{"title":"$\\mu$-Trust: Trustworthy and Transparent Service Composition for Microservice-Based IoT Systems","authors":"Prajnamaya Dass;Sudip Misra","doi":"10.1109/JSYST.2025.3547967","DOIUrl":null,"url":null,"abstract":"The distributed Internet of Things (IoT) systems facilitate real-time services through the composition of loosely coupled microservices. The composed IoT service is the output of multiple microservices, executed at computationally capable edge or fog nodes, which we consider as the facility nodes (FNs). However, the service composition process in IoT microservice architectures is abstracted from the users that gives freedom to the FNs to act maliciously and provide low-quality IoT services. Further, the service composition needs to be transparent so that the FNs involved in a service cannot repudiate their involvement at a later time. In this article, we propose a novel, lightweight, trustworthy, and verifiable service composition framework for IoT-based systems that adopt microservice architecture. First, we propose a dynamic programming approach to select trustworthy FNs for each user request, while considering the trust scores of the FNs and the delay requirements of the users. Next, we propose a transparent service composition framework that uses lightweight cryptography functions to generate the proof-of-involvement for the FNs in each service. With the help of a trust controller, we verify the proofs generated by the FNs and update the trust scores of the FNs. Considering the user traces from Berlin city in the simulation of urban mobility tool, we show the efficacy of the proposed framework in maximizing user trust and detecting malicious FNs involved in user services. Further, we show that the delay and communication overhead of the proposed framework are very low compared to the state-of-the-art methods.","PeriodicalId":55017,"journal":{"name":"IEEE Systems Journal","volume":"19 2","pages":"404-412"},"PeriodicalIF":4.4000,"publicationDate":"2025-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Systems Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10947003/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
The distributed Internet of Things (IoT) systems facilitate real-time services through the composition of loosely coupled microservices. The composed IoT service is the output of multiple microservices, executed at computationally capable edge or fog nodes, which we consider as the facility nodes (FNs). However, the service composition process in IoT microservice architectures is abstracted from the users that gives freedom to the FNs to act maliciously and provide low-quality IoT services. Further, the service composition needs to be transparent so that the FNs involved in a service cannot repudiate their involvement at a later time. In this article, we propose a novel, lightweight, trustworthy, and verifiable service composition framework for IoT-based systems that adopt microservice architecture. First, we propose a dynamic programming approach to select trustworthy FNs for each user request, while considering the trust scores of the FNs and the delay requirements of the users. Next, we propose a transparent service composition framework that uses lightweight cryptography functions to generate the proof-of-involvement for the FNs in each service. With the help of a trust controller, we verify the proofs generated by the FNs and update the trust scores of the FNs. Considering the user traces from Berlin city in the simulation of urban mobility tool, we show the efficacy of the proposed framework in maximizing user trust and detecting malicious FNs involved in user services. Further, we show that the delay and communication overhead of the proposed framework are very low compared to the state-of-the-art methods.
期刊介绍:
This publication provides a systems-level, focused forum for application-oriented manuscripts that address complex systems and system-of-systems of national and global significance. It intends to encourage and facilitate cooperation and interaction among IEEE Societies with systems-level and systems engineering interest, and to attract non-IEEE contributors and readers from around the globe. Our IEEE Systems Council job is to address issues in new ways that are not solvable in the domains of the existing IEEE or other societies or global organizations. These problems do not fit within traditional hierarchical boundaries. For example, disaster response such as that triggered by Hurricane Katrina, tsunamis, or current volcanic eruptions is not solvable by pure engineering solutions. We need to think about changing and enlarging the paradigm to include systems issues.