Shortfall-based Optimal Security Provisioning for Internet of Things
Antonino Rullo, Edoardo Serra, Jorge Lobo and Elisa Bertino
University of Calabria, Boise State University, Universitat Pompea Fabra, Purdue University

We present a formal method for computing the best security provisioning for Internet of Things (IoT) scenarios characterized by a high degree of mobility. The security infrastructure is intended as a security resource allocation plan, computed as the solution of an optimization problem that minimizes the risk of having IoT devices not monitored by any resource. We employ the shortfall as a risk measure, a concept mostly used in the economics, and adapt it to our scenario. We show how to compute and evaluate an allocation plan, and how such security solutions address the continuous topology changes that affect an IoT environment.