scholarly journals Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

2013 ◽  
Author(s):  
Parikshit N. Mahalle ◽  
Bayu Anggorojati ◽  
Neeli R. Prasad ◽  
Ramjee Prasad
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Secure Communication ◽  
Identity Authentication ◽  
Security Protocol ◽  
The Internet ◽  
Dos Attacks ◽  
Security Vulnerabilities ◽  
Iot Devices ◽  
The Internet Of Things

In the last few years the Internet of Things (IoT) has seen widespreadapplication and can be found in each field. Authentication and accesscontrol are important and critical functionalities in the context of IoTto enable secure communication between devices. Mobility, dynamicnetwork topology and weak physical security of low power devices in IoTnetworks are possible sources for security vulnerabilities. It ispromising to make an authentication and access control attack resistant andlightweight in a resource constrained and distributed IoT environment.This paper presents the Identity Authentication and Capability basedAccess Control (IACAC) model with protocol evaluation and performanceanalysis. To protect IoT from man-in-the-middle, replay and denial ofservice (Dos) attacks, the concept of capability for access control isintroduced. The novelty of this model is that, it presents an integratedapproach of authentication and access control for IoT devices. Theresults of other related study have also been analyzed to validate andsupport our findings. Finally, the proposed protocol is evaluated byusing security protocol verification tool and verification results showsthat IACAC is secure against aforementioned attacks. This paper alsodiscusses performance analysis of the protocol in terms of computationaltime compared to other existing solutions. Furthermore, this paper addresseschallenges in IoT and security attacks are modelled with the use casesto give an actual view of IoT networks.

scholarly journals Medium Access Control Protocols for the Internet of Things Based on Unmanned Aerial Vehicles: A Comparative Survey

Sensors ◽  
2020 ◽  
Vol 20 (19) ◽  
pp. 5586
Author(s):  
Shreya Khisa ◽  
Sangman Moh
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Medium Access Control ◽  
Unmanned Aerial Vehicles ◽  
Mac Protocols ◽  
The Internet ◽  
Medium Access ◽  
Aerial Vehicles ◽  
Iot Devices ◽  
The Internet Of Things

The Internet of Things (IoT), which consists of a large number of small low-cost devices, has become a leading solution for smart cities, smart agriculture, smart buildings, smart grids, e-healthcare, etc. Integrating unmanned aerial vehicles (UAVs) with IoT can result in an airborne UAV-based IoT (UIoT) system and facilitate various value-added services from sky to ground. In addition to wireless sensors, various kinds of IoT devices are connected in UIoT, making the network more heterogeneous. In a UIoT system, for achieving high throughput in an energy-efficient manner, it is crucial to design an efficient medium access control (MAC) protocol because the MAC layer is responsible for coordinating access among the IoT devices in the shared wireless medium. Thus, various MAC protocols with different objectives have been reported for UIoT. However, to the best of the authors’ knowledge, no survey had been performed so far that dedicatedly covers MAC protocols for UIoT. Hence, in this study, state-of-the-art MAC protocols for UIoT are investigated. First, the communication architecture and important design considerations of MAC protocols for UIoT are examined. Subsequently, different MAC protocols for UIoT are classified, reviewed, and discussed with regard to the main ideas, innovative features, advantages, limitations, application domains, and potential future improvements. The reviewed MAC protocols are qualitatively compared with regard to various operational characteristics and system parameters. Additionally, important open research issues and challenges with recommended solutions are summarized and discussed.

Information Flow Control Based on the CapBAC (Capability-Based Access Control) Model in the IoT

2019 ◽  
Vol 10 (4) ◽  
pp. 13-25 ◽  
Author(s):  
Shigenari Nakamura ◽  
Tomoya Enokido ◽  
Makoto Takizawa
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Information Flow ◽  
Control Model ◽  
The Internet ◽  
Information Flow Control ◽  
The Subject ◽  
Access Rights ◽  
Iot Devices ◽  
The Internet Of Things

In the Internet of Things (IoT), not only computers like servers but also devices with sensor and actuator devices are interconnected. It is critical to make the IoT secure, especially devices. In the capability-based access control (CapBAC) model proposed to make IoT devices secure, an owner of each device issues a capability token, i.e. a set of access rights, to a subject. Only a subject holding the capability token is allowed to manipulate the device. However, a subject may get data in a device d1 via another device d2 although the subject holds no capability token to get data from the device d1. Here, the data in the device d1 illegally flow to the subject. In this article, the authors propose the operation interruption (OI) protocol where illegal get operations are interrupted. In the evaluation, the ratio of the number of get operations interrupted to the total number of get operations is kept constant even if the numbers of subjects and access rights granted to each subject increase in the OI protocol.

scholarly journals Secure Communications for Resource-Constrained IoT Devices

Sensors ◽  
2020 ◽  
Vol 20 (13) ◽  
pp. 3637
Author(s):  
Abd-Elhamid M. Taha ◽  
Abdulmonem M. Rashwan ◽  
Hossam S. Hassanein
Keyword(s):  
Internet Of Things ◽  
Secure Communication ◽  
The Internet ◽  
Secure Communications ◽  
Message Authentication ◽  
Authentication Codes ◽  
Resource Constrained ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Constrained Devices

The importance of securing communications on the Internet of Things (IoT) cannot be overstated. This is especially the case in light of the increasing proliferation of IoT devices and instances, as well as the growing dependence on their usage. Meanwhile, there have recently been mounting concerns over a wide array of vulnerabilities in IoT communications. The objective of this work is to address constraints in IoT devices that are “resource-constrained”, which are devices that are limited in terms of computing, energy, communication, or range capabilities, whether in terms of nominal or temporal limitations. Specifically, we propose a framework for resource-aiding constrained devices to facilitate secure communication. Without loss of generalization, the framework’s viability is illustrated by focusing on a group of security functions that utilize message authentication codes, which is a strongly representative example of resource-intensive security functions. Aspects of the framework are further demonstrated in processing cores commonly used in commercial IoT devices.

scholarly journals An Encrypted key Exchange Protocol to Secure Communication among Fog Nodes and the Cloud

2019 ◽  
Vol 8 (12) ◽  
pp. 5193-5197
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Secure Communication ◽  
Fog Computing ◽  
Key Exchange ◽  
The Internet ◽  
Key Exchange Protocol ◽  
The Internet Of Things

Fog computing is considered as a significantly virtualized perspective that can enable preparing at the Internet of Things devices, living in the edge of the framework, to convey organizations and applications even more capably and feasibly. Since Fog preparing starts from and is a non-minor development of circulated registering, it gets various security and insurance troubles of dispersed processing, causing the expansive stresses in the examination gathering. To engage genuine and confidential exchanges among a social occasion of fog centre points, proposes a capable key exchange show in perspective on figure content approach characteristic based encryption to develop secure correspondences among the individuals. To achieve confidentiality, approval, capriciousness, and access control, to join CP-ABE and mechanized mark techniques. The proposed method explores the efficiency to show similar to security and execution.

scholarly journals Battery Drain Denial-of-Service Attacks and Defenses in the Internet of Things

2019 ◽  
Vol 2 ◽  
pp. 37-45 ◽  
Author(s):  
Philokypros P. Ioulianou ◽  
Vassilios G. Vassilakis ◽  
Michael D. Logothetis
Keyword(s):  
Internet Of Things ◽  
Routing Protocol ◽  
Denial Of Service ◽  
The Internet ◽  
Dos Attacks ◽  
Lossy Networks ◽  
Distributed Intrusion Detection ◽  
Iot Devices ◽  
The Impact ◽  
The Internet Of Things

IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) is a popular routing protocol used in wireless sensor networks and in the Internet of Things (IoT). RPL was standardized by the IETF in 2012 and has been designed for devices with limited resources and capabilities. Open-source RPL implementations are supported by popular IoT operating systems (OS), such as ContikiOS and TinyOS. In this work, we investigate the possibility of battery drain Denial-of-Service (DoS) attacks in the RPL implementation of ContikiOS. In particular, we use the popular Cooja simulator and implement two types of DoS attacks, particularly version number modification and “Hello” flooding. We demonstrate the impact of these attacks on the power consumption of IoT devices. Finally, we discuss potential defenses relying on distributed intrusion detection modules.

scholarly journals rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things

Sensors ◽  
2021 ◽  
Vol 21 (19) ◽  
pp. 6524
Author(s):  
Koen Tange ◽  
Sebastian Mödersheim ◽  
Apostolos Lalos ◽  
Xenofon Fafoutis ◽  
Nicola Dragoni
Keyword(s):  
Internet Of Things ◽  
Task Force ◽  
Security Analysis ◽  
Security Protocol ◽  
Transport Layer ◽  
The Internet ◽  
Replay Attacks ◽  
Iot Devices ◽  
Bandwidth Overhead ◽  
The Internet Of Things

In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application data in their first message to the server, provided they have shared session resumption details in a previous handshake. Since it is common for IoT devices to transmit periodic messages to a server, this 0-RTT protocol can help in reducing bandwidth overhead. Unfortunately, the sub-protocol has been designed for the Web and is susceptible to replay attacks. In our previous work, we adapted the 0-RTT protocol to strengthen it against replay attacks, while also reducing bandwidth overhead, thus making it more suitable for IoT applications. However, we did not include a formal security analysis of the protocol. In this work, we address this and provide a formal security analysis using OFMC. Further, we have included more accurate estimates on its performance, as well as making minor adjustments to the protocol itself to reduce implementation ambiguity and improve resilience.

Centralized, Distributed, and Everything in between

2022 ◽  
Vol 54 (7) ◽  
pp. 1-34
Author(s):  
Sophie Dramé-Maigné ◽  
Maryline Laurent ◽  
Laurent Castillo ◽  
Hervé Ganem
Keyword(s):  
Access Control ◽  
Future Research ◽  
The Internet ◽  
Research Directions ◽  
Security Issues ◽  
Security Properties ◽  
Future Research Directions ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Security Of Iot

The Internet of Things is taking hold in our everyday life. Regrettably, the security of IoT devices is often being overlooked. Among the vast array of security issues plaguing the emerging IoT, we decide to focus on access control, as privacy, trust, and other security properties cannot be achieved without controlled access. This article classifies IoT access control solutions from the literature according to their architecture (e.g., centralized, hierarchical, federated, distributed) and examines the suitability of each one for access control purposes. Our analysis concludes that important properties such as auditability and revocation are missing from many proposals while hierarchical and federated architectures are neglected by the community. Finally, we provide an architecture-based taxonomy and future research directions: a focus on hybrid architectures, usability, flexibility, privacy, and revocation schemes in serverless authorization.

Sign in / Sign up

Export Citation Format

Share Document