Footsteps in the fog: Certificateless fog-based access control

The proliferating adoption of the Internet of Things (IoT) paradigm has fuelled the need for more efficient and resilient access control solutions that aim to prevent unauthorized resource access. The majority of existing works in this field follow either a centralized approach (i.e. cloud-based) or an architecture where the IoT devices are responsible for all decision-making functions. Furthermore, the resource-constrained nature of most IoT devices make securing the communication between these devices and the cloud using standard cryptographic solutions difficult. In this paper, we propose a distributed access control architecture where the core components are distributed between fog nodes and the cloud. To facilitate secure communication, our architecture utilizes a Certificateless Hybrid Signcryption scheme without pairing. We prove the effectiveness of our approach by providing a comparative analysis of its performance in comparison to the commonly used cloud-based centralized architectures. Our implementation uses Azure – an existing commercial platform, and Keycloak – an open-source platform, to demonstrate the real-world applicability. Additionally, we measure the performance of the adopted encryption scheme on two types of resource-constrained devices to further emphasize the applicability of the proposed architecture. Finally, the experimental results are coupled with a theoretical analysis that proves the security of our approach

LiSP-XK: Extended Light-Weight Signcryption for IoT in Resource-Constrained Environments

There is an increasing drive to provide improved levels of trust within an Internet-of-Things (IoTs) environments, but the devices and sensors used tend to be limited in their capabilities for dealing with traditional cryptography methods. Resource constraints and security are often the two major concerns of IIoT (Industrial IoT applications and big data generation at the present time. The strict security measures are often not significantly resource-managed and therefore, negotiation normally takes place between these. Following this, various lightweight versions of generic security primitives have been developed for IIoT and other resource-constrained sustainability. In this paper, we address the authentication concerns for resource-constrained environments by designing an efficient authentication protocol. Our authentication scheme is based on LiSP (light-weight Signcryption Protocol); however, some further customization has been performed on it to make it more suitable for IIoT-like resource-constrained environments. We use Keccack as the hash function in the process and Elli for lightweight public-key cryptography. We name our authentication scheme: Extended lightweight Signcryption Protocol with Keccack (LiSP-XK). The paper outlines a comparative analysis on our new design of authentication against a range of state-of-the-art schemes. We find the suitability of LiSP-XK for IIoT like environments due to its lesser complexity and less energy consumption. Moreover, the signcryption process is also beneficial in enhancing security. Overall the paper shows that LiSP-XK is overall 35% better in efficiency as compared to the other signcryption approaches

Footsteps in the fog: Certificateless fog-based access control

The proliferating adoption of the Internet of Things (IoT) paradigm has fuelled the need for more efficient and resilient access control solutions that aim to prevent unauthorized resource access. The majority of existing works in this field follow either a centralized approach (i.e. cloud-based) or an architecture where the IoT devices are responsible for all decision-making functions. Furthermore, the resource-constrained nature of most IoT devices make securing the communication between these devices and the cloud using standard cryptographic solutions difficult. In this paper, we propose a distributed access control architecture where the core components are distributed between fog nodes and the cloud. To facilitate secure communication, our architecture utilizes a Certificateless Hybrid Signcryption scheme without pairing. We prove the effectiveness of our approach by providing a comparative analysis of its performance in comparison to the commonly used cloud-based centralized architectures. Our implementation uses Azure – an existing commercial platform, and Keycloak – an open-source platform, to demonstrate the real-world applicability. Additionally, we measure the performance of the adopted encryption scheme on two types of resource-constrained devices to further emphasize the applicability of the proposed architecture. Finally, the experimental results are coupled with a theoretical analysis that proves the security of our approach

A secured framework for SDN-based edge computing in IoT-enabled healthcare system

The Internet of Things (IoT) consists of resource-constrained smart devices capable to sense and process data. It connects a huge number of smart sensing devices, i.e., things, and heterogeneous networks. The IoT is incorporated into different applications, such as smart health, smart home, smart grid, etc. The concept of smart healthcare has emerged in different countries, where pilot projects of healthcare facilities are analyzed. In IoT-enabled healthcare systems, the security of IoT devices and associated data is very important, whereas Edge computing is a promising architecture that solves their computational and processing problems. Edge computing is economical and has the potential to provide low latency data services by improving the communication and computation speed of IoT devices in a healthcare system. In Edge-based IoT-enabled healthcare systems, load balancing, network optimization, and efficient resource utilization are accurately performed using artificial intelligence (AI), i.e., intelligent software-defined network (SDN) controller. SDN-based Edge computing is helpful in the efficient utilization of limited resources of IoT devices. However, these low powered devices and associated data (private sensitive data of patients) are prone to various security threats. Therefore, in this paper, we design a secure framework for SDN-based Edge computing in IoT-enabled healthcare system. In the proposed framework, the IoT devices are authenticated by the Edge servers using a lightweight authentication scheme. After authentication, these devices collect data from the patients and send them to the Edge servers for storage, processing, and analyses. The Edge servers are connected with an SDN controller, which performs load balancing, network optimization, and efficient resource utilization in the healthcare system. The proposed framework is evaluated using computer-based simulations. The results demonstrate that the proposed framework provides better solutions for IoT-enabled healthcare systems. © 2013 IEEE. **Please note that there are multiple authors for this article therefore only the name of the first 5 including Federation University Australia affiliate “Venki Balasubramaniam” is provided in this record*

An analysis of the AAḃ asymmetric encryption scheme on embedded devices for IoT environment / Syed Farid Syed Adnan

Lightweight cryptography offers energy-efficient cryptographic capabilities on low powered devices such as those commonly found in the Internet of Things (IoT). One such lightweight scheme is the AA-Beta (AAḃ) asymmetric cryptographic scheme whose algorithm consists of only basic arithmetic operations of addition and subtraction for both the encryption and decryption processes. These features resulted in faster runtime compared to the more established RS A asymmetric encryption scheme, making AAp a potential alternative for IoT security. At the time of writing this thesis, AAḃ algorithm still exists as a mathematical concept and proven in a mathematical based software. To date, this research found no known practical implementation of the AAḃ algorithm to prove or to validate its efficiency on a real-world computing platform. There has been no analysis of the AAḃ performance on any resource-constrained platform although previous mathematical simulations showed that it would perform well in resource-constrained platforms. It is also not known how the algorithm would perform against the widely used RSA on resource-constrained platforms. This thesis seeks to study the AAḃ design philosophy and the specifications of the AAḃ asymmetric encryption scheme, develop the AAḃ encryption scheme and evaluate the computational speed, power consumption and feasibility of AAḃ encryption scheme on an embedded system in the practical domain. The results from the study are being compared to the mathematical simulation, and experimentally, to the RSA. This investigation takes the form of an IoT environment, beginning with an in-depth examination of the AAḃ encryption scheme design, and continuing into the development and real-world application of AAḃ from its mathematical origin. The experimental analysis focused on the AAḃ algorithm's performance on embedded platforms, namely, the Raspberry Pi microcomputer and microcontroller (ARM Cortex-M7) platforms. A feasibility assessment for an AAḃ cryptosystem for sensor nodes including a client to server testbed with wireless communications was carried out in the final stage. In this research work, the performance analysis of the AAḃ scheme produced remarkable timing improvements for the encryption and decryption of messages when compared to previous trials on a numeric computing environment. The research goes on to compare the energy consumptions for encryption and decryption using the AAḃ AAp scheme with similar processes using the Textbook RSA scheme on the aforesaid embedded platforms. The AAḃ encryption process demonstrates a significantly lower energy consumption compared to RSA, where as much as three times less energy was used by AAḃ when encrypting messages while considerable energy savings were also seen during AAḃ message decryption on the Raspberry Pi 2 and ARM Cortex-M7 device. A conclusion can thus be made that the AAḃ encryption scheme is a cryptographic scheme with a great potential for deployment on low-powered devices especially at the encryption side, offering fast and energy-efficient asymmetric cryptographic capabilities to all devices

Recent advances in industrial wireless sensor networks towards efficient management in IoT

With the accelerated development of Internet-of- Things (IoT), wireless sensor networks (WSN) are gaining importance in the continued advancement of information and communication technologies, and have been connected and integrated with Internet in vast industrial applications. However, given the fact that most wireless sensor devices are resource constrained and operate on batteries, the communication overhead and power consumption are therefore important issues for wireless sensor networks design. In order to efficiently manage these wireless sensor devices in a unified manner, the industrial authorities should be able to provide a network infrastructure supporting various WSN applications and services that facilitate the management of sensor-equipped real-world entities. This paper presents an overview of industrial ecosystem, technical architecture, industrial device management standards and our latest research activity in developing a WSN management system. The key approach to enable efficient and reliable management of WSN within such an infrastructure is a cross layer design of lightweight and cloud-based RESTful web service