Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security

The Internet of Things (IoT) security is one of the most important issues developers have to face. Data tampering must be prevented in IoT devices and some or all of the confidentiality, integrity, and authenticity of sensible data files must be assured in most practical IoT applications, especially when data are stored in removable devices such as microSD cards, which is very common. Software solutions are usually applied, but their effectiveness is limited due to the reduced resources available in IoT systems. This paper introduces a hardware-based security framework for IoT devices (Embedded LUKS) similar to the Linux Unified Key Setup (LUKS) solution used in Linux systems to encrypt data partitions. Embedded LUKS (E-LUKS) extends the LUKS capabilities by adding integrity and authentication methods, in addition to the confidentiality already provided by LUKS. E-LUKS uses state-of-the-art encryption and hash algorithms such as PRESENT and SPONGENT. Both are recognized as adequate solutions for IoT devices being PRESENT incorporated in the ISO/IEC 29192-2:2019 for lightweight block ciphers. E-LUKS has been implemented in modern XC7Z020 FPGA chips, resulting in a smaller hardware footprint compared to previous LUKS hardware implementations, a footprint of about a 10% of these LUKS implementations, making E-LUKS a great alternative to provide Full Disk Encryption (FDE) alongside authentication to a wide range of IoT devices.

Download Full-text

IoT Security Configurability with Security-by-Contract

Sensors ◽

10.3390/s19194121 ◽

2019 ◽

Vol 19 (19) ◽

pp. 4121 ◽

Cited By ~ 6

Author(s):

Alberto Giaretta ◽

Nicola Dragoni ◽

Fabio Massacci

Keyword(s):

Internet Of Things ◽

Fog Computing ◽

Holistic Approach ◽

The Internet ◽

Iot Security ◽

Iot Devices ◽

Work First ◽

The Internet Of Things

Cybersecurity is one of the biggest challenges in the Internet of Things (IoT) domain, as well as one of its most embarrassing failures. As a matter of fact, nowadays IoT devices still exhibit various shortcomings. For example, they lack secure default configurations and sufficient security configurability. They also lack rich behavioural descriptions, failing to list provided and required services. To answer this problem, we envision a future where IoT devices carry behavioural contracts and Fog nodes store network policies. One requirement is that contract consistency must be easy to prove. Moreover, contracts must be easy to verify against network policies. In this paper, we propose to combine the security-by-contract (S × C) paradigm with Fog computing to secure IoT devices. Following our previous work, first we formally define the pillars of our proposal. Then, by means of a running case study, we show that we can model communication flows and prevent information leaks. Last, we show that our contribution enables a holistic approach to IoT security, and that it can also prevent unexpected chains of events.

Download Full-text

A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things

Sensors ◽

10.3390/s19132985 ◽

2019 ◽

Vol 19 (13) ◽

pp. 2985 ◽

Cited By ~ 4

Author(s):

Wencheng Yang ◽

Song Wang ◽

Jiankun Hu ◽

Ahmed Ibrahim ◽

Guanglou Zheng ◽

...

Keyword(s):

Internet Of Things ◽

User Authentication ◽

System Security ◽

Random Projection ◽

Biometric Data ◽

Iot Security ◽

Biometric Systems ◽

Authentication System ◽

Iot Devices ◽

The Internet Of Things

Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of biometric data itself is also important, as original biometric data cannot be replaced or reissued if compromised. In this paper, we propose a cancelable iris- and steganography-based user authentication system to provide user authentication and secure the original iris data. Most of the existing cancelable iris biometric systems need a user-specific key to guide feature transformation, e.g., permutation or random projection, which is also known as key-dependent transformation. One issue associated with key-dependent transformations is that if the user-specific key is compromised, some useful information can be leaked and exploited by adversaries to restore the original iris feature data. To mitigate this risk, the proposed scheme enhances system security by integrating an effective information-hiding technique—steganography. By concealing the user-specific key, the threat of key exposure-related attacks, e.g., attacks via record multiplicity, can be defused, thus heightening the overall system security and complementing the protection offered by cancelable biometric techniques.

Download Full-text

POSSIBILITIES FOR PROVIDING AN INFORMATION SECURITY DURING RETRIEVAL OF NETWORK DATA

Knowledge International Journal ◽

10.35120/kij3003689s ◽

2019 ◽

pp. 689-693

Author(s):

Veselka Stoyanova

Keyword(s):

Data Centers ◽

Cyber Attacks ◽

Security Framework ◽

Iot Security ◽

Computing Power ◽

Smart Buildings ◽

Electrical Grids ◽

Wide Range ◽

The Internet Of Things ◽

Require Data

The Internet of Things (IoT) will connect not only computers and mobile devices, but it will also interconnect smart buildings, homes, and cities, as well as electrical grids, gas, and water networks, automobiles, airplanes, etc. IoT will lead to the development of a wide range of advanced information services that need to be processed in real-time and require data centers with large storage and computing power. In this paper, we present an IoT security framework for smart infrastructures such as Smart Homes (SH) and smart buildings (SB). I also present a general threat model that can be used to develop a security protection methodology for IoT services against cyber-attacks (known or unknown).

Download Full-text

Streamlining IoT system development with open standards

it - Information Technology ◽

10.1515/itit-2020-0016 ◽

2020 ◽

Vol 62 (5-6) ◽

pp. 215-226

Author(s):

Ege Korkan ◽

Sebastian Kaebisch ◽

Sebastian Steinhorst

Keyword(s):

Industry 4.0 ◽

Smart Home ◽

World Wide ◽

System Development ◽

Smart Cities ◽

Time To Market ◽

Wide Range ◽

The World ◽

Iot Devices ◽

The Internet Of Things

AbstractThe Internet of Things (IoT) is bringing Internet connectivity to a wide range of devices which results in an increasing number of products for smart home, industry 4.0 and/or smart cities. Even though IoT has the ambition to reach an increasing amount of devices and be scalable across different domains, lack of interoperability inhibits this scope to be attained. Recent standardization efforts by the World Wide Web Consortium (W3C) are addressing the interoperability problem by the means of Thing Description (TD) that allows humans and machines to understand the capabilities and communication interfaces of IoT devices. In this paper, we show a more systematic and streamlined development of IoT devices and systems that relies on the TD standard. We introduce three different complementary methods that can be applied independently in the different stages of the development, or as a framework to streamline the development of IoT devices and systems. As a result of using the TD standard, interoperability between IoT devices of various stakeholders is ensured from early stages and the time to market is reduced.

Download Full-text

A Review Of The Issues And Challenges In IoT Security Using Machine Learning Techniques

International Journal of Emerging Trends in Engineering Research ◽

10.30534/ijeter/2021/28942021 ◽

2021 ◽

Vol 9 (4) ◽

pp. 499-502

Keyword(s):

Machine Learning ◽

Machine Learning Techniques ◽

Security Threats ◽

X Rays ◽

Iot Security ◽

Learning Techniques ◽

Human Endeavor ◽

Security Challenges ◽

Iot Devices ◽

The Internet Of Things

In a typical IoT network, a sensor connects to a controller using a wireless connection. Controllers collect data from sensors and sends the data for storage and analysis[1]. These controllers work with actuators that translate an electrical input to a physical action. The internet of things (IoT), have found application in different areas of human endeavor including healthcare, government, supply chain, cities, manufacturing, etc. and it is estimated that the number of connected devices will reach 50 billion by 2020[2] With the increasing number of devices comes an increase in the the varying number of security threats to the IoT network [3]. To contain these threats, a secure-by-design approach should be adopted as this will help the IoT devices to anticipate and neutralize the ever changing nature of the threats as against older systems where security was handled as it presents itself [2] This paper x-rays the security challenges in IoT networks and the application of machine learning (Supervised learning, Unsupervised learning and Reinforcement learning) in tackling the security challenges

Download Full-text

An Easy-to-Integrate IP Design of AHB Slave Bus Interface for the Security Chip of IoT

Mathematical Problems in Engineering ◽

10.1155/2021/5154769 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Conggui Yuan ◽

Xin Zheng ◽

Bo Rao ◽

Shuting Cai

Keyword(s):

High Performance ◽

Random Number Generator ◽

Control Logic ◽

Iot Security ◽

Interface Control ◽

Important Means ◽

Security Module ◽

Iot Devices ◽

On Chip ◽

The Internet Of Things

Information security is fundamental to the Internet of things (IoT) devices, in which security chip is an important means. This paper proposes an Advanced High-performance Bus Slave Control IP (AHB-SIP), which applies to cryptographic accelerators in IoT security chips. Composed by four types of function registers and AHB Interface Control Logic (AICL), AHB-SIP has a simple and easy-to-use structure. The System on Chip (SoC) design can be realized by quickly converting the nonstandard interface of the security module to the AHB slave interface. AHB-SIP is applied to the security accelerators of SM2, SM3, and SM4 and random number generator (RNG). Combined with a low-power embedded CPU, TIMER, UART, SPI, IIC, and other communication interfaces, a configurable SoC can be integrated. Moreover, SMIC 110 nm technology is employed to tape out the SoC on a silicon chip. The area of AHB-SIP is 0.072 mm2, only occupying 6‰ of the chip (3.45 ∗ 3.45 mm2), and the power consumption of encryption modules combined with AHB-SIP is lower than that combined with AXI interface, which is decreased up to 61.0% and is ideal for the application of IoT.

Download Full-text

QoS Enabled Layered Based Clustering for Reactive Flooding in the Internet of Things

Symmetry ◽

10.3390/sym11050634 ◽

2019 ◽

Vol 11 (5) ◽

pp. 634 ◽

Cited By ~ 1

Author(s):

Fawad Ali Khan ◽

Rafidah Md Noor ◽

Miss Laiha Mat Kiah ◽

Noorzaily Mohd Noor ◽

Saleh M. Altowaijri ◽

...

Keyword(s):

Energy Consumption ◽

Internet Of Things ◽

Research Work ◽

Hybrid Approach ◽

Computational Time ◽

The Internet ◽

Wide Range ◽

Iot Devices ◽

The Internet Of Things ◽

Network Flooding

The Internet of Things has gained substantial attention over the last few years, because of connecting daily things in a wide range of application and domains. A large number of sensors require bandwidth and network resources to give-and-take queries among a heterogeneous IoT network. Network flooding is a key questioning strategy for successful exchange of queries. However, the risk of the original flooding is prone to unwanted and redundant network queries which may lead to heavy network traffic. Redundant, unwanted, and flooded queries are major causes of inefficient utilization of resources. IoT devices consume more energy and high computational time. More queries leads to consumption of more bandwidth, cost, and miserable QoS. Current existing approaches focused primarily on how to speed up the basic routing for IoT devices. However, solutions for flooding are not being addressed. In this paper, we propose a cluster-based flooding (CBF) as an interoperable solution for network and sensor layer devices which is also capable minimizing the energy consumption, cost, network flooding, identifying, and eliminating of redundant flooding queries using query control mechanisms. The proposed CBF divides the network into different clusters, local queries for information are proactively maintained by the intralayer cluster (IALC), while the interlayer cluster (IELC) is responsible for reactively obtain the routing queries to the destinations outside the cluster. CBF is a hybrid approach, having the potential to be more efficient against traditional schemes in term of query traffic generation. However, in the absence of appropriate redundant query detection and termination techniques, the CBF may generate more control traffic compared to the standard flooding techniques. In this research work, we used Cooja simulator to evaluate the performance of the proposed CBF. According to the simulation results the proposed technique has superiority in term of traffic delay, QoS/throughput, and energy consumption, under various performance metrics compared with traditional flooding and state of the art.

Download Full-text

Privacy and Security for Resource-Constrained IoT Devices and Networks: Research Challenges and Opportunities

Sensors ◽

10.3390/s19081935 ◽

2019 ◽

Vol 19 (8) ◽

pp. 1935 ◽

Cited By ~ 1

Author(s):

Shancang Li ◽

Houbing Song ◽

Muddesar Iqbal

Keyword(s):

Cyber Physical Systems ◽

Resource Constrained ◽

Privacy And Security ◽

Physical Systems ◽

Iot Applications ◽

Wide Range ◽

Challenges And Opportunities ◽

Iot Devices ◽

Application Requirements ◽

The Internet Of Things

With the exponential growth of the Internet of Things (IoT) and cyber-physical systems (CPS), a wide range of IoT applications have been developed and deployed in recent years. To match the heterogeneous application requirements in IoT and CPS systems, many resource-constrained IoT devices are deployed, in which privacy and security have emerged as difficult challenges because the devices have not been designed to have effective security features.

Download Full-text

Biometrics for Internet-of-Things Security: A Review

Sensors ◽

10.3390/s21186163 ◽

2021 ◽

Vol 21 (18) ◽

pp. 6163

Author(s):

Wencheng Yang ◽

Song Wang ◽

Nor Masri Sahri ◽

Nickson M. Karie ◽

Mohiuddin Ahmed ◽

...

Keyword(s):

Internet Of Things ◽

Smart Devices ◽

Future Research ◽

Iot Security ◽

Security Challenges ◽

Wide Range ◽

Comprehensive Survey ◽

Future Research Directions ◽

Iot Devices ◽

Art Research

The large number of Internet-of-Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric-based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric-cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state-of-the-art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward-looking issues and future research directions.

Download Full-text

Predicting Internet of Things (IOT) Security and Privacy Risks – A Proposal Model: توقع مخاطر أمن وخصوصية إنترنت الأشياء (IOT) – نموذج مقترح بحثي

Journal of engineering sciences and information technology - مجلة العلوم الهندسية و تكنولوجيا المعلومات ◽

10.26389/ajsrp.q070621 ◽

2021 ◽

Vol 5 (3) ◽

pp. 133-112

Author(s):

Awad Saad Al-Qahtani, Mohammad Ayoub Khan Awad Saad Al-Qahtani, Mohammad Ayoub Khan

Keyword(s):

Internet Of Things ◽

Security Management ◽

Cyber Attacks ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Security Risks ◽

Iot Security ◽

Iot Devices ◽

The Internet Of Things

The Internet of things (IOT) users lack awareness of IOT security infrastructure to handle the risks including Threats, attack and penetration associated with its use. IOT devices are main targets for cyber-attacks due to variable personally identifiable information (PII) stored and transmit in the cyber centers. The security risks of the Internet of Things aimed to damage user's security and privacy. All information about users can be collected from their related objects which are stored in the system or transferred through mediums among diverse smart objects and may exposed to exposed dangerous of attacks and threats if it lack authentication so there are essential need to make IOT security requirements as important part of its efficient implementation. These requirements include; availability, accountability, authentication, authorization, privacy and confidentiality, Integrity and Non-repudiation. The study design is a survey research to investigate the visibility of the proposed model of security management for IOT uses, the security risks of IOT devices, and the changes IOT technology on the IT infrastructure of IOT users through answering of the research questionnaires. This work proposes a model of security management for IOT to predict IOT security and privacy threats, protect IOT users from any unforeseen dangers, and determine the right security mechanisms and protocols for IOT security layers, as well as give the most convenient security mechanisms. Moreover, for enhancing the performance of IOT networks by selecting suitable security mechanisms for IOT layers to increase IOT user's security satisfaction.

Download Full-text