The Internet of Things (IoT) relies on resource-constrained devices deployed in unprotected environments. Given their constrained nature, IoT systems are vulnerable to security attacks. Data provenance, which tracks the origin and flow of data, provides a potential solution to guarantee data security, including trustworthiness, confidentiality, integrity, and availability in IoT systems. Different types of risks may be faced during data transmission in single-hop and multi-hop scenarios, particularly due to the interconnectivity of IoT systems, which introduces security and privacy concerns. Attackers can inject malicious data or manipulate data without notice, compromising data integrity and trustworthiness. Data provenance offers a way to record the origin, history, and handling of data to address these vulnerabilities. A systematic literature review of data provenance in IoT is presented, exploring existing techniques, practical implementations, security requirements, and performance metrics. Respective contributions and shortcomings are compared. A taxonomy related to the development of data provenance in IoT is proposed. Open issues are identified, and future research directions are presented, providing useful insights for the evolution of data provenance research in the context of the IoT.

翻译：物联网依赖于部署在无保护环境中的资源受限设备。鉴于其受限特性，物联网系统易受安全攻击。数据溯源通过追踪数据的来源与流转，为保障物联网系统中的数据安全（包括可信性、机密性、完整性与可用性）提供了潜在解决方案。在单跳与多跳场景的数据传输过程中，可能面临不同类型的风险，尤其是物联网系统的互联性引发了安全与隐私问题。攻击者可能注入恶意数据或悄无声息地篡改数据，从而损害数据完整性与可信性。数据溯源提供了一种记录数据来源、历史及处理过程以应对这些脆弱性的方法。本文对物联网数据溯源进行了系统性文献综述，探讨了现有技术、实际实现方案、安全需求与性能指标，比较了各自的贡献与不足，提出了物联网数据溯源发展的分类体系，识别了开放性问题并展望了未来研究方向，为物联网背景下数据溯源研究的演进提供了有益见解。