7,942 research outputs found
Reconfigurable Security: Edge Computing-based Framework for IoT
In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
Conceivable security risks and authentication techniques for smart devices
With the rapidly escalating use of smart devices and fraudulent transaction of users’ data from their devices, efficient and reliable techniques for authentication of the smart devices have become an obligatory issue. This paper reviews the security risks for mobile devices and studies several authentication techniques available for smart devices. The results from field studies enable a comparative evaluation of user-preferred authentication mechanisms and their opinions about reliability, biometric authentication and visual authentication techniques
A survey on cyber security for smart grid communications
A smart grid is a new form of electricity network with high fidelity power-flow control, self-healing, and energy reliability and energy security using digital communications and control technology. To upgrade an existing power grid into a smart grid, it requires significant dependence on intelligent and secure communication infrastructures. It requires security frameworks for distributed communications, pervasive computing and sensing technologies in smart grid. However, as many of the communication technologies currently recommended to use by a smart grid is vulnerable in cyber security, it could lead to unreliable system operations, causing unnecessary expenditure, even consequential disaster to both utilities and consumers. In this paper, we summarize the cyber security requirements and the possible vulnerabilities in smart grid communications and survey the current solutions on cyber security for smart grid communications. © 2012 IEEE
Gelişmiş Ölçüm Altyapısı İçin Güvenlik Uygulamaları
Elektrik tüketimi ölçüm araçları, manuel olarak ölçüm
yapılan analog sayaçlardan, elektrik tüketimi ile ilgili
bilgileri toplayan ve elektrik dağıtım firmalarına ileten yeni
akıllı sayaçlara doğru evrilmektedir. Sayaç verisinin
okunmasını sağlayan tek yönlü otomatik sayaç okuma
sistemlerinin (AMR) çıkışıyla sayaçlar akıllı şebeke
yatırımlarının önemli bir kısmını oluşturmuştur. Otomatik
sayaç okuma sistemleri ilk uygulamalar için cazip olmasına
rağmen, çözülmesi gereken önemli bir husus olan talep tarafı
yönetiminin AMR ile sağlanamadığı fark edilmiştir.
AMR teknolojisinin kabiliyetlerinin tek yönlü sayaç verisi
okuma ile sınırlı olması nedeniyle, sayaçlardan toplanan
veriler üzerinden düzeltici önlemler alınmasına ve tüketicinin
enerjiyi daha verimli akıllı kullanmasına yönelik özeliklere
izin vermemektedir. Gelişmiş Ölçüm Altyapısı (AMI) ise akıllı
sayaçlar ve dağıtım şirketleri arasında çift yönlü iletişim
kurarak dağıtım şirketlerine sayaçlar üzerindeki
parametreleri dinamik olarak değiştirme imkanı tanır. Bu
nedenle, bu çalışmada AMI güvenliği üzerine
odaklanılacaktır.
Akıllı sayaç sistemlerinin yaygınlaşması ile birlikte, güvenlik
bu sistemlerin gerekli ve kaçınılmaz bir ihtiyacı haline
gelmektedir. Diğer taraftan, AMI sadece akıllı sayaçların
fiziksel olarak dağıtımı manasına gelmemekte, ayrıca sayaç
verilerinin yönetimi için gerekli olan karmaşık bir iletişim ağı
ve bilgi teknolojileri altyapısını da içermektedir. Dolayısıyla
güvenlik çözümlerini ele alırken geniş bir perspektifle
yaklaşmak gerekmektedir. Bu nedenle de, sistemin kritik
varlıkları belirlenmeli, tehditler iyi analiz edilmeli ve daha
sonra güvenlik gereksinimleri iyi tanımlanmış olmalıdır.
Bu çalışma AMI sisteminin temel güvenlik gereksinimleri,
tehditlere karşı sistem kısıtlarını düşünerek olası çözümleri
üzerine, şu anki güvenlik çözümlerini de resmederek, genel
bir bakış sunmaktadır. Bu çalışmada, AMI sisteminin
güvenlik gereksinimleri analiz edilecek, kısıtlar belirlenecek
ve olası güvenlik tehditlerine karşı olası karşı önlemler
belirlenecektir.
Metering utilities have been replacing from analog meters
that are read manually with new, smart meters that gather
information about electricity consumption and transmit it
back to electric companies. The metering has been the
important part of the Smart Grid investments so far, with the
initial introduction of one-way automated meter reading
(AMR) systems to read meter data. Even though AMR
technology proved to be initially enticing, utility companies
have realized that AMR does not address demand-side
management which is the major issue they need to solve.
Since AMR’s capability is restricted to reading meter data
due to its one-way communication system, it does not let
utilities take corrective action based on the information
gathered from the meters and does not assist customers in
using energy intelligently. Advanced Metering Infrastructure
(AMI) creates a two-way communication network between
smart meters and utility systems and provides utilities the
ability to modify service-level parameters dynamically.
Therefore in this work we will also focus on AMI security
practices.
While smart metering systems are become widespread
security is going to be the one of its essential and inevitable
needs. On the other hand, AMI does not only mean the
physical deployment of smart meters, but it also includes
meter data management system which is a complicated
communication network and IT infrastructure. Hence a broad
perspective has to be adopted when security solutions are
considered. Therefore, assets of the system must be identified,
threats must be well analyzed and then security requirements
must be well defined.
This paper presents an overview on the main security
requirements of the AMI, on the threats possible solutions
considering the system constraints by picturing the current
security solutions. In this work, the security requirements for
AMI systems will be analyzed, constraints will be determined
and possible countermeasures against security threats will be
given
Chameleon: a Blind Double Trapdoor Hash Function for Securing AMI Data Aggregation
Data aggregation is an integral part of Advanced Metering Infrastructure (AMI) deployment that is implemented by the concentrator. Data aggregation reduces the number of transmissions, thereby reducing communication costs and increasing the bandwidth utilization of AMI. However, the concentrator poses a great risk of being tampered with, leading to erroneous bills and possible consumer disputes. In this paper, we propose an end-to-end integrity protocol using elliptic curve based chameleon hashing to provide data integrity and authenticity. The concentrator generates and sends a chameleon hash value of the aggregated readings to the Meter Data Management System (MDMS) for verification, while the smart meter with the trapdoor key computes and sends a commitment value to the MDMS so that the resulting chameleon hash value calculated by the MDMS is equivalent to the previous hash value sent by the concentrator. By comparing the two hash values, the MDMS can validate the integrity and authenticity of the data sent by the concentrator. Compared with the discrete logarithm implementation, the ECC implementation reduces the computational cost of MDMS, concentrator and smart meter by approximately 36.8%, 80%, and 99% respectively. We also demonstrate the security soundness of our protocol through informal security analysis
Towards secure end-to-end data aggregation in AMI through delayed-integrity-verification
The integrity and authenticity of the energy usage data in Advanced Metering Infrastructure (AMI) is crucial to ensure the correct energy load to facilitate generation, distribution and customer billing. Any malicious tampering to the data must be detected immediately. This paper introduces secure end-to-end data aggregation for AMI, a security protocol that allows the concentrators to securely aggregate the data collected from the smart meters, while enabling the utility back-end that receives the aggregated data to verify the integrity and data originality. Compromise of concentrators can be detected. The aggregated data is protected using Chameleon Signatures and then forwarded to the utility back-end for verification, accounting, and analysis. Using the Trapdoor Chameleon Hash Function, the smart meters can periodically send an evidence to the utility back-end, by computing an alternative message and a random value (m', r) such that m' consists of all previous energy usage measurements of the smart meter in a specified period of time.
By verifying that the Chameleon Hash Value of (m', r) and that the energy usage matches those aggregated by the concentrators, the utility back-end is convinced of the integrity and authenticity of the data from the smart meters. Any data anomaly between smart meters and concentrators can be detected, thus indicating potential compromise of concentrators
- …