scholarly journals FLEX-IoT: Secure and Resource-Efficient Network Boot System for Flexible-IoT Platform

Sensors ◽  
2021 ◽  
Vol 21 (6) ◽  
pp. 2060
Author(s):  
Keon-Ho Park ◽  
Seong-Jin Kim ◽  
Joobeom Yun ◽  
Seung-Ho Lim ◽  
Ki-Woong Park
Keyword(s):  
Access Control ◽  
Image Transfer ◽  
File Transfer ◽  
Security Vulnerabilities ◽  
File Access ◽  
Iot Platform ◽  
Transfer Method ◽  
Iot Devices ◽  
Operation Schedule ◽  
Network Overhead

In an internet of things (IoT) platform with a copious number of IoT devices and active variation of operational purpose, IoT devices should be able to dynamically change their system images to play various roles. However, the employment of such features in an IoT platform is hindered by several factors. Firstly, the trivial file transfer protocol (TFTP), which is generally used for network boot, has major security vulnerabilities. Secondly, there is an excessive demand for the server during the network boot, since there are numerous IoT devices requesting system images according to the variation of their roles, which exerts a heavy network overhead on the server. To tackle these challenges, we propose a system termed FLEX-IoT. The proposed system maintains a FLEX-IoT orchestrater which uses an IoT platform operation schedule to flexibly operate the IoT devices in the platform. The IoT platform operation schedule contains the schedules of all the IoT devices on the platform, and the FLEX-IoT orchestrater employs this schedule to flexibly change the mode of system image transfer at each moment. FLEX-IoT consists of a secure TFTP service, which is fully compatible with the conventional TFTP, and a resource-efficient file transfer method (adaptive transfer) to streamline the system performance of the server. The proposed secure TFTP service comprises of a file access control and attacker deception technique. The file access control verifies the identity of the legitimate IoT devices based on the hash chain shared between the IoT device and the server. FLEX-IoT provides security to the TFTP for a flexible IoT platform and minimizes the response time for network boot requests based on adaptive transfer. The proposed system was found to significantly increase the attack-resistance of TFTP with little additional overhead. In addition, the simulation results show that the volume of transferred system images on the server decreased by 27% on average, when using the proposed system.

scholarly journals Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

2013 ◽  
Author(s):  
Parikshit N. Mahalle ◽  
Bayu Anggorojati ◽  
Neeli R. Prasad ◽  
Ramjee Prasad
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Secure Communication ◽  
Identity Authentication ◽  
Security Protocol ◽  
The Internet ◽  
Dos Attacks ◽  
Security Vulnerabilities ◽  
Iot Devices ◽  
The Internet Of Things

In the last few years the Internet of Things (IoT) has seen widespreadapplication and can be found in each field. Authentication and accesscontrol are important and critical functionalities in the context of IoTto enable secure communication between devices. Mobility, dynamicnetwork topology and weak physical security of low power devices in IoTnetworks are possible sources for security vulnerabilities. It ispromising to make an authentication and access control attack resistant andlightweight in a resource constrained and distributed IoT environment.This paper presents the Identity Authentication and Capability basedAccess Control (IACAC) model with protocol evaluation and performanceanalysis. To protect IoT from man-in-the-middle, replay and denial ofservice (Dos) attacks, the concept of capability for access control isintroduced. The novelty of this model is that, it presents an integratedapproach of authentication and access control for IoT devices. Theresults of other related study have also been analyzed to validate andsupport our findings. Finally, the proposed protocol is evaluated byusing security protocol verification tool and verification results showsthat IACAC is secure against aforementioned attacks. This paper alsodiscusses performance analysis of the protocol in terms of computationaltime compared to other existing solutions. Furthermore, this paper addresseschallenges in IoT and security attacks are modelled with the use casesto give an actual view of IoT networks.

Hardware Information Flow Tracking

2021 ◽  
Vol 54 (4) ◽  
pp. 1-39
Author(s):  
Wei Hu ◽  
Armaiti Ardeshiricham ◽  
Ryan Kastner
Keyword(s):  
Access Control ◽  
Computer Security ◽  
Information Flow ◽  
Hardware Security ◽  
Computing System ◽  
Security Vulnerabilities ◽  
Information Flow Tracking ◽  
Side Channels ◽  
Security Properties ◽  
Tools And Techniques

Information flow tracking (IFT) is a fundamental computer security technique used to understand how information moves through a computing system. Hardware IFT techniques specifically target security vulnerabilities related to the design, verification, testing, manufacturing, and deployment of hardware circuits. Hardware IFT can detect unintentional design flaws, malicious circuit modifications, timing side channels, access control violations, and other insecure hardware behaviors. This article surveys the area of hardware IFT. We start with a discussion on the basics of IFT, whose foundations were introduced by Denning in the 1970s. Building upon this, we develop a taxonomy for hardware IFT. We use this to classify and differentiate hardware IFT tools and techniques. Finally, we discuss the challenges yet to be resolved. The survey shows that hardware IFT provides a powerful technique for identifying hardware security vulnerabilities, as well as verifying and enforcing hardware security properties.

Employing Object-Based Storage Devices to Embed File Access Control in Storage

2011 ◽  
Vol 17 (1) ◽  
pp. 1-11
Author(s):  
Youhui Zhang ◽  
Hongyi Wang ◽  
Dongsheng Wang ◽  
Weimin Zheng
Keyword(s):  
Access Control ◽  
Storage Devices ◽  
File Access ◽  
Object Based

Centralized, Distributed, and Everything in between

2022 ◽  
Vol 54 (7) ◽  
pp. 1-34
Author(s):  
Sophie Dramé-Maigné ◽  
Maryline Laurent ◽  
Laurent Castillo ◽  
Hervé Ganem
Keyword(s):  
Access Control ◽  
Future Research ◽  
The Internet ◽  
Research Directions ◽  
Security Issues ◽  
Security Properties ◽  
Future Research Directions ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Security Of Iot

The Internet of Things is taking hold in our everyday life. Regrettably, the security of IoT devices is often being overlooked. Among the vast array of security issues plaguing the emerging IoT, we decide to focus on access control, as privacy, trust, and other security properties cannot be achieved without controlled access. This article classifies IoT access control solutions from the literature according to their architecture (e.g., centralized, hierarchical, federated, distributed) and examines the suitability of each one for access control purposes. Our analysis concludes that important properties such as auditability and revocation are missing from many proposals while hierarchical and federated architectures are neglected by the community. Finally, we provide an architecture-based taxonomy and future research directions: a focus on hybrid architectures, usability, flexibility, privacy, and revocation schemes in serverless authorization.

scholarly journals Threshold-Based Location-Aware Access Control

2011 ◽  
Vol 2 (3) ◽  
pp. 22-37 ◽  
Author(s):  
Roel Peeters ◽  
Dave Singelée ◽  
Bart Preneel
Keyword(s):  
Access Control ◽  
Control Mechanism ◽  
Single Point ◽  
Security Vulnerabilities ◽  
Location Aware ◽  
Control Scheme ◽  
Access Control System ◽  
Security And Reliability ◽  
User Friendly ◽  
Personal Devices

Designing a secure, resilient and user-friendly access control system is a challenging task. In this article, a threshold-based location-aware access control mechanism is proposed. This design uniquely combines the concepts of secret sharing and distance bounding protocols to tackle various security vulnerabilities. The proposed solution makes use of the fact that the user carries around various personal devices. This solution offers protection against any set of or fewer compromised user’s devices, with being an adjustable threshold number. It removes the single point of failure in the system, as access is granted when one carries any set of user’s devices. Additionally it supports user-centered management, since users can alter the set of personal devices and can adjust the security parameters of the access control scheme towards their required level of security and reliability.

Analysis of Vulnerabilities in IoT and Its Solutions

2021 ◽  
pp. 157-177
Author(s):  
Puspanjali Mallik
Keyword(s):  
Security And Privacy ◽  
Heterogeneous Structure ◽  
Privacy Concern ◽  
Security Vulnerabilities ◽  
Smart Vehicles ◽  
Security Issues ◽  
Smart Healthcare ◽  
Wide Range ◽  
Main Motive ◽  
Iot Devices

The internet of things (IoT) fulfils abundant demands of present society by facilitating the services of cutting-edge technology in terms of smart home, smart healthcare, smart city, smart vehicles, and many more, which enables present day objects in our environment to have network communication and the capability to exchange data. These wide range of applications are collected, computed, and provided by thousands of IoT elements placed in open spaces. The highly interconnected heterogeneous structure faces new types of challenges from a security and privacy concern. Previously, security platforms were not so capable of handling these complex platforms due to different communication stacks and protocols. It seems to be of the utmost importance to keep concern about security issues relating to several attacks and vulnerabilities. The main motive of this chapter is to analyze the broad overview of security vulnerabilities and its counteractions. Generally, it discusses the major security techniques and protocols adopted by the IoT and analyzes the attacks against IoT devices.

scholarly journals Investigating Brute Force Attack Patterns in IoT Network

2019 ◽  
Vol 2019 ◽  
pp. 1-13 ◽  
Author(s):  
Deris Stiawan ◽  
Mohd. Yazid Idris ◽  
Reza Firsandaya Malik ◽  
Siti Nurmaini ◽  
Nizar Alsharif ◽  
...  
Keyword(s):  
Brute Force ◽  
File Transfer ◽  
Iot Security ◽  
Insider Attack ◽  
Attack Pattern ◽  
Internal Network ◽  
Attack Patterns ◽  
Iot Devices ◽  
Set Up ◽  
Brute Force Attack

Internet of Things (IoT) devices may transfer data to the gateway/application server through File Transfer Protocol (FTP) transaction. Unfortunately, in terms of security, the FTP server at a gateway or data sink very often is improperly set up. At the same time, password matching/theft holding is among the popular attacks as the intruders attack the IoT network. Thus, this paper attempts to provide an insight of this type of attack with the main aim of coming up with attack patterns that may help the IoT system administrator to analyze any similar attacks. This paper investigates brute force attack (BFA) on the FTP server of the IoT network by using a time-sensitive statistical relationship approach and visualizing the attack patterns that identify its configurations. The investigation focuses on attacks launched from the internal network, due to the assumption that the IoT network has already installed a firewall. An insider/internal attack launched from an internal network endangers more the entire IoT security system. The experiments use the IoT network testbed that mimic the internal attack scenario with three major goals: (i) to provide a topological description on how an insider attack occurs; (ii) to achieve attack pattern extraction from raw sniffed data; and (iii) to establish attack pattern identification as a parameter to visualize real-time attacks. Experimental results validate the investigation.

scholarly journals Defending Iot from Ddos Using Lightweight Authentication

2018 ◽  
Vol 7 (4.6) ◽  
pp. 388
Author(s):  
G. A. Vani ◽  
M. Metilda Florence
Keyword(s):  
Internet Of Things ◽  
Power Consumption ◽  
Processing Speed ◽  
Experimental Setup ◽  
Light Weight ◽  
Iot Platform ◽  
Iot Devices ◽  
Lightweight Authentication

The emergence of Internet of things (IoT) is due to its   ability to dutifully transfer the data through a network. Now the concern is that security is not considered as main priority while developing the product. IoT is prone to vulnerabilities where Botnet and DDoS kind of attacks are common and a major issue that has to be considered these days. Since IoT is in no way resistive to attacks, this paper is all about proposing a solution for the Distributed Denial of Services attack that happens on IoT platform. Light weight authentication is necessary for any IoT devices because to reduce the power consumption and increase the processing speed of the device [16]. The experimental setup is built on OS named Contiki with cooja simulator that suits to all the devices that are in the IoT environment.   

A Machine Learning-Based Exploration of Relationship Between Security Vulnerabilities of IoT Devices and Manufacturers

2020 ◽  
Vol 1 (2) ◽  
pp. 1-12
Author(s):  
Ritu Chauhan ◽  
Gatha Tanwar
Keyword(s):  
Cyber Security ◽  
Automated System ◽  
Smart Devices ◽  
Protocol Stack ◽  
Security Vulnerabilities ◽  
Local Networks ◽  
Daily Lives ◽  
Security Issues ◽  
Iot Devices ◽  
The Internet Of Things

The internet of things has brought in innovations in the daily lives of users. The enthusiasm and openness of consumers have fuelled the manufacturers to dish out new devices with more features and better aesthetics. In an attempt to keep up with the competition, the manufacturers are not paying enough attention to cyber security of these smart devices. The gravity of security vulnerabilities is further aggravated due to their connected nature. As a result, a compromised device would not only stop providing the intended service but could also act as a host for malware introduced by an attacker. This study has focused on 10 manufacturers, namely Fitbit, D-Link, Edimax, Ednet, Homematic, Smarter, Osram, Belkin Wemo, Philips Hue, and Withings. The authors studied the security issues which have been raised in the past and the communication protocols used by devices made by these brands. It was found that while security vulnerabilities could be introduced due to lack of attention to details while designing an IoT device, they could also get introduced by the protocol stack and inadequate system configuration. Researchers have iterated that protocols like TCP, UDP, and mDNS have inherent security shortcomings and manufacturers need to be mindful of the fact. Furthermore, if protocols like EAPOL or Zigbee have been used, then the device developers need to be aware of safeguarding the keys and other authentication mechanisms. The authors also analysed the packets captured during setup of 23 devices by the above-mentioned manufacturers. The analysis gave insight into the underlying protocol stack preferred by the manufacturers. In addition, they also used count vectorizer to tokenize the protocols used during device setup and use them to model a multinomial classifier to identify the manufacturers. The intent of this experiment was to determine if a manufacturer could be identified based on the tokenized protocols. The modelled classifier could then be used to drive an algorithm to checklist against possible security vulnerabilities, which are characteristic of the protocols and the manufacturer history. Such an automated system will be instrumental in regular diagnostics of a smart system. The authors then wrapped up this report by suggesting some measures a user can take to protect their local networks and connected devices.

Sign in / Sign up

Export Citation Format

Share Document