Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99

Internet of things: Vision, applications and research challenges

The term “Internet-of-Things” is used as an umbrella keyword for covering various aspects related to the extension of the Internet and the Web into the physical realm, by means of the widespread deployment of spatially distributed devices with embedded identification, sensing and/or actuation capabilities. Internet-of-Things envisions a future in which digital and physical entities can be linked, by means of appropriate information and communication technologies, to enable a whole new class of applications and services. In this article, we present a survey of technologies, applications and research challenges for Internet-of-Things

Energy harvesting and wireless transfer in sensor network applications: Concepts and experiences

Advances in micro-electronics and miniaturized mechanical systems are redefining the scope and extent of the energy constraints found in battery-operated wireless sensor networks (WSNs). On one hand, ambient energy harvesting may prolong the systems lifetime or possibly enable perpetual operation. On the other hand, wireless energy transfer allows systems to decouple the energy sources from the sensing locations, enabling deployments previously unfeasible. As a result of applying these technologies to WSNs, the assumption of a finite energy budget is replaced with that of potentially infinite, yet intermittent, energy supply, profoundly impacting the design, implementation, and operation of WSNs. This article discusses these aspects by surveying paradigmatic examples of existing solutions in both fields and by reporting on real-world experiences found in the literature. The discussion is instrumental in providing a foundation for selecting the most appropriate energy harvesting or wireless transfer technology based on the application at hand. We conclude by outlining research directions originating from the fundamental change of perspective that energy harvesting and wireless transfer bring about

Towards end-to-end security in internet of things based healthcare

Healthcare IoT systems are distinguished in that they are designed to serve human beings, which primarily raises the requirements of security, privacy, and reliability. Such systems have to provide real-time notifications and responses concerning the status of patients. Physicians, patients, and other caregivers demand a reliable system in which the results are accurate and timely, and the service is reliable and secure. To guarantee these requirements, the smart components in the system require a secure and efficient end-to-end communication method between the end-points (e.g., patients, caregivers, and medical sensors) of a healthcare IoT system. The main challenge faced by the existing security solutions is a lack of secure end-to-end communication. This thesis addresses this challenge by presenting a novel end-to-end security solution enabling end-points to securely and efficiently communicate with each other. The proposed solution meets the security requirements of a wide range of healthcare IoT systems while minimizing the overall hardware overhead of end-to-end communication. End-to-end communication is enabled by the holistic integration of the following contributions. The first contribution is the implementation of two architectures for remote monitoring of bio-signals. The first architecture is based on a low power IEEE 802.15.4 protocol known as ZigBee. It consists of a set of sensor nodes to read data from various medical sensors, process the data, and send them wirelessly over ZigBee to a server node. The second architecture implements on an IP-based wireless sensor network, using IEEE 802.11 Wireless Local Area Network (WLAN). The system consists of a IEEE 802.11 based sensor module to access bio-signals from patients and send them over to a remote server. In both architectures, the server node collects the health data from several client nodes and updates a remote database. The remote webserver accesses the database and updates the webpage in real-time, which can be accessed remotely. The second contribution is a novel secure mutual authentication scheme for Radio Frequency Identification (RFID) implant systems. The proposed scheme relies on the elliptic curve cryptography and the D-Quark lightweight hash design. The scheme consists of three main phases: (1) reader authentication and verification, (2) tag identification, and (3) tag verification. We show that among the existing public-key crypto-systems, elliptic curve is the optimal choice due to its small key size as well as its efficiency in computations. The D-Quark lightweight hash design has been tailored for resource-constrained devices. The third contribution is proposing a low-latency and secure cryptographic keys generation approach based on Electrocardiogram (ECG) features. This is performed by taking advantage of the uniqueness and randomness properties of ECG's main features comprising of PR, RR, PP, QT, and ST intervals. This approach achieves low latency due to its reliance on reference-free ECG's main features that can be acquired in a short time. The approach is called Several ECG Features (SEF)-based cryptographic key generation. The fourth contribution is devising a novel secure and efficient end-to-end security scheme for mobility enabled healthcare IoT. The proposed scheme consists of: (1) a secure and efficient end-user authentication and authorization architecture based on the certificate based Datagram Transport Layer Security (DTLS) handshake protocol, (2) a secure end-to-end communication method based on DTLS session resumption, and (3) support for robust mobility based on interconnected smart gateways in the fog layer. Finally, the fifth and the last contribution is the analysis of the performance of the state-of-the-art end-to-end security solutions in healthcare IoT systems including our end-to-end security solution. In this regard, we first identify and present the essential requirements of robust security solutions for healthcare IoT systems. We then analyze the performance of the state-of-the-art end-to-end security solutions (including our scheme) by developing a prototype healthcare IoT system

Security Applications for Converging Technologies - Impact on the Constitutional State and the Legal order

In this study we investigate the impact of converging technologies on legal practice and criminology in a forward looking study intended for practitioners and policy makers in the field of legislation, crime prevention, and law enforcement. We look at a 15 years timeframe and discuss the scientific and technical progress in various domains as well as the ethical, legal, and policy dilemmas involved.

Hybrid intelligent decision support system for distributed detection based on ad hoc integrated WSN & RFID

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonThe real time monitoring of environment context aware activities, based on distributed detection, is becoming a standard in public safety and service delivery in a wide range of domains (child and elderly care and supervision, logistics, circulation, and other). The safety of people, goods and premises depends on the prompt immediate reaction to potential hazards identified in real time, at an early stage to engage appropriate control actions. Effective emergency response can be supported only by available and acquired expertise or elaborate collaborative knowledge in the domain of distributed detection that include indoor sensing, tracking and localizing. This research proposes a hybrid conceptual multi-agent framework for the acquisition of collaborative knowledge in dynamic complex context aware environments for distributed detection. This framework has been applied for the design and development of a hybrid intelligent multi-agent decision system (HIDSS) that supports a decentralized active sensing, tracking and localizing strategy, and the deployment and configuration of smart detection devices associated to active sensor nodes wirelessly connected in a network topology to configure, deploy and control ad hoc wireless sensor networks (WSNs). This system, which is based on the interactive use of data, models and knowledge base, has been implemented to support fire detection and control access fusion functions aimed at elaborating: An integrated data model, grouping the building information data and WSN-RFID database, composed of the network configuration and captured data, A virtual layout configuration of the controlled premises, based on using a building information model, A knowledge-based support for the design of generic detection devices, A multi-criteria decision making model for generic detection devices distribution, ad hoc WSNs configuration, clustering and deployment, and Predictive data models for evacuation planning, and fire and evacuation simulation. An evaluation of the system prototype has been carried out to enrich information and knowledge fusion requirements and show the scope of the concepts used in data and process modelling. It has shown the practicability of hybrid solutions grouping generic homogeneous smart detection devices enhanced by heterogeneous support devices in their deployment, forming ad hoc networks that integrate WSNs and radio frequency identification (RFID) technology. The novelty in this work is the web-based support system architecture proposed in this framework that is based on the use of intelligent agent modelling and multi-agent systems, and the decoupling of the processes supporting the multi-sensor data fusion from those supporting different context applications. Although this decoupling is essential to appropriately distribute the different fusion functions, the integration of several dimensions of policy settings for the modelling of knowledge processes, and intelligent and pro-active decision making activities, requires the organisation of interactive fusion functions deployed upstream to a safety and emergency response.Saudi government, represented by the Ministry of Interior and General Directorate of Civil Defenc

On Passive Wireless Sensors Based on Intermodulation Communication

Wireless sensors are needed in applications where a wired connection is difficult. Wireless sensors are often equipped with a radio transceiver and a battery or another energy source. These energy sources may limit life-time or operation conditions, and increase the size and cost of wireless sensors. Wireless sensors can also be passive. Due to the limited energy available for these sensors, they typically only support relatively short communication distances and may not provide a means for identifying a certain sensor. This dissertation develops a certain type of passive wireless sensors called the intermodulation communication sensors. This type of passive wireless sensor may potentially have many advantages compared with other passive wireless sensors. Intermodulation communication sensors have been developed in many ways in this dissertation. One challenge was that they were difficult to make compliant with frequency regulations due to the relatively large band needed. This dissertation shows how the bandwidth required can be reduced significantly by using a Quartz crystal or other mechanical resonators. It is also demonstrated that such a resonator enables the utilization of a generic capacitive sensing element in the sensor, making it possible to monitor a broad set of variables. Furthermore, it is shown how intermodulation sensors can be made identifiable. Despite the fact that the studied sensor circuits are fairly simple, many important parameters, such as the read-out distance and measurements resolution strongly depend on the selected circuit components. This dissertation derives design equations for one specific sensor circuitry. The design equations help to choose proper component values in order to achieve the best possible read-out resolution. Passive wireless sensors are often used in large volume applications where low sensor fabrication cost is important. Unit fabrication costs of electronic circuits can typically be lowered by increasing volumes and the integration level. This dissertation studied how the integration of intermodulation communication sensors could be increased by integrating all the passives. The intermodulation communication sensors are interrogated with a specific reader device. This dissertation has contributed to the development and realization of a reader device whose limitations affecting reader performance are studied. The reader device also needs to estimate the sensor state from the measured intermodulation response of the sensor. Furthermore, this dissertation has contributed to the development of an estimation algorithm for the sensor state