Poster Abstract: Security Comes First, A Public-key Cryptography Framework for the Internet of Things

Abstract—Novel Internet services are emerging around an increasing number of sensors and actuators in our surroundings, commonly referred to as smart devices. Smart devices, which form the backbone of the Internet of Things (IoT), enable alternative forms of user experience by means of automation, convenience, and efficiency. At the same time new security and safety issues arise, given the Internet-connectivity and the interaction possibility of smart devices with human’s proximate living space. Hence, security is a fundamental requirement of the IoT design. In order to remain interoperable with the existing infrastructure, we postulate a security framework compatible to standard IP-based security solutions, yet optimized to meet the constraints of the IoT ecosystem. In this ongoing work, we first identify necessary components of an interoperable secure End-to-End communication while incorporating Public-key Cryptography (PKC). To this end, we tackle involved computational and communication overheads. The required components on the hardware side are the affordable hardware acceleration engines for cryptographic operations and on the software side header compression and long-lasting secure sessions. In future work, we focus on integration of these components into a framework and the evaluation of an early prototype of this framework. I

Hybrid cryptography and steganography method to embed encrypted text message within image

The businesses in various fields use the online communication application to gather their data and information with local and global sources. The gathered data may sensitive such as the financial and businesses development information. The hackers or online thief try to stole the valuable data i.e. credit card numbers. The organizations looking for secure online channels in order to transfer their data efficiently and avoid the data thieving. One of the most applicable methods that developed to secure the online transferred data is the cryptography which transfers the original data or information to encrypted formulation. Cryptography still has many drawbacks such as stole and decrypts the original texts using automatic decryption counter. The main aim of this research is to improve the cryptography securing level using supportive method which is Steganography. The Steganography is the processes of hide the data or information in media files such as video, images and audio files. There are four stages represent the methodology of this paper; (1) encrypt the original texts using RSA algorithm, (2) hide the encrypted texts in Image files, (3) extract the encrypted texts from Image files, and (4) decrypt the original texts using decryption key of RSA algorithm. It is expected to improve the security level of the online transferred textual data. The performance of the final results will be evaluated through compare the Image files quality before and after hide the data in these files. The quality of the original and stego Image files need to be same or near in order to maximize the difficulty of detect that there data hide in these files

Design of Lightweight Authentication Protocol for Fog enabled Internet of Things- A Centralized Authentication Framework

Internet is a large network of networks that spans the entire globe. Internet is playing indispensable role in our daily lives. The physical things are connected to internet with the help of digital identity. With recent advancement of information and communication technologies IoT became vital part of human life. However, IoT is not having standardized architecture. Nowadays IoT is integrated with fog computing which extends platform of cloud computing by providing computing resources on edges of computer network. Fog computing is motivated by IOT and It is decentralized solution for IoT. In addition, Fog computing has supported features like geographic distribution, low latency, location awareness, operate on premise, installed on heterogeneous hardware. IoT with cloud computing does not have such features. Therefore, in this paper, at first we discuss about the distributed fog computing architecture. Subsequently, we address the problem of authentication and design a new authentication framework for fog enabled IOT environment. It is stated that the proposed authentication framework will be useful in many IoT applications such as healthcare system, transportation system, smart cities, home energy management etc

A secure lightweight authentication mechanism for IoT devices in generic domain

The Internet of Things prompt deployment enhances the security concerns of these systems in recent years. The enormous exchange of sensory information between devices raises the necessity for a secure authentication scheme for Internet of Things devices. Despite many proposed schemes, providing authenticated and secure communication for Internet of Things devices is still an open issue. This research addresses challenges pertaining to the Internet of Things authentication, verification, and communication, and proposes a new secure lightweight mechanism for Internet of Things devices in the generic domain. The proposed authentication method utilizes environmental variables obtained by sensors to allow the system to identify genuine devices and reject anomalous connections

Network Forensics of RPL-Based Attacks

IoT devices, which are increasing in highly manner day by day, are now in everywhere in our life. WSNs are used together with IoT devices to monitor real environments. In this study, attacks against WSNs were carried out. The attack chosen for this study is a flood attack. In addition, solution suggestions for this attack are presented. In this context, firstly reference and attack packages have been collected, and then the collected packages have been compared with the reference packages and forensic investigations have been carried out. The result of the evaluation has shown the importance continuous monitoring on 24/7 basis and detecting abnormal behaviors in IoT traffic with forensics analysis for preventing attacks

A Review on Internet of Things (IoT): Security and Privacy Requirements and the Solution Approaches

The world is undergoing a dramatic rapid transformation from isolated systems to ubiquitous Internet-based-enabled 2018;things2019; capable of interacting each other and generating data that can be analyzed to extract valuable information. This highly interconnected global network structure known as Internet of Things will enrich everyone2019;s life, increase business productivity, improve government efficiency, and the list just goes on. However, this new reality (IoT) built on the basis of Internet, contains new kind of challenges from a security and privacy perspective. Traditional security primitives cannot be directly applied to IoT technologies due to the different standards and communication stacks involved. Along with scalability and heterogeneity issues, major part of IoT infrastructure consists of resource constrained devices such as RFIDs and wireless sensor nodes. Therefore, a flexible infrastructure is required capable to deal with security and privacy issues in such a dynamic environment. This paper presents an overview of IoT, security and privacy challenges and the existing security solutions and identifying some open issues for future research

Participatory sensing and wearable technologies as tools to support citizen and open science: Technical and organizational challenges and possible solutions

Wenn BürgerInnen aktiv am Datengewinnungsprozess als zentralem Baustein empirisch ausgerichteter wissenschaftlicher Projekte teilhaben, kann dies als Beitrag zu einer offenen und bürgernahen Wissenschaft angesehen werden. Eine solche Teilhabe kann durch die Bereitstellung von technischen Werkzeugen erheblich erleichtert werden. Daher sollen Participatory Sensing als Bereitstellung von günstigen Sensoren zur Messung von Umweltparametern sowie Wearable Technologies zur Aufnahme von quantifizierten Vitaldaten und physiologischen Zuständen vorgestellt werden. Konzeptionell kann die Bereitstellung von Daten, die mit diesen Werkzeugen erhoben wurden, als Allmende verstanden werden – mit allen damit verbundenen Chancen und Risiken. Nach der Beschreibung von Beispielen aus den Bereichen von Participatory Sensing und Wearable Technologies werden zu erwartende Herausforderungen identifiziert und technisch-organisatorische Ansätze zu deren Lösung skizziert.If citizens actively participate in the process of collecting empirical data, as a key element of empirically oriented scientific projects, this can be seen as a contribution to an open and citizen-oriented science. Such participation can be supported by providing technical tools. The paper therefore presents examples of participatory sensing as the provision of affordable sensors for measuring environmental parameters as well as wearable technologies for recording quantified vital data and physiological states. Conceptually, the provision of data collected with these tools can be understood as a commons – with all opportunities and risks associated with such goods. After describing examples of participatory sensing and wearable technologies, the authors identify potential challenges and outline technical and organizational approaches to solve them

Group Key Management in Wireless Sensor Networks: Introducing Context for Managing the Re-keying Process

This paper proposes an algorithmic solution to Group Key Management (GKM) in Wireless Sensor Networks (WSN), which could address a single point of failure in cybersecurity. The paper moves away from the traditional (de)centralized and distributed solution in GKM and focuses on GKM decision making based on a) the context in which WSN and their nodes communicate, and b) the semantic which describe the environment where WSN and their nodes reside. The proposed algorithm defines which node, within the WSN, could start a re-keying process by generating a group key, and why/how this decision on the re-keying has been made. The algorithm is computable and thus it would be feasible to implement it in software applications built upon a set of WSN nodes in constantly changeable and dynamic mobile computing environments