MQTT-PRESENT: Approach to secure internet of things applications using MQTT protocol

The big challenge to raise for deploying the application's domain of the Internet of Things is security. As one of the popular messaging protocols in the IoT world, the message queue telemetry transport (MQTT) is designed for constrained devices and machine-to-machine communications, based on the publish-subscribe model, it offers a basic authentication using username and password. However, this authentication method might have a problem in terms of security and scalability. In this paper, we provide an analysis of the current research in the literature related to the security for the MQTT protocol, before we give a brief description of each algorithm used on our approach, to finally propose a new approach to secure this protocol based on AugPAKE algorithm and PRESENT encryption. This solution provides mutual authentication between the broker and their clients (publishers and subscribers), the confidentiality of the published message is protected twice, the integrity and non-repudiation of MQTT messages which is protected during the process of transmission

Remote attestation to ensure the security of future Internet of Things services

The Internet of Things (IoT) evolution is gradually reshaping the physical world into smart environments that involve a large number of interconnected resource-constrained devices which collect, process, and exchange enormous amount of (more or less) sensitive information. With the increasing number of interconnected IoT devices and their capabilities to control the environment, IoT systems are becoming a prominent target of sophisticated cyberattacks. To deal with the expanding attack surface, IoT systems require adequate security mechanisms to verify the reliability of IoT devices. Remote attestation protocols have recently gained wide attention in IoT systems as valuable security mechanisms that detect the adversarial presence and guarantee the legitimate state of IoT devices. Various attestation schemes have been proposed to optimize the effectiveness and efficiency of remote attestation protocols of a single IoT device or a group of IoT devices. Nevertheless, some cyber attacks remain undetected by current attestation methods, and attestation protocols still introduce non-negligible computational overheads for resource-constrained devices. This thesis presents the following new contributions in the area of remote attestation protocols that verify the trustworthiness of IoT devices. First, this thesis shows the limitations of existing attestation protocols against runtime attacks which, by compromising a device, may maliciously influence the operation of other genuine devices that interact with the compromised one. To detect such an attack, this thesis introduces the service perspective in remote attestation and presents a synchronous remote attestation protocol for distributed IoT services. Second, this thesis designs, implements and evaluates a novel remote attestation scheme that releases the constraint of synchronous interaction between devices and enables the attestation of asynchronous distributed IoT services. The proposed scheme also attests asynchronously a group of IoT devices, without interrupting the regular operations of all the devices at the same time. Third, this thesis proposes a new approach that aims to reduce the interruption time of the regular work that remote attestation introduces in an IoT device. This approach intends to decrease the computational overhead of attestation by allowing an IoT device to securely offload the attestation process to a cloud service, which then performs attestation independently on the cloud, on behalf of the IoT device

Secure and Dynamic Publish/Subscribe: LCMsec

We propose LCMsec, a brokerless, decentralised Publish/Subscribe protocol. It aims to provide low-latency and high-throughput message-passing for IoT and automotive applications while providing much-needed security functionalities to combat emerging cyber-attacks in that domain. LCMsec is an extension for the Lightweight Communications and Marshalling (LCM) protocol. We extend this protocol by providing not only authenticated encryption of the messages in transit, but also a group discovery protocol inspired by the Raft consensus protocol. The Dutta-Barua group key agreement is used to agree upon a shared symmetric key among subscribers and publishers on a topic. By using a shared group key, we reduce the key agreement overhead and the number of message authentication codes (MACs) per message compared to existing proposals for secure brokerless Publish/Subscribe protocols, which establish a symmetric key between each publisher and subscriber and append multiple MACs to each message

Security in Internet of Things: networked smart objects.

Internet of Things (IoT) is an innovative paradigm approaching both industries and humans every-day life. It refers to the networked interconnection of every-day objects, which are equipped with ubiquitous intelligence. It not only aims at increasing the ubiquity of the Internet, but also at leading towards a highly distributed network of devices communicating with human beings as well as with other devices. Thanks to rapid advances in underlying technologies, IoT is opening valuable opportunities for a large number of novel applications, that promise to improve the quality of humans lives, facilitating the exchange of services. In this scenario, security represents a crucial aspect to be addressed, due to the high level of heterogeneity of the involved devices and to the sensibility of the managed information. Moreover, a system architecture should be established, before the IoT is fully operable in an efficient, scalable and interoperable manner. The main goal of this PhD thesis concerns the design and the implementation of a secure and distributed middleware platform tailored to IoT application domains. The effectiveness of the proposed solution is evaluated by means of a prototype and real case studies

A Scalable and Secure Publish/Subscribe-based Framework for Industrial IoT

In the emerging Industrial Internet of Things (IIoT) scenario machine-to-machine communication is a key technology to set up environments wherein sensors, actuators, and controllers can exchange information autonomously. However, many current communication frameworks do not provide enough dynamic interoperability and security. Hence, we propose a novel communication framework, based on MQTT broker bridging, which, in an Industrial IoT scenario, can foster dynamic interoperability across different production lines or industrial sites, guaranteeing, at the same time, a higher degree of isolation and control over the information flows, thereby increasing the overall security of the whole scenario. The solution we propose does also support dynamic authentication and authorization and has been practically implemented and evaluated in a proper small-scale IIoT testbed, encompassing PLCs, IIoT gateways, as well as MQTT brokers with novel and extended capabilities. The evaluation results demonstrate a linear time complexity for all the considered implementations and bridging modes of the extended brokers. Moreover, all considered access token encapsulation techniques demonstrate a minimum overhead in comparison with standard MQTT brokers

Security protocols for mobile ubiquitous e-health systems

Mención Internacional en el título de doctorWearable and implantable medical devices constitute an already established industry nowadays. According to a recent research [113], North America is currently the most important market followed by Europe, Asia-Pacific and the rest of the world. Additionally, the same document remarks the importance of the Asia-Pacific region due to the rising ageing population and the overpopulation in that area. The most common implantable medical devices include pacemakers, defibrillators, cochlear implants, insulin pumps, and neurostimulators among others. In recent years, the proliferation of smartphones and other mobile “smart” devices with substantial computational and communication capabilities have reshaped the way wireless body area network may be implemented. In their current generation (or in a near future), all of them share a common feature: wireless communication capabilities [127]. Moreover, implantable medical devices have the ability to support and store telemetry data facilitating the remote monitoring of the patient. Medical devices can be part of a wireless body area network, operating both as sensors and as actuators and making decisions in real time. On the other hand, a new kind of devices called wearables such as smart bracelets or smart watches have been equipped with several sensors like Photoplethysmogram (PPG) to record the heart beats, accelerometers to count the steps or Global Positioning System (GPS) to geopositioning users and were originally conceived as cheap solutions to help people to improve their workout. However these devices have demonstrated to be quite useful in many healthcare environments due to a huge variety of different and low-cost medical sensors. Thus, patients can be monitored for long periods of time without interfering in their daily life and taking their vital signs constantly under control. Security and privacy issues have been described as two of the most challenging problems of implantable medical devices and, more generally, wireless body area networks [6, 47, 84, 103]. As an example, it has been demonstrated that somebody equipped with a low cost device can eavesdrop on the data exchanged between a reader and a peacemaker and may even induce a cardiac arrest [71]. Health-related data have been the focus of several attacks almost since the adoption of computers in the healthcare domain. As a recent example, in 2010 personal data from more than 26 million of veterans were stolen from the Department of Veterans Affairs’ database in the US by an employee who had access to the database [104]. The Ponemon Institute pointed out that Germany and the US spent in 2013 more than $7.56 and$11 millions, respectively, to protect personal health records from attacks. This PhD dissertation explores the security and privacy of data in healthcare environments where confidential information is measured in real time by some sensors placed in, on, or around the human body. Security and privacy in medical conditions have been widely studied by the research community, nonetheless with the recent boom of wearable devices, new security issues have arisen. The first part of this dissertation is dedicated to the introduction and to expose both the main motivation and objectives of this PhD Thesis. Additionally the contributions and the organization of this document are also presented. In the second part a recent proposal has been analysed from the security and privacy points of view. From this study, vulnerabilities concerning to full disclosure, impersonation, traceability, de-synchronization, and Denial-of-Service (DoS) attacks have been found. These attacks make the protocol infeasible to be introduced with an adequate security and sufficient privacy protection level. Finally, a new protocol named Fingerprint⁺ protocol for Internet of Thing (IoT) is presented, which is based on ISO/IEC 9798-2 and ISO/IEC 18000-6C and whose security is formally verified using BAN logic. In the third part of this dissertation, a new system based on International Standard Organization (ISO) standards and security National Institute of Standards and Technology (NIST) recommendations have been proposed. First, we present a mutual entity authentication protocol inspired on ISO/IEC 9798 Part 2. This system could be deployed in a hospital where Radio Frequency IDentification (RFID) technology may be used to prune blood-handling errors, i.e., the identities of the patients and blood bags are confirmed (authentication protocol) and after that the matching between both entities is checked (verification step). Second, a secure messaging protocol inspired on ISO/IEC 11770 Part 2 and similar to that used in electronic passports is presented. Nowadays the new generation of medical implants possess wireless connectivity. Imagine a doctor equipped with a reader aims to access the records of vital signals stored on the memory of an implant. In this scenario, the doctor (reader) and the patient (implant) are first mutually authenticated and then a secure exchange of data can be performed. The fourth part of this Thesis provides an architecture based on two cryptographic protocols, the first one is for publishing personal data in a body area network composed of different sensors whereas the second one is designed for sending commands to those sensors by guaranteeing the confidentiality and fine-grained access control to the private data. Both protocols are based on a recently proposed public cryptography paradigm named ciphertext policy attribute-based encryption scheme which is lightweight enough to be embedded into wearable devices and sensors. Contrarily to other proposals made on this field, this architecture allows sensors not only to encrypt data but also to decrypt messages generated by other devices. The fifth part presents a new decentralized attribute based encryption scheme named Decentralized Ciphertext-Policy Attribute Based Searchable Encryption that incorporates ciphertext-policy attribute-based encryption with keyword search over encrypted data. This scheme allows users to (a) encrypt their personal data collected by a Wireless Body Area Network (WBAN) according to a policy of attributes; (b) define a set of keywords to enable other users (e.g., hospital stuff) to perform encrypted search over their personal (encrypted) data; (c) securely store the encrypted data on a semi-honest server and let the semi-honest server run the (encrypted) keyword search. Note that any user can perform a keyword query on the encrypted data, however the decryption of the resulting ciphertexts is possible only for users whose attribute satisfy the policy with which the data had been encrypted. We state and prove the security of our scheme against an honest-but-curious server and a passive adversary. Finally, we implement our system on heterogeneous devices and demonstrate its efficiency and scalability. Finally, this document ends with a conclusions achieved during this PhD and a summary of the main published contributions.Los dispositivos médicos implantables como los marcapasos o las bombas de insulina fueron concebidas originalmente para controlar automáticamente ciertos parámetros biológicos y, llegado el caso, poder actuar ante comportamientos anómalos como ataques cardíacos o episodios de hipoglucemia. Recientemente, han surgido uno dispositivos llamados wearables como las pulseras cuantificadoras, los relojes inteligentes o las bandas pectorales. Estos dispositivos han sido equipados con un número de sensores con capacidad de monitorizar señales vitales como el ritmo cardíaco, los movimientos (acelerómetros) o sistemas de posicionamiento (GPS) entre otros muchas opciones, siendo además una solución asequible y accesible para todo el mundo. A pesar de que el propósito original fue la mejora del rendimiento en actividades deportivas, estos dispositivos han resultado ser de gran utilidad en entornos médicos debido a su amplia variedad de sensores. Esta tecnología puede ayudar al personal médico a realizar seguimientos personalizados, constantes y en tiempo real del comportamiento de los pacientes, sin necesidad de interferir en sus vidas cotidianas. Esta Tesis doctoral está centrada en la seguridad y privacidad en entornos médicos, donde la información es recogida en tiempo real a través de una serie de sensores que pueden estar implantados o equipados en el propio paciente. La seguridad y la privacidad en entornos médicos ha sido el foco de muchos investigadores, no obstante con el reciente auge de los wearables se han generado nuevos retos debido a que son dispositivos con fuertes restricciones de cómputo, de memoria, de tamaño o de autonomía. En la primera parte de este documento, se introduce el problema de la seguridad y la privacidad en el paradigma de Internet de las cosas y haciendo especial hincapié en los entornos médicos. La motivación así como los principales objetivos y contribuciones también forman parte de este primer capítulo introductorio. La segunda parte de esta Tesis presenta un nuevo protocolo de autenticación basado en RFID para IoT. Este capítulo analiza previamente, desde el punto de vista de la seguridad y la privacidad un protocolo publicado recientemente y, tras demostrar que carece de las medidas de seguridad suficientes, un nuevo protocolo llamado Fingerprint⁺ compatible con los estándares de seguridad definidos en el estándar ISO/IEC 9798-2 y EPC-C1G2 (equivalente al estándard ISO/IEC 18000-6C) ha sido propuesto. Un nuevo sistema basado en estándares ISO y en recomendaciones realizadas por el NIST ha sido propuesto en la tercera parte de esta Tesis. En este capítulo se presentan dos protocolos bien diferenciados, el primero de ellos consiste en un protocolo de autenticación basado en el estándar ISO/IEC 9798 Part 2. A modo de ejemplo, este protocolo puede evitar problemas de compatibilidad sanguínea, es decir, primero se confirma que el paciente es quien dice ser y que la bolsa de sangre realmente contiene sangre (proceso de autenticación). Posteriormente se comprueba que esa bolsa de sangre va a ser compatible con el paciente (proceso de verificación). El segundo de los protocolos propuestos consiste en un protocolo seguro para el intercambio de información basado en el estándar ISO/IEC 11770 Part 2 (el mismo que los pasaportes electrónicos). Siguiendo con el ejemplo médico, imaginemos que un doctor equipado con un lector de radiofrecuencia desea acceder a los datos que un dispositivo implantado en el paciente está recopilando. En este escenario tanto el lector como el implante, se deben autenticar mutuamente para poder realizar el intercambio de información de manera segura. En el cuarto capítulo, una nueva arquitectura basada en el modelo de Publish/Subscribe ha sido propuesto. Esta solución está compuesta de dos protocolos, uno para el intercambio de información en una red de área personal y otro para poder reconfigurar el comportamiento de los sensores. Ambos protocolos están diseñados para garantizar tanto la seguridad como la privacidad de todos los datos que se envían en la red. Para ello, el sistema está basado en un sistema de criptografía de clave pública llamado Attribute Based Encryption que es suficientemente ligero y versátil como para ser implementado en dispositivos con altas restricciones de cómputo y de memoria. A continuación, en el quinto capítulo se propone una solución completamente orientada a entornos médicos donde la información que los sensores obtienen de los pacientes es cifrada y almacenada en servidores públicos. Una vez en estos servidores, cualquier usuario con privilegios suficientes puede realizar búsquedas sobre datos cifrados, obtener la información y descifrarla. De manera adicional, antes de que los datos cifrados se manden a la nube, el paciente puede definir una serie de palabras claves que se enlazarán a los datos para permitir posteriormente búsquedas y así obtener la información relacionada a un tema en concreto de manera fácil y eficiente. El último capítulo de esta Tesis se muestran las principales conclusiones obtenidas así como un resumen de las contribuciones científicas publicadas durante el período doctoral.Programa Oficial de Doctorado en Ciencia y Tecnología InformáticaPresidente: Arturo Ribagorda Garnacho.- Secretario: Jorge Blasco Alís.- Vocal: Jesús Garicia López de Lacall