1,043 research outputs found
I2PA, U-prove, and Idemix: An Evaluation of Memory Usage and Computing Time Efficiency in an IoT Context
The Internet of Things (IoT), in spite of its innumerable advantages, brings
many challenges namely issues about users' privacy preservation and constraints
about lightweight cryptography. Lightweight cryptography is of capital
importance since IoT devices are qualified to be resource-constrained. To
address these challenges, several Attribute-Based Credentials (ABC) schemes
have been designed including I2PA, U-prove, and Idemix. Even though these
schemes have very strong cryptographic bases, their performance in
resource-constrained devices is a question that deserves special attention.
This paper aims to conduct a performance evaluation of these schemes on
issuance and verification protocols regarding memory usage and computing time.
Recorded results show that both I2PA and U-prove present very interesting
results regarding memory usage and computing time while Idemix presents very
low performance with regard to computing time
Computational and Energy Costs of Cryptographic Algorithms on Handheld Devices
Networks are evolving toward a ubiquitous model in which heterogeneous
devices are interconnected. Cryptographic algorithms are required for developing security
solutions that protect network activity. However, the computational and energy limitations
of network devices jeopardize the actual implementation of such mechanisms. In this
paper, we perform a wide analysis on the expenses of launching symmetric and asymmetric
cryptographic algorithms, hash chain functions, elliptic curves cryptography and pairing
based cryptography on personal agendas, and compare them with the costs of basic operating
system functions. Results show that although cryptographic power costs are high and such
operations shall be restricted in time, they are not the main limiting factor of the autonomy
of a device
LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments
The non-repudiation as an essential requirement of many applications can be
provided by the asymmetric key model. With the evolution of new applications
such as mobile commerce, it is essential to provide secure and efficient
solutions for the mobile environments. The traditional public key cryptography
involves huge computational costs and is not so suitable for the
resource-constrained platforms. The elliptic curve-based approaches as the
newer solutions require certain considerations that are not taken into account
in the traditional public key infrastructures. The main contribution of this
paper is to introduce a Lightweight Public Key Infrastructure (LPKI) for the
constrained platforms such as mobile phones. It takes advantages of elliptic
curve cryptography and signcryption to decrease the computational costs and
communication overheads, and adapting to the constraints. All the computational
costs of required validations can be eliminated from end-entities by
introduction of a validation authority to the introduced infrastructure and
delegating validations to such a component. LPKI is so suitable for mobile
environments and for applications such as mobile commerce where the security is
the great concern.Comment: 6 Pages, 6 Figure
I2PA : An Efficient ABC for IoT
Internet of Things (IoT) is very attractive because of its promises. However,
it brings many challenges, mainly issues about privacy preserving and
lightweight cryptography. Many schemes have been designed so far but none of
them simultaneously takes into account these aspects. In this paper, we propose
an efficient ABC scheme for IoT devices. We use ECC without pairing, blind
signing and zero knowledge proof. Our scheme supports block signing, selective
disclosure and randomization. It provides data minimization and transactions'
unlinkability. Our construction is efficient since smaller key size can be used
and computing time can be reduced. As a result, it is a suitable solution for
IoT devices characterized by three major constraints namely low energy power,
small storage capacity and low computing power
A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications
[Abstract] Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up to 50% and a data throughput that doubles RSA in most scenarios. These conclusions are then corroborated by a frame temporal analysis of Ethernet packets. In addition, current data compression algorithms are evaluated, concluding that, when dealing with the small payloads related to IoT applications, they do not pay off in terms of real data throughput and power consumption.Galicia. Consellería de Cultura, Educación e Ordenación Universitaria; ED431C 2016-045Agencia Estatal de Investigación (España); TEC2013-47141-C4-1-RAgencia Estatal de Investigación (España); TEC2015-69648-REDCAgencia Estatal de Investigación (España); TEC2016-75067-C4-1-RGalicia. Consellería de Cultura, Educación e Ordenación Universitaria; ED341D2016/012Galicia. Consellería de Cultura, Educación e Ordenación Universitaria; ED431G/0
ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability
Virtualization of Internet of Things(IoT) is a concept of dynamically
building customized high-level IoT services which
rely on the real time data streams from low-level physical
IoT sensors. Security in IoT virtualization is challenging,
because with the growing number of available (building
block) services, the number of personalizable virtual
services grows exponentially. This paper proposes Service
Object Capability(SOC) ticket system, a decentralized access
control mechanism between servers and clients to effi-
ciently authenticate and authorize each other without using
public key cryptography. SOC supports decentralized
partial delegation of capabilities specified in each server/-
client ticket. Unlike PKI certificates, SOC’s authentication
time and handshake packet overhead stays constant regardless
of each capability’s delegation hop distance from the
root delegator. The paper compares SOC’s security bene-
fits with Kerberos and the experimental results show SOC’s
authentication incurs significantly less time packet overhead
compared against those from other mechanisms based on
RSA-PKI and ECC-PKI algorithms. SOC is as secure as,
and more efficient and suitable for IoT environments, than
existing PKIs and Kerberos
New Secure IoT Architectures, Communication Protocols and User Interaction Technologies for Home Automation, Industrial and Smart Environments
Programa Oficial de Doutoramento en Tecnoloxías da Información e das Comunicacións en Redes Móbiles. 5029V01Tese por compendio de publicacións[Abstract]
The Internet of Things (IoT) presents a communication network where heterogeneous
physical devices such as vehicles, homes, urban infrastructures or industrial machinery
are interconnected and share data. For these communications to be successful, it is
necessary to integrate and embed electronic devices that allow for obtaining environmental
information (sensors), for performing physical actuations (actuators) as well as
for sending and receiving data (network interfaces).
This integration of embedded systems poses several challenges. It is needed for these
devices to present very low power consumption. In many cases IoT nodes are powered by
batteries or constrained power supplies. Moreover, the great amount of devices needed in
an IoT network makes power e ciency one of the major concerns of these deployments,
due to the cost and environmental impact of the energy consumption. This need for low
energy consumption is demanded by resource constrained devices, con
icting with the
second major concern of IoT: security and data privacy. There are critical urban and
industrial systems, such as tra c management, water supply, maritime control, railway
control or high risk industrial manufacturing systems such as oil re neries that will
obtain great bene ts from IoT deployments, for which non-authorized access can posse
severe risks for public safety. On the other hand, both these public systems and the
ones deployed on private environments (homes, working places, malls) present a risk for
the privacy and security of their users. These IoT deployments need advanced security
mechanisms, both to prevent access to the devices and to protect the data exchanged
by them.
As a consequence, it is needed to improve two main aspects: energy e ciency of IoT
devices and the use of lightweight security mechanisms that can be implemented by
these resource constrained devices but at the same time guarantee a fair degree of
security.
The huge amount of data transmitted by this type of networks also presents another
challenge. There are big data systems capable of processing large amounts of data,
but with IoT the granularity and dispersion of the generated information presents a
new scenario very di erent from the one existing nowadays. Forecasts anticipate that there will be a growth from the 15 billion installed devices in 2015 to more than 75
billion devices in 2025. Moreover, there will be much more services exploiting the data
produced by these networks, meaning the resulting tra c will be even higher. The
information must not only be processed in real time, but data mining processes will
have to be performed to historical data.
The main goal of this Ph.D. thesis is to analyze each one of the previously described
challenges and to provide solutions that allow for an adequate adoption of IoT in
Industrial, domestic and, in general, any scenario that can obtain any bene t from the
interconnection and
exibility that IoT brings.[Resumen]
La internet de las cosas (IoT o Internet of Things) representa una red de intercomunicaciones
en la que participan dispositivos físicos de toda índole, como vehículos,
viviendas, electrodomésticos, infraestructuras urbanas o maquinaria y dispositivos industriales.
Para que esta comunicación se pueda llevar a cabo es necesario integrar
elementos electr onicos que permitan obtener informaci on del entorno (sensores), realizar
acciones f sicas (actuadores) y enviar y recibir la informaci on necesaria (interfaces de
comunicaciones de red).
La integración y uso de estos sistemas electrónicos embebidos supone varios retos. Es
necesario que dichos dispositivos presenten un consumo reducido. En muchos casos
deberían ser alimentados por baterías o fuentes de alimentación limitadas. Además,
la gran cantidad de dispositivos que involucra la IoT hace necesario que la e ciencia
energética de los mismos sea una de las principales preocupaciones, por el coste e
implicaciones medioambientales que supone el consumo de electricidad de los mismos.
Esta necesidad de limitar el consumo provoca que dichos dispositivos tengan unas
prestaciones muy limitadas, lo que entra en conflicto con la segunda mayor preocupación
de la IoT: la seguridad y privacidad de los datos. Por un lado existen sistemas críticos
urbanos e industriales, como puede ser la regulación del tráfi co, el control del suministro
de agua, el control marítimo, el control ferroviario o los sistemas de producción industrial
de alto riesgo, como refi nerías, que son claros candidatos a benefi ciarse de la IoT, pero
cuyo acceso no autorizado supone graves problemas de seguridad ciudadana. Por otro
lado, tanto estos sistemas de naturaleza publica, como los que se desplieguen en entornos
privados (viviendas, entornos de trabajo o centros comerciales, entre otros) suponen
un riesgo para la privacidad y también para la seguridad de los usuarios. Todo esto
hace que sean necesarios mecanismos de seguridad avanzados, tanto de acceso a los
dispositivos como de protección de los datos que estos intercambian.
En consecuencia, es necesario avanzar en dos aspectos principales: la e ciencia energética de los dispositivos y el uso de mecanismos de seguridad e ficientes, tanto
computacional como energéticamente, que permitan la implantación de la IoT sin
comprometer la seguridad y la privacidad de los usuarios. Por otro lado, la ingente cantidad de información que estos sistemas puede llegar
a producir presenta otros dos retos que deben ser afrontados. En primer lugar, el
tratamiento y análisis de datos toma una nueva dimensión. Existen sistemas de big
data capaces de procesar cantidades enormes de información, pero con la internet de
las cosas la granularidad y dispersión de los datos plantean un escenario muy distinto
al actual. La previsión es pasar de 15.000.000.000 de dispositivos instalados en 2015
a más de 75.000.000.000 en 2025. Además existirán multitud de servicios que harán
un uso intensivo de estos dispositivos y de los datos que estos intercambian, por lo
que el volumen de tráfico será todavía mayor. Asimismo, la información debe ser
procesada tanto en tiempo real como a posteriori sobre históricos, lo que permite
obtener información estadística muy relevante en diferentes entornos.
El principal objetivo de la presente tesis doctoral es analizar cada uno de estos retos
(e ciencia energética, seguridad, procesamiento de datos e interacción con el usuario)
y plantear soluciones que permitan una correcta adopción de la internet de las cosas
en ámbitos industriales, domésticos y en general en cualquier escenario que se pueda
bene ciar de la interconexión y
flexibilidad de acceso que proporciona el IoT.[Resumo]
O internet das cousas (IoT ou Internet of Things) representa unha rede de intercomunicaci
óns na que participan dispositivos físicos moi diversos, coma vehículos, vivendas,
electrodomésticos, infraestruturas urbanas ou maquinaria e dispositivos industriais.
Para que estas comunicacións se poidan levar a cabo é necesario integrar elementos
electrónicos que permitan obter información da contorna (sensores), realizar accións
físicas (actuadores) e enviar e recibir a información necesaria (interfaces de comunicacións
de rede).
A integración e uso destes sistemas electrónicos integrados supón varios retos. En
primeiro lugar, é necesario que estes dispositivos teñan un consumo reducido. En
moitos casos deberían ser alimentados por baterías ou fontes de alimentación limitadas.
Ademais, a gran cantidade de dispositivos que se empregan na IoT fai necesario que a
e ciencia enerxética dos mesmos sexa unha das principais preocupacións, polo custo e
implicacións medioambientais que supón o consumo de electricidade dos mesmos. Esta
necesidade de limitar o consumo provoca que estes dispositivos teñan unhas prestacións
moi limitadas, o que entra en con
ito coa segunda maior preocupación da IoT: a
seguridade e privacidade dos datos. Por un lado existen sistemas críticos urbanos e
industriais, como pode ser a regulación do tráfi co, o control de augas, o control marítimo,
o control ferroviario ou os sistemas de produción industrial de alto risco, como refinerías,
que son claros candidatos a obter benefi cios da IoT, pero cuxo acceso non autorizado
supón graves problemas de seguridade cidadá. Por outra parte tanto estes sistemas de
natureza pública como os que se despreguen en contornas privadas (vivendas, contornas
de traballo ou centros comerciais entre outros) supoñen un risco para a privacidade e
tamén para a seguridade dos usuarios. Todo isto fai que sexan necesarios mecanismos
de seguridade avanzados, tanto de acceso aos dispositivos como de protección dos datos
que estes intercambian.
En consecuencia, é necesario avanzar en dous aspectos principais: a e ciencia enerxética
dos dispositivos e o uso de mecanismos de seguridade re cientes, tanto computacional
como enerxéticamente, que permitan o despregue da IoT sen comprometer a seguridade
e a privacidade dos usuarios.
Por outro lado, a inxente cantidade de información que estes sistemas poden chegar
a xerar presenta outros retos que deben ser tratados. O tratamento e a análise de
datos toma unha nova dimensión. Existen sistemas de big data capaces de procesar
cantidades enormes de información, pero coa internet das cousas a granularidade e
dispersión dos datos supón un escenario moi distinto ao actual. A previsión e pasar
de 15.000.000.000 de dispositivos instalados no ano 2015 a m ais de 75.000.000.000 de
dispositivos no ano 2025. Ademais existirían multitude de servizos que farían un uso
intensivo destes dispositivos e dos datos que intercambian, polo que o volume de tráfico
sería aínda maior. Do mesmo xeito a información debe ser procesada tanto en tempo
real como posteriormente sobre históricos, o que permite obter información estatística
moi relevante en diferentes contornas.
O principal obxectivo da presente tese doutoral é analizar cada un destes retos
(e ciencia enerxética, seguridade, procesamento de datos e interacción co usuario) e
propor solucións que permitan unha correcta adopción da internet das cousas en ámbitos
industriais, domésticos e en xeral en todo aquel escenario que se poda bene ciar da
interconexión e
flexibilidade de acceso que proporciona a IoT
- …