Sécurité collaborative pour l internet des objets

Cette thèse aborde des nouveaux défis de sécurité dans l'Internet des Objets (IdO). La transition actuelle de l'Internet classique vers l'Internet des Objets conduit à de nombreux changements dans les modèles de communications sous-jacents. La nature hétérogène des communications de l IdO et le déséquilibre entre les capacités des entités communicantes qui le constituent rendent difficile l'établissement de connexions sécurisées de bout en bout. Contrairement aux nœuds de l Internet traditionnel, la plupart des composants de l'Internet des Objets sont en effet caractérisés par de faibles capacités en termes d'énergie et de puissance calcul. Par conséquent, ils ne sont pas en mesure de supporter des systèmes de sécurité complexes. En particulier, la mise en place d'un canal de communication sécurisé de bout en bout nécessite l établissement d'une clé secrète commune entre les deux nœuds souhaitant communiquer, qui sera négociée en s'appuyant sur un protocole d'échange de clés tels que le Transport Layer Security (TLS) Handshake ou l Internet Key Exchange (IKE). Or, une utilisation directe de ces protocoles pour établir des connexions sécurisées entre deux entités de l IdO peut être difficile en raison de l'écart technologique entre celles-ci et des incohérences qui en résultent sur le plan des primitives cryptographiques supportées. Le sujet de l'adaptation des protocoles de sécurité existants pour répondre à ces nouveaux défis a récemment été soulevé dans la communauté scientifique. Cependant, les premières solutions proposées n'ont pas réussi à répondre aux besoins des nœuds à ressources limitées. Dans cette thèse, nous proposons de nouvelles approches collaboratives pour l'établissement de clés, dans le but de réduire les exigences des protocoles de sécurité existants, afin que ceux-ci puissent être mis en œuvre par des nœuds à ressources limitées. Nous avons particulièrement retenu les protocoles TLS Handshake, IKE et HIP BEX comme les meilleurs candidats correspondant aux exigences de sécurité de bout en bout pour l'IdO. Puis nous les avons modifiés de sorte que le nœud contraint en énergie puisse déléguer les opérations cryptographiques couteuses à un ensemble de nœuds au voisinage, tirant ainsi avantage de l'hétérogénéité spatiale qui caractérise l IdO. Nous avons entrepris des vérifications formelles de sécurité et des analyses de performance qui prouvent la sureté et l'efficacité énergétique des protocoles collaboratifs proposés. Dans une deuxième partie, nous avons porté notre attention sur une classe d attaques internes que la collaboration entre les nœuds peut induire et que les mécanismes cryptographiques classiques, tels que la signature et le chiffrement, s'avèrent impuissants à contrer. Cela nous a amené à introduire la notion de confiance au sein d'un groupe collaboratif. Le niveau de fiabilité d'un nœud est évalué par un mécanisme de sécurité dédié, connu sous le nom de système de gestion de confiance. Ce système est lui aussi instancié sur une base collaborative, dans laquelle plusieurs nœuds partagent leurs témoignages respectifs au sujet de la fiabilité des autres nœuds. En nous appuyant sur une analyse approfondie des systèmes de gestion de confiance existants et des contraintes de l IoD, nous avons conçu un système de gestion de confiance efficace pour nos protocoles collaboratifs. Cette efficacité a été évaluée en tenant compte de la façon dont le système de gestion de la confiance répond aux exigences spécifiques à nos approches proposées pour l'établissement de clés dans le contexte de l'IdO. Les résultats des analyses de performance que nous avons menées démontrent le bon fonctionnement du système proposé et une efficacité accrue par rapport à la littératureThis thesis addresses new security challenges in the Internet of Things (IoT). The current transition from legacy Internet to Internet of Things leads to multiple changes in its communication paradigms. Wireless sensor networks (WSNs) initiated this transition by introducing unattended wireless topologies, mostly made of resource constrained nodes, in which radio spectrum therefore ceased to be the only resource worthy of optimization. Today's Machine to Machine (M2M) and Internet of Things architectures further accentuated this trend, not only by involving wider architectures but also by adding heterogeneity, resource capabilities inconstancy and autonomy to once uniform and deterministic systems. The heterogeneous nature of IoT communications and imbalance in resources capabilities between IoT entities make it challenging to provide the required end-to-end secured connections. Unlike Internet servers, most of IoT components are characterized by low capabilities in terms of both energy and computing resources, and thus, are unable to support complex security schemes. The setup of a secure end-to-end communication channel requires the establishment of a common secret key between both peers, which would be negotiated relying on standard security key exchange protocols such as Transport Layer Security (TLS) Handshake or Internet Key Exchange (IKE). Nevertheless, a direct use of existing key establishment protocols to initiate connections between two IoT entities may be impractical because of the technological gap between them and the resulting inconsistencies in their cryptographic primitives. The issue of adapting existing security protocols to fulfil these new challenges has recently been raised in the international research community but the first proposed solutions failed to satisfy the needs of resource-constrained nodes. In this thesis, we propose novel collaborative approaches for key establishment designed to reduce the requirements of existing security protocols, in order to be supported by resource-constrained devices. We particularly retained TLS handshake, Internet key Exchange and HIP BEX protocols as the best keying candidates fitting the end-to-end security requirements of the IoT. Then we redesigned them so that the constrained peer may delegate its heavy cryptographic load to less constrained nodes in neighbourhood exploiting the spatial heterogeneity of IoT nodes. Formal security verifications and performance analyses were also conducted to ensure the security effectiveness and energy efficiency of our collaborative protocols. However, allowing collaboration between nodes may open the way to a new class of threats, known as internal attacks that conventional cryptographic mechanisms fail to deal with. This introduces the concept of trustworthiness within a collaborative group. The trustworthiness level of a node has to be assessed by a dedicated security mechanism known as a trust management system. This system aims to track nodes behaviours to detect untrustworthy elements and select reliable ones for collaborative services assistance. In turn, a trust management system is instantiated on a collaborative basis, wherein multiple nodes share their evidences about one another's trustworthiness. Based on an extensive analysis of prior trust management systems, we have identified a set of best practices that provided us guidance to design an effective trust management system for our collaborative keying protocols. This effectiveness was assessed by considering how the trust management system could fulfil specific requirements of our proposed approaches for key establishment in the context of the IoT. Performance analysis results show the proper functioning and effectiveness of the proposed system as compared with its counterparts that exist in the literatureEVRY-INT (912282302) / SudocSudocFranceF

Building the Hyperconnected Society- Internet of Things Research and Innovation Value Chains, Ecosystems and Markets

This book aims to provide a broad overview of various topics of Internet of Things (IoT), ranging from research, innovation and development priorities to enabling technologies, nanoelectronics, cyber-physical systems, architecture, interoperability and industrial applications. All this is happening in a global context, building towards intelligent, interconnected decision making as an essential driver for new growth and co-competition across a wider set of markets. It is intended to be a standalone book in a series that covers the Internet of Things activities of the IERC – Internet of Things European Research Cluster from research to technological innovation, validation and deployment.The book builds on the ideas put forward by the European Research Cluster on the Internet of Things Strategic Research and Innovation Agenda, and presents global views and state of the art results on the challenges facing the research, innovation, development and deployment of IoT in future years. The concept of IoT could disrupt consumer and industrial product markets generating new revenues and serving as a growth driver for semiconductor, networking equipment, and service provider end-markets globally. This will create new application and product end-markets, change the value chain of companies that creates the IoT technology and deploy it in various end sectors, while impacting the business models of semiconductor, software, device, communication and service provider stakeholders. The proliferation of intelligent devices at the edge of the network with the introduction of embedded software and app-driven hardware into manufactured devices, and the ability, through embedded software/hardware developments, to monetize those device functions and features by offering novel solutions, could generate completely new types of revenue streams. Intelligent and IoT devices leverage software, software licensing, entitlement management, and Internet connectivity in ways that address many of the societal challenges that we will face in the next decade

Building the Hyperconnected Society- Internet of Things Research and Innovation Value Chains, Ecosystems and Markets

This book aims to provide a broad overview of various topics of Internet of Things (IoT), ranging from research, innovation and development priorities to enabling technologies, nanoelectronics, cyber-physical systems, architecture, interoperability and industrial applications. All this is happening in a global context, building towards intelligent, interconnected decision making as an essential driver for new growth and co-competition across a wider set of markets. It is intended to be a standalone book in a series that covers the Internet of Things activities of the IERC – Internet of Things European Research Cluster from research to technological innovation, validation and deployment.The book builds on the ideas put forward by the European Research Cluster on the Internet of Things Strategic Research and Innovation Agenda, and presents global views and state of the art results on the challenges facing the research, innovation, development and deployment of IoT in future years. The concept of IoT could disrupt consumer and industrial product markets generating new revenues and serving as a growth driver for semiconductor, networking equipment, and service provider end-markets globally. This will create new application and product end-markets, change the value chain of companies that creates the IoT technology and deploy it in various end sectors, while impacting the business models of semiconductor, software, device, communication and service provider stakeholders. The proliferation of intelligent devices at the edge of the network with the introduction of embedded software and app-driven hardware into manufactured devices, and the ability, through embedded software/hardware developments, to monetize those device functions and features by offering novel solutions, could generate completely new types of revenue streams. Intelligent and IoT devices leverage software, software licensing, entitlement management, and Internet connectivity in ways that address many of the societal challenges that we will face in the next decade

Energy efficiency and interference management in long term evolution-advanced networks.

Doctoral Degree. University of KwaZulu-Natal, Durban.Cellular networks are continuously undergoing fast extraordinary evolution to overcome technological challenges. The fourth generation (4G) or Long Term Evolution-Advanced (LTE-Advanced) networks offer improvements in performance through increase in network density, while allowing self-organisation and self-healing. The LTE-Advanced architecture is heterogeneous, consisting of different radio access technologies (RATs), such as macrocell, smallcells, cooperative relay nodes (RNs), having various capabilities, and coexisting in the same geographical coverage area. These network improvements come with different challenges that affect users’ quality of service (QoS) and network performance. These challenges include; interference management, high energy consumption and poor coverage of marginal users. Hence, developing mitigation schemes for these identified challenges is the focus of this thesis. The exponential growth of mobile broadband data usage and poor networks’ performance along the cell edges, result in a large increase of the energy consumption for both base stations (BSs) and users. This due to improper RN placement or deployment that creates severe inter-cell and intracell interferences in the networks. It is therefore, necessary to investigate appropriate RN placement techniques which offer efficient coverage extension while reducing energy consumption and mitigating interference in LTE-Advanced femtocell networks. This work proposes energy efficient and optimal RN placement (EEORNP) algorithm based on greedy algorithm to assure improved and effective coverage extension. The performance of the proposed algorithm is investigated in terms of coverage percentage and number of RN needed to cover marginalised users and found to outperform other RN placement schemes. Transceiver design has gained importance as one of the effective tools of interference management. Centralised transceiver design techniques have been used to improve network performance for LTE-Advanced networks in terms of mean square error (MSE), bit error rate (BER) and sum-rate. The centralised transceiver design techniques are not effective and computationally feasible for distributed cooperative heterogeneous networks, the systems considered in this thesis. This work proposes decentralised transceivers design based on the least-square (LS) and minimum MSE (MMSE) pilot-aided channel estimations for interference management in uplink LTE-Advanced femtocell networks. The decentralised transceiver algorithms are designed for the femtocells, the macrocell user equipments (MUEs), RNs and the cell edge macrocell UEs (CUEs) in the half-duplex cooperative relaying systems. The BER performances of the proposed algorithms with the effect of channel estimation are investigated. Finally, the EE optimisation is investigated in half-duplex multi-user multiple-input multiple-output (MU-MIMO) relay systems. The EE optimisation is divided into sub-optimal EE problems due to the distributed architecture of the MU-MIMO relay systems. The decentralised approach is employed to design the transceivers such as MUEs, CUEs, RN and femtocells for the different sub-optimal EE problems. The EE objective functions are formulated as convex optimisation problems subject to the QoS and transmit powers constraints in case of perfect channel state information (CSI). The non-convexity of the formulated EE optimisation problems is surmounted by introducing the EE parameter substractive function into each proposed algorithms. These EE parameters are updated using the Dinkelbach’s algorithm. The EE optimisation of the proposed algorithms is achieved after finding the optimal transceivers where the unknown interference terms in the transmit signals are designed with the zero-forcing (ZF) assumption and estimation errors are added to improve the EE performances. With the aid of simulation results, the performance of the proposed decentralised schemes are derived in terms of average EE evaluation and found to be better than existing algorithms

Digital Transformation

The amount of literature on Digital Transformation is staggering—and it keeps growing. Why, then, come out with yet another such document? Moreover, any text aiming at explaining the Digital Transformation by presenting a snapshot is going to become obsolete in a blink of an eye, most likely to be already obsolete at the time it is first published. The FDC Initiative on Digital Reality felt there is a need to look at the Digital Transformation from the point of view of a profound change that is pervading the entire society—a change made possible by technology and that keeps changing due to technology evolution opening new possibilities but is also a change happening because it has strong economic reasons. The direction of this change is not easy to predict because it is steered by a cultural evolution of society, an evolution that is happening in niches and that may expand rapidly to larger constituencies and as rapidly may fade away. This creation, selection by experimentation, adoption, and sudden disappearance, is what makes the whole scenario so unpredictable and continuously changing.The amount of literature on Digital Transformation is staggering—and it keeps growing. Why, then, come out with yet another such document? Moreover, any text aiming at explaining the Digital Transformation by presenting a snapshot is going to become obsolete in a blink of an eye, most likely to be already obsolete at the time it is first published. The FDC Initiative on Digital Reality felt there is a need to look at the Digital Transformation from the point of view of a profound change that is pervading the entire society—a change made possible by technology and that keeps changing due to technology evolution opening new possibilities but is also a change happening because it has strong economic reasons. The direction of this change is not easy to predict because it is steered by a cultural evolution of society, an evolution that is happening in niches and that may expand rapidly to larger constituencies and as rapidly may fade away. This creation, selection by experimentation, adoption, and sudden disappearance, is what makes the whole scenario so unpredictable and continuously changing

Safety and Reliability - Safe Societies in a Changing World

The contributions cover a wide range of methodologies and application areas for safety and reliability that contribute to safe societies in a changing world. These methodologies and applications include: - foundations of risk and reliability assessment and management - mathematical methods in reliability and safety - risk assessment - risk management - system reliability - uncertainty analysis - digitalization and big data - prognostics and system health management - occupational safety - accident and incident modeling - maintenance modeling and applications - simulation for safety and reliability analysis - dynamic risk and barrier management - organizational factors and safety culture - human factors and human reliability - resilience engineering - structural reliability - natural hazards - security - economic analysis in risk managemen