Security Approaches for Data Provenance in the Internet of Things: A Systematic Literature Review

The Internet of Things (IoT) relies on resource-constrained devices deployed in unprotected environments. Given their constrained nature, IoT systems are vulnerable to security attacks. Data provenance, which tracks the origin and flow of data, provides a potential solution to guarantee data security, including trustworthiness, confidentiality, integrity, and availability in IoT systems. Different types of risks may be faced during data transmission in single-hop and multi-hop scenarios, particularly due to the interconnectivity of IoT systems, which introduces security and privacy concerns. Attackers can inject malicious data or manipulate data without notice, compromising data integrity and trustworthiness. Data provenance offers a way to record the origin, history, and handling of data to address these vulnerabilities. A systematic literature review of data provenance in IoT is presented, exploring existing techniques, practical implementations, security requirements, and performance metrics. Respective contributions and shortcomings are compared. A taxonomy related to the development of data provenance in IoT is proposed. Open issues are identified, and future research directions are presented, providing useful insights for the evolution of data provenance research in the context of the IoT.