Cryptographic Keys Generating and Renewing System for IoT Network Nodes—A Concept

Designers and users of the Internet of Things (IoT) are devoting more and more attention to the issues of security and privacy as well as the integration of data coming from various areas. A critical element of cooperation is building mutual trust and secure data exchange. Because IoT devices usually have small memory resources, limited computing power, and limited energy resources, it is often impossible to effectively use a well-known solution based on the Certification Authority. This article describes the concept of the system for a cryptographic Key Generating and Renewing system (KGR). The concept of the solution is based on the use of the hardware Trusted Platform Module (TPM) v2.0 to support the procedures of creating trust structures, generating keys, protecting stored data, and securing data exchange between system nodes. The main tasks of the system are the secure distribution of a new symmetric key and renewal of an expired key for data exchange parties. The KGR system is especially designed for clusters of the IoT nodes but can also be used by other systems. A service based on the Message Queuing Telemetry Transport (MQTT) protocol will be used to exchange data between nodes of the KGR system.

Download Full-text

Trusted Computing Strengthens Cloud Authentication

The Scientific World JOURNAL ◽

10.1155/2014/260187 ◽

2014 ◽

Vol 2014 ◽

pp. 1-17 ◽

Cited By ~ 11

Author(s):

Eghbal Ghazizadeh ◽

Mazdak Zamani ◽

Jamalul-lail Ab Manan ◽

Mojtaba Alizadeh

Keyword(s):

Identity Management ◽

Trusted Computing ◽

Security And Privacy ◽

Trusted Platform Module ◽

Single Sign On ◽

Proposed Model ◽

Security Challenges ◽

Trusted Platform ◽

Federated Identity ◽

New Generation

Cloud computing is a new generation of technology which is designed to provide the commercial necessities, solve the IT management issues, and run the appropriate applications. Another entry on the list of cloud functions which has been handled internally is Identity Access Management (IAM). Companies encounter IAM as security challenges while adopting more technologies became apparent. Trust Multi-tenancy and trusted computing based on a Trusted Platform Module (TPM) are great technologies for solving the trust and security concerns in the cloud identity environment. Single sign-on (SSO) and OpenID have been released to solve security and privacy problems for cloud identity. This paper proposes the use of trusted computing, Federated Identity Management, and OpenID Web SSO to solve identity theft in the cloud. Besides, this proposed model has been simulated in .Net environment. Security analyzing, simulation, and BLP confidential model are three ways to evaluate and analyze our proposed model.

Download Full-text

Personal Trusted Platform Module for the Multi-Core System of 5G Security and Privacy

2020 ELEKTRO ◽

10.1109/elektro49696.2020.9130294 ◽

2020 ◽

Author(s):

Vladimir Ruchkin ◽

Vladimir Fulin ◽

Vitaly Romanchuk ◽

Alexei Koryachko ◽

Ekaterina Ruchkina

Keyword(s):

Security And Privacy ◽

Core System ◽

Trusted Platform Module ◽

Trusted Platform ◽

5G Security

Download Full-text

Information technology. Trusted Platform Module Library

10.3403/30302802 ◽

2016 ◽

Keyword(s):

Information Technology ◽

Trusted Platform Module ◽

Trusted Platform

Download Full-text

Editorial for special issue on ”security and privacy protection in the era of IoT devices”

Digital Communications and Networks ◽

10.1016/j.dcan.2021.04.003 ◽

2021 ◽

Vol 7 (2) ◽

pp. 245-246

Author(s):

Weizhi Meng ◽

Daniel Xiapu Luo ◽

Chunhua Su ◽

Debiao He ◽

Marios Anagnostopoulos ◽

...

Keyword(s):

Privacy Protection ◽

Security And Privacy ◽

Special Issue ◽

Iot Devices

Download Full-text

Erzeugung elektronischer Signaturen mittels Trusted Platform Module

Datenschutz und Datensicherheit - DuD ◽

10.1007/s11623-007-0134-9 ◽

2007 ◽

Vol 31 (5) ◽

pp. 357-361 ◽

Cited By ~ 1

Author(s):

Frederic Stumpf ◽

Markus Sacher ◽

Alexander Roßnagel ◽

Claudia Eckert

Keyword(s):

Trusted Platform Module ◽

Trusted Platform

Download Full-text

Expand the SSL/TLS protocol on Trusted Platform Module

2010 International Conference on Computer Application and System Modeling (ICCASM 2010) ◽

10.1109/iccasm.2010.5623264 ◽

2010 ◽

Cited By ~ 3

Author(s):

Yue Yu ◽

Hao Sun ◽

Yanan Kong

Keyword(s):

Trusted Platform Module ◽

Trusted Platform

Download Full-text

Privacy for D2D communications based applications and services in IoT enabled networks

10.51415/10321/3742 ◽

2021 ◽

Author(s):

◽

L. P. Bopape

Keyword(s):

Cloud Computing ◽

Data Exchange ◽

End Users ◽

Security And Privacy ◽

Cyber Attack ◽

Core Network ◽

D2d Communications ◽

Round Trip ◽

Resource Constrained ◽

Privacy And Security

With the advent of IoT, Device-to-Device (D2D) communications has afforded a new paradigm that reliably facilitates data exchange among devices in proximity without necessarily involving the base (core) network. It is geared towards the need to improve network performance where short-range communications is concerned, as well as supporting proximitybased services. However, the relentless growth in the number of network end-users as well as interconnected communication-capable devices, in the next-generation IoT-based 5G cellular networks has resulted in novel services and applications, most of which are security-sensitive. It is thus of paramount importance that security issues be addressed. A posing challenge is that the devices are mostly resource-constrained in both power and computing. As such, it is not practical to implement present day as well as traditional security frameworks and protocols under such a scenario, unless strides are taken towards the improvements of data throughput rates, higher bandwidth provisioning, lower round trip latencies, enhanced spectral efficiencies, and energy efficiency (leading to even lower power consumption, by the already constrained devices) in IoT 5G/LTE networks. Therefore, this work focused on exploring and designing schemes that enhance security and privacy among communicating parties. Otherwise, without reliable as well as robust privacy and security preservation measures in the network, most services and applications will be exposed to various forms of malicious attacks. With such a widened cyber-attack space, both privacy and security for end users can easily be compromised. The work herein addresses privacy for subscribers to the various available services and applications as well as security of the associated data. Ultimately, we propose a Fog-Cloud computing paradigm-assisted security framework that comprises two schemes. The aim is to implement a lightweight-based cartographic algorithm that ensures that communication overheads, round trip latencies, computational loads as well as energy consumption by the otherwise resource-constrained surveillance cameras deployed remotely, are kept minimal. Overall, by way of both analysis and simulation, we ascertain that a Fog-Cloud computing-based lightweight security-based scheme has the potential to greatly improve security and privacy preservation, as well as overall performance despite the resource-constrained nature of the devices.

Download Full-text

A Trusted Platform Module for Near Field Communication

2010 Fifth International Conference on Systems and Networks Communications ◽

10.1109/icsnc.2010.27 ◽

2010 ◽

Cited By ~ 13

Author(s):

Michael Hutter ◽

Ronald Toegl

Keyword(s):

Near Field ◽

Near Field Communication ◽

Trusted Platform Module ◽

Trusted Platform

Download Full-text

Enhancing the Security of FPGA-SoCs via the Usage of ARM TrustZone and a Hybrid-TPM

ACM Transactions on Reconfigurable Technology and Systems ◽

10.1145/3472959 ◽

2022 ◽

Vol 15 (1) ◽

pp. 1-26

Author(s):

Mathieu Gross ◽

Konrad Hohentanner ◽

Stefan Wiehler ◽

Georg Sigl

Keyword(s):

Software Design ◽

Hardware Accelerators ◽

Biometric Authentication ◽

Trusted Platform Module ◽

Start Up ◽

Execution Environment ◽

On Chip ◽

Trusted Platform ◽

Trusted Execution Environment ◽

Entropy Source

Isolated execution is a concept commonly used for increasing the security of a computer system. In the embedded world, ARM TrustZone technology enables this goal and is currently used on mobile devices for applications such as secure payment or biometric authentication. In this work, we investigate the security benefits achievable through the usage of ARM TrustZone on FPGA-SoCs. We first adapt Microsoft’s implementation of a firmware Trusted Platform Module (fTPM) running inside ARM TrustZone for the Zynq UltraScale+ platform. This adaptation consists in integrating hardware accelerators available on the device to fTPM’s implementation and to enhance fTPM with an entropy source derived from on-chip SRAM start-up patterns. With our approach, we transform a software implementation of a TPM into a hybrid hardware/software design that could address some of the security drawbacks of the original implementation while keeping its flexibility. To demonstrate the security gains obtained via the usage of ARM TrustZone and our hybrid-TPM on FPGA-SoCs, we propose a framework that combines them for enabling a secure remote bitstream loading. The approach consists in preventing the insecure usages of a bitstream reconfiguration interface that are made possible by the manufacturer and to integrate the interface inside a Trusted Execution Environment.

Download Full-text

Security and Privacy Issues in IoT Devices and Sensor Networks

10.1016/c2019-0-03189-5 ◽

2021 ◽

Keyword(s):

Sensor Networks ◽

Security And Privacy ◽

Iot Devices ◽

Privacy Issues

Download Full-text