In such a net- forward to the controller every packet they do not know how to
work, mobile and constrained things will be connected to the In- act upon.
ternet generating huge amount of data. This data, handled by ad- SDN is not the first attempt towards separating data forwarding
vanced cloud based technologies, will shift context-aware behavior and network strategical computation, and it is not the first trial
into a collaborative environment between the different things. The to softwarize the network functions. The history of programmable
analysis of this data will result in a cognitive world. Effectively, IoT networks dates back to the early 90s. Several attempts to ap-
is an essential part of the Future Internet [77]. ply programmability and automation in the network domain have
Accordingly, it is important to show the distinction between been conceived (e.g. ATM) [79]. However, SDN is the most promis-
these concepts in the aim to solve their specific problems and to ing one. OpenFlow, the first standardized southbound interface, has
allow their realization in the near future [78]. presented a primary insight onto the network programmability ef-
ble, it takes action based on the entry’s action part. Otherwise, it

forwards the packet to the controller. When it receives the packet
from the switch (PacketIn), the controller takes the forwarding de-
cision and downloads the corresponding rule to the switch (Pack-
etOut). The controller basic modules are: topology manager, link
manager, decision making, data control, and data storage [88]. The
controller learns about the network links (between switches and
switches and hosts) using the Link Layer Discovery Protocol (LLDP).
The link discovery module provides this information to the topol-
ogy manager module that is responsible of constructing/updating
the network topology database.
On top of the control layer, the application layer resides. The
communication between the control and application layers is per-
formed through the northbound interfaces. These interfaces, which
give the application access to the network collected data, offer
Fig. 2. SDN architecture.
most of the SDN benefits.
The IoT realization is mostly hindered by the Internet manage-
ment complexity issue preventing the dynamic deployment of new
services. The control is fully distributed; so, reconfiguring the net-
work and adding new features will be exhaustive if done in the
traditional way. Using SDN, this task becomes much simpler; the
control centralization provides the controller with a global view of
the network, giving it the power to hide the management com-
plexities and to have more control over the network. QoS guaran-
tee, heterogeneity, security and privacy concerns, communication
resilience, and big data management are tasks that can be allevi-
ated by the SDN introduction [89,90].
On the other hand, after revealing its innovative value in the IT
domain, the virtualization finds its way into the network domain
with the SDN proliferation. NFV and SDN are complementary tech-
nologies. SDN with NFV (or SDNv2 [91]) allow the virtualization
of the network functions in a way similar to what we have seen
in the computing domain; the same network infrastructure can be
used by different applications. The network is divided into slices in
this case, and each slice has to support certain flow. This allows a
fine-grained services categorization and offers a security enhance-
ment solution.
Fig. 3. OpenFlow based flow. Additionally, NFV plays an important role in the IoT domain
[92]. Coupled with SDN, this technology has the capability to han-
dle the IoT requirements in terms of QoS guarantee, traffic engi-
fectiveness. However, limiting SDN to OpenFlow is an inappropriate neering, defeating heterogeneity, and providing security services.
limitation of the SDN horizons. Additionally, NFV helps to cope with the IoT high scalability chal-
The SDN architecture, as presented in the recent IRTF RFC 7426 lenge [93]. Due to the limited network capacity, the increase in
drafted by the SDN Research Group (SDNRG) [80], consists of four the number of connected devices poses network constraints that
layers: data layer, control layer, management layer, and application cannot be met, especially at peak time load. However, upgrading
layer as shown in Fig. 2. This architecture provides network flex- the existing network infrastructure to support higher capacity is
ibility, dynamicity, and management capabilities. In this context, expensive in terms of both OpEx and CapEx. In this context, vir-
the question about how SDN can enable IoT arises. tualization provides elasticity that helps in an optimized use of
Therefore, one can argue that it is a bad idea to propose a cen- the limited hardware resources at low network load permitting
tralized architecture for this highly scalable network, or that ap- the sharing of the network infrastructure between different ser-
plying the SDN paradigm to it has a retro effect that returns us vice providers and different network services/functions. Addition-
back to the era where the centralization paradigm was pioneer- ally, NFV allows to borrow network resources as needed at run-
ing the telecom domain. However, these assertions are not very time preventing the waste of resources if designed to handle the
accurate. SDN centralized control cannot be compared to a central peak load [94].
telecom switch. The SDN centralization is a logical concept more
than being a physical one. In this context, the distributed control 3.2. Cloud computing (X-as a Service)
scheme came to defend this argument [81,82]. Several controllers
have enabled control distributiveness into their architecture: Disco Cloud computing has permitted advancement in the network
[83], Onix [84], ONOS [85], and OpenDaylight [86], etc. In this case, and telecommunication domains. Relying on the “pay-as-you-go”
the East/Westbound [87] interfaces are responsible for connecting paradigm, it enables the reduction of both OpEx and CapEx. In the
the distributed controllers’ instances. Besides, the southbound in- IT domain, several big companies have built their own cloud sys-
terfaces provide the control over the network. OpenFlow is the tems (e.g. Microsoft [95], Google [96], Apple [97], etc.), and some
most known southbound interface. The OpenFlow operational flow have exploited it from an economical perspective. Cloud was a rev-
is summarized in Fig. 3. olution in the IT domain and it draws a new line in the telecom-
Upon receiving a packet, the switch performs filter matching munication domain. The idea behind the cloud is to borrow com-
on the header fields. If there is a corresponding entry in this ta- puting facilities from the cloud and to pay as you use the pro-
pushed to the cloud) [107–109]. Thus, the collaboration between

cloud and edge is mandatory [110].
In the shadow of edge computing, comparable new trends
aroused (Fig. 5) [111,112]. Fog, cloudlet, and Multi-access Edge
Computing (MEC) are three significantly related concepts. In the
following, we will try to investigate the subtle differences between
these technologies. In this context, the work done in [113] was a
good reference for such a comparison.
3.3.1. Fog
Inspired by the natural phenomenon of having fog and clouds
where fog are closer to the ground [113], fog computing is meant
to be the cloud at the network edge in the IoT networks [114–116].
Fog computing, coined by Cisco in 2012, is an extension of the
cloud to the network edge [117]. The fog related characteristics
such as low latency, geo-distribution, location awareness, support
for mobility, support for ubiquitous access, and support for het-
Fig. 4. Common Fog/MEC/Cloudlet features. erogeneity, present basic requirements for a wide range of IoT ser-
vices and applications [118]. Additionally, the IoT high scalability
imposes federated network management and thus call for new net-
vided services. Three main services were provided by the cloud: work and data technologies to enable IoT data processing at the
SaaS (Software as a Service), PaaS (Platform as a Service), and IaaS network edge [119–121].
(Infrastructure as a Service). In [122], the authors shed light on the relation between fog and
In the IoT case, the limitations in terms of processing and com- cloud. Fog and cloud are complementary technologies and none of
puting capabilities are more pronounced. Employing cloud com- them replaces the other. The differentiation between fog and cloud
puting, in the IoT domain, is beneficial having limited storage and is meant to be in the type of required data and the speed with
computational power devices. These two revolutionary technolo- which data must be processed. Local information can be served
gies (cloud and IoT) are fundamental and complementary for the by fog nodes and global information can be served by the cloud.
future network era [98]. Different IoT functions have been pro- The short distance to end users makes the fog distributed platform
posed to be part of the cloud services such as: sensing and ac- more suitable for IoT applications while the cloud is relatively far-
tuating as a service [99], sensing cloud [100], sensing as a service ther away [123].
[101], building the environment for the Internet of Things as a ser- “Why Fog and Why Now?” delay, cognition, agility, and effi-
vice (BETaaS) [102], etc. ciency are defined to be the main reasons for the fog invocation
Another complementary aspect of cloud and IoT is the fact that [122]. Additionally, reliability, fault tolerance, and privacy are pre-
IoT calls for computation, storage, and communication resources sented to be fog related benefits [124]. Essentially, cognitive assis-
remedy due to the constrained nature of things. On the other hand, tance gives rise to distinctive services to be provided by IoT. Cog-
the cloud providers need new market domains [103]. Combining nitive assistance will be the “killer app” for mobile computing in
IoT and cloud computing brings benefits as well as challenges. Two the next decade. However, human perception is sensitive to la-
angles of convergence are presented in [104]: cloud-based and IoT- tency. To gain user satisfaction, such applications have to benefit
based. While most of the work discusses cloud-based IoT services, from fog computing emergence to deliver low latency and high-
the idea of IoT-centric approach was new. The IoT-centric cloud performance processing [125]. Additionally, other innovative appli-
aims to push cloud functionalities to IoT network edge. This is sim- cations (e.g. healthcare, smart cars, etc.) will benefit from the fog
ilar to what is called “fog computing”. However, the cloud centric computing emergence [126,127].
model presents some challenges regarding the cost of transporting However, the fog nodes distributed pattern imposes new net-
the data through the core network, the high latency, and the single working issues [128,129]. While the data is centralized at one point
point of failure (reliability). Thus, a new way to manage the data in the cloud case, the data nodes are distributed in the fog case.
is needed while keeping the cloud as a backend. Inducing ways to optimize data correlation between these nodes
is critical. Other issues are also encountered in the fog domain
such as security and privacy, provisioning and resource manage-
3.3. Fog computing/MEC/Cloudlet ment, offloading, charging and accounting, and QoS guarantees in
terms of capacity, storage, bandwidth, connectivity, and reliability
Rapid mobility patterns, high throughput, reliable sensing, re- [130–133].
liable control and actuation, very low latency, big data manage-
ment, different levels of real-time analytics, and data aggregation 3.3.2. MEC
are main IoT requirements that cannot be met concurrently by An ETSI white paper introduced its Industry Specification Group
the cloud technology [105]. Low latency, low jitter, mobility sup- (ISG) intended to create MEC specifications [134]. This initiative
port, location awareness, augmented reality, geo-distributiveness, aims at merging the IT and telecom domains to provide cloud-
and multi-tenancy applications support (IaaS) are common char- based services at the mobile network edge. In [134], sketches for
acteristics provided by edge computing in its different flavors (fog, possible MEC scenarios are presented after listing their benefits
MEC, and cloudlet) as shown in Fig. 4. and use cases. ETSI is involved in many initiatives such as: NFV,
In this context, edge cloud computing was proposed to push 3GPP, OneM2M, etc. So, it has the incentive to relate new technolo-
the data collection, processing, and analysis to the network edge gies to old ones taking advantage of mature old techniques and
[106,107]. These edges will not be very powerful nodes; they providing backward compatibility. In this context, MEC uses cases
would just complement the cloud. Essentially, edge computing is have been applied to the 3GPP mobile architecture. More recently,
about to know which data has to be analyzed at which point (i.e. MEC solutions have been proposed in the 5G domain [135–137].
which data has to stay at the edge and which data has to be Consequently, MEC is one the IoT enablers [138].
Fig. 5. Fog related technologies timeline.
MEC consists of leveraging edge nodes to enhance mobile de- was applied mainly within the datacenters. SDN provided agility
vices capabilities. The developers of mobile applications have to and flexibility in deploying and managing the needed network re-
account for screen sizes, memory capacity and processing power sources for VMs allocation. The need for SDN is more pronounced
of different devices, and they must consider the different situations in the case of distributed cloud nodes (edge computing). In this
when the processing is done locally or remotely. Handling connec- case, the interconnection and management of the distributed edge
tion (mobility management) is another issue to deal with. Addi- nodes call for the SDN manageability. Thus, SDN, NFV, and edge
tionally, while content providers can benefit from giving the MEC’s computing can together be employed to handle both IoT data and
providers insights about users’ preferences, it is critical for applica- networks.
tion developers to protect users’ anonymity and privacy. The data
synchronization and the mutual trust are the main challenges in 3.4. Cellular IoT (5G)
this case [139]. Additionally, computation offloading is one of the
main MEC challenges having processing and memory limitations The communication era has witnessed a distinctive evolution;
[140–143]. from networks handling analog voice services to fully IP-enabled
mobile networks. The first mobile generation (1G) was a revo-
3.3.3. Cloudlet lution supporting user mobility after the fixed telecom network.
Known also as follow me cloud [144], mobile micro-cloud [145], New services have emerged with newer versions. With the sec-
and mobile cloud computing (MCC), cloudlet, coined by a research ond digital mobile generation (2G), new services and applications
group at Carnegie Mellon University, is defined as a small datacen- have emerged (i.e. text messaging). However, with the third and
ter at the Internet edge [146]. fourth generations (3G and 4G), distinctive applications have ap-
In [147], the mobile edge clouds or cloudlets are considered peared (apple Siri, google glass, etc.) paving the way towards new
collocated with the base stations. The authors search to optimize mobile telecommunication epoch. Cell phones will dominate the
the service migration decision. Their approach is based on the future Internet [149]. “Horizon 2020 and beyond” is the tag of the
distance between user and base station for simplicity. The opti- upcoming new era in the telecommunication domain. 5G is not de-
mization problem is formulated using the Markov Decision Process picted to be an evolution of the previous mobile network genera-
(MDP). tions (2G/3G/4G (LTE)). It is more of a revolution that will change
Thus, the main differences between cloudlet and cloud are the our way of life. 5G is supposed to be the second industrial revo-
rapid provisioning, the fast hand-off, and the cloudlet discovery lution. Very low latency, high throughput, reliability, security, and
[148]. Additionally, cloudlets are dispersed at the network edges high mobility are the characteristics of this upcoming technology
while the cloud servers are centralized at the core. The cloudlets [150]. This revolution will enable the cellular IoT paradigm [151].
are managed in an autonomic way while the cloud is managed Main IoT requirements are to be met by this new mobile network.
in an administrative central way. The local edge nodes serve a IoT is expected to be integrated in the 5G mobile network [152].
few number of users giving them augmented reality experience The no cell communication pattern will be supported encompass-
while the cloud case connects a huge number of users [146]. While ing the Device-to-Device (D2D) direct communication reducing the
Cloudlet and MEC were conceived in the mobile domain, the fog signaling and connection time. There is an effort to integrate Ma-
computing term is used in the IoT domain. chine Type Communication (MTC) into the 3GPP mobile network
While cloud computing and edge computing are mainly in- architecture supporting essentially Human-to-Human (H2H) com-
tended for IoT data processing, storage, and management, there munication. The mobile network capacity to handle mobile wire-
is a need for new networking paradigm to manage the intercon- less communication makes it suitable for the new emerged com-
nection between the datacenters and/or edge nodes. SDN initially munication type. However, the high number of connected devices
Table 4 (forwarding routing, QoS provisioning, mobility management, and

Software defined (SD) mobile networks.
charging functions). The orchestrator is the highest level of con-
SD mobile Summary trol, it has the role of managing the cloud resources (links, storage,
SoftCell [156] Providing fine grained services placing and memory), the allocation, and the provisioning of the VMs. Ev-
SDN switches at the access points and erything as a service (XaaS) and IoT are the main profiting tech-
an SDN controller at the core network. nologies from the 5G OS conception.
SoftRAN [153] Applying SDN to the Access network Consequently, new mobile network architecture (5G) with
virtualizing the geo distributed base
emergence of new technologies such as SDN & NFV and cloud/fog
stations in one virtual big base station
allowing for better resources computing will have a major impact on enabling IoT.
management.
SoftAir [157] Separating data and control planes. In 3.5. WSN
the data plane reside the SD-RAN
(Software Defined Radio Access
Network) and the SD-CN (Software Wireless Sensor Network (WSN) is one of the utmost IoT ap-
Defined Coe Network) and in the plication domains. Being able to wirelessly collect data from sen-
control plane resides the SDN sors spread and integrated into different things is an essential IoT
controller which runs the network requirement. Also having control over these things thanks to em-
functions applications and services.
SoftNet [158] Dividing the network in two parts: the
bedded actuators is as important. So, WSN is an essential IoT en-
core network and the unified access abler. However, the wireless technology presents many challenges
network. in terms of security due to the ubiquitous network access and in
OpenRadio [159] Providing architecture consisting of two terms of QoS guarantee due to the unpredictable number of con-
planes: processing plane and decision
nections (mobility) and the environmental influence (interference).
plane aiming at defining a
programmable wireless data plane. Essentially, routing is one of the obstacles that was tackled
MobileFlow [160] Introducing the Software Defined widely in the WSN domain. However, conceiving a routing proto-
Mobile Network (SDMN) that consists col that is energy efficient, supporting load balancing, and dynami-
of two parts: MobileFlow Forwarding cally adaptable to network changes, is not a simple task in the dis-
Engine (MFFE) and MobileFlow
tributed traditional way. Centralizing the control at the master and
Controller (MFC).
CellSDN [161] Defining cell agents allocated with SDN center node levels will be beneficial in terms of both robustness
switches able to do some actions (deep and energy efficiency [162].
packet inspection, header compression, From this perspective, SDN has been essentially applied to the
etc.) and a cell operating system on top
wired networks. Indeed, there are many attempts to apply it to
of which run different applications.
the wireless networks [163]. Sensor OpenFlow [164], and SDWN
[165,166] are examples of applying OpenFlow/SDN to the WSN do-
main. The main idea is to enable SDN on the access points through
will need a new management paradigm. Overhead in terms of sig- Open vSwitch along with a centralized SDN controller [167]. This
naling and communicated data must be considered in any mobile controller has the role of managing routing, flow scheduling, and
network bearing M2M based services. interference management. Additionally, security related functions
With the proliferation of smart mobile phones and the dense are assigned to this central controller.
access to the access nodes, a new paradigm for managing radio
access network is needed. The old way adopted in mobile network 4. Standardization
relies on distributed RAN management. However, the distributive-
ness has its limitation with high density, high scalability, and low 4.1. IoT standardization
latency requirements. Migrating the control to a centralized en-
tity with a global view of multiple cells will handle better the Standardization is key to achieve any new technology’s wide
handover management, power allocation, and interference man- adoption. Having disjoint platforms, architectures and protocols
agement. Nevertheless, the decision on downlink allocation per re- undermine their utility. A standardized IoT architecture is key for
source block can be given to the local RAN control unit [153]. In the IoT wide deployment in addition to the standardization at the
this context, applying SDN to the telecom domain has been con- communication level [168]. The TCP/IP standard was the enabler of
sidered as shown in [154]. Table 4 summarizes the most relevant the Internet revolution. Revisiting its architecture, we found that
work done to apply SDN in the mobile network domain. most of its protocols at different layers are not designed for the
In [155], there is a proposal for a generalized architecture for IoT case. The “things” in IoT might be constrained devices, so the
mobile networks integrating SDN & NFV. Applying SDN in mobile power consumption at different layers must be taken into consid-
networks is constrained by the ability of this technology to provide eration [169]. Additionally, the IP protocol itself is overwhelmed by
a clear path of migration (support co-existence of different gen- the big number of connected things (already IPv4 addresses pool
erations), security, QoS monitoring, service provisioning, and cost has been exhausted). In addition, the security related protocols, al-
reduction. The main functions to be softwarized are mainly the ready not widely adopted in the current Internet network due to
mobile network control functions, i.e., MME, HSS, PCRF, and S/P- their expensive cost (overhead), must be revisited as well.
GW. Additional functions include transport, load balancing, secu- Under the IETF guidance, several working groups (WGs) have
rity, policy, charging, monitoring, and QoE or resource optimiza- been established in the aim of standardizing new IoT protocols or
tion. adapting the existing TCP/IP protocol stack to be suitable for IoT
Recently, a 5G operating system (OS) consisting of three levels (Fig. 6). CoAP, a lightweight HTTP version and CoRE, which is based
of control, device controller, edge controller, and orchestrator con- on the REST web technology for constrained IoT devices, are ap-
troller, was proposed in [150]. The device controller encapsulates plication layer protocols. DTLS is a security transport layer pro-
certain level of intelligence at the device level (machine learn- tocol suitable for constrained devices (running over UDP). Under
ing). However, due to the constrained power conditions, this de- the RoLL (Routing over Low power and Lossy networks) WG, the
vice might call for higher level of control to optimize its power IPv6 Routing protocol for Low power and Lossy Networks (RPL) has
resources. The edge controller is responsible for L2–L3 functions been developed. In a parallel effort, IEEE has developed the IEEE
5. IoT security and privacy: an engineering perspective
The security and privacy issues hinder the IoT realization. Al-
though, some of the IoT security breaches/vulnerabilities are com-
mon with the current Internet network [172], IoT presents new se-
curity concerns that make it the “Internet of Vulnerabilities” [173].
Some analysts argue that the security concerns in IoT outweigh its
benefits. DY intruder, DoS/DDoS, physical attacks, privacy attacks,
eavesdropping, data mining, and traffic analysis are primary IoT at-
tacks [174]. Additionally, new types of attacks related to the con-
strained things characteristics (low power, low processing, etc.) are
IoT specific [175]. Such constraints expose devices to new type of
attacks (running out of power, running out of memory, etc.) [176].
Thus, there is a need to propose security solutions that limit the
effects of these attacks [177].
In this section, we will review the work done in the IoT security
Fig. 6. IoT Protocol stack. domain. four main security aspects are considered: identity man-
agement, authentication, access control, and trustworthiness and
privacy. At the end of this section, we will show how SDN/NFV
802.15.4, which covers the physical and MAC layers of the TCP/IP (SDNv2) can be employed to overcome the security challenges in
stack. The Bluetooth Low Energy (BLE), is another radio communi- IoT and how it serves in the development of a security embedded
cation standard based on IEEE 802.15.1; it is characterized by its architectural solution for IoT.
low energy and fair data rate, which makes it suitable for some of
the IoT applications [170]. The ZigBee alliance builds on top of the 5.1. Identity management
IEEE 802.15.4 its own architecture for low power communication
network. Practically, what we refer to as being thing identities in IoT, are
However, integrating these protocols in the current Internet in- precisely things identifiers; the identities are more subject-related
frastructure will not help in overcoming the cited IoT challenges. characteristics (in analogy with the human being case, the identity
Perhaps, they will add complexity in terms of management and is the name, last name, birthday, etc.). Usually, in the online sys-
protocols interoperability. Furthermore, The IoT challenges need to tems, we employ identifiers that are a set of uniquely identifiable
be considered profoundly and correspondent solutions must be en- strings [178,179].
gineered harmoniously in one IoT architecture. As mentioned before, heterogeneity is one of the IoT challenges.
One aspect of this heterogeneity is the presence of different iden-
4.2. SDN and NFV standardization tity schemes in the IoT domain. Device identification is straight-
forward with RFID; it is performed via the Electronic Product Code
The standardization efforts in the SDN and NFV domains are not (EPC) scheme, which can distinctively recognize “things” from their
conducted by a single entity. However, many Standards-Developing tags [180]. In ZigBee, devices are identified by their network ad-
Organizations (SDOs), industry consortium, and open development dress, a 16-bit local unique identifier within one ZigBee network.
organizations have participated in developing SDN and NFV related ZigBee also assigns identities to networks via the Personal Area
standards. The Internet Society (ISOC) has two working groups: Network Identifier (PAN ID) and the Extended PAN ID(EPID), which
IETF and IRTF, that are working on SDN related standards. Inter- are used to refine the identification process [181]. In Bluetooth,
face to routing systems (I2RS) and service function chaining are devices possess unique UUID identities that are hardcoded into
two groups under the IFTF organization that are working on SDN them at manufacturing. The UUID relate to the Device Identifica-
related specifications. Additionally, IRTF has published an RFC ti- tion (DI) service record, and a device can have many DIs if it as-
tled “Software-Defined Networking (SDN): Layers and Architecture sumes many logical functions. In Wi-Fi (IEEE 802.11), device iden-
Terminology” (RFC 7426, January 2015) [80]. The ITU-T has four tification is based on a shared network identifier (SSID) at the ac-
groups (SG11, SG13, SG15, SG16) working on SDN related projects. cess point level on one hand, and on the unique MAC address of
Additionally, ETSI was the leader in proposing an NFV standardized the station on the other. As for UMTS, identification is based on
architecture. Other open development initiatives like OpenDaylight the User Services Identity Module, which contains the permanent
(under the Linux foundation directory) and Open Platform for NFV user’s identity (IMSI) and the temporary identifier (TMSI). Finally,
(OPNFV) are working on open standards and open source projects in WSN, device identification shifts from being device ID centric
that are designed to play an essential role in the business domain to data content identification. The nodes may no longer be identi-
[171]. fied by their own IDs, but through the data they possess or require.
This scheme is referred to as content-based names/addresses [182].
4.3. Edge computing standardization In the Internet, the devices are identified by their IP address (IPv4
or IPv6). In the telecommunication domain, the user equipment is
The Multi-access Edge Computing (MEC) initiative is an In- identified by its embedded IMSI code, and the user has a phone
dustry Specification Group (ISG) within ETSI that is working on number. A summary of the most known device identity schemes is
MEC standardization. This initiative aims at developing MEC re- presented in Table 5.
lated specifications mainly the mobile network domain. Doing so, Therefore, having a unified identity scheme is critical to over-
it works to unite the telecom and IT-cloud efforts to enable new come the identity fragmentation in these vertical silos of networks.
applications at the RAN level. On the other hand, the OpenFog IPv6 is argued to be the most suitable solution for identification.
consortium, founded by high tech companies and academic insti- IPv6 based protocols such GloWBAL, 6LoWPAN, IPsec, and MIPv6
tutions (Cisco Systems, Intel, Microsoft, Princeton University, Dell, are proposed as solutions to the power related and mobility chal-
ARM Holdings), aims at creating a reference architecture to apply lenges. Though IP has been the Internet oxygen, it is not obvious
fog in the IoT domain. that IPv6 will have the same role in the IoT domain. Already, IPv4
Table 5 themselves directly and not through a gateway. The scheme was
Device identity schemes.
presented in a wireless sensor network context, where most of the
Domain of use Description nodes are of low performance and only few of them are gateway
IPv4 Internet 32 bits nodes (GWNs) with higher memory and capacity. The GWNs store
IPv6 Internet 128 bits IDs and keys of all other WSN nodes, and shared keys with users
IMSI Mobile Network 15 digits equipped with some sort of a smart card. The authentication step
Mac Address Internet 64 bits is launched only after the user logs-in and it requests a connec-
Bluetooth Address Bluetooth Network 48 bits
tion to the node directly. The two parties then share a secret key
RFID-EPC RFID tags XML
ZigBee-PAN ID ZigBee Network 16 bits for subsequent exchanges. Mutual authentication for all three par-
OneM2M identity M2M Network URL ties is needed in order to safeguard the key exchange session. This
scheme is a lightweight yet robust scheme; the authors prove that
it provides mutual authentication and key agreement, and secu-
has been depleted and IPv6 adoption is still encumbered in the rity of all passwords. However, the GWNs are required to store IDs
current Internet. Benefiting from the IP established protocols is key, and passwords of all WSN nodes and all users, which constitutes a
but we might need to apply new architectural designs and man- scalability issue for the method, especially that the GWNs are rel-
agement paradigms [183,184]. atively limited in performance and memory.
In [185], Zhi-Kai Zhang presents a new IoT naming scheme, In [191], a permit code authentication method is proposed. This
proceeding from the IoT ITU definition that is based on the abil- method is lightweight and can be applied to constrained devices.
ity to connect anything, at any time, from anywhere. There is a In [192], a novel continuous authentication scheme is proposed.
proposition of a property-aware name service (PNS). PNS mixes This scheme uses a public key scheme due to its efficiency in terms
the “what”, “where”, and “when” aspects of the IoT ITU defini- of scalability and memory use despite its computational overhead.
tion in the object name conception. The object name provided con- The public keys are used to generate symmetric keys used as au-
sists of two parts: object name and object location (NV.Obj_Name:: thentication token. The main concept that the proposed scheme
LV.Obj_Location), both containing time stamp information. This introduced is the time factor. So, the generated key is a function
scheme needs name resolution and location resolution servers of time and the two invoked parties can communicate over a cer-
(NRS and LRS), which resembles DNS. The NV and LV parts which tain period without having to pass into the authentication phase
provide time-validity checking are compared to the DNSSEC proto- at each time they want to send/receive messages in a short time,
col for name based authentication mechanism. The overhead and which will reduce the overhead in terms of processing, delay and
delay added by the DNSSEC certificates queries make it unsuitable bandwidth consumption.
for real-time object name and location resolution. Besides the pro- In [193], there is a proposition of an authentication scheme
posed scheme presents flexibility and interoperability and authen- which relies on an asymmetric authentication method. The ECC
tication facilities. In [186], there is a focus on the relation between algorithm is chosen to generate the private/public keys. In this
things and users (owners). Therefore, upon connecting to certain method, things have their keys generated at the certificate author-
device, you have to be permitted by the devices’ owner. In this ity (CA) via a secure channel, which is impossible in the ubiquitous
case, the identity of the thing is related to its owner’s identity. IoT network access. The node has to know the public key of each
Friese et al. in [187] introduce the Kantara initiative’s IDentities node that it wants to communicate with, and a combination of the
of Things (IDoT) discussion group. The discussion group’s mission other node public key, its private key, and a random nonce are ex-
is to identify and analyze the main things identity related issues changed to do mutual authentication.
and to report the existing platforms used or proposed in this con- Kalra et al. introduced a new feature to cloud server/devices
text. The authors claim that the name-based scheme (DNS) is not mutual authentication that relies on HTTP cookies and ECC. The
suitable to the IoT case. Regarding the authentication, they stress protocol is divided into 3 steps. The first step is the registration,
the importance of context-based authentication and concerning where devices subscribe to the server in the cloud by sending their
the authorization, they introduce the user-managed access proto- unique identifier. The server would have chosen an elliptic curve,
col (UMA) on top of the access control framework OAuth. a point G on that curve and a private key. When it receives the
The work done in [188] presents an IoT architecture and identifier, it computes a cookie that is a hash of the unique identi-
includes the most important technologies used at each level. fier and the server’s private key, encrypts it using ECC and sends it
OpenIDM is proposed for identity management, OpenAM for au- to the device. Whenever a device wants to connect to the server,
thentication management, OpenIG for authorization and OpenDG it sends a hash of the cookie, used by the server to authenticate
for data accessibility. JSON, REST, OAuth2, LWM2M, DTLS, JS are the device. The server then sends a security parameter to authen-
some of the proposed technologies referred to in this work. ticate itself to the device in order to establish the connection. Con-
sequently, they decide on a secret key to be used to encrypt sub-
5.2. Authentication sequent message exchanges. This is a new technique that relies on
cookies and that is independent of device type. However, all de-
Authentication consists of exchanging identity based informa- vices need to support TCP/IP protocol and HTTP. Furthermore, the
tion (or credentials) between two parties to confirm the identity secret key is simply XOR-ed with the messages to encrypt them,
authenticity. This service is intended to prevent masquerade and which is a weak and breakable encryption technique [194].
identity spoofing. Cryptography based methods have been estab- The RFID technology motivated Kevin Ashton, the British en-
lished to perform authentication (one way and mutual authentica- gineer at MIT lab, to launch the Internet of Things term. How-
tion). However, strong authentication schemes invoke complicated ever, this technology does not provide any kind of authentication
cryptographic operations being computationally expensive. Apply- and presents many security vulnerabilities. Many authentication
ing these methods in the IoT domain encompassing a huge set of schemes have been proposed as shown in [195]. The ECC is cho-
constrained devices is critical [189]. Some work has considered the sen for being the most convenient one. This paper surveys the
emergence of IoT gateways able to handle the computational oper- RFID based authentication schemes in IoT in the aim of identi-
ations instead of the devices. fying the best schemes for healthcare environments. The authors
In [190], Turkavonic et al. introduce a different perspective compared the performance and the security robustness of differ-
of IoT authentication, where the user and the node authenticate ent authentication schemes in the literature. The comparison was
done using elliptic curves over F (2163) for key generation. Results same party might have security issues. The proposed scheme tries
showed that all the studied schemes are prone to many attacks. to separate data and encryption keys. This method provides high
However, three proposals [196–198] were judged to meet the min- security. The need to have smart cards makes this method imprac-
imum requirements for healthcare IoT applications. The lack of se- tical.
curity problem in the RFID domain is tackled in [199]. The EPC The authors in [204] present a dynamic adaptive authentication
code which is widely used in IoT and which is embedded in low scheme for IoT (DAoT). This scheme switches between key estab-
power and constrained devices, does not use any cryptographic lishment (KE), message authentication code and the TLS handshake
method, and codes are transmitted in plain text which exposes the based on the energy level of the constrained device. This scheme
authentication process to counterfeit attacks. A lightweight pass- allows energy saving. An evaluation of the effectiveness of the pro-
word generation based on XoR is proposed giving some level of posed scheme is done using the Crypto++, a TestCrypt benchmark
security. The RFID technology proved to be efficient in IoT concern- tool. The energy consumption is measured using an energy cost
ing object tagging and identification; especially that it supports all model that gives an estimation of the energy cost of each cycle.
types of objects. Although it offers an edge to IoT, it suffers from The results show that ideal amount of energy cost savings by DAoT.
many drawbacks, most importantly the lack of security. Aggarwal And even if the state of devices changes, DAoT can adjust the cost
et al. study this issue in [20], showing advantages and disadvan- gap in stabilized state by feedback control scheme. Dynamic adap-
tages of RFID, and propose an improved RFID scheme for IoT. Their tation of the authentication method to the energy level of the de-
method performs authentication at the tag level. The reader sends vice.
its ID XOR-ed with a 128-bit random number R and then shifted The architecture proposed in [205] lacks the autonomy of
by the weight of R. The tag used the received value to recover R, things, which is a main concept in the Internet of Things. Bai et al.
apply transformation on it and XOR it with its ID. The resulting revisit the issue of the integration of IoT in Cloud computing, in the
value is sent via the reader to the backbone server that is able to aim of providing data online that can be accessed anywhere at any
authenticate the tag by recovering it from the received value and time. The architecture is composed of three islands connected via
comparing it to the stored ID. A system is as strong as its weakest MPLs tunnels. The first island consists of users; IoT enabled smart
link. Therefore, in order to ensure a secure IoT network with RFID, card (ISC) per user, and readers. The ISC assigns a unique iden-
security should be enforced even on the tag reading level. Further- tifier to each user and transmits data to readers periodically. The
more, the authors show that the scheme is resistant to many at- information collected by the readers is relayed to a smart gateway
tacks such as replay and disclosure [200]. that filters data and sends it to the authentication island. The lat-
Shivraj et al. review different techniques used for IoT authen- ter is in charge of verifying the identity of users and integrity of
tication. They also set forward their own authentication process data. The authors use X.509 version 3 certificates based on ECC to
that relies on the One Time Password (OTP) technique developed achieve authentication at four levels: user’s authentication, mobile
with Elliptic Curves Cryptography (ECC). In their design, a PKG unit device authentication, smart card and cloud server authentication.
holds the IDs of all devices and applications in the network. At this When authentication is complete, data is sent to the cloud server
stage, nodes acquire their public Keys from PKG and compute their and stored in the cloud. This technique works with different IoT
respective private keys. When a connection is to be established be- applications and devices and overcomes the protocol/vendor spe-
tween an application and a device, the latter sends the ID of the cific limitations. Furthermore, the different levels of authentication
node they wish to connect to the PKG. The PK automatically gen- provide a robust security design. The ISC card is attached to users,
erates the corresponding private key out of which it computes a however, this scheme might not scale if identities were given to all
one-time key. This key is sent to both nodes, which validate the things [205].
connection by comparing the key with each other. The scheme was In [206], Sungchul et al. propose an authentication scheme for
shown to be more efficient than other existing methods when it RESTful web services in the IoT. This approach considers that each
comes to the size of the key and the security robustness. The KDC IoT object is presented by a unique URI. The REST being state-
does not store Private and Public keys of devices, it only stores less presents some issues at the authentication level. The proposed
their IDs. Consequently, hacking the KDC does not incur compro- method utilizes the ID-based encryption.
mising the keys of all devices in the network. However, the OTP A comparison of the most used authentication methods: pass-
adds computational overhead since the KDC is required to com- word, token, smart card and biometric is done in [207]. The com-
pute a new one-time key every time a new connection between parison shows that although the biometric based one is the most
devices and applications is to be created [201]. secure one to authenticate human beings, it lacks applicability in
The authors in [202] combined IoT concept with the Federated the IoT domain. The smart card based method is the second se-
Identity and Access Management (FIAM) technique to address de- cure one to authenticate its owner based on different applications.
vice authentication. The method was inspired from the web. It is Then, the token-based authentication scheme is more secure than
composed of four agents: the device or the thing that was im- the password based one that is considered as the least secure one.
plemented with Arduino, the authorization server implemented in The authors stated that there is a need to investigate the impact
WSO2 that allows the creation of users and OAuth applications, and the challenges in adopting any of the existing authentication
the authorization tool to enable timely access, and the MQTT unit schemes in the IoT domain. Table 6 summarizes the advantages
that supports plugins for authorization services. In this scheme, the and disadvantages of these methods.
nodes and the MQTT unit verify each other via the OAuth plat-
form. The proposed framework is a compilation of many existing 5.3. Access control
standards. This system is built with specialized components, which
makes it more robust and secure. However, integrating these com- Access control is a very critical part of the IoT security scheme.
ponents might be problematic, which is why the authors faced Guaranteeing authorized access to the collected data is an impor-
many concerns during implementation. tant task. Access control was mainly tackled in the web of things
The work done in [203] approaches the two-steps authentica- context [208]. Frameworks such as: OAuth [209], Shiro [210], and
tion scheme used in today’s business transactions. Instead of using LDAP [211] have been proposed to manage the things roles descrip-
a verification code sent to the mobile phone, the authors propose tion and access rights. Access management in IoT is a strongly re-
the use of a smart card for generating keys on the devices directly. lated task to the identity management one. Having a unique iden-
Having credentials and keys at the same place and issued by the tity, the thing can be granted access to the appropriate resources.
Table 6
Authentication schemes.
Authentication scheme Advantages Disadvantages
Public/Private Keys Scalability Complexity and computing overhead

Symmetric Key Simplicity where same key is used for en/decryption Scalability
Biometric Simplicity Availability and applicability
Identity Card Robustness Scalability
Passwords Simplicity Scalability and maintainability
Thus, the gateway layer in the IoT architecture will play a key role
in the identity and access management process [212].
However, the high scalability of the IoT network makes the dis-
cretionary access control (DAC) configured per user or device used
in today’s web based applications not suitable to the IoT case. This
calls for alternative scalable solutions. Mandatory access control
(MAC) which was used in Operating system domains can be ap-
plied with the SDN integration in the IoT domain.
5.4. Privacy and trustworthiness
Privacy, a term related to Personal Identifiable Information (PII),

is the ability to decide who can see our private data. Having our
private assets connected to the Internet, privacy is a very impor-
tant requirement in the IoT case. On the other hand, trustworthi-
ness is a measure of how much a service or communicated data
can be trusted. Having constrained devices prone to diverse attacks
and third-party applications, a trustworthiness model is needed to
Fig. 7. SDN & NFV security benefits.
protect our devices and data from a malicious exploitation.
In [213], a model, that relates trustworthiness to privacy, is pro-
Additionally, due to the virtualization integration, the isolation
posed. This formal model can be used in an automated security
of flows become seamless. Therefore, the identity management on
framework to evaluate trustworthiness and guarantee the data pri-
top of the heterogeneous identity islands needs a decision central-
vacy. In the RERUM consortium report [214], a model of the trust-
ization guaranteeing the uniqueness of control. The authentication
worthiness of IoT services is proposed. This model relies on a mea-
function was traditionally accompanied with central entities (PKI
sure of reputation that helps in deciding if we can rely on certain
Servers, CAs, etc.) providing keys, authentication certificates, and
service or not. The logs of the trustworthiness level can be used
related security services. The access control task is also accompa-
for notification in case of drastic changes (e.g. attack). In [215,216],
nied with central authority managing the access permissions and
Nitti et al. consider the social Internet of things. In this case, the
roles. Above and beyond, SDN provides flexibility and agility in
data provided by the users are considered as services that need to
configuring and modifying security rules which makes this net-
be trusted. Thus, their model consists of measuring the trustwor-
work evolvable and updatable. Dynamicity of the IoT applications
thiness of the users by asking their friends. The distributed evalu-
and services call for easily configurable security rules and policies
ation framework is shown to be able to isolate malicious peers. In
[227].
[217], a reference architecture for improving security and privacy
Indeed, as summarized in Fig. 7, SDN and NFV bring novel ben-
of IoT applications is proposed. The authors consider the IoT ap-
efits to the network security domain and especially in the IoT large
plications as being the entities that need to be trusted by the IoT
scale network case. Having a global view of the network with pe-
devices and thus an evaluation of the users’ rating for these apps
riodically collected statistics, the SDN controller can detect abnor-
is presented.
mal behaviors and isolate the concerned flows or nodes thanks
to the virtualization techniques. Moreover, SDN presents flexibility
5.5. SDN and NFV based security for IoT and dynamicity in configuring the corresponding rules at the data
plane level. Additionally, the network functions are softwarized
SDN presents some security issues due to some of its charac- and thus intelligence can be easily implemented at the controller
teristics such as the centralization one that makes it vulnerable level for intrusion detection. Therefore, having multiple applica-
to DoS attack per example [218]. However, its improvements in tions that might modify the data plane rules, verification of rules’
terms of providing an architectural based security solution over- consistency can be implemented to avoid network error.
weight its disadvantages [219]. SDN provides a global view of the
network thanks to the control centralization and thus the mon- 5.6. Challenges
itoring and consistency verification tasks become straightforward
ones. Furthermore, the mitigation of some attacks (e.g. DoS, DDoS, Applying SDN and virtualization in IoT brings its own security
etc.) become easier [220–223]. Thus, flow-based security schemes concerns: concerns about device bootstrapping, identity manage-
can be implemented dynamically at the network edge [224,225]. ment, key management, and authorization. Device bootstrapping
In [226], the first network access control (NAC) using SDN and key management should be standardized in the future to pro-
through the use of multiple flow tables in the OpenFlow v1.3 provide a common management interface to facilitate secure device
tocol is proposed. It is shown that there is a reduction of 72% configuration, thus enabling large-scale IoT deployment [228].
in terms of packets exchange compared to the captive portal ap- After revising the work done in the IoT security domain, we
proach and up to 80% reduction in terms of authentication delay. found that most of the work presents limitations. The proposed
IoT architectures lack the integrated approach to security. Adding

security solutions after the fact will be costly and has historically
proven ineffective. Therefore, the high IoT scalability demands au-
tomated security solutions [229–231].
No matter how robust are added security measures, a secure
infrastructure is a prerequisite. The underlying IP based infrastruc-
ture is by itself vulnerable, starting from the IP spoofing attack
to more significant vulnerabilities [232]. In this context, applying
SDN and NFV can alleviate several of the IoT security challenges.
However, as SDN brings benefits in terms of security management,
it poses new security challenges. The centralization of the intel-
ligence, at the controller level, makes the SDN controller a sin-
gle point of failure. Particularly, if the controller is hijacked, the
attacker gains control of the network. Moreover, the controller is
prone to DDoS attack where the switches can be maliciously pro-
grammed to flood the controller with OpenFlow packet-in mes- Fig. 8. Fog tiered architecture.
sages. On the other hand, the switches can also be hijacked, and
thus inconsistent rules can be added compromising the network Thus, the principles to build an IoT cloud system are summa-
availability. Additionally, SDN allows third party applications which rized in seven points in [247]: enabling virtualization, enabling
makes the network prone to malicious application attacks. Thus, emulation and simulation of IoT units, enabling monitoring, dy-
unauthenticated applications and northbound interfaces can em- namic provisioning, enabling softwarization, providing software-
ploy the controller to compromise the network consistency and defined elasticity, and providing elasticity at the different levels.
availability [233]. The proposed software-defined machine (SDM) consists of three
hardware and software layers: vertical domain application and
6. IoT Big Data: a management perspective middleware, general purpose OS, and hardware layer. To meet
these requirements, new cloud management means have to be in-
It is not about “things”; it is about data. Effectively, the IoT introduced. SDN, which will be revisited in detail as an enabler tech-
novative value lays on a collected data foundation [234]. The IoT nology for IoT in Section 7, has retrieved its precious management
“Big Data” is about 3 V’s: Volume, Variety, and Value [235,236]. role in the datacenter and cloud domains [248].
To an extent, we can say that there is no IoT without the sense of Software defined units are proposed to be the base of an IoT
data. It is not about the size of collected/generated data; it is more cloud system. Integrating SDN in a cloud system provides elas-
about the diversity, heterogeneity, dispersity of this data. Having ticity, dynamicity, automated provisioning, policy-based configura-
the data shared between different entities poses security and pri- tion, fine-grained resource consumption, self-service model, and
vacy concerns [237,238]. API encapsulation of IoT resources and capabilities. The main com-
Handling the IoT “Big Data” in a global IoT architecture is ev- ponent is the IoT unit encapsulating functional (storage, computa-
ident. In this context, the integration of data interoperability in a tion, communication) and non-functional (security, configuration,
general IoT architecture is key [239]. Managing this data calls for quality) aspects. These fine-grained and modular units compose
advanced data technologies. Cloud computing related aspects are more complex components on demand [249]. In [250], SDN is
expected to play an essential role in this context [239]. Addition- shown to enable processing of the IoT data at the network level.
ally, SDN is expected to improve IoT big data applications [240]. Consequently, the number of packets sent over Internet to the
cloud decrease.
Cloud networking and cloud inter-networking with interop-
6.1. Cloud computing based IoT solutions
erability across different providers and platforms are provided
through an overlay layer of federation management. OpenDOVE is
Different cloud-based IoT architectures have been proposed in
used as a cloud orchestrator in [251]. Thus, open source cloud net-
the literature. A typical cloud based IoT architecture is proposed in
working tools such as OpenStack, OpenDaylight, and Open vSwitch
[241]. This architecture consists of three layers: the sensor layer,
are used to manage cloud systems [252].
the cloud central layer, and the application layer. A sensor bridge
connects the sensors to the cloud. An IoT framework is proposed
in [242]. This framework consists of three layers: device layer, cen- 6.2. Fog computing/MEC/Cloudlet based IoT solutions
tral hub layer and cloud layer. Essentially, the device has two prin-
cipal parts: the micro-controller (i.e. Raspberry Pi, Arduino) and The distributed set of mobile devices impose a geo-distributed
the communication component which allows its connection to the set of data. Additionally, the IoT high scale makes the centraliza-
network. The central hub layer presents a kind of gateway that is tion of data a critical mission. Consequently, a distributed set of
a middle point between devices and cloud layer. The cloud layer fog nodes is required.
consists of three subcomponents: web server, web application and The proposed fog model in [253] follows the fog tier architec-
database. In [243], the authors consider IMS (IP Multimedia Sub- ture design (presented in Fig. 8) adding the notion of IaaS interface
system) as being the solution to integrate IoT and cloud. Their pro- between cloud and fog and defining a PaaS programming model
posed architecture consists of three layers: The IoT device layer, the for the fog layer. The proposed model separates or differentiates
IMS core network, and the cloud layer. Most of the needed services logical and physical entities. The fog applications are not deployed
(Naming, communication, management, etc.) are supported by IMS. at the fog nodes, despite the mobile fog application is an ensem-
Mobile Cloud Computing is principally introduced to overcome the ble of processes running on the computing nodes in cloud, fog
mobile devices incapability in terms of storage and computation or end devices. The application design consists principally of APIs
[244,245]. Mobile cloud computing an integration of mobile and and events handlers supporting the main fog functions (receiving,
cloud computing domains. It is a platform where both storage and sending messages/notifications).
processing are leveraged to a third party the cloud outside the mo- The authors in [254] shed the light on some heterogeneous
bile phone [246]. use cases that call for the fog computing application. The authors
choose different use cases where fog nodes characteristics (e.g.

mobility) are different. The authors add a new dimension to the
big data Vs, the geo-distribution one that calls for fog integration.
In this context, a high-level fog software architecture is described.
This platform consists of four components: the devices, the ab-
straction layer, the orchestration layer (sense, analyze, plan and ex-
ecute) and a northbound APIs that connect the orchestration layer
to the application layer.
The integration of fog and cloud is proposed in [255,256]. The
proposed IoT fog-based architecture consists of: analytics layer, vir-
tualization layer, reconfiguration layer, and hardware layer. The fog
nodes can be reconfigured to meet the different applications re-
quirements.
Therefore, SDN, presenting management facilities, can be em-
ployed to deploy fog/MEC/cloudlet nodes [257–260]. In [261], a
software defined fog node based distributed blockchain cloud ar-
chitecture for IoT is proposed. The presented architecture aims
at implementing distributed security scheme at the network edge
level. In [262], a software defined fog-based architecture is pro-
posed. Similarly, virtualization helps in facilitating the deployment
of the fog nodes [263–265].
6.3. Challenges
The cloud-related solutions handle the IoT Big Data manage-

Fig. 9. IoT gateway Function.
ment (storage, processing, and analysis). However, the IoT data
need to be contextually analyzed to extract useful insights from
this data. Consequently, data from different cloud/edge nodes need of Things as a service) is presented in [271]. The authors try to
to be collected for this aim. While SDN can be employed for in- employ virtualization on top of the BETaaS gateways, so each VM
terconnecting the datacenters and the edge nodes, the intercon- can run certain applications. However, the need for high processing
nection of the data nodes needs special protocols and networking computations cannot be met by the edge nodes presenting power
paradigm (e.g. Information Centric Network (ICN)). and computing resources limitations. Therefore, the migration to
Furthermore, the fact that data need to be stored at different the cloud is necessary for certain complicated tasks. Benefits of
locations, the decision where to put which data needs to imple- edge mining reducing the traffic between edge and core are pre-
ment intelligence at the application level. Moreover, the security sented in [272]. Data trimming is one of the Cloud of Things (CoT)
of the communicated data and the management of the access con- challenges. In [273,274], a smart gateway functional architecture is
trol to this data is a challenge that needs to be considered in any presented. Main tasks of this smart gateway are: collecting, prepro-
cloud/edge-based solution. cessing, filtering and reconstructing data into more valuable one,
uploading only necessary data to the cloud, tracking IoT objects
7. IoT heterogeneity: a middleware perspective and sensors’ activities, tracking IoT power constrained nodes en-
ergy consumption, security and privacy of the data, and overall ser-
7.1. IoT gateway vices monitoring and management [275].
Use of mobile phones as IoT gateways having the capability of
Owing to the massive heterogeneity in the IoT domain and the transferring the data over wide area networks has been proposed
presence of vertically integrated domains and applications, the call in the literature [276,277]. In [278], Datta et al. have proposed a
for a gateway layer is crucial [266]. Thus, the IoT gateway has gateway having the role of translating the data requests/replies col-
to perform multiple functions such as: protocols translation (NAT- lected from the sensors and transmitted to the mobile applications.
ing [267]), service chaining, security related functions (firewall, au- The access to data can be done in two ways: polling request to the
thentication, access control, etc.), data mining, QoS management, gateway or registering to the gateway for notifications. The gate-
mobility and handover management, and routing and forwarding way is mounted on a Google Application Engine (GAE). The user is
packets (Fig. 9) [268]. presented by its mobile application profile. Thus, the gateway func-
In [269], Datta et al. propose a OneM2M based IoT gate- tionalities, the scalability concerns, and the security issues have to
way. This gateway consists of a OneM2M middle node perform- be considered extensively. In [279], Datta et al. have proposed a
ing mainly three functions: data analysis, resources discovery, and mobile application to Connect and Control Things (CCT). This ap-
device management. The authors propose a fog computing archi- plication uses the mobile phone to connect and control M2M de-
tecture based on the OneM2M standard. The vehicular networks vices through a gateway. This gateway translates the different tech-
use case is shown as a direct application, where the gateways are nologies. The authors deploy the proposed application on a GAE
fog enabled and deployed on the Road Side Units (RSUs) providing where the messages are transported via HTTP. Future extension to
the consumer centric services such as data analytics and seman- support other messaging protocols is necessary. These messages
tics, and vehicles discovery and management. Besides, the IoT gate- contain SenML (Sensor Markup Language) based data. An SenML
way plays an initial role providing services and resources discovery. extension to support actuation messages is proposed. The SenML
The Distributed Hash Table (DHT) and Distributed Geographic Ta- [280] is an ongoing standardization work that defines a standard
ble (DGT) algorithms employed in the P2P networks are used to format of the sensor measurements.
discover neighbors and services in [270]. Applying cloud/fog com- However, closeness and hardware dependence limit the gate-
puting paradigm to the gateway layer is key to handle data re- way’s capability to support dynamic IoT network features. Virtu-
lated services. BETaaS (Building the Environment for the Internet alization migration from the ICT world to the network domain
will have an impact on the networking functions deployment and providing data without caring about devices ’identity. IoT-A,
[281]. Now, the current IP packets are processed by multiple mid- SENSEI, FI-WARE, BETaaS, IoT6, etc.: all these projects aim to pro-
dle boxes (e.g. load balancer, firewalls, etc.), if special forward- vide IoT cloud based architectures where the main scope is the
ing paradigm has to take place. However, the middle boxes closed data (data-centric). However, in [100], the purpose is to provide
infrastructure incur complicated management and configuration or deploy sensing and actuating cloud services. So, the user can
tasks. SDN & NFV are coming to hide these complexities making provision services despite of asking for data (service-centric).
the networking functions software based tasks, that can be de- Table 7 shows the different approaches used in conceiving an
ployed anywhere and on any hardware. Thus, the management IoT middle ware. These approaches can be categorized in four
and configuration tasks become easier and maintainable [282]. IoT types: device centric (where the focus is on the device itself, so
gateways, meant to be deployed in big numbers, have to benefit it has its own identity), user centric (where the device identity is
from the SDN & NFV paradigm to be easily manageable. Intelli- related to the owner identity), data centric (where the data has to
gence and service chaining are other features acquired integrating be identified), and service centric (where everything is served as
SDN & NFV in the IoT gateway layer. The smart IoT gateways have a service (XaaS)). Each of these approaches has its advantages and
to perform networking and data related functions. The integration disadvantages.
of all functions in hyper-convergent smart boxes with SDN & NFV
and cloud integration is proposed in [283]. Open vSwitch is pro- 7.2. Challenges
posed as being an intelligent edge in [284]. The proposition of an
intelligent gateway is done in [285,286]. An extended MQTT queu- Applying SDN and NFV to design an IoT gateway presents many
ing method is integrated into this gateway to support an enhanced advantages: programmability, management flexibility, configurabil-
QoS management mechanism. ity, etc. However, being controlled by an SDN controller, the gate-
With the introduction of these revolutionary technologies, ser- way needs to communicate with the controller to populate its for-
vice chaining becomes a straightforward task [287]. Dynamic net- warding table which makes the controller a single point of fail-
work service chaining built on top of software-defined edges is ure. In case of connection failure, the gateway cannot operate in
tackled in [288]. These edges are deployed in a datacenter as soft- standalone mode for an extended period of time while maintaining
ware engines running on virtual machines. An emulation is done correctness of the rules. This hints at the need for hybrid gateways
using Mininet as proof of concept; Pox (SDN controller) is used to that can operate in two modes (SDN and/or non SDN).
configure the switches/routers edge nodes with the correspondent Furthermore, employing cloud/edge computing techniques for
rules. In this setup, the authors use hybrid switches which support data management at the gateway level pose new challenges.
both SDN and legacy network functionalities. The data distributiveness calls for new data-based networking
In [289], an edge-computing platform for IoT gateways, called paradigm. Taking the decision of which data need to be processed
Paradrop, is presented. This platform is characterized by the dy- and analyzed at the gateway level and which need to be trans-
namicity, the management through OpenFlow, the supported APIs ported to the cloud is another challenge that calls for data classifi-
and security functions. In [290], the SDG-pro (software-defined cation and tagging at the device level.
gateways programming framework) for cloud IoT system is pre-
sented. In this framework, software defined gateways are provi- 8. IoT scalability: an architectural perspective
sioned and deployed dynamically on edge nodes by IoT controller
units in the cloud. This approach allows the “everything as code” Having billions of things connected to the Internet in the future
paradigm to deal with the IoT network dynamicity and scalability. network, the network architecture needs to be rethought. Many IoT
The work done in [291] tackles the IoT gateway problems. architectures have been proposed in the literature (Table 8). This
The authors claim that today’s IoT solutions depend on closed situation is similar to have multiple remote controls (for managing
application-layer gateways. The authors compare the today’s IoT different types of devices the DVD, TV, AC, etc.) all functioning the
application specific gateway to having a browser for each web- same way, but no one can replace the other [303]. For enabling
site, which is not an intelligible solution. Their proposed archi- the IoT wide deployment, we need a common agreed upon archi-
tecture consists of having a smartphone as an IoT gateway. The tecture as the case of the TCP/IP Internet architecture. The architec-
used communication technology is BLE where the smartphone is tural diversity and heterogeneity and the absence of interoperabil-
the master node and the peripheral things are the slaves’ nodes. ity between these different architectures devalorized their utility
Each slave node sends beacons periodically to notice its presence [304]. SDN is intended to overcome this heterogeneity providing
to the nearer master and the master has the role to establish the a common control layer on top of these different IoT architectural
connection between slaves. The smartphone can forward the IPv6 silos. In the following, we will review the most known IoT architec-
packets from the peripheral nodes, if supported. If not, it has to act tures and the most recent work applying SDN & NFV in a general-
as a proxy to translate the different packets to IPv6 format. Several ized IoT architecture. The layered representation of these different
questions can be posed concerning the security, privacy, trust, user architectures is summarized in Fig. 10.
incentive, and reliability.
In [292], different approaches used for conceptualizing an IoT 8.1. iCore
middleware have been presented. These approaches are compared
in terms of the challenges that can overcome; these challenges are The iCore project defines three main levels in its framework:
mainly: interoperability, trust, scalability, mobility, heterogeneity the virtual object level (VO), the composite virtual object level
abstraction, spontaneous events, random topology, multiplicity, un- (CVO), and the service logic level. These levels aim at abstracting
known data-point availability, security/privacy, actuation conflicts, the heterogeneity at the physical object layer and provide cognitive
bootstrapping, extensibility, modularity, and real-world integration. services to ensure reliability [305].
The analysis shows that there is no approach that can tackle and As part of the iCore project, [306] presents a distributed frame-
overcome all the challenges. Additionally, some challenges: trust, work for IoT. This framework consists of four modules embedded
actuation conflicts, and bootstrapping, are not solved yet by any in IoT daemon: the virtual object layer (VOL), the composite virtual
middleware approach. object layer (CVOL), the service layer (SL) and the security man-
The work done in [100] introduces the device-centric approach agement (SM) module. This framework tends to provide interop-
comparing it to the data-centric approach that relies on collecting erability between different IoT application domains. Mainly, each
Table 7
Middleware IoT approaches.
Approach Description Advantages Disadvantages
Device-centric The devices are identified and Connectivity and security management Scalability and heterogeneity
connected to the network.
User-centric The focus is on the device-user Scalability and management facility Lack of M2M type of communications
relationship; the device’s identity is
based on the owner’s identity.
Data-centric The focus is on data; the data will be Big data handling and Interoperability Added complexity (e.g. data classification)
identified, labeled, and classified
without caring about user or device
identity.
Service-centric The focus is on the services; services Scalability and interoperability Reliability
are provided to registered users upon
request.
Table 8
IoT Architectures Initiatives.
Architecture Description Partnership
IoT-A [293] A proposed IoT Architecture Reference Model (ARM) under Alcatel Lucent (Belgium, France), CEA (France), CFR (Italy),
the F7 European project. CSE (Greece), FhG IML (Germany), Hitachi (UK), IBM
(Switzerland), NEC (UK), NXP (Germany, Belgium), SAP
(Germany), Siemens (Germany), Sapienza University of
Rome (Italy), University of St. Gallen (Switzerland),
University of Surrey (UK), University of Würzburg
(Germany), VDI/VDE-IT (Germany), VTT (Finland).
IoT6 [294] A 3-year F7 European research project for researching the Mandat International (Switzerland), Ericsson (Serbia),
IPv6 potential for IoT. RunMyProcess (France), University College of London (UK),
University of Murcia (Spain), Vienna University of
Technology (Austria), University for Applied Sciences
Western Switzerland (Switzerland), University of
Luxembourg (Luxembourg), KAIST (S. Korea).
iCore [295] An IoT project aiming at abstracting the heterogeneity and 12 industrial partners from which 8 are leading ICT
representing the different user/stakeholders view. Cognitive manufacturers (Alcatel, Bell labs, Atos, Fiat, Siemens,
context awareness, reliability, and energy efficiency are Software AG, Telecom Italia, Thales), 5 SMEs (Zigpos,
main goals of the conceived solution. Ambient, Arago, Innotec, M3S, Trilogis), 4 universities
(Delft University of Technology, University of Surrey,
University of Piraeus, KAIST), and 5 research centers
(Create-Net, JRC, TNO, VTT, Wuxi SensingNet
Industrialization Research institute)
OneM2M [296] A service layer abstraction to overcome the vertical 8 of the world leading ICT’s companies (Arib, ETSI, Atis,
heterogeneity while ensuring compatibility with older CCSA, TIA, TSDSI, TTA, TTC), 6 global fora and SDOs
M2M architectures. (Broadband Forum, CEN, CENELEC, Global Platform, Next
Generation M2M Consortium, OMA) and over 200
companies in all industry sectors.
IoTDM [297] IoT data Broker for oneM2M based infrastructure Committed by Cisco, ETRI, Echelon, Technicolor (it is part
of the Lithium ODL version)
FIWARE [298] Provides a set of APIs to develop IoT applications Independent Open Community
BUTLER [299] uBiquitous, secUre inTernet-of-things with Location and INNO, Ericsson (Spain), Telecom Italia, GEMALTO, CEA,
contExt-awaReness project to enable development of CWC, FBConsulting, ISMB, I Home Lab, ST, University of
secure and assistant life applications. Luxembourg, K.U. Leuven, TST, Jacobs University, ZIGPOS,
Maya Technologies, Banco Santander, Santander City
Council, Tecnalia
COMPOSE [300] Collaborative Open Market to Place Objects at your Service 5 Industrial partners (IBM (Israel), INNOVA (Italy),
U-HOPPER (Italy), CELLNEX (Spain), EVRYTHNG (UK)), 4
research Institutes (BDIGITAL (Spain), BSC-CNS (Spain),
Fokus (Germany), Create-Net (Italy)), 2 universities (Open
University (UK), University of Passau (Germany)), and one
standardization body (W3C).
IEEE Project P2413 [301] No new architecture but a high-level description to enable BroadBand Tower, Cisco Systems, Emerson, EPRI, Finger
cross-domain applications and compatibility between Food Studios, Hitach, Honeywell International, Huawei
different architectures. Technologies, Infocomm Development Authority (IDA),
Intel, Kaspersky Lab, Korea Electronics Technology Institute
(KETI), NIST, Qualcomm Inc., Renesas, Rockwell
Automation, Schneider Electric, Senslytics, Siemens AG,
SIGFOX, STMicroelectronics, Toshiba Corporation, Wipro,
Yokogawa Electric Corporation, ZTE.
TRESCIMO [302] Testbeds for Reliable Smart City Machine to Machine EUR, TUB, Fraunhofer, CSIR, UCT, ABS, ESKOM, I2CAT
Communications (TRESCIMO) is a project under the
European Union’s FP7, Future Internet Research and
Experimentation initiative.
Fig. 10. IoT layered architectures.
object must run this daemon and some layers can be omitted due new capabilities will be added as this new network provides revo-
to power and processing limitations. lutionary features [310].
The fact that an integration of the proposed layers has to be
performed in the IoT devices, this architecture presents scalability 8.3. OneM2M
and interoperability limitations. IoT solutions are already there, so
imposing change in the present devices is an impractical solution. OneM2M is an M2M based architecture aiming to provide an
IoT middleware [311]. OneM2M intends to combat the fragmen-
8.2. 3GPP MTC architecture tation by implementing a horizontally deployed middleware ser-
vice layer above the different vertical M2M silos networks and
Taleb et al. in [307] present the 3GPP MTC architecture. 3GPP applications. Swetina et al. in [312] introduce the OneM2M stan-
is the 3rd Generation Partnership Project alliance grouping the dard. Essentially, the OneM2M architecture consists of three lay-
Alliance for Telecommunications Industry Solutions (ATIS), the ers: Network Service Layer (NSL), Common Service Layer (CSL),
China Communications Standards Association (CCSA), the Open and the Application Service Layer (ASL). These layers are presented
Mobile Alliance (OMA), IEEE and the European Telecommunica- by three types of entities: Network Service Entity (NSE), Com-
tion Standards Institute (ETSI), the Association of Radio Industries mon Service Entity (CSE), and the Application Service Entity (ASE).
and Businesses (ARIB), the Telecommunications Standards Devel- Five node types are included in the OneM2M functional archi-
opment Society (TSDSI), the Telecommunications Technology Asso- tecture: Infrastructure Node (IN), Middle Node (MN), Application
ciation (TTA), and the Telecommunication Technology Committee Service Node (ASN), Application Dedicated Node (ADN), and Non-
(TTC) as organizational partners. This Machine Type Communica- OneM2M Node (NoN). These nodes are separated into two cate-
tion (MTC) initiative aims at introducing the M2M communication gories: CSE enabled and Non CSE enabled. These nodes essentially
into the mobile network supporting initially the Human-to-Human reside in two domains; The field domain contains the IN which
(H2H) communication. The presented architecture consists mainly presents the provider services and in the field domain reside the
of three domains: the device domain, the network domain, and MN which is typically a gateway, the ASN which is oneM2M de-
the user application domain. The device domain is where hetero- vice, the ADN which is a constrained oneM2M device not pre-
geneity resides; this heterogeneity is in terms of supported com- senting service providing capability, and the non OneM2M device
munication protocols, device capabilities (power, processing, and which is normally a network device providing the underlying net-
storage), and supported security measures. The network domain is work services (location service, management service, and trigger-
mainly the mobile core network (e.g. EPS in the LTE case) [308]. ing service) [313].
Kunz et al. in [309] present the main requirements, use cases, In a myriad of M2M architectures and solutions, there is a need
and key issues over the successive 3GPP MTC releases (10, 11, and to retrieve a common middleware layer to combat the fragmen-
12). New features are intended to be added with new releases. Es- tation and provide interoperability between these different silos.
sentially, in the 5G era, the MTC surely has to be supported and The global standardization initiative is launched in July 2012. Then,
the first version is released in December 2014 with ten specifica- 8.5. IoT6
tions published online. These specifications tackle the main ser-
vices provided by the CSL such as: registration, security, service The IoT6 architecture focuses on three groups of the IoT-A ar-
charging and accounting, subscription and notification, discovery, chitecture: the communication group, the business process man-
group management, location, network service exposure and service agement group, and the security group. In [321], the IoT6 architec-
triggering, application and service layer management, communi- ture is presented. This architecture consists of six groups: the com-
cation management, data management and repository, and device munication group, the resources and services group, the process
management [314]. automation group, the applications group, the management group,
Husain et al. in [315] describe how the OneM2M architecture and the security group. This IPv6 based architecture employs the
is meant to use the underlying networks services (and more pre- IPv6 inherited benefits (unique addressing, no need for NAT, etc.)
cisely when the underlying network is a 3GPP mobile one). Three and standards (6LowPAN, CoAP, GloWbal). It provides functionali-
services mainly can be provided by underlying networks through ties such as: mobility, multi-protocols interoperability among het-
the network service entities (NSE): triggering, discovery, and man- erogeneous things, intelligence distribution, cloud computing and
agement. One of the standardized infrastructures is the 3GPP one. mobile phone network integration, ubiquitous access, and manage-
Mainly an AE in the field domain has to have an IP connection ment capabilities. This architecture is not detached from previous
with the AE in the infrastructure domain to establish a connection IoT architectures (IoT-A, FI-WARE, OneM2M, etc.) but it extends
and performs one of the four operations: Create, Retrieve, Update, them. Focusing on the communication layer, it provides functional-
Notify, and Delete. This IP connectivity can be served by the 3GPP ities provided at higher layers in other architectures in a complex
MTC network. The ASN in the field domain is similar to a user way. It complements the existing architectures supporting IPv6 to
equipment in the user plane and the infrastructure node is simi- resolve the IoT identification challenge. This architecture consists of
lar to an SCS in the control plane. The MTC architecture presents three domains: the IPv6 compliant and non-compliant things (the
some services that can overlap with those provided by OneM2M. non-compliant things have to be connected to proxy or gateway)
Therefore, it is necessary to do the mapping between these ser- domain, the IPv6 local area network domain, and the IPv6 wide
vices and one of them is the identification one. The used identi- area network domain for connecting different LANs. The discovery
fiers in the MTC case are the external ID (M2M-Ext-ID or MSISDN) service is provided through “digrectories”; these digrectories have
and the Trigger-Recipient-ID of the target CSE. multiple interfaces: JSON, DNS, etc. and have to be connected to
The work done in [316] aims at integrating the lightweight a digcovery core that applies the ontology principles to overcome
management protocol (LWOMA) into the OneM2M architecture. the heterogeneity challenge.
The identity management and the object registration are two The focus on IPv6 as IoT enabler is understandable in the iden-
key parts in any IoT management scheme. Mostly, the authors tification context. However, the interoperability between different
approach IoT from a web-based perspective, using unique re- existent identification schemes adds complexity to the IoT ubiqui-
source identifiers (URI) for identifying the things. Additionally, tous network [322].
they extend the CoRE (constrained restful environment) capabili-
ties to legacy devices and integrate the proposed scheme into the
8.6. IoTDM
OneM2M standard architecture. However, URIs used in the web
context present some limitations in the IoT case where we have
This module was integrated firstly in the Lithium OpenDaylight
big number of resources.
version. It consists of applying SDN to the OneM2M architecture.
In [317], there is a proposition of OneM2M based smart city ar-
Having the data collected and analyzed by a central entity coping
chitecture consisting of things as ADN interacting with a gateway
with the different access technology heterogeneity is key to en-
presenting an MN that aggregates data and bridge the non-smart
able the OneM2M deployment. This project consists of integrating
things to the infrastructure node deployed in a cloud system. In a
a OneM2M core in the ODL controller. This core acts as an IoT data
smart city domain, multiple gateways are deployed, and they have
broker. The OneM2M core is connected to different devices using
to be registered to the central smart city central cloud instance.
different protocols.
The integration of the M3 data management framework [318] and
Thus, this project shows that OneM2M and SDN are two com-
crowdsourcing use case for smart city is discussed for providing
plementary concepts. In this context, employing SDN & NFV to de-
smart services.
ploy the OneM2M architecture will accelerate the IoT realization
The work done in [319] tackles the issue of data interoperabil-
[323].
ity. Most of the standardization efforts focus on one of the two
aspects of interoperability: data and communication. The current
version of OneM2M does not include the data semantic integration. 8.7. Software defined IoT architectures
The idea in this work was to integrate the data ontology concept
in the OneM2M architecture. “Is SDN the De-Constraining Constraint of the Future Internet?”
[324]. While the current network technologies are considered rev-
olutionary relative to what preceded, their endurance is limited by
the rigidity of the current network infrastructure. In today’s net-
work, the configuration is done through low-level policies config-
8.4. IoT-A ured manually (via CLI). SDN came to hide the management com-
plexity and allow for innovative applications and network services
The IoT-A architecture consists of seven longitudinal groups: de- to meet the IoT requirements [325,326].
vice group, communication group, IoT service group, virtual en- Omnes et al. in [327] discuss the benefits of employing SDN &
tity group, IoT business process management group, and applica- NFV in a general IoT architecture. While SDN permits dynamic con-
tion group, and two transversal groups: security group, and man- figuration of the data plane policies and rules, the NFV allows the
agement group as shown [320]. Thus, IoT-A provides an abstract virtualization of resources lowering CapEx and OpEx. The authors
architecture model and does not define in detail the main func- defined main requirements for a general IoT architecture such as
tionalities. This will conduct in different implementations posing QoS guarantee, common service layer, new access network men-
interoperability issues. tality, and big data management.
A restful software defined IoT architecture is proposed in [328]. paradigm has shown its usefulness in the Wireless Sensor Network
This architecture consists of several modules: northbound Appli- (WSN) case. This data-centric approach makes the data an address-
cation Programming Interfaces (APIs), southbound APIs, processor, able entity. In the IoT domain, this concept is needed because IoT
and database. The southbound interfaces deal with different proto- applications and services rely mostly on the analysis of the col-
cols: HTTP, COAP, etc. The control plane consists of the processor lected data. This architecture consists of three domains: the M2M
and the database where the nodes state and information are col- domain where a gateway connects the heterogeneous set of de-
lected. The southbound interface, which interconnects the control vices, the network domain that includes different access networks
and the application planes, is principally REST based. (3G, LAN, etc.), and the application domain that includes the IoT
Describing the usefulness of SDN to enable agility, flexibility, applications.
and dynamicity to overcome the today’s IT problems, Tadinada in In [333], there is a proposition of a Software Defined Infrastruc-
[329] introduces the Freescale SDN products: VortiQa Open Net- ture (SDI) manager, which consists of two essential components:
work Director and VortiQa Open Network Switch. Two use cases the cloud computing controller (OpenStack), and the network con-
of SDN OF switches are presented. The first use case is where troller (FlowVisor)). The main roles of the cloud computing con-
Open vSwitch acts as an IoT gateway managed by a cloud based troller are the collection of the users’ descriptions and the man-
SDN controller. The second use case is where an Open vSwitch agement of the computing resources. On the other hand, the net-
is mounted on eNodeB to offload data from the Evolved Packet work controller has the role of managing the network resources,
Core (EPC) network, providing better user experience and decreas- collecting network topology information, and interacting with the
ing OpEx and CapEx. The main functions assigned to the IoT gate- Open vSwitches to configure their forwarding tables. The FlowVisor
way are: forwarding data between end devices, protecting devices layer is added to permit slicing of the network and the attachment
from external attacks, providing QoS guarantee, authenticating and of each slice to a certain controller.
authorizing the end devices, transferring data in a secure way The Idea of Network Operating System (NOS) was depicted to
between gateways (IPsec/tunneling), and managing access control hide the heterogeneity in the network domains. NOS allows the de-
and queuing. Therefore, the eNodeB Open vSwitch aims to sepa- ployment of different applications over a set of different network
rate the voice from the data packets making the data packets not devices. In [334], the authors propose an operating system for IoT
traversing the EPC network. extending the ONOS SDN controller to support SDN-WISE, a proto-
In [330], an SDN based architecture for home automation is col that extends the SDN capabilities to WSN. SoftINTERNET a new
proposed. Today, a big number of home devices are connected to initiative for a future software defined Internet. This architecture
the Internet. The management of these devices in a traditional way aims to provide both connectivity and management in a software
is unpractical and unviable in some cases. The authors propose the defined way coping with the heterogeneity and complexity of the
Majord’home management platform. In the proposed architecture: future Internet [335].
CO is the connected object, coCO is the community of connected The trial to invoke SDN in the IoT domain is challenged by the
objects, VO the virtual object, and Avatar is the user representa- delay imposed by the communication between switch and con-
tion to manage its VOs. The Internet Service Provider (ISP) plays troller. A pre-emptive flow installation algorithm is proposed in
the role of the Majordomo: a software that allows managing the [336]. In [337], there is a proposition of a software defined solution
user’s objects (i.e. the client home objects) through virtualization. to overcome the heterogeneity challenge in the IoT networks. This
The Majord’home architecture consists of user manager, VO man- solution consists of having an IoT controller which communicates
ager, coCO manager, network manager, and application manager. with the things that have integrated IoT agents permitting them
Extending the work done in [330], Boussard et al. propose a to request communication. These communication requests are col-
generalization of the CO, VO, Avatar, coCO, and coVO definitions to lected by the IoT controller which builds a full view of the net-
any smart environment: A CO now is not just a home device con- work and calculates the forwarding rules. These forwarding rules
nected to the Internet, it is an entity that can generate, receive or are communicated to the SDN controller which downloads them
impact the data flow in the network, the VO is an abstract view of in the forwarders (switches/routers). This solution builds an over-
this entity, the coCO as before a community of connected objects, lay network on top of the heterogeneous networks and allows
the coVO is a community of the virtual objects in other words it is the interworking between them. However, the proposed solution
an abstraction of the coCO, and Avatar presents the manager of the presents some limitations such as the integration of the IoT agents,
CO through VO. The proposed SDN architecture consists of three the routing protocol, the forwarding rules formulation, the identity
horizontal layers and one vertical layer. The data layer consists of schemes heterogeneity, and the scalability.
all NE and COs that can receive and generate data without per- Considering the scalability, management, and security IoT is-
forming any forwarding/routing functions, the control layer is com- sues, the proposed architecture in [338] consists of three layers:
posed of two sub-levels; level 1 consists of the network controller the physical layer, the middleware/control layer, and the data ser-
and the CO controller and level 2 consists of the coVO controller, vice layer. The physical layer consists of different types of con-
and on top of these layers resides the application layer. The man- nected devices. The middleware/control layer consists of software
agement layer consists of different managers (network manager, defined blocks: Software Defined Security (SDSec), Software De-
VO manager, application manager), all encompassed in the Oper- fined Storage (SDStore), Internet of Things Controller (IoT-C), and
ation Support System(OSS). The control, application, and manage- Software Defined Controller (SDN-C). When the data is received
ment layers compose the “majordomo”. As proof of concept, they from the network gateway, a data collector process it; authenti-
tested the proposed architecture with two Majord’homes (Bob and cation is performed by the SDSec component, if the authentication
Alice homes). Each one has an Open vSwitch to which the home check succeeds the data is tagged by a positive (P) flag (otherwise
appliances are connected. A coVO controller, residing at the ISP a flag N). Then, the data is passed to the IoT controller that has the
side, controls the Majord’home gateways. Scalability, auto config- role to compute the path to the destination, the forwarding rules
uration, and security and privacy issues are to be tackled in future are forwarded to the SDN-C which downloads them into the net-
work [331]. work switches.
In [332], a proposition of an IoT architecture that employs both Hu in [339] discusses the IIoT need for traffic engineering. Three
SDN and distributed data service (DDS) is presented. While SDN phases of management are implemented in a centralized cloud
is used to guarantee data agility, flexibility, and mobility handling, based controller: topology computation, admission control, and al-
DDS is introduced for big data management. The publish/subscribe location optimization. The centralization of management is shown
to have a good impact in terms of packet loss implementing an do not consider the existing IoT solutions and this makes the adop-
alternative route mechanism. tion of the new solutions a complicated task. Interoperability be-
Employing the SDN concept, Lee et al. in [340] show that is tween the different IoT solutions (devices, architectures, protocols,
feasible to obtain interoperability between devices from different etc.) helps in revealing the IoT value in enabling innovative appli-
manufacturers. Auto configuration and recognition are integrated cations. Therefore, in the network domain, adopting new solutions
into the proposed solution. Using the Open vSwitch as a gateway, is not a straightforward task. Proposing a pure SDN based solutions
this architecture ensures a dynamic configuration and management per example is not realistic and thus the consideration of the hy-
of home networks. The home devices are identified using their brid case is key.
unique MAC addresses. The configuration related information is Lack of Realizability: scalability is one of the IoT main chal-
kept in a database connected and managed by the SDN controller. lenges. Most of the IoT challenges rise from the high scale of the
An implementation of this architecture is done using Mininet and IoT network which introduces new QoS and security issues. How-
OpenDaylight with the home devices as hosts. ever, the realization of the high scale is not easy both from theo-
Two virtualization levels are defined in [341]: the network level retical and practical perspectives.
and the end-user level. At the network level, there are two cases. Lack of Compatibility: having thousands of published papers in
The first case is where physical resources are in the same physical the IoT domain, few of them propose new schemes that can be in-
location; in this case, virtualization aims to partition the resources tegrated in the current network infrastructure. However, other pro-
between different logical functions. The second case is where phys- posals are meant to be standalone solutions that repose on new
ical entities are at different locations; in this case, two virtual- networking schemes.
ization functions are invoked: moving the logical function (migra- Lack of Security: security is not an issue that can be treated
tion) and having the physical resources at different places. Virtu- independently. Security has to be designed and built in each layer
alization at the network and the end-user levels calls for special- of the IoT solutions (from the device layer to the application layer).
ized functions. The virtual sensor, the virtual cell management, and IoT security is not only about securing the network and data it goes
the software defined controlled wireless networks are presented beyond that to attacks which can target the human health or life.
as use cases that implement these virtualizations functionalities.
Thus, SDN coupled with NFV can enable management flexibility in 9.2. Recommendations
the IoT domain [342].
The work done in [343] presents a Web of Things SDN based Based on the presented limitations, we believe that there are
architecture. The web technologies, facilitating the development important directions that have to be considered in the future IoT
mission, have some limitations in terms of security, things man- research studies:
agement (rebooting), and the data management. Therefore, putting Build on top of the existing solutions: one of the most impor-
SDN on top of the resource based Web architecture helps in hid- tant challenges of any new proposed IoT solution is its interoper-
ing the security and management complexities. This architecture is ability with existing solutions. Thus, the future work has to con-
composed of three layers: the access layer where the things are sider the compliance of any new solution with the IoT standards
connected to WoT gateways, the control layer consisting of the and its interoperability with similar existing IoT platforms.
resource databases and the control functions, and the application Consider different challenges when building an IoT solution:
layer. building an IoT solution for a specific challenge might result in a
partial solution. Thus, it is essential for future work to define the
main challenges that have to be considered in any IoT solution.
8.8. Challenges
Real implementation: having plenty of position papers in the
IoT domain, there is a need for real implementations that show the
Many proposals have been established for conceiving a widely
effectiveness of the proposed solutions. Additionally, real testbeds
adopted IoT infrastructure. However, the added functions complex-
need to be implemented to test the correctness and effectiveness
ities prevent their application. Even though the abstraction layers
of the proposed solutions. Simulators that allow to model and
are promising, as the case of the OneM2M architecture, the tech-
test the different proposed architectures, protocols, and algorithms
niques to deploy such layers need to be specified. In this context,
need to be developed.
SDN is a way to re-think the network functions deployment. Soft-
Consider data and network related aspects: when IoT data re-
warization grants the dynamicity and the support of heterogeneity.
lated research focuses on data analysis the network related re-
The deployment of an SDN gateway is the solution to overcome the
search focuses on how to connect things to the Internet. How-
orthogonal diversity of IoT infrastructures. The reviewed architec-
ever, some applications present critical requirements in terms of
tures in this section show the benefits of applying SDN in facili-
network resources; thus, we need to rethink the data networking
tating the management network functions to cope with the high
issue and where data analytics related functions have to be imple-
scalability challenge. Proposing a single central control can cope
mented.
with the management issues. However, the centralization poses
Standardization: the interoperability between the different IoT
new challenges in terms of latency, availability, throughput, etc.
solutions call for well-defined IoT standards. Therefore, the IoT
Additionally, when we talk about a network with billions of con-
standardization efforts at different levels (communication proto-
nected things, the data management should be considered as well
cols, architectures, data management, e.g.) need to be correlated.
as the control layer design.
Standards are key not only for compatibility and interoperability
aims. Perhaps, the lack of standardization can invoke many secu-
9. Limitations and future research directions rity issues.
Actually, the IoT devices are not meant to communicate only
9.1. Limitations with one device (i.e. gateway, switch, router). Instead, the IoT de-
vices will communicate with many other IoT devices and thus
Based on the review presented in this paper, we can list some standard D2D communication protocols are required. However, the
of the limitations of the current IoT solutions: standardization need to cover different IoT aspects and not only
Lack of Interoperability: different solutions have been proposed the communication one. The IoT devices will generate different
to overcome the different IoT challenges. However, most of them types of data and thus interoperability at the data level is essential
to reduce data analysis complexity and enable innovative IoT ap- no one has gained a global acceptance and adoption. We believe
plications. Besides, new regulations are needed to define the data that SDN is a solution that combats the heterogeneity and can
ownership policies to protect data privacy and security [344]. serve in unifying the vision of a global IoT architecture. While the
SDN, NFV, and cloud/edge computing integration: as discussed work in this domain is still in its early stages, we presented the
in this paper, the application of SDN and NFV can alleviate many most recent work applying SDN & NFV in an SDN based IoT archi-
of the IoT challenges. SDN coupled with NFV provide flexibility and tecture.
dynamicity that help in overcoming the management complexity,
aggravated by the high scalability of the IoT network. Additionally,
Acknowledgements
SDN, enabling the programmability of the network functions, can
cope with the IoT heterogeneity challenge. Furthermore, SDN and
Research funded by the AUB University Research Board, the
NFV can help in alleviating main IoT security concerns (e.g. DoS,
Lebanese National Council for Scientific Research, and TELUS Corp.,
DDoS, etc.). On the other hand, edge computing coupled with SDN
Canada.
can help in managing the IoT big data. However, the integration of
these technologies need special consideration. In addition to the
standardization efforts, developing real testbeds of the proposed References
solutions is key for their real deployment.
[1] K. Ashton, That ‘internet of things’ thing, RFiD J. 22 (7) (Jul. 2009) 97–114.
IoT involves many parties: IoT devices manufacturers, network [2] M. Walport, The Internet of Things: making the most of the second dig-
services providers, data services providers, and applications devel- ital revolution a report by the UK Government Chief Scientific Adviser,
opers. The IoT devices manufacturers need to monitor their devices 2014. Available at: https://www.gov.uk/government/uploads/system/uploads/
attachment_data/file/409774/14- 1230- internet- of- things- review.pdf.
for maintenance and management purposes. Additionally, some IoT [3] S. DuBravac, The Internet of Things: evolution or revolution?, 2015. Available
devices manufactures provide cloud-based services to store, pro- online at: http://www.biztositasiszemle.hu/files/201506/aig_white_paper_iot_
cess, and connect the devices’ collected data. In this context, SDN english_tcm2538-677834.pdf.
[4] D. Evans, The Internet of Things: how the next evolution of the internet is
and cloud computing can hide the complexity of IoT devices and
changing everything, CISCO White Paper 1 (2011) 14.
data management. Amazon, for example, has developed the Ama- [5] https://en.wikipedia.org/wiki/Metcalfe%27s_law.
zon Web Services (AWS) for IoT [345]. The AWS IoT services allow [6] R. Want, S. Dustdar, Activating the Internet of Things [Guest editors’ intro-
duction], Computer 48 (9) (Sept. 2015) 16–20.
to manage the IoT devices through deployed applications in a cloud
[7] J. Manyika, M. Chui, P. Bisson, J. Woetzel, R. Dobbs, J. Bughin, D. Aharon, The
environment. In addition, it permits the management and the anal- Internet of Things: Mapping the Value Beyond the Hype, McKinsey Global
ysis of the collected data. On the other hand, the network services Institute, 2015.
providers have to guarantee good QoS level and secure communi- [8] J. Manyika, M. Chui, J. Bughin, R. Dobbs, P. Bisson, A. Marrs, Disruptive Tech-
nologies: Advances that Will Transform Life, Business, and the Global Econ-
cation over their deployed networks. Thus, integrating SDN helps omy, 12, McKinsey Global Institute, San Francisco, CA, May 2013.
in managing both QoS and security in the highly scalable IoT net- [9] A. Taivalsaari, T. Mikkonen, Cloud technologies for the internet of things:
work. Software based gateways help in overcoming the IoT net- defining a research agenda beyond the expected topics, in: 2015 41st Euromi-
cro Conference on Software Engineering and Advanced Applications, Funchal,
work management complexity. Cisco, for example, has developed Madeira, Portugal, 2015, pp. 484–488.
a softwarized IoT gateway integrating Cisco IOx (i.e. Cisco IOS soft- [10] F. Graur, Dynamic network configuration in the Internet of Things, in: 2017
ware with fog) to enable flexible IoT networks management and 5th International Symposium on Digital Forensic and Security (ISDFS), Tirgu
Mures, 2017, pp. 1–4.
real-time IoT applications [346]. Besides, OpenDaylight has inte- [11] Developing Solutions for IoT. Intel White Paper, 2014.
grated the IoTDM module as a plugin ever since its lithium re- [12] B. Edson, Get Started with the Internet of Things in Your Organization. Intro-
lease. This module permits the connection of the devices, directly ducing the Microsoft Azure Internet of Things Suite, Microsoft Corp, 2015.
[13] Libelium - Connecting Sensors to the Cloud. [Online]. Available: http://www.
or through a gateway, to the SDN controller. In this case, the de-
libelium.com/. [Accessed: November 2017].
veloped applications on top of the controller are responsible for [14] OpenMTC. [Online]. Available: http://www.openmtc.org/index.html#openmtc.
managing the IoT devices and ensuring QoS and security. Further- [Accessed: November 2017].
[15] Internet of Things (IoT) - Cisco. [Online]. Available: http://www.cisco.com/
more, data service providers need to consider analyzing data at the
c/en/us/solutions/internet- of- things/iot- products/solutions.html. [Accessed:
network edge. For this aim, for example, Microsoft has developed November 2017].
an IoT framework for implementing data analytics at the network [16] Hewlett Packard Enterprise (HPE). [Online]. Available: https://www.hpe.com/
edge [347]. Besides, application developers have to implement in- us/en/home.html. (Accessed: November 2017).
[17] Internet of Things | Dell United States. [Online]. Available: http://www.
telligence at the application level to get insights from the collected dell.com/en- us/work/learn/internet- of- things- solutions. [Accessed: Novem-
data. As an example, IBM has developed a cognitive system called ber 2017].
IBM Watson for IoT data intelligence [348]. [18] Internet of Things (IoT) Solutions and Services | AT&T Business.
[Online]. Available: https://www.business.att.com/enterprise/Portfolio/
As a result, IoT data and network management requires the fed- internet- of- things/. [Accessed: November 2017].
eration of all the involved parties’ efforts to have a global IoT ar- [19] IoT - InterDigital. [Online]. Available: http://www.interdigital.com/iot/. [Ac-
chitecture integrating the most recent data and network enabling cessed: November 2017].
[20] IBM Watson Internet of Things (IoT). [Online]. Available: http://www.ibm.
technologies. com/internet- of- things/. [Accessed: November 2017].
[21] D. Zeng, S. Guo, Z. Cheng, The web of things: a survey, J. Commun. 6 (Jan.
10. Conclusion (6)) (2011) 424–438.
[22] K.S. Lee, M. Bae, H. Kim, Future of IoT networks: a survey, Appl. Sci. 7 (10)
(2017).
The network and telecommunication networks are in continu- [23] O.B. Sezer, E. Dogdu, A.M. Ozbayoglu, Context aware computing, learning and
ous evolution. Internet of Things is expected to take advantage of big data in Internet of Things: a survey, IEEE Internet Things J. PP (99) (2018)
1–27.
this evolution to be widely deployed. While some IoT applications
[24] U. Deniz Ulusar, F. Al-Turjman, G. Celik, An overview of Internet of things
are already there, its wide realization still encumbered by many and wireless communications, in: 2017 International Conference on Computer
challenges such as the high scalability and management complex- Science and Engineering (UBMK), Antalya, 2017, pp. 506–509.
[25] M. Alaa, A.A. Zaidan, B.B. Zaidan, M. Talal, M.L.M. Kiah, A review of smart
ity, the heterogeneity and interoperability support, the big data
home applications based on Internet of Things, J. Netw. Comput. Appl. 97
handling, and the security and privacy guarantee. These main chal- (Supplement C) (November 2017) 48–65.
lenges need new architectural and design based solutions to be [26] S. Li, L. Da Xu, S. Zhao, The internet of things: a survey, Inf. Syst. Front. 17 (2)
handled. In this paper, we presented SDN & NFV, cloud and fog (Oct. 2010) 243–259.
[27] J. Latvakoski, A. Iivari, P. Vitic, B. Jubeh, M.B. Alaya, T. Monteil, Y. Lopez, G. Ta-
computing, and 5G as the main enablers of the IoT evolution. Many lavera, J. Gonzalez, N. Granqvist, A survey on M2M service networks, Comput-
architectural solutions have been conceived in the IoT domain, but ers 3 (4) (Nov. 2014) 130–173.
[28] E. Borgia, The Internet of Things vision: key features, applications and open [61] Cisco Systems, “What is the Internet of Everything?”, http://
issues, Comput. Commun. 54 (Dec. 2014) 1–31. internetofeverything.cisco.com/vas- public- sector- infographic/.
[29] L. Atzori, A. Iera, G. Morabito, The internet of things: a survey, Comput. Net- [62] Cisco Systems, The Internet of Everything, Global Private Sector Eco-
works 54 (15) (Oct. 2010) 2787–2805. nomic Analysis, 2013. https://www.cisco.com/c/dam/en_us/about/ac79/docs/
[30] H.B. Pandya, T.A. Champaneria, Internet of things: survey and case studies, innov/IoE_Economy_FAQ.pdf.
in: Electrical, Electronics, Signals, Communication and Optimization (EESCO), [63] I. Bojanova, G. Hurlburt, J. Voas, Imagineering an internet of anything, Com-
Visakhapatnam, AP, India, 2015, pp. 1–6. puter (6) (Jun. 2014) 72–77.
[31] S. Chen, H. Xu, D. Liu, B. Hu, H. Wang, A vision of IoT: applications, challenges, [64] “Internet of Things (IOT) /M2M”. Study paper. http://tec.gov.in/pdf/
and opportunities with china perspective, Internet Things J., IEEE 1 (4) (Aug. Studypaper/IOT_M2M_Study_Paper.pdf.
2014) 349–359. [65] ETSI TS 102 689 V1.2.1 (2013-06) Machine-to-Machine communications
[32] P. Gaur, M.P. Tahiliani, Operating systems for IoT devices: a critical survey, (M2M); M2M service requirements, 2013.
in: Region 10 Symposium (TENSYMP), Sanur, Bali island, Indonesia, 2016, [66] M. Alam, R.H. Nielsen, N.R. Prasad, The evolution of M2M into IoT, in: Com-
pp. 33–36. munications and Networking (BlackSeaCom), 2013 First International Black
[33] M. Razzaque, M. Milojevic-Jevric, A. Palade, S. Clarke, Middleware for Internet Sea Conference on, Batumi, Georgia, Jul. 2013, pp. 112–115.
of Things: a Survey, IEEE Internet Things J. 3 (1) (Feb. 2016) 70–95. [67] P. Goncalves, J. Ferreira, P. Pedreiras, D. Corujo, Adapting SDN datacenters to
[34] I. Yaqoob, E. Ahmed, I.A.T. Hashem, A.I.A. Ahmed, A. Gani, M. Imran, support Cloud IIoT applications, in: 2015 IEEE 20th Conference on Emerging
M. Guizani, Internet of Things architecture: recent advances, taxonomy, re- Technologies & Factory Automation (ETFA), Luxemburg, Sep. 2015, pp. 1–4.
quirements, and open challenges, IEEE Wirel. Commun. 24 (3) (2017) 10–16. [68] P.C. Evans, M. Annunziata, Industrial Internet: Pushing the Boundaries of
[35] G. GardaŠević, M. Veletić, N. Maletić, D. Vasiljević, I. Radusinović, S. Tomović, Minds and Machines, GE White Paper, Nov. 2012.
M. Radonjić, The IoT architectural framework, design issues and application [69] A. Sadeghi, C. Wachsmann, M. Waidner, Security and privacy challenges in
domains, Wirel. Pers. Commun. 92 (1) (2017) 127–148 01/01. industrial internet of things, in: Proceedings of the 52nd Annual Design Au-
[36] I. Mashal, O. Alsaryrah, T. Chung, C. Yang, W. Kuo, D.P. Agrawal, Choices for tomation Conference, San Francisco, CA, USA, Jun. 2015, p. 54.
interaction with things on Internet and underlying issues, Ad Hoc Networks [70] Industrial Internet Consortium. [Online]. Avialable: http://www.iiconsortium.
28 (May 2015) 68–90. org/. [Accesssed: November 2017].
[37] H. Derhamy, J. Eliasson, J. Delsing, P. Priller, A survey of commercial frame- [71] D. Dujovne, T. Watteyne, X. Vilajosana, P. Thubert, 6TiSCH: deterministic
works for the Internet of Things, in: 2015 IEEE 20th Conference on Emerging IP-enabled industrial internet (of things), Commun. Mag., IEEE 52 (12) (Dec.
Technologies & Factory Automation (ETFA), Luxembourg, 2015, pp. 1–8. 2014) 36–41.
[38] M. Conti, A. Dehghantanha, K. Franke, S. Watson, Internet of Things security [72] E. Fleisch, “What is the Internet of Things? – An Economic Perspective”, Auto-
and forensics: challenges and opportunities, Future Gener. Comput. Syst. 78 ID Labs White Paper WP-BIZAPP-053, Jan. 2010.
(Part 2) (January 2018) 544–546. [73] A. Iera, G. Morabito, L. Atzori, The social Internet of Things, in: Cloud Engi-
[39] F.A. Alaba, M. Othman, I.A.T. Hashem, F. Alotaibi, Internet of Things security: neering (IC2E), 2015 IEEE International Conference on, Tempe, AZ, USA, Mar.
a survey, J. Netw. Comput. Appl. 88 (Supplement C) (June 2017) 10–28. 2015, p. 1.
[40] J. Granjal, E. Monteiro, J. Silva, Security for the Internet of Things: a survey of [74] Y. Kim, Y. Lee, Automatic generation of social relationships between Internet
existing protocols and open research issues, IEEE Commun. Surv Tutorials 17 of Things in smart home using SDN-based home cloud, in: Advanced Infor-
(3) (Jan. 2015) 1294–1312. mation Networking and Applications Workshops (WAINA), 2015 IEEE 29th In-
[41] J. Pescatore, Securing the Internet of Things Survey, SANS Institute, Jan. 2014. ternational Conference on, Gwangiu, South Korea, Mar. 2015, pp. 662–667.
[42] D. Christin, A. Reinhardt, P.S. Mogre, R. Steinmetz, Wireless sensor networks [75] L. Atzori, A. Iera, G. Morabito, From “smart objects” to “social objects”: The
and the internet of things: Selected challenges, in: Proceedings of the 8th next evolutionary step of the internet of things, Commun. Mag., IEEE 52 (1)
GI/ITG KuVS Fachgespräch Drahtlose Sensornetze, Hamburg, Germany, 2009, (Jan. 2014) 97–105.
pp. 31–34. [76] Standardized Machine-to-Machine (M2M) Software Development Platform. (PG:
[43] S. Sicari, A. Rizzardi, L. Grieco, A. Coen-Porisini, Security, privacy and trust in PLS. set in roman), Interdigital White Paper, Oct. 2012.
Internet of Things: the road ahead, Comput. Networks 76 (Jan. 2015) 146–164. [77] A.M. Alberti, D. Singh, Internet of Things: perspectives, challenges and oppor-
[44] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, M. Ayyash, Internet of tunities, in: Proceeding of: International Workshop on Telecommunications (IWT
things: a survey on enabling technologies, protocols, and applications, Com- 2013), Santa Rita do Sapucaí, Minas Gerais, Brazil, 2013, pp. 1–6.
mun. Surv. Tutorials, IEEE 17 (4) (Nov. 2015) 2347–2376. [78] M.H. Miraz, M. Ali, P.S. Excell, R. Picking, A review on Internet of Things (IoT),
[45] M.R. Palattella, N. Accettura, X. Vilajosana, T. Watteyne, L.A. Grieco, G. Boggia, Internet of Everything (IoE) and Internet of Nano Things (IoNT), in: Inter-
M. Dohler, Standardized protocol stack for the internet of (important) things, net Technologies and Applications (ITA), Wrexham, North Wales, UK, 2015,
Commun. Surv. Tutorials, IEEE 15 (3) (Jul. 2013) 1389–1406. pp. 219–224.
[46] A. Rajandekar, B. Sikdar, A survey of MAC layer issues and protocols for ma- [79] N. Feamster, J. Rexford, E. Zegura, The road to SDN: an intellectual history of
chine-to-machine communications, Internet Things J., IEEE 2 (2) (Apr. 2015) programmable networks, ACM SIGCOMM Comput. Commun. Rev. 44 (2) (Apr.
175–186. 2014) 87–98.
[47] T. Salman, R. Jain, A survey of protocols and standards for Internet of Things, [80] RFC 7426. https://tools.ietf.org/html/rfc7426.
Adv. Comput. Commun. 1 (1) (March 2017). [81] L. Zuccaro, F. Cimorelli, F.D. Priscoli, C.G. Giorgi, S. Monaco, V. Suraci, Dis-
[48] I. Ishaq, D. Carels, G.K. Teklemariam, J. Hoebeke, F.V.D. Abeele, E.D. Poorter, tributed control in virtualized networks, Proc. Comput. Sci. 56 (Dec. 2015)
I. Moerman, P. Demeester, IETF standardization in the field of the internet of 276–283.
things (IoT): a survey, J. Sens. Actuator Networks 2 (2) (Apr. 2013) 235–287. [82] M. Bouet, K. Phemius, J. Leguay, Distributed SDN for mission-critical net-
[49] S. Bera, S. Misra, A.V. Vasilakos, Software-defined networking for Internet of works, in: 2014 IEEE Military Communications Conference, Baltimore, MD,
Things: a survey, IEEE Internet Things J. 4 (6) (Dec. 2017) 1994–2008. USA, 2014, pp. 942–948.
[50] S.K. Tayyaba, M.A. Shah, O.A. Khan and A.W. Ahmed, “Software Defined Net- [83] K. Phemius, M. Bouet, J. Leguay, Disco: distributed multi-domain sdn con-
work (SDN) based Internet of Things (IoT): a road ahead,” pp. 15:1–15:8, 2017. trollers, in: 2014 IEEE Network Operations and Management Symposium
[51] N. Bizanis, F.A. Kuipers, SDN and Virtualization solutions for the Internet of (NOMS), Krakow, Poland, 2014, pp. 1–4.
Things: a survey, IEEE Access 4 (2016) 5591–5606. [84] T. Koponen, M. Casado, N. Gude, J. Stribling, L. Poutievski, M. Zhu, R. Ra-
[52] M. Nitti, V. Pilloni, G. Colistra, L. Atzori, The virtual object as a major element manathan, Y. Iwata, H. Inoue, T. Hama, S. Shenker, Onix: a distributed control
of the Internet of Things: a survey, EEE Commun. Surv. Tutorials 18 (2) (2015) platform for large-scale production networks, OSDI 10 (Oct. 2010) 1–6.
1228–1240. [85] P. Berde, M. Gerola, J. Hart, Y. Higuchi, M. Kobayashi, T. Koide, B. Lantz,
[53] N.A. Jagadeesan, B. Krishnamachari, Software-defined networking paradigms B. O’Connor, P. Radoslavov, W. Snow, G. Parulkar, ONOS: towards an open,
in wireless networks: a survey, ACM Comput. Surv. (CSUR) 47 (2) (Jan. 2015) distributed SDN OS, in: Proceedings of the Third Workshop on Hot Topics in
27. Software Defined Networking, Chicago, IL, USA, Aug. 2014, pp. 1–6.
[54] K. Sood, S. Yu, Y. Xiang, Software defined wireless networking opportunities [86] J. Medved, A. Tkacik, R. Varga, K. Gray, OpenDaylight: towards a model-driven
and challenges for Internet of Things: a review, IEEE Internet Things J. 3 (4) SDN controller architecture, in: A World of Wireless, Mobile and Multimedia
(Aug. 2016) 453–463. Networks (WoWMoM), 2014 IEEE 15th International Symposium on, Sydney,
[55] J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of Things (IoT): a Australia, Jun. 2014, pp. 1–6.
vision, architectural elements, and future directions, Future Gener. Comput. [87] M. Jarschel, T. Zinner, T. Hossfeld, P. Tran-Gia, W. Kellerer, Interfaces, at-
Syst. 29 (7) (Sept. 2013) 1645–1660. tributes, and use cases: a compass for SDN, IEEE Commun. Mag. 52 (6) (June
[56] M. Díaz, C. Martín, B. Rubio, State-of-the-art, challenges, and open issues in 2014) 210–217.
the integration of Internet of things and cloud computing, J. Netw. Comput. [88] F. Wang, H. Wang, B. Lei, W. Ma, A research on high-performance SDN con-
Appl. 67 (May 2016) 99–117. troller, in: Cloud Computing and Big Data (CCBD), 2014 International Confer-
[57] L. Atzori, A. Iera, G. Morabito, Understanding the Internet of Things: defini- ence on, Huangshan, Anhui, China, 2014, pp. 168–174.
tion, potentials, and societal role of a fast-evolving paradigm, Ad Hoc Net- [89] H. Sandor, B. Genge, G. Sebestyen-Pal, Resilience in the internet of things:
works 56 (Supplement C) (March 2017) 122–140. the software defined networking approach, in: Intelligent Computer Commu-
[58] M. Roberto, A. Biru, D. Rotondi, Towards a definition of the Internet of Things nication and Processing (ICCP), 2015 IEEE International Conference on, Cluj–
(IoT), IEEE Internet Initiative, May 2015. Napoca, Romania, 2015, pp. 545–552.
[59] “Overview of the Internet of Things.” ITU, June 15, 2012. http://www.itu.int/ [90] J. Rak, Resilience of future internet communications, in: Resilient Routing in
ITU-T/recommendations/rec.aspx?rec=Y.2060. Communication Networks, Springer International Publishing, 2015, pp. 45–83.
[60] G.M. Lee, J. Park, N. Kong, N. Crespi, The Internet of Things–Concept and Prob-
lem Statement, Internet Research Task Force, July 2011.
[91] Time for an SDN Sequel? Scott Shenker Preaches SDN Version [122] M. Chiang, “Fog Networking: An Overview on Research Opportunities,” arXiv
2. [Online]. Available: https://www.sdxcentral.com/articles/news/ preprint arXiv:1601.00835, 2016.
scott- shenker- preaches- revised- sdnsdnv2/2014/10/. [Accessed: Novmeber [123] T.H. Luan, L. Gao, Z. Li, Y. Xiang and L. Sun, “Fog Computing: Focusing on
2017]. Mobile Users at the Edge," arXiv preprint arXiv:1502.01815, 2015.
[92] M. Ahmad, J.S. Alowibdi, M.U. Ilyas, vIoT: a first step towards a shared, multi- [124] Y. Liu, J.E. Fieldsend, G. Min, A framework of fog computing: architecture,
-tenant IoT Infrastructure architecture, in: 2017 IEEE International Conference challenges, and optimization, IEEE Access 5 (2017) 25445–25454.
on Communications Workshops (ICC Workshops), Paris, 2017, pp. 308–313. [125] M. Satyanarayanan, Z. Chen, K. Ha, W. Hu, W. Richter, P. Pillai, Cloudlets: at
[93] I. Miladinovic, S. Schefer-Wenzl, A highly scalable iot architecture through the leading edge of mobile-cloud convergence, in: Mobile Computing, Ap-
network function virtualization, Open J. Internet Things (OJIOT) 3 (1) (2017) plications and Services (MobiCASE), 2014 6th International Conference on,
127–135. Austin, Texas, United States, 2014, pp. 1–9.
[94] Why elastic scalability matters in network functions virtualization, [126] M. Oppitz, P. Tomsu, Fog Computing, in: Inventing the Cloud Century,
Feb 24, 2015. By Martin Taylor https://www.metaswitch.com/blog/ Springer, 2018, pp. 471–486.
why- elastic- scalability- matters- in- network- functions- virtualization Available [127] F.A. Kraemer, A.E. Braten, N. Tamkittikhun, D. Palma, Fog computing in
Accessed: May 2018. healthcare–a review and discussion, IEEE Access 5 (2017) 9206–9222.
[95] Microsoft Azure Cloud Computing Platform & Services. [Online]. Available: [128] S. Yu, M. Liu, W. Dou, X. Liu, S. Zhou, Networking for big data: a survey, IEEE
https://azure.microsoft.com/en-us/. [Accessed: May 2018]. Commun. Surv. Tutorials 19 (Firstquarter (1)) (2017) 531–549.
[96] Google Cloud Computing, Hosting Services & APIs | Google Cloud. [Online]. [129] Y. Sahni, J. Cao, S. Zhang, L. Yang, Edge mesh: a new paradigm to en-
Available: https://cloud.google.com/. [Accessed: May 2018]. able distributed intelligence in Internet of Things, in IEEE Access 5 (2017)
[97] iCloud. [Online]. Available: https://www.icloud.com. [Accessed: May 2018]. 16441–16458.
[98] S.M. Babu, A.J. Lakshmi, B.T. Rao, A study on cloud based Internet of Things: [130] M. Abdelshkour, IoT, from Cloud to Fog Computing, March 2015. http://blogs.
CloudIoT, in: Communication Technologies (GCCT), 2015 Global Conference cisco.com/perspectives/iot-from-cloud-to-fog-computing.
on, Thuckalay, Kanya Kumari District, India, 2015, pp. 60–65. [131] J. Ni, K. Zhang, X. Lin and X. Shen, “Securing fog computing for Internet of
[99] S. Distefano, G. Merlino and A. Puliafito, “Sensing and actuation as a service: Things applications: challenges and solutions,” in IEEE Commun. Surv. Tutori-
a new development for Clouds,” Network Computing and Applications (NCA), als, vol. PP, no. 99, pp. 1.
2012 11th IEEE International Symposium on, pp. 272–275. [132] R. Mahmud, R. Kotagiri, R. Buyya, in: Fog Computing: A Taxonomy, Survey
[100] S. Distefano, G. Merlino, A. Puliafito, A utility paradigm for IoT: the sensing and Future Directions, Internet of Everything, 2018, pp. 103–130.
Cloud, Pervasive Mob. Comput. 20 (Jul. 2015) 127–144. [133] S. Yi, C. Li, Q. Li, A survey of fog computing: concepts, applications and issues,
[101] X. Sheng, J. Tang, X. Xiao, G. Xue, Sensing as a service: challenges, solutions in: Proceedings of the 2015 Workshop on Mobile Big Data, Hangzhou, China,
and future directions, IEEE Sens. J. 13 (10) (2013) 3733–3741. 2015, pp. 37–42.
[102] BETaaS – Community. [Online]. http://www.betaas.com/. [Accessed: Novem- [134] M. Patel, B. Naughton, C. Chan, N. Sprecher, S. Abeta, A. Neal, Mobile-Edge
ber 2017]. Computing Introductory Technical White Paper, White Paper, Mobile-edge
[103] A. Botta, W. de Donato, V. Persico, A. Pescapé, On the integration of Computing (MEC) industry initiative, September 2014.
Cloud Computing and Internet of Things, in: Future Internet of Things and [135] B.P. Rimal, D. Pham Van, M. Maier, Mobile-edge computing versus centralized
Cloud (FiCloud), 2014 International Conference on, Barcelona, Spain, 2014, cloud computing over a converged FiWi access network, IEEE Trans. Network
pp. 23–30. Serv. Manage. 14 (3) (Sept. 2017) 498–513.
[104] A.R. Biswas, R. Giaffreda, IoT and cloud convergence: opportunities and chal- [136] S. Wang, X. Zhang, Y. Zhang, L. Wang, J. Yang, W. Wang, A survey on mo-
lenges, in: Internet of Things (WF-IoT), 2014 IEEE World Forum on, Seoul, bile edge networks: convergence of computing, caching and communications,
Korea (South), 2014, pp. 375–376. IEEE Access 5 (2017) 6757–6779.
[105] M. Yannuzzi, R. Milito, R. Serral-Gracià, D. Montero, M. Nemirovsky, Key [137] Y. Mao, C. You, J. Zhang, K. Huang, K.B. Letaief, A survey on mobile edge com-
ingredients in an IoT recipe: fog computing, cloud computing, and more puting: the communication perspective, IEEE Commun. Surv. Tutorials 19 (4)
fog computing, in: 2014 IEEE 19th International Workshop on Computer (Fourthquarter 2017) 2322–2358.
Aided Modeling and Design of Communication Links and Networks (CAMAD), [138] X. Sun and N. Ansari, “Mobile Edge Computing Empowers Internet of Things,”
Athens, Greece, 2014, pp. 325–329. arXiv preprint arXiv:1709.00462, 2017.
[106] G.I. Klas, “Edge Cloud to Cloud Integration for IoT,” 2016. [139] G.A. Lewis, Mobile computing at the edge (keynote), in: Proceedings of the
[107] A. Noronha, R. Moriarty, K. Connell, N. Villa, Attaining IoT value: how to move 1st International Conference on Mobile Software Engineering and Systems,
from connecting things to capturing insights: gain an edge by taking analytics Hyderabad, India, 2014, pp. 69–70.
to the edge, Cisco Anal. Brief (2014). [140] S. Shahzadi, M. Iqbal, T. Dagiuklas, Z.U. Qayyum, Multi-access edge comput-
[108] J. Pan, J. McElhannon, Future edge cloud and edge computing for Internet of ing: open issues, challenges and future perspectives, J. Cloud Comput. 6 (1)
Things applications, IEEE Internet Things J. PP (99) (2018) 1–27. (2017) 30 12/21.
[109] E. Ahmed, A. Ahmed, I. Yaqoob, J. Shuja, A. Gani, M. Imran, M. Shoaib, Bring- [141] E. Ahmed, M.H. Rehmani, Mobile edge computing: opportunities, solutions,
ing computation closer toward the user network: is edge computing the so- and challenges, Future Gener. Comput. Syst. 70 (Supplement C) (May 2017)
lution? IEEE Commun. Mag. 55 (11) (November 2017) 138–144. 59–63.
[110] S.K. Sharma, X. Wang, Live data analytics with collaborative edge and cloud [142] P. Mach, Z. Becvar, Mobile edge computing: a survey on architecture and
processing in wireless IoT networks, IEEE Access 5 (2017) 4621–4635. computation offloading, IEEE Commun. Surv. Tutorials 19 (thirdquarter (3))
[111] M. Satyanarayanan, The emergence of edge computing, Computer 50 (1) (Jan. (2017) 1628–1656.
2017) 30–39. [143] S. Ranadheera, S. Maghsudi and E. Hossain, “Mobile edge computation of-
[112] A.C. Baktir, A. Ozgovde, C. Ersoy, How can edge computing benefit from soft- floading using game theory and reinforcement learning,” arXiv preprint
ware-defined networking: a survey, use cases, and future directions, IEEE arXiv:1711.09012, 2017.
Commun. Surv. Tutorials 19 (4) (2017) 2359–2391, Fourthquarter. [144] T. Taleb, A. Ksentini, Follow me cloud: interworking federated clouds and dis-
[113] G.I. Klas, Fog Computing and Mobile Edge Cloud Gain Momentum Open Fog tributed mobile networks, IEEE Network 27 (5) (Sep. 2013) 12–19.
Consortium, ETSI MEC and Cloudlets, 2015. http://yucianga.info/wp-content/ [145] S. Wang, K. Chan, R. Urgaonkar, T. He, K.K. Leung, Emulation-based study
uploads/2015/11/15_11_22- _Fog_computing_and_mobile_edge_cloud_gain_ of dynamic service placement in mobile micro-clouds, in: Military Com-
momentum_Open_Fog_Consortium-ETSI_MEC-Cloudlets_v1_1.pdf. munications Conference, MILCOM 2015–2015 IEEE, Tampa, FL, USA, 2015,
[114] P. Hu, S. Dhelim, H. Ning, T. Qiu, Survey on fog computing: architecture, key pp. 1046–1051.
technologies, applications and open issues, J. Netw. Comput. Appl. 98 (Sup- [146] M. Satyanarayanan, P. Bahl, R. Caceres, N. Davies, The case for VM-based
plement C) (November 2017) 27–42. cloudlets in mobile computing, IEEE Pervasive Comput. 8 (4) (Oct. 2009)
[115] E.M. Tordera, X. Masip-Bruin, J. Garcia-Alminana, A. Jukan, G. Ren, J. Zhu and 14–23.
J. Farre, “What is a Fog Node A Tutorial on Current Concepts towards a Com- [147] S. Wang, R. Urgaonkar, M. Zafer, T. He, K. Chan, K.K. Leung, Dynamic service
mon Definition,” arXiv preprint arXiv:1611.09193, 2016. migration in mobile edge-clouds, in: IFIP Networking Conference (IFIP Net-
[116] I. Stojmenovic, Fog computing: a cloud to the ground support for smart working), Toulouse, France, 2015, pp. 1–9.
things and machine-to-machine networks, in: Telecommunication Networks [148] K. Ha, M. Satyanarayanan, OpenStack for Cloudlet Deployment, School of
and Applications Conference (ATNAC), 2014 Australasian, Melbourne, Aus- Computer Science Carnegie Mellon University Pittsburgh, 2015.
tralia, 2014, pp. 117–122. [149] S. Keshav, Why cell phones will dominate the future internet, ACM SIGCOMM
[117] E. Marín-Tordera, X. Masip-Bruin, J. García-Almiñana, A. Jukan, G. Ren, J. Zhu, Comput. Commun. Rev. 35 (2) (Apr. 2005) 83–86.
Do we all really know what a fog node is? Current trends towards an open [150] D. Soldani, A. Manzalini, Horizon 2020 and beyond: on the 5G operating sys-
definition, Comput. Commun. 109 (Supplement C) (September 2017) 117–130. tem for a true digital society, Veh. Technol. Mag., IEEE 10 (1) (Mar. 2015)
[118] F. Bonomi, R. Milito, J. Zhu, S. Addepalli, Fog computing and its role in the 32–42.
internet of things, in: Proceedings of the First Edition of the MCC Workshop [151] E.T. Dresden, N. Vodafone, A Choice of Future m2m Access Technologies for
on Mobile Cloud Computing, Helsinki, Finland, 2012, pp. 13–16. Mobile Network Operators, Cellular IoT White Paper, 2014.
[119] L.M. Vaquero, L. Rodero-Merino, Finding your way in the fog: towards a com- [152] T. Maksymyuk, S. Dumych, M. Brych, D. Satria, M. Jo, An IoT based monitoring
prehensive definition of fog computing, ACM SIGCOMM Comput. Commun. framework for software defined 5G mobile networks, in: Proceedings of the
Rev. 44 (5) (Oct. 2014) 27–32. 11th International Conference on Ubiquitous Information Management and
[120] S. Yang, “IoT Stream Processing and Analytics in The Fog,” arXiv preprint Communication, 2017, p. 105.
arXiv:1705.05988, 2017. [153] A. Gudipati, D. Perry, L.E. Li, S. Katti, SoftRAN: software defined radio access
[121] A.V. Dastjerdi, R. Buyya, Fog Computing: helping the Internet of Things real- network, in: Proceedings of the Second ACM SIGCOMM Workshop on Hot
ize its potential, Computer 49 (8) (Aug. 2016) 112–116. Topics in Software Defined Networking, Hong Kong, China, 2013, pp. 25–30.
[154] G. Hampel, M. Steiner, T. Bu, Applying software-defined networking to the [184] A.J. Jara, L. Ladid, A. Skarmeta, The Internet of everything through IPv6: an
telecom domain, in: Computer Communications Workshops (INFOCOM WK- analysis of challenges, solutions and opportunities, J. Wirel. Mob. Netw. Ubiq.
SHPS), 2013 IEEE Conference on, Turin, Italy, 2013, pp. 133–138. Comput. Dependable Appl. 4 (Sep. 2013) 97–118.
[155] J. Costa-Requena, J. Llorente Santos, V. Ferrer Guasch, K. Ahokas, G. Prem- [185] Zhi-Kai Zhang, M.C.Y. Cho, Zong-Yu Wu, S.W. Shieh, Identifying and authenti-
sankar, S. Luukkainen, I. Ahmad, M. Liyanage, M. Ylianttila, O. Loṕez Peŕez, cating IoT objects in a natural context, Computer 48 (8) (Aug. 2015) 81–83.
SDN and NFV integration in generalized mobile network architecture, in: Net- [186] D. van Thuan, P. Butkus and D. van Thanh, “A user centric identity manage-
works and Communications (EuCNC), 2015 European Conference on, Paris, ment for Internet of Things,” In IT Convergence and Security (ICITCS), 2014 In-
France, 2015, pp. 154–158. ternational Conference on, Beijing, China, pp. 1–4.
[156] X. Jin, L.E. Li, L. Vanbever, J. Rexford, Softcell: scalable and flexible cellular [187] I. Friese, J. Heuer, N. Kong, Challenges from the Identities of Things, 2014
core network architecture, in: Proceedings of the Ninth ACM Conference on Discussion group within Kantara Initiative.
Emerging Networking Experiments and Technologies, Santa Barbara, CA, USA, [188] The Identity of Things (IDoT): Access Management (IAM) Reference Archi-
2013, pp. 163–174. tecture for the Internet of Things (IoT), Forgerock White Paper, 2015. https:
[157] I.F. Akyildiz, P. Wang, S. Lin, SoftAir: a software defined networking architec- //www.forgerock.com/app/uploads/2015/05/fr_whitepaper-idot-letter.pdf.
ture for 5G wireless systems, Comput. Networks 85 (Jul. 2015) 1–18. [189] H. Kim, A. Wasicek, B. Mehne, E.A. Lee, A secure network architecture for
[158] H. Wang, S. Chen, H. Xu, M. Ai, Y. Shi, SoftNet: a software defined decentral- the internet of things based on local authorization entities, in: 2016 IEEE 4th
ized mobile network architecture toward 5G, IEEE Network 29 (2) (Mar. 2015) International Conference on Future Internet of Things and Cloud (FiCloud),
16–22. Vienna, 2016, pp. 114–122.
[159] M. Bansal, J. Mehlman, S. Katti, P. Levis, Openradio: a programmable wireless [190] M. Turkanović, B. Brumen, M. Hölbl, A novel user authentication and key
dataplane, in: Proceedings of the First Workshop on Hot Topics in Software agreement scheme for heterogeneous ad hoc wireless sensor networks, based
Defined Networks, Helsinki, Finland, 2012, pp. 109–114. on the internet of things notion, Ad Hoc Networks 20 (Sep. 2014) 96–112.
[160] K. Pentikousis, Y. Wang, W. Hu, Mobileflow: toward software-defined mobile [191] A. Park, H. Kim, J. Lim, A framework of device authentication management in
networks, IEEE Commun. Mag. 51 (7) (Jul. 2013) 44–53. IoT environments, in: IT Convergence and Security (ICITCS), 2015 5th Interna-
[161] Li, Xin Jin1 Li Erran, L. Vanbever and J. Rexford, “Cellsdn: Software-defined tional Conference on, Kuala Lumpur, Malaysia, 2015, pp. 1–3.
cellular core networks,” 2013. [192] O.O. Bamasag, K. Youcef-Toumi, Towards continuous authentication in in-
[162] Z. Han, W. Ren, A novel wireless sensor networks structure based on the SDN, ternet of things based on secret sharing scheme, in: Proceedings of the
Int. J. Distrib. Sens. Netw. (2014). WESS’15: Workshop on Embedded Systems Security, Amsterdam, Nether-
[163] J. Schulz-Zander, C. Mayer, B. Ciobotaru, S. Schmid, A. Feldmann, OpenSDWN: lands, 2015, p. 1.
programmatic control over home and enterprise WiFi, in: Proceedings of the [193] F. Chu, R. Zhang, R. Ni, W. Dai, An improved identity authentication
1st ACM SIGCOMM Symposium on Software Defined Networking Research, scheme for internet of things in heterogeneous networking environments, in:
Santa Clara, CA, USA, 2015, p. 16. 2013 16th International Conference on Network-Based Information Systems,
[164] T. Luo, H. Tan, T.Q. Quek, Sensor OpenFlow: enabling software-defined wire- Gwangju, Korea, 2013, pp. 589–593.
less sensor networks, Commun. Lett., IEEE 16 (11) (Nov. 2016) 1896–1899. [194] S. Kalra, S.K. Sood, Secure authentication scheme for IoT and cloud servers,
[165] S. Costanzo, L. Galluccio, G. Morabito, S. Palazzo, Software defined wireless Pervasive Mob. Comput. 24 (Dec. 2015) 210–223.
networks: unbridling sdns, in: 2012 European Workshop on Software Defined [195] D. He, S. Zeadally, An analysis of RFID authentication schemes for Internet of
Networking, Darmstadt, Germany, 2012, pp. 1–6. Things in healthcare environment using elliptic curve cryptography, Internet
[166] A. Mahmud, R. Rahmani, Exploitation of OpenFlow in wireless sensor net- Things J., IEEE 2 (1) (Feb. 2015) 72–83.
works, in: Computer Science and Network Technology (ICCSNT), 2011 Inter- [196] M. Farash, Cryptanalysis and improvement of an efficient mutual authentica-
national Conference on, 1, Dec. 2011, pp. 594–600. tion RFID scheme based on elliptic curve cryptography, J. Supercomput. 70
[167] B. Trevizan de Oliveira, C. Borges Margi, L. Batista Gabriel, TinySDN: enabling (2) (Nov. 2014) 987–1001.
multiple controllers for software-defined wireless sensor networks, EEE Lat. [197] Z. Zhao, A secure RFID authentication protocol for health care environments
Am. Trans. 13 (11) (Nov. 2015) 1–6. using elliptic curve cryptosystem, J. Med. Syst. 38 (5) (May 2014) 1–7.
[168] S. Shen, M. Carugi, An evolutionary way to standardize the Internet of Things, [198] Z. Zhangand, Q. Qi, An efficient RFID authentication protocol to enhance pa-
J. ICT 2 (2014) 87–108. tient medication safety using elliptic curve cryptography, J. Med. Syst. 38 (5)
[169] A. Aijaz, Cognitive machine-to-machine communications for Inter- (May 2014) 1–7.
net-of-Things: a protocol stack perspective, Internet Things J., IEEE 2 (2) [199] J. Lee, W. Lin, Y. Huang, A lightweight authentication protocol for internet
(Apr. 2015) 103–112. of things, in: 2014 International Symposium on Next-Generation Electronics
[170] J. Nieminen, C. Gomez, M. Isomaki, T. Savolainen, B. Patil, Z. Shelby, M. Xi, (ISNE), Kwei-Shan Tao-Yuan, Taiwan, 2014, pp. 1–2.
J. Oller, Networking solutions for connecting bluetooth low energy enabled [200] R. Aggarwal, M.L. Das, RFID security in the context of internet of things, in:
machines to the internet of things, Network, IEEE 28 (6) (Nov. 2014) 83–90. Proceedings of the First International Conference on Security of Internet of
[171] W. Stallings, Foundations of Modern Networking: SDN, NFV, QoE, IoT, and Things, Kollam, India, 2012, pp. 51–56.
Cloud, Addison-Wesley Professional, 2015. [201] V. Shivraj, M. Rajan, M. Singh, P. Balamuralidhar, One-time password authen-
[172] C. Kolias, A. Stavrou, J. Voas, Securely Making “Things” Right, Computer 48 tication scheme based on elliptic curves for Internet of Things (IoT), in: Infor-
(9) (Sep. 2015) 84–88. mation Technology: Towards New Smart World (NSITNSW), 2015 5th National
[173] M.A. Jan, P. Nanda, X. He, Z. Tan, R.P. Liu, A robust authentication scheme Symposium on, Riyadh, Saudi Arabia„ 2015, pp. 1–6.
for observing resources in the internet of things environment, in: 2014 IEEE [202] P. Fremantle, B. Aziz, J. Kopecky, P. Scott, Federated identity and access man-
13th International Conference on Trust, Security and Privacy in Computing agement for the Internet of Things, in: Secure Internet of Things (SIoT), 2014
and Communications, Beijing, China, 2014, pp. 205–211. International Workshop on, Wroclaw, Poland, 2014, pp. 10–17.
[174] M. Abomhara, G.M. Koien, Security and privacy in the Internet of Things: [203] M.A. Crossman, H. Liu, Study of authentication with IoT testbed, in: Tech-
current status and open issues, in: Privacy and Security in Mobile Systems nologies for Homeland Security (HST), 2015 IEEE International Symposium
(PRISMS), 2014 International Conference on, Aalborg, Denmark, 2014, pp. 1–8. on, Waltham, MA, USA, 2015, pp. 1–7.
[175] H. Zhang, How to disinfect and secure the Internet of Things, Network Secur. [204] Y. Kim, S. Yoo, C. Yoo, DAoT: dynamic and energy-aware authentication for
2016 (9) (September 2016) 18–20. smart home appliances in Internet of Things, in: 2015 IEEE International Con-
[176] Y. Lee, W. Lee, G. Shin and K. Kim, “Assessing the Impact of DoS attacks on ference on Consumer Electronics (ICCE)„ Las Vegas, NV, USA, 2015, pp. 196–197.
IoT Gateway, Advanced Multimedia and Ubiquitous Engineering. MUE 2017, [205] T. Bai, S.A. Rabara, Design and development of integrated, secured and in-
FutureTech 2017, Lect. Notes Electr. Eng., vol 448.”, pp. 252–257. telligent architecture for Internet of Things and cloud computing, in: Future
[177] D. Barrera, I. Molloy and H. Huang, “IDIoT: securing the Internet of Things Internet of Things and Cloud (FiCloud), 2015 3rd International Conference on,
like it’s 1994,” arXiv preprint arXiv:1712.03623, 2017. Rome, Italy, 2015, pp. 817–822.
[178] Identifier Survey - DG - Identities of Things - Kantara Initiative. [Online]. [206] S. Lee, J. Jo, Y. Kim, Method for secure RESTful web service, in: Computer and
Available: https://kantarainitiative.org/confluence/display/IDoT/Identifier+ Information Science (ICIS), 2015 IEEE/ACIS 14th International Conference on,
Survey. [Accessed: November 2017]. Las Vegas, NV, USA, 2015, pp. 77–81.
[179] V.G. Cerf, Secure identities, Internet Comput., IEEE 15 (4) (Jul. 2011) 96. [207] J. Torres, M. Nogueira, G. Pujolle, A survey on identity management for the
[180] J.Y. Lee, W.C. Lin, Y.H. Huang, A lightweight authentication protocol for In- future network, Commun. Surv. Tutorials, IEEE 15 (2) (Jan. 2013) 787–802.
ternet of Things, in: Next-Generation Electronics (ISNE), 2014 International [208] S.W. Oh, H.S. Kim, Study on access permission control for the Web of Things,
Symposium on, Kwei-Shan Tao-Yuan, Taiwan, 2014, pp. 1–2. in: 2015 17th International Conference on Advanced Communication Technol-
[181] An Overview of ZigBee Networks A guide for implementers and security ogy (ICACT), Pyeongchang, South Korea, 2015, pp. 574–580.
testers. [Online]. Available: https://www.mwrinfosecurity.com/system/assets/ [209] OAuth 2. [Online]. Available: http://oauth.net/2/. [Accessed: November 2017].
849/original/mwri- zigbee- overview-finalv2.pdf. [Accessed:: November 2017]. [210] Apache Shiro | Simple. Java. Security. [Online]. Available: http://shiro.apache.
[182] Chapter 7: Naming & Addressing. [Online]. Available: http://hscc.cs.nthu. org/. [Accessed: November 2017].
edu.tw/∼sheujp/lecture_note/sensys- ch7- naming_09.pdf. [Accessed: Novem- [211] RFC 4510 - Lightweight Directory Access Protocol (LDAP): Technical Specifi-
ber 2017]. cation Road Map. [Online]. Available: https://tools.ietf.org/html/rfc4510. [Ac-
[183] C. Tseng, S. Chen, Y. Yang, L. Chou, C. Shieh, S. Huang, IPv6 operations and cessed: November 2017].
deployment scenarios over SDN, in: Network Operations and Management [212] P. Mahalle, S. Babar, N.R. Prasad, R. Prasad, Identity management framework
Symposium (APNOMS), 2014 16th Asia-Pacific, Taiwan, National Chiao Tung towards internet of things (IoT): roadmap and key challenges, in: Interna-
University, 2014, pp. 1–6. tional Conference on Network Security and Applications, Chennai, India, 2010,
pp. 430–439.
[213] J. Daubert, A. Wiesmaier, P. Kikiras, A view on privacy & trust in IoT, in: 2015 [242] F. Anon, V. Navarathinarasah, M. Hoang, C. Lung, Building a framework for
IEEE International Conference on Communication Workshop (ICCW), London, Internet of Things and Cloud computing, in: Internet of Things (iThings), 2014
2015, pp. 2665–2670. IEEE International Conference on, and Green Computing and Communications
[214] D. Ruiz, et al. Modelling the trustworthiness of the IOT RERUM Deliverable (GreenCom), IEEE and Cyber, Physical and Social Computing (CPSCom), Taipei,
D3.3 April 2016. Taiwan, 2014, pp. 132–139.
[215] M. Nitti, R. Girau, L. Atzori, A. Iera, G. Morabito, A subjective model for trust- [243] K. Chang, C. Chen, J. Chen, H. Chao, Internet of things and cloud computing
worthiness evaluation in the social Internet of Things, in: 2012 IEEE 23rd In- for future internet, in: Security-Enriched Urban Computing and Smart Grid,
ternational Symposium on Personal, Indoor and Mobile Radio Communica- Hualien, Taiwan, 2011, pp. 1–10.
tions – (PIMRC), Sydney, NSW, 2012, pp. 18–23. [244] T. Shon, J. Cho, K. Han, H. Choi, Toward advanced mobile cloud computing for
[216] M. Nitti, R. Girau, L. Atzori, Trustworthiness management in the social Inter- the Internet of Things: current issues and future direction, Mobile Networks
net of Things, in: IEEE Transactions on Knowledge and Data Engineering, 26, Appl. 19 (3) (Jun. 2014) 404–413.
May 2014, pp. 1253–1266. [245] S. Dey, Mobile cloud applications: opportunities, challenges and directions,
[217] I.D. Addo, S.I. Ahamed, S.S. Yau, A. Buduru, A reference architecture for im- in: Proceedings of the First International Workshop on Mobile Cloud Com-
proving security and privacy in Internet of Things applications, in: 2014 puting & Networking, Bangalore, India, 2013, pp. 1–2.
IEEE International Conference on Mobile Services, Anchorage, AK, 2014, [246] A. Alzahrani, N. Alalwan, M. Sarrab, Mobile cloud computing: advantage, dis-
pp. 108–115. advantage and open challenge, in: Proceedings of the 7th Euro American Con-
[218] K.S. Sahoo, B. Sahoo, A. Panda, A secured SDN framework for IoT, in: ference on Telematics and Information Systems, Valparaiso, Chile, 2014, p. 21.
2015 International Conference on Man and Machine Interfacing (MAMI), [247] H. Truong, S. Dustdar, Principles for engineering IoT Cloud systems, Cloud
Bhubaneswar, India, 2015, pp. 1–4. Comput., IEEE 2 (2) (Mar. 2015) 68–76.
[219] R. Vilalta, et al., Improving security in Internet of Things with software de- [248] R.R. Krishnan, N. Figueira, Analysis of data center SDN controller archi-
fined networking, in: 2016 IEEE Global Communications Conference (GLOBE- tectures: technology and business impacts, in: Computing, Networking and
COM), Washington, DC, 2016, pp. 1–6. Communications (ICNC), 2015 International Conference on, Anaheim, Califor-
[220] K. Kalkan, S. Zeadally, Securing Internet of Things (IoT) with Software Defined nia, USA, 2015, pp. 104–109.
Networking (SDN), IEEE Commun. Mag. PP (99) (2017) 1–7. [249] S. Nastic, S. Sehic, D. Le, H. Truong, S. Dustdar, Provisioning Software-defined
[221] N. Bindra, M. Sood, Is SDN the real solution to security threats in networks? IoT Cloud Systems, in: Future Internet of Things and Cloud (FiCloud), 2014
A security update on various SDN models, Indian J. Sci. Technol. 9 (32) (2016). International Conference on, Barcelona, Spain, 2014, pp. 288–295.
[222] T. Xu, D. Gao, P. Dong, H. Zhang, C.H. Foh, H.C. Chao, Defending against [250] M.T. Kakiz, E. Öztürk, T. Çavdar, A novel SDN-based IoT architecture for big
new-flow attack in SDN-based Internet of Things, IEEE Access 5 (2017) data, in: 2017 International Artificial Intelligence and Data Processing Sym-
3431–3443. posium (IDAP), Malatya, 2017, pp. 1–5.
[223] M.E. Ahmed, H. Kim, DDoS attack mitigation in Internet of things using soft- [251] A. Levin, K. Barabash, Y. Ben-Itzhak, S. Guenender, L. Schour, Networking ar-
ware defined networking, in: 2017 IEEE Third International Conference on Big chitecture for seamless cloud interoperability, in: 2015 IEEE 8th International
Data Computing Service and Applications (BigDataService), San Francisco, CA, Conference on Cloud Computing, New York, NY, USA, 2015, pp. 1021–1024.
2017, pp. 271–276. [252] K. Bakshi, Network considerations for open source based clouds, in: 2015 IEEE
[224] A. Sivanathan, D. Sherratt, H.H. Gharakheili, V. Sivaraman, A. Vishwanath, Aerospace Conference, Big Sky, MT, USA, 2015, pp. 1–9.
Low-cost flow-based security solutions for smart-home IoT devices, in: 2016 [253] K. Hong, D. Lillethun, U. Ramachandran, B. Ottenwälder, B. Koldehofe, Mo-
IEEE International Conference on Advanced Networks and Telecommunica- bile fog: a programming model for large-scale applications on the internet of
tions Systems (ANTS), Bangalore, 2016, pp. 1–6. things, in: Proceedings of the second ACM SIGCOMM Workshop on Mobile
[225] P. Bull, R. Austin, E. Popov, M. Sharma, R. Watson, Flow based security for IoT Cloud Computing, Hong Kong, China, 2013, pp. 15–20.
Devices using an SDN gateway, in: 2016 IEEE 4th International Conference on [254] F. Bonomi, R. Milito, P. Natarajan, J. Zhu, Fog computing: a platform for
Future Internet of Things and Cloud (FiCloud), Vienna, 2016, pp. 157–163. internet of things and analytics, in: Big Data and Internet of Things: A
[226] M. Baird, B. Ng, W. Seah, WiFi network access control for IoT connectivity Roadmap For Smart Environments, Springer International Publishing, 2014,
with software defined networking, in: Proceeding MMSys’17 Proceedings of pp. 169–186.
the 8th ACM on Multimedia Systems Conference, Taipei, 2017, pp. 343–348. [255] A. Munir, P. Kansakar and S.U. Khan, “IFCIoT: integrated fog cloud IoT archi-
[227] P. Massonet, L. Deru, A. Achour, S. Dupont, A. Levin, M. Villari, End-To-End tectural paradigm for future internet of things," arXiv preprint arXiv:1701.
security architecture for federated cloud and IoT networks, in: 2017 IEEE In- 08474, 2017.
ternational Conference on Smart Computing (SMARTCOMP), Hong Kong, 2017, [256] A. Munir, P. Kansakar, S.U. Khan, IFCIoT: Integrated Fog Cloud IoT: a novel
pp. 1–6. architectural paradigm for the future Internet of Things, IEEE Consum. Electr.
[228] S.L. Keoh, S.S. Kumar, H. Tschofenig, Securing the internet of things: a stan- Mag. 6 (3) (July 2017) 74–82.
dardization perspective, Internet Things J., IEEE 1 (3) (Jun. 2014) 265–275. [257] C. Li, Z. Qin, E. Novak, Q. Li, Securing SDN infrastructure of IoT–fog networks
[229] M. Mohsin, Z. Anwar, F. Zaman, E. Al-Shaer, IoTChecker: a data-driven frame- from MitM attacks, IEEE Internet Things J. 4 (5) (Oct. 2017) 1156–1164.
work for security analytics of Internet of Things configurations, Comput. Se- [258] M. Özçelik, N. Chalabianloo, G. Gür, Software-defined edge defense against
cur. 70 (Supplement C) (September 2017) 199–223. IoT-based DDoS, in: 2017 IEEE International Conference on Computer and In-
[230] Y. Li, F. Björck, H. Xue, IoT architecture enabling dynamic security policies, in: formation Technology (CIT), Helsinki, 2017, pp. 308–313.
Proceedings of the 4th International Conference on Information and Network [259] Z. Wen, R. Yang, P. Garraghan, T. Lin, J. Xu, M. Rovatsos, Fog orchestration for
Security, Kuala Lumpur, Dec. 2016, pp. 50–54. Internet of Things Services, IEEE Internet Comput. 21 (2) (2017) 16–24.
[231] M. Ge, J.B. Hong, W. Guttmann, D.S. Kim, A framework for automating secu- [260] T. Subramanya, L. Goratti, S.N. Khan, E. Kafetzakis, I. Giannoulakis, R. Rig-
rity analysis of the internet of things, J. Netw. Comput. Appl. 83 (Supplement gio, A practical architecture for mobile edge computing, 2017 IEEE Conference
C) (April 2017) 12–27. on Network Function Virtualization and Software Defined Networks (NFV-SDN),
[232] S.M. Bellovin, Identity and Security, IEEE Secur. Privacy 8 (2) (May 1992) 88. November 2017.
[233] A. Feghali, R. Kilany, M. Chamoun, SDN security problems and solutions anal- [261] P.K. Sharma, M.Y. Chen, J.H. Park, A software defined fog node based dis-
ysis, in: 2015 International Conference on Protocol Engineering (ICPE) and In- tributed blockchain cloud architecture for IoT, IEEE Access PP (99) (2018)
ternational Conference on New Technologies of Distributed Systems (NTDS), 115–124.
Paris, 2015, pp. 1–5. [262] S. Tomovic, K. Yoshigoe, I. Maljevic, I. Radusinovic, Software-defined fog net-
[234] R.D. Sriram, A. Sheth, Internet of Things perspectives, IT Profess. 17 (3) (2015) work architecture for IoT, Wirel. Pers. Commun. 92 (1) (2017) 181–196 01/01.
60–63. [263] H. Gupta, S.B. Nath, S. Chakraborty and S.K. Ghosh, “SDFog: A Software De-
[235] I. Yaqoob, I.A.T. Hashem, A. Gani, S. Mokhtar, E. Ahmed, N.B. Anuar, A.V. Vasi- fined Computing Architecture for QoS Aware Service Orchestration over Edge
lakos, Big data: from beginning to future, Int. J. Inf. Manage. 36 (6) (December Devices," arXiv preprint arXiv:1609.01190, 2016.
2016) 1231–1247 Part B. [264] R. Morabito, Virtualization on Internet of Things edge devices with container
[236] J. Fritsch, C. Walker, The problem with data, in: Utility and Cloud Comput- technologies: a performance evaluation, IEEE Access 5 (2017) 8835–8850.
ing (UCC), 2014 IEEE/ACM 7th International Conference on, London, UK, 2014, [265] D. Roca, J.V. Quiroga, M. Valero, M. Nemirovsky, Fog function virtualization:
pp. 708–713. a flexible solution for IoT applications, in: 2017 Second International Confer-
[237] R.H. Weber, Internet of Things—need for a new legal environment? Comput. ence on Fog and Mobile Edge Computing (FMEC), Valencia, 2017, pp. 74–80.
Law Secur. Rev. 25 (6) (2009) 522–527. [266] B. Kang, H. Choo, An experimental study of a reliable IoT gateway, ICT Express
[238] C. Perera, R. Ranjan, L. Wang, S.U. Khan, A.Y. Zomaya, Big data privacy in the (April 2017). Available online.
Internet of Things era, IT Prof. 17 (3) (May 2017) 32–39. [267] G. Kim, J. Kim, S. Lee, An SDN based fully distributed NAT traversal scheme
[239] A. Gyrard, S.K. Datta, C. Bonnet, K. Boudaoud, A Semantic Engine for Internet for IoT global connectivity, in: Information and Communication Technology
of Things: Cloud, Mobile Devices and Gateways, in: Innovative Mobile and In- Convergence (ICTC), 2015 International Conference on, Jeju Island, Korea,
ternet Services in Ubiquitous Computing (IMIS), 2015 9th International Con- 2015, pp. 807–809.
ference on, Blumenau, Brazil, 2015, pp. 336–341. [268] V. Gazis, M. Görtz, M. Huber, A. Leonardi, K. Mathioudakis, A. Wiesmaier,
[240] M.A. Alqarni, Benefits of SDN for Big data applications, in: 2017 14th Interna- F. Zeiger, E. Vasilomanolakis, A survey of technologies for the Internet of
tional Conference on Smart Cities: Improving Quality of Life Using ICT & IoT Things, in: 2015 International Wireless Communications and Mobile Comput-
(HONET-ICT), Irbid, 2017, pp. 74–77. ing Conference (IWCMC), Dubrovnik, Croatia, 2015, pp. 1090–1095.
[241] C. Cecchinel, M. Jimenez, S. Mosser, M. Riveill, An architecture to support the [269] S.K. Datta, C. Bonnet and J. Haerri, “Fog computing architecture to enable con-
collection of big data in the Internet of Things, in: 2014 IEEE World Congress sumer centric Internet of Things services,” In 2015 International Symposium on
on Services, Anchorage, AK, USA, 2014, pp. 442–449. Consumer Electronics (ISCE), Madrid, Spain, pp. 1.
[270] S. Cirani, L. Davoli, G. Ferrari, R. Léone, P. Medagliani, M. Picone, L. Veltri, A [301] IEEE-SA - Internet of Things - The IEEE Standards Association. [Online]. Avail-
scalable and self-configuring architecture for service discovery in the internet able: http://standards.ieee.org/innovate/iot/. [Accessed: November 2017].
of things, Internet Things J., IEEE 1 (5) (Oct. 2014) 508–521. [302] H. Madhoo, A. Khatri, T. Willemse, D. Oosthuizen, L. Coetzee, Future Internet
[271] deSantos Francisco Javier Nieto, S.G. Villalonga, Exploiting local clouds in the concepts for demand management, in: Domestic Use of Energy (DUE), 2015
internet of everything environment, in: 2015 23rd Euromicro International International Conference on, Cape Town, South Africa, 2015, pp. 19–26.
Conference on Parallel, Distributed, and Network-Based Processing, Turku, [303] S. Krco, B. Pokric, F. Carrez, Designing IoT architecture(s): a European per-
Finland, 2015, pp. 296–300. spective, in: Internet of Things (WF-IoT), 2014 IEEE World Forum on, Seoul,
[272] E. Gaura, J. Brusey, M. Allen, R. Wilkins, D. Goldsmith, R. Rednic, Edge mining Korea (South), 2014, pp. 79–84.
the internet of things, Sensors J., IEEE 13 (10) (Oct. 2013) 3816–3825. [304] G. Fortino, C. Savaglio, C.E. Palau, J.S. de Puga, M. Ganzha, M. Paprzycki, M.
[273] M. Aazam, I. Khan, A.A. Alsaffar, E. Huh, Cloud of Things: integrating Internet Montesinos, A. Liotta and M. Llop, “Towards Multi-layer Interoperability of
of Things and cloud computing and the issues involved, in: Proceedings of Heterogeneous IoT Platforms: The INTER-IoT Approach,” pp. 199–232.
2014 11th International Bhurban Conference on Applied Sciences & Technology [305] iCore. [Online]. Available: www.iot-icore.eu. [Accessed: November 2017].
(IBCAST) Islamabad, Pakistan, 14th–18th January, 2014, pp. 414–419. [306] C. Sarkar, A. Uttama Nambi SN, R. Prasad, A. Rahim, R. Neisse, G. Baldini,
[274] M. Aazam, P.P. Hung, E.N. Huh, Smart gateway based communication for DIAT: a scalable distributed architecture for IoT, IEEE Internet Things J. 3 (2)
cloud of things, in: Intelligent Sensors, Sensor Networks and Information (Jun. 2015) 230–239.
Processing (ISSNIP), 2014 IEEE Ninth International Conference on, Singapore, [307] T. Taleb, A. Kunz, Machine type communications in 3GPP networks: potential,
2014, pp. 1–6. challenges, and solutions, Commun. Mag., IEEE 50 (3) (Mar. 2012) 178–184.
[275] M. Aazam, E. Huh, Fog computing and smart gateway based communication [308] 3GPP TR 23.888 V11.0.0 (2012-09). [Online]. Available: http://www.qtc.jp/
for Cloud of Things, in: Future Internet of Things and Cloud (FiCloud), 2014 3GPP/Specs/23888-b00.pdf. [Accessed: November 2017].
International Conference on, Barcelona, Spain, 2014, pp. 464–470. [309] A. Kunz, H. Kim, L. Kim, S.S. Husain, Machine type communications in 3GPP:
[276] S. Seol, Y. Shin, W. Kim, Design and realization of personal IoT architecture from release 10 to release 12, in: 2012 IEEE Globecom Workshops, Anaheim,
based on mobile gateway, Int. J. Smart Home 9 (11) (2015) 133–144. California, USA, 2012, pp. 1747–1752.
[277] S. Dey, A. Mukherjee, H.S. Paul, A. Pal, Challenges of using edge devices in [310] C. Bockelmann, N. Pratas, H. Nikopour, K. Au, T. Svensson, C. Stefanovic, P.
IoT computation grids, in: Parallel and Distributed Systems (ICPADS), 2013 Popovski and A. Dekorsy, “Massive Machine-type Communications in 5G:
International Conference on, Seoul, Korea, 2013, pp. 564–569. Physical and MAC-layer Solutions,” arXiv preprint arXiv:1606.03893, 2016.
[278] S.K. Datta, C. Bonnet, N. Nikaein, An iot gateway centric architecture to pro- [311] M. Pticek, V. Cackovic, M. Pavelic, M. Kusek, G. Jezic, Architecture and func-
vide novel m2m services, in: Internet of Things (WF-IoT), 2014 IEEE World tionality in M2M standards, in: Information and Communication Technology,
Forum on, Seoul, Korea (South), 2014, pp. 514–519. Electronics and Microelectronics (MIPRO), 2015 38th International Convention
[279] S.K. Datta, C. Bonnet, N. Nikaein, CCT: connect and control things, in: 9th on, Opatija, Croatia, 2015, pp. 413–418.
International Conference on Intelligent Sensors, Sensor Networks and Infor- [312] J. Swetina, Guang Lu, P. Jacobs, F. Ennesser, JaeSeung Song, Toward a stan-
mation Processing (ISSNIP, Singapore, 2014, pp. 21–24. dardized common M2M service layer platform: introduction to oneM2M,
[280] C. Jennings, J. Arkko and Z. Shelby, “Media types for sensor markup language Wireless Commun., IEEE 21 (3) (Jun. 2014) 20–26.
(SENML),” 2012. [313] http://www.onem2m.org/images/files/deliverables/TS-0 0 01-Functional_
[281] R. Morabito, N. Beijar, Enabling data processing at the network edge through Architecture-V1_13_1.pdf.
lightweight virtualization technologies, in: 2016 IEEE International Confer- [314] ATIS Member Briefing: oneM2M Finalizes First Release, January 2015. http:
ence on Sensing, Communication and Networking (SECON Workshops), Lon- //www.atis.org/newsroom/images/atis- member- onem2m- briefing.pdf.
don, 2016, pp. 1–6. [315] S. Husain, A. Kunz, J. Song, T. Koshimizu, Interworking architecture between
[282] A. Manzalini, R. Minerva, F. Callegati, W. Cerroni, A. Campi, Clouds of virtual oneM2M service layer and underlying networks, in: 2014 IEEE Globecom
machines in edge networks, Commun. Mag., IEEE 51 (7) (Jul. 2013) 63–70. Workshops (GC Wkshps), Austin, Texas, USA, 2014, pp. 636–642.
[283] J. Kim, Designing multi-level connectivity for IoT-enabled SmartX Boxes, [316] S.K. Datta, C. Bonnet, A lightweight framework for efficient M2M device man-
in: 2015 International Conference on Information Networking (ICOIN), Siem agement in oneM2M architecture, in: Recent Advances in Internet of Things
Reap, Cambodia, 2015, pp. 462–463. (RIoT), 2015 International Conference on, Singapore, 2015, pp. 1–6.
[284] J. Pettit, Open vSwitch and the Intelligent Edge, 2014 OpenStack Summit. [317] S.K. Datta, C. Bonnet, Internet of Things and M2M Communications as En-
[285] S.K. Datta, C. Bonnet, Smart M2M gateway based architecture for M2M device ablers of Smart City Initiatives, in: Next Generation Mobile Applications, Ser-
and Endpoint management, in: Internet of Things (iThings), 2014 IEEE Inter- vices and Technologies, 2015 9th International Conference on, Cambridge, UK,
national Conference on, and Green Computing and Communications (Green- 2015, pp. 393–398.
Com), IEEE and Cyber, Physical and Social Computing (CPSCom), Taipei, Tai- [318] M3 Framework: Architecture - SWoT: Semantic Web of Things. [Online].
wan, 2014, pp. 61–68. Available: https://www.ussm.gov/m3/#.V7yiTyh97D4. [Accessed: November
[286] A. Al-Fuqaha, A. Khreishah, M. Guizani, A. Rayes, M. Mohammadi, Toward 2017].
better horizontal integration among IoT services, Commun. Mag., IEEE 53 (9) [319] M.B. Alaya, S. Medjiah, T. Monteil, K. Drira, Toward semantic interoperability
(Sep. 2015) 72–79. in oneM2M architecture, Commun. Mag., IEEE 53 (12) (Dec. 2015) 35–41.
[287] J. Blendin, J. Ruckert, N. Leymann, G. Schyguda and D. Hausheer, “Position [320] M. Bauer, “Introduction to the Architectural Reference Model for the Internet
paper: Software-defined Network Service Chaining,” pp. 109–114. of Things,” First Reference Model White Paper. IOT—i The Internet of Things
[288] F. Callegati, W. Cerroni, C. Contoli, G. Santandrea, Dynamic chaining of Virtual Initiative. [Online] Available: http://ww.iot—a.eu/[Accessed 14 July 2016].
Network Functions in cloud-based edge networks, in: Network Softwarization [321] The Big Shift to IPv6-Based IoT is on the Roll! -IoT6. [Online]. Available: https:
(NetSoft), 2015 1st IEEE Conference on, London, UK, 2015, pp. 1–5. //iot6.eu/sites/default/files/imageblock/ipv6-forum.pdf. [Accessed: November
[289] D. Willis, A. Dasgupta, S. Banerjee, ParaDrop: a multi-tenant platform to dy- 2017].
namically install third party services on wireless gateways, in: Proceedings [322] Deliverable D1.4 Updated Version of IoT6 Architecture and SOA specifica-
of the 9th ACM Workshop on Mobility in the Evolving Internet Architecture, tions. [Online]. Available: http://iot6.eu/sites/default/files/IoT6%20-%20D1.4_0.
Maui, HI, USA, 2014, pp. 43–48. pdf. [Accessed: November 2017].
[290] S. Nastic, H. Truong, S. Dustdar, SDG-Pro: a programming framework for soft- [323] IoTDM Overview - OpenDaylight Project - OpenDaylight Wiki. [On-
ware-defined IoT cloud gateways, J. Internet Serv. Appl. 6 (1) (Oct. 2015) 1–17. line]. Available: https://wiki.opendaylight.org/view/IoTDM_Overview#Block_
[291] T. Zachariah, N. Klugman, B. Campbell, J. Adkins, N. Jackson, P. Dutta, The Diagram. [Accessed: November 2017].
Internet of Things has a gateway problem, in: Proceedings of the 16th Inter- [324] J. Crowcroft, M. Fidler, K. Nahrstedt, R. Steinmetz, Is SDN the de-constraining
national Workshop on Mobile Computing Systems and Applications, Santa Fe, constraint of the future internet, ACM SIGCOMM Comput. Commun. Rev. 43
NM, USA, 2015, pp. 27–32. (5) (Nov. 2013) 13–18.
[292] G. Fersi, Middleware for Internet of Things: a study, in: 2015 International [325] A.L. Valdivieso Caraguay, A. Benito Peral, L.I. Barona Lopez, L.J. García Villalba,
Conference on Distributed Computing in Sensor Systems, Fortaleza, Brazil, SDN: evolution and opportunities in the development IoT applications, Int. J.
2015, pp. 230–235. Distrib. Sens. Netw. 2014 (May 2014).
[293] IoT-A. [Online]. Available: http://www.iot-a.eu/. [accessed: November 2017]. [326] H. Huang, J. Zhu and L. Zhang, “An SDN_based management framework for
[294] Welcome to IoT6.eu | IoT6.eu. [Online]. Available: http://iot6.eu/. [Accessed: IoT devices,” In Irish Signals & Systems Conference 2014 and 2014 China-Ireland
November 2017]. International Conference on Information and Communications Technologies (ISSC
[295] iCore. [Online]. Available: http://www.iot-icore.eu/. [Accessed: November 2014/CIICT 2014). 25th IET, Limerick, Ireland, pp. 175–179.
2017]. [327] N. Omnes, M. Bouillon, G. Fromentoux, O. Grand, A programmable and virtu-
[296] oneM2M - Home. [Online]. Available: http://www.onem2m.org/. [Accessed: alized network & IT infrastructure for the internet of things: How can NFV &
November 2017]. SDN help for facing the upcoming challenges, in: Intelligence in Next Gener-
[297] Iotdm:Main - OpenDaylight Project. [Online]. Available: https://wiki. ation Networks (ICIN), 2015 18th International Conference on, Paris, France,
opendaylight.org/view/IoTDM:Main. [Accessed: November 2017]. 2015, pp. 64–69.
[298] Home - FIWARE. [Online]. Available: https://www.fiware.org/. [Accessed: [328] Z. Wen, X. Liu, Y. Xu, J. Zou, A RESTful framework for Internet of things based
November 2017]. on software defined network in modern manufacturing, Int. J. Adv. Manuf.
[299] Butler. [Online]. Available: http://www.iot-butler.eu/. [Accessed: November Technol. 84 (1-4) (Apr. 2016) 1–9.
2017]. [329] V.R. Tadinada, Software defined networking: redefining the future of internet
[300] COMPOSE Project | Collaborative Open Market to Place Objects at your Ser- in IoT and Cloud Era, in: Future Internet of Things and Cloud (FiCloud), 2014
vice. [Online]. Available: http://www.compose-project.eu/. [Accessed: Novem- International Conference on, Barcelona, Spain, 2014, pp. 296–301.
ber 2017].
Ola Salman received her M.E. degree in Computer and

[330] M. Boussard, D.T. Bui, R. Douville, N. Le Sauze, L. Noirie, P. Peloso, R. Var-
Communications Engineering from the Lebanese Univer-
loot, M. Vigoureux, The Majord’Home: a SDN approach to let isps manage
sity in 2013. In September 2014, she joined the PhD accel-
and extend their customers’ home networks, in: 10th International Confer-
erated track program in the Electrical and Computer En-
ence on Network and Service Management (CNSM) and Workshop, Rio de
gineering (ECE) department at the American University of
Janeiro, Brazil, 2014, pp. 430–433.
Beirut (AUB). Her research interests are in the area of In-
[331] M. Boussard, D.T. Bui, L. Ciavaglia, R. Douville, M. Le Pallec, N. Le Sauze,
formation Security and Networks, Software Defined Net-
L. Noirie, S. Papillon, P. Peloso, F. Santoro, Software-Defined LANs for Inter-
works, Edge Computing, Artificial Intelligence, and Inter-
connected Smart Environment, in: Teletraffic Congress (ITC 27), 2015 27th In-
net of things. In 2017, she received the CNRS-L/AUB doc-
ternational, Ghent, Belgium, 2015, pp. 219–227.
toral scholarship award from the Lebanese National Coun-
[332] A. Hakiri, P. Berthou, A. Gokhale, S. Abdellatif, Publish/subscribe-enabled soft-
cil for Scientific Research (CNRS) in recognition of her re-
ware defined networking for efficient and scalable IoT communications, Com-
search work.
mun. Mag., IEEE 53 (9) (Sep. 2015) 48–54.
[333] T. Lin, J. Kang, H. Bannazadeh, A. Leon-Garcia, Enabling SDN applications on
software-defined infrastructure, in: 2014 IEEE Network Operations and Man- Imad H. Elhajj received his Bachelor of Engineering in
agement Symposium (NOMS), Krakow, Poland, 2014, pp. 1–7. Computer and Communications Engineering, with distinc-
[334] A.G. Anadiotis, L. Galluccio, S. Milardo, G. Morabito, S. Palazzo, Towards a tion, from the American University of Beirut in 1997 and
software-defined network operating system for the IoT, in: Internet of Things the M.S. and Ph.D. degrees in Electrical Engineering from
(WF-IoT), 2015 IEEE 2nd World Forum on, Milan, Italy, 2015, pp. 579–584. Michigan State University in 1999 and 2002, respectively.
[335] A. Galis, J. Rubio-Loyola, S. Clayman, L. Mamatas, S. Kukliński, J. Serrat, T. Za- He is currently an Associate Professor with the Depart-
hariadis, Software enabled future internet–challenges in orchestrating the fu- ment of ECE at AUB. Imad received Best Research Paper
ture Internet, in: International Conference on Mobile Networks and Manage- Award at the Third International Conference on Cogni-
ment, Springer International Publishing, 2013, pp. 228–244. tive and Behavioral Psychology (CBP), Best Paper award
[336] P. Bull, R. Austin, M. Sharma, Pre-emptive Flow Installation for Internet of at the IEEE Electro Information Technology Conference in
Things Devices within Software Defined Networks, in: Future Internet of June 2003, and at the International Conference on Infor-
Things and Cloud (FiCloud), 2015 3rd International Conference on, Rome, mation Society in the 21st Century in November 20 0 0.
Italy, 2015, pp. 124–130. Dr. Elhajj is recipient of the Teaching Excellence Award
[337] P. Martinez and A. Skarmeta, “Empowering the Internet of Things with Soft- at the American University of Beirut, June 2011, the Kamal Salibi Academic Free-
ware Defined Networking,” FP7 European Research Project on the Future In- dom Award, 2014, and the most Outstanding Graduate Student Award from the ECE
ternet of Things, 2014. Department at Michigan State University, April 2001.
[338] Y. Jararweh, M. Al-Ayyoub, E. Benkhelifa, M. Vouk, A. Rindos, SDIoT: a soft-
ware defined based internet of things framework, J. Ambient Intell. Hum. Ali M. Chehab received his Bachelor degree in EE from
Comput. 6 (4) (Aug. 2015) 453–461. AUB in 1987, the Master’s degree in EE from Syracuse
[339] P. Hu, A system architecture for software-defined industrial Internet of University in 1989, and the PhD degree in ECE from the
Things, in: 2015 IEEE International Conference on Ubiquitous Wireless Broad- University of North Carolina at Charlotte, in 2002. From
band (ICUWB), Montreal, Quebec, Canada, 2015, pp. 1–5. 1989 to 1998, he was a lecturer in the ECE Department
[340] M. Lee, Y. Kim, Y. Lee, A home cloud-based home network auto-configura- at AUB. He rejoined the ECE Department at AUB as an
tion using SDN, in: Networking, Sensing and Control (ICNSC), 2015 IEEE 12th Assistant Professor in 2002, and became a Full Professor
International Conference on, Taipei, Taiwan, 2015, pp. 444–449. in 2014. He received the AUB Teaching Excellence Award
[341] E. Patouni, A. Merentitis, P. Panagiotopoulos, A. Glentis, N. Alonistioti, Net- in 2007. He teaches courses in Programming, Electronics,
work Virtualisation Trends: virtually anything is possible by connecting the Digital Systems Design, Computer Organization, Cryptog-
unconnected, in: Future Networks and Services (SDN4FNS), 2013 IEEE SDN raphy, and Digital Systems Testing. His research interests
for, Trento, Italy, 2013, pp. 1–7. include: Wireless Communications Security, Cloud Com-
[342] M. Ojo, D. Adami, S. Giordano, A SDN-IoT architecture with NFV implementa- puting Security, Multimedia Security, Trust in Distributed
tion, in: 2016 IEEE Globecom Workshops (GC Wkshps), Washington, DC, 2016, Computing, Low Energy VL SI Design, and VL SI Testing. He has more than 180 pub-
pp. 1–6. lications. He is a senior member of IEEE and a senior member of ACM.
[343] Q. Xiaofeng, L. Wenmao, G. Teng, H. Xinxin, W. Xutao, C. Pengcheng,
WoT/SDN: web of things architecture using SDN, Communications, China 12 Ayman Kayssi studied electrical engineering and received
(11) (Nov. 2015) 1–11. the BE degree, with distinction, in 1987 from the Amer-
[344] IoT Standardization: Why should you care, Sep 8, 2017. Available Accessed: ican University of Beirut (AUB), and the MSE and PhD
May 2018 http://nicolaswindpassinger.com/iot- standardization- care . degrees from the University of Michigan, Ann Arbor, in
[345] AWS IoT Services Overview - Amazon Web Services. [Online]. Available: 1989 and 1993, respectively. In 1993, he joined the De-
https://aws.amazon.com/iot/. [Accessed: May 2018]. partment of Electrical and Computer Engineering (ECE) at
[346] Internet of Things (IoT) - Cisco. [Online]. Available: https://www.cisco.com/ AUB, where he is currently a full professor. From 2004 to
c/en/us/solutions/internet- of- things/overview.html#∼stickynav=1. [Accessed: 2007, he served as chairman of the ECE Department at
May 2018]. AUB. He teaches courses in electronics and in network-
[347] IoT Edge | Microsoft Azure. [Online]. Available: https://azure.microsoft.com/ ing, and has received AUB’s Teaching Excellence Award in
en- us/services/iot- edge/. [Accessed: May 2018] 2003. His research interests are in information security
[348] IBM Watson Internet of Things (IoT). [Online]. Available: https://www.ibm. and networks, and in integrated circuit design and test.
com/internet- of- things. [Accessed: May 2018]. He has published more than 200 articles in the areas of
security, networking, and VLSI. He is a senior member of IEEE, and a member of
ACM, ISOC, and the Beirut OEA.

Computer Networks: Ola Salman, Imad Elhajj, Ali Chehab, Ayman Kayssi

Uploaded by

Copyright:

Available Formats

Computer Networks: Ola Salman, Imad Elhajj, Ali Chehab, Ayman Kayssi

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Computer Networks: Ola Salman, Imad Elhajj, Ali Chehab, Ayman Kayssi

Uploaded by

Copyright:

Available Formats

Computer Networks 143 (2018) 221–246

Contents lists available at ScienceDirect

IoT survey: An SDN and fog computing perspective

Intel [11] Intel IoT Platform

ing (a cloud computing complement) aims at bringing the cloud to

Subject Reference Contributions Limitations

IoT challenges Beneﬁts Limitations

Scalability • Connecting new kinds of devices • Management complexity

Big Data • Enabling innovative applications • Big Data management

Heterogeneity • Integrating different IoT vertical silos • Interoperability

ble, it takes action based on the entry’s action part. Otherwise, it

pushed to the cloud) [107–109]. Thus, the collaboration between

Fig. 5. Fog related technologies timeline.

Table 4 (forwarding routing, QoS provisioning, mobility management, and

5. IoT security and privacy: an engineering perspective

Authentication scheme Advantages Disadvantages

Public/Private Keys Scalability Complexity and computing overhead

5.4. Privacy and trustworthiness

Privacy, a term related to Personal Identiﬁable Information (PII),

IoT architectures lack the integrated approach to security. Adding

choose different use cases where fog nodes characteristics (e.g.

The cloud-related solutions handle the IoT Big Data manage-

Approach Description Advantages Disadvantages

Architecture Description Partnership

Fig. 10. IoT layered architectures.

Ola Salman received her M.E. degree in Computer and

You might also like