scholarly journals Performance Analysis of the Hybrid MQTT/UMA and Restful IoT Security Model

2021 ◽  
Vol 11 (01) ◽  
pp. 26-41
Author(s):  
Omar H. Alhazmi ◽  
Khalid S. Aloufi
Keyword(s):  
Performance Analysis ◽  
Security Model ◽  
Iot Security

scholarly journals Towards a Formal IoT Security Model

Symmetry ◽  
2020 ◽  
Vol 12 (8) ◽  
pp. 1305 ◽  
Author(s):  
Tania Martin ◽  
Dimitrios Geneiatakis ◽  
Ioannis Kounelis ◽  
Stéphanie Kerckhof ◽  
Igor Nai Fovino
Keyword(s):  
Security Evaluation ◽  
Security Level ◽  
Universal Model ◽  
Arbitrary System ◽  
Security Model ◽  
Iot Security ◽  
Fine Grained ◽  
Security Properties ◽  
Definition Of

The heterogeneity of Internet of Things (IoT) systems has so far prevented the definition of adequate standards, hence making it difficult to compare meaningfully the security degree of diverse architectural choices. This task can be nonetheless achieved with formal methodologies. However, the dedicated IoT literature shows no evidence of a universal model allowing the security evaluation of any arbitrary system. Based on these considerations, we propose a new model that aims at being global and all-encompassing. Our model can be used to fairly analyse the security level of different IoT systems and compare them in a significant way. It is designed to be adaptive with realistic definitions of the adversary’s (1) actions of interacting with IoT systems; (2) capabilities of accessing the data generated by and exchanged in IoT systems with established rules; and (3) objectives of attacking IoT systems according to the four recognised security properties of confidentiality, integrity, availability and soundness. Such a design enables the straightforward characterization of new adversaries. It further helps in providing a fine-grained security evaluation of IoT systems by either accurately describing attacks against the analysed systems or formally proving their guaranteed level of security.

scholarly journals libInterMAC: Beyond Confidentiality and Integrity in Practice

2019 ◽  
pp. 46-83
Author(s):  
Martin R. Albrecht ◽  
Torben Brandt Hansen ◽  
Kenneth G. Paterson
Keyword(s):  
Performance Analysis ◽  
Denial Of Service ◽  
Security Model ◽  
File Transfer ◽  
Arbitrary Length ◽  
Fine Grained ◽  
Encryption Schemes ◽  
Practical Performance ◽  
Security Guarantees ◽  
A Performance

Boldyreva et al. (Eurocrypt 2012) defined a fine-grained security model capturing ciphertext fragmentation attacks against symmetric encryption schemes. The model was extended by Albrecht et al. (CCS 2016) to include an integrity notion. The extended security model encompasses important security goals of SSH that go beyond confidentiality and integrity to include length hiding and denial-of-service resistance properties. Boldyreva et al. also defined and analysed the InterMAC scheme, while Albrecht et al. showed that InterMAC satisfies stronger security notions than all currently available SSH encryption schemes. In this work, we take the InterMAC scheme and make it fully ready for use in practice. This involves several steps. First, we modify the InterMAC scheme to support encryption of arbitrary length plaintexts and we replace the use of Encrypt-then-MAC in InterMAC with modern noncebased authenticated encryption. Second, we describe a reference implementation of the modified InterMAC scheme in the form of the library libInterMAC. We give a performance analysis of libInterMAC. Third, to test the practical performance of libInterMAC, we implement several InterMAC-based encryption schemes in OpenSSH and carry out a performance analysis for the use-case of file transfer using SCP. We measure the data throughput and the data overhead of using InterMAC-based schemes compared to existing schemes in OpenSSH. Our analysis shows that, for some network set-ups, using InterMAC-based schemes in OpenSSH only moderately affects performance whilst providing stronger security guarantees compared to existing schemes.

scholarly journals Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Technologies ◽  
2020 ◽  
Vol 8 (4) ◽  
pp. 50
Author(s):  
Anthony Overmars ◽  
Sitalakshmi Venkatraman
Keyword(s):  
Monitoring System ◽  
Low Cost ◽  
Water Monitoring ◽  
Security And Privacy ◽  
Security Model ◽  
Smart Environment ◽  
Iot Security ◽  
Security Controls ◽  
Smart Water ◽  
Iot Devices

Recent growth in the Internet of Things (IoT) looks promising for realizing a smart environment of the future. However, concerns about the security of IoT devices are escalating as they are inherently constrained by limited resources, heterogeneity, and lack of standard security controls or protocols. Due to their inability to support state-of-the-art secure network protocols and defense mechanisms, standard security solutions are unsuitable for dynamic IoT environments that require large and smart IoT infrastructure deployments. At present, the IoT based smart environment deployments predominantly use cloud-centric approaches to enable continuous and on-demand data exchange that leads to further security and privacy risks. While standard security protocols, such as Virtual Private Networks (VPNs), have been explored for certain IoT environments recently, the implementation models reported have several variations and are not practically scalable for any dynamically scalable IoT deployment. This paper addresses current drawbacks in providing the required flexibility, interoperability, scalability, and low-cost practical viability of a secure IoT infrastructure. We propose an adaptive end-to-end security model that supports the defense requirements for a scalable IoT infrastructure. With low-cost embedded controllers, such as the Raspberry Pi, allowing for the convergence of more sophisticated networking protocols to be embedded at the IoT monitoring interface, we propose a scalable IoT security model integrating both the IoT devices and the controller as one embedded device. Our approach is unique, with a focus on the integration of a security protocol at the embedded interface. In addition, we demonstrate a prototype implementation of our IoT security model for a smart water monitoring system. We believe that our modest first step would instill future research interests in this direction.

scholarly journals A Hybrid IoT Security Model of MQTT and UMA

2020 ◽  
Vol 12 (04) ◽  
pp. 155-173
Author(s):  
Khalid S. Aloufi ◽  
Omar H. Alhazmi
Keyword(s):  
Security Model ◽  
Iot Security

scholarly journals Efficient Certificate-Based Signcryption Secure against Public Key Replacement Attacks and Insider Attacks

2014 ◽  
Vol 2014 ◽  
pp. 1-12 ◽  
Author(s):  
Yang Lu ◽  
Jiguo Li
Keyword(s):  
Performance Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Public Key ◽  
Security Model ◽  
Efficient Manner ◽  
Cryptographic Primitive ◽  
Replacement Attack ◽  
Signcryption Scheme

Signcryption is a useful cryptographic primitive that achieves confidentiality and authentication in an efficient manner. As an extension of signcryption in certificate-based cryptography, certificate-based signcryption preserves the merits of certificate-based cryptography and signcryption simultaneously. In this paper, we present an improved security model of certificate-based signcryption that covers both public key replacement attack and insider security. We show that an existing certificate-based signcryption scheme is insecure in our model. We also propose a new certificate-based signcryption scheme that achieves security against both public key replacement attacks and insider attacks. We prove in the random oracle model that the proposed scheme is chosen-ciphertext secure and existentially unforgeable. Performance analysis shows that the proposed scheme outperforms all the previous certificate-based signcryption schemes in the literature.

scholarly journals Study of Machine Learning for Cloud Assisted IoT Security as a Service

Sensors ◽  
2021 ◽  
Vol 21 (4) ◽  
pp. 1034
Author(s):  
Maram Alsharif ◽  
Danda B. Rawat
Keyword(s):  
Machine Learning ◽  
Model Building ◽  
Security Model ◽  
Service Architecture ◽  
Iot Security ◽  
Detection Systems ◽  
Viable Solution ◽  
Large Sector ◽  
Iot Devices ◽  
Security As A Service

Machine learning (ML) has been emerging as a viable solution for intrusion detection systems (IDS) to secure IoT devices against different types of attacks. ML based IDS (ML-IDS) normally detect network traffic anomalies caused by known attacks as well as newly introduced attacks. Recent research focuses on the functionality metrics of ML techniques, depicting their prediction effectiveness, but overlooked their operational requirements. ML techniques are resource-demanding that require careful adaptation to fit the limited computing resources of a large sector of their operational platform, namely, embedded systems. In this paper, we propose cloud-based service architecture for managing ML models that best fit different IoT device operational configurations for security. An IoT device may benefit from such a service by offloading to the cloud heavy-weight activities such as feature selection, model building, training, and validation, thus reducing its IDS maintenance workload at the IoT device and get the security model back from the cloud as a service.

Sign in / Sign up

Export Citation Format

Share Document