2 research outputs found
ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability
Virtualization of Internet of Things(IoT) is a concept of dynamically
building customized high-level IoT services which
rely on the real time data streams from low-level physical
IoT sensors. Security in IoT virtualization is challenging,
because with the growing number of available (building
block) services, the number of personalizable virtual
services grows exponentially. This paper proposes Service
Object Capability(SOC) ticket system, a decentralized access
control mechanism between servers and clients to effi-
ciently authenticate and authorize each other without using
public key cryptography. SOC supports decentralized
partial delegation of capabilities specified in each server/-
client ticket. Unlike PKI certificates, SOC’s authentication
time and handshake packet overhead stays constant regardless
of each capability’s delegation hop distance from the
root delegator. The paper compares SOC’s security bene-
fits with Kerberos and the experimental results show SOC’s
authentication incurs significantly less time packet overhead
compared against those from other mechanisms based on
RSA-PKI and ECC-PKI algorithms. SOC is as secure as,
and more efficient and suitable for IoT environments, than
existing PKIs and Kerberos
FRED:a hosted data flow platform for the IoT
IoT developers need to integrate a variety of protocols, backend components and services; they often need to pre and post-process data as well as react to changes in the real world. Data flow programming tools have been introduced in a number of related domains to provide a flexible, but easy to use visual programming environment for rapid development. The open source Node-RED system provides such a tool for IoT applications, but is limited to executing a single flow file in a single thread. In this paper we describe the design of our system called the Front-End for Node-RED (FRED) that manages multiple instances of Node-RED for logged in users, allowing Node-RED to be used as a cloud-hosted data flow mashup tool for the IoT. We present some examples of how some of our 1800+ users are using FRED for IoT mashups, and some of the challenged we faced in implementing the FRED system