228,843 research outputs found
SECURE BOOTSTRAPPING AND ACCESS CONTROL IN NDN-BASED SMART HOME SYSTEMS
Smart home systems utilize network-enabled sensors to collect environmental data and provide various services to home residents. Such a system must be designed with security mechanisms to protect the safety and privacy of the residents. More specifically, we need to secure the production, dissemination, and consumption of smart home data, as well as prevent any unauthorized access to the services provided by the system. In this work, we study how to build a secure smart home system in the context of Named Data Networking, a future Internet architecture that has unique advantages in securing Internet of Things. We focus on solving two security problems: (a) mutual authentication between a new device and an existing smart home system to bootstrap the device, and (b) controlling access to smart home data. We designed a naming hierarchy for a smart home system and the corresponding trust model. Based on the naming and trust model, we designed bootstrapping protocols which enforce mutual cryptographic challenges, and a programming template which facilitates Name-based Access Control. We have designed and implemented an application that incorporates these solutions. Evaluation result shows: (a) the bootstrapping protocols can defend against replay attacks with a small computation overhead, and (b) Name-Based Access Control can provide accurate time schedules to restrict access to fine-grained data types with a small computation overhead
A survey on subjecting electronic product code and non-ID objects to IP identification
Over the last decade, both research on the Internet of Things (IoT) and
real-world IoT applications have grown exponentially. The IoT provides us with
smarter cities, intelligent homes, and generally more comfortable lives.
However, the introduction of these devices has led to several new challenges
that must be addressed. One of the critical challenges facing interacting with
IoT devices is to address billions of devices (things) around the world,
including computers, tablets, smartphones, wearable devices, sensors, and
embedded computers, and so on. This article provides a survey on subjecting
Electronic Product Code and non-ID objects to IP identification for IoT
devices, including their advantages and disadvantages thereof. Different
metrics are here proposed and used for evaluating these methods. In particular,
the main methods are evaluated in terms of their: (i) computational overhead,
(ii) scalability, (iii) adaptability, (iv) implementation cost, and (v) whether
applicable to already ID-based objects and presented in tabular format.
Finally, the article proves that this field of research will still be ongoing,
but any new technique must favorably offer the mentioned five evaluative
parameters.Comment: 112 references, 8 figures, 6 tables, Journal of Engineering Reports,
Wiley, 2020 (Open Access
After the Gold Rush: The Boom of the Internet of Things, and the Busts of Data-Security and Privacy
This Article addresses the impact that the lack of oversight of the Internet of Things has on digital privacy. While the Internet of Things is but one vehicle for technological innovation, it has created a broad glimpse into domestic life, thus triggering several privacy issues that the law is attempting to keep pace with. What the Internet of Things can reveal is beyond the control of the individual, as it collects information about every practical aspect of an individual’s life, and provides essentially unfettered access into the mind of its users. This Article proposes that the federal government and the state governments bend toward consumer protection while creating a cogent and predictable body of law surrounding the Internet of Things. Through privacy-by-design or self-help, it is imperative that the Internet of Things—and any of its unforeseen progeny—develop with an eye toward safeguarding individual privacy while allowing technological development
Context-aware Dynamic Discovery and Configuration of 'Things' in Smart Environments
The Internet of Things (IoT) is a dynamic global information network
consisting of Internet-connected objects, such as RFIDs, sensors, actuators, as
well as other instruments and smart appliances that are becoming an integral
component of the future Internet. Currently, such Internet-connected objects or
`things' outnumber both people and computers connected to the Internet and
their population is expected to grow to 50 billion in the next 5 to 10 years.
To be able to develop IoT applications, such `things' must become dynamically
integrated into emerging information networks supported by architecturally
scalable and economically feasible Internet service delivery models, such as
cloud computing. Achieving such integration through discovery and configuration
of `things' is a challenging task. Towards this end, we propose a Context-Aware
Dynamic Discovery of {Things} (CADDOT) model. We have developed a tool
SmartLink, that is capable of discovering sensors deployed in a particular
location despite their heterogeneity. SmartLink helps to establish the direct
communication between sensor hardware and cloud-based IoT middleware platforms.
We address the challenge of heterogeneity using a plug in architecture. Our
prototype tool is developed on an Android platform. Further, we employ the
Global Sensor Network (GSN) as the IoT middleware for the proof of concept
validation. The significance of the proposed solution is validated using a
test-bed that comprises 52 Arduino-based Libelium sensors.Comment: Big Data and Internet of Things: A Roadmap for Smart Environments,
Studies in Computational Intelligence book series, Springer Berlin
Heidelberg, 201
Towards NFC payments using a lightweight architecture for the Web of Things
The Web (and Internet) of Things has seen the rapid emergence of new protocols and standards, which provide for innovative models of interaction for applications. One such model fostered by the Web of Things (WoT) ecosystem is that of contactless interaction between devices. Near Field Communication (NFC) technology is one such enabler of contactless interactions. Contactless technology for the WoT requires all parties to agree one common definition and implementation and, in this paper, we propose a new lightweight architecture for the WoT, based on RESTful approaches. We show how the proposed architecture supports the concept of a mobile wallet, enabling users to make secure payments employing NFC technology with their mobile devices. In so doing, we argue that the vision of the WoT is brought a step closer to fruition
ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability
Virtualization of Internet of Things(IoT) is a concept of dynamically
building customized high-level IoT services which
rely on the real time data streams from low-level physical
IoT sensors. Security in IoT virtualization is challenging,
because with the growing number of available (building
block) services, the number of personalizable virtual
services grows exponentially. This paper proposes Service
Object Capability(SOC) ticket system, a decentralized access
control mechanism between servers and clients to effi-
ciently authenticate and authorize each other without using
public key cryptography. SOC supports decentralized
partial delegation of capabilities specified in each server/-
client ticket. Unlike PKI certificates, SOC’s authentication
time and handshake packet overhead stays constant regardless
of each capability’s delegation hop distance from the
root delegator. The paper compares SOC’s security bene-
fits with Kerberos and the experimental results show SOC’s
authentication incurs significantly less time packet overhead
compared against those from other mechanisms based on
RSA-PKI and ECC-PKI algorithms. SOC is as secure as,
and more efficient and suitable for IoT environments, than
existing PKIs and Kerberos
- …