Challenges of Multi-Factor Authentication for Securing Advanced IoT (A-IoT) Applications

The unprecedented proliferation of smart devices together with novel communication, computing, and control technologies have paved the way for the Advanced Internet of Things~(A-IoT). This development involves new categories of capable devices, such as high-end wearables, smart vehicles, and consumer drones aiming to enable efficient and collaborative utilization within the Smart City paradigm. While massive deployments of these objects may enrich people's lives, unauthorized access to the said equipment is potentially dangerous. Hence, highly-secure human authentication mechanisms have to be designed. At the same time, human beings desire comfortable interaction with their owned devices on a daily basis, thus demanding the authentication procedures to be seamless and user-friendly, mindful of the contemporary urban dynamics. In response to these unique challenges, this work advocates for the adoption of multi-factor authentication for A-IoT, such that multiple heterogeneous methods - both well-established and emerging - are combined intelligently to grant or deny access reliably. We thus discuss the pros and cons of various solutions as well as introduce tools to combine the authentication factors, with an emphasis on challenging Smart City environments. We finally outline the open questions to shape future research efforts in this emerging field.Comment: 7 pages, 4 figures, 2 tables. The work has been accepted for publication in IEEE Network, 2019. Copyright may be transferred without notice, after which this version may no longer be accessibl

Enabling Secure Direct Connectivity Under Intermittent Cellular Network Assistance

This work targets at investigating direct communications as a promising technology for the next-generation 5G wireless ecosystem that improves the degrees of spatial reuse and creates new opportunities for users in proximity. While direct connectivity has originally emerged as a technology enabler for public safety services, it is likely to remain in the heart of the 5G ecosystem by spawning a wide diversity of proximate applications and services. Direct communications couples together the centralized and the distributed network architectures, and as such requires respective enablers for secure, private, and trusted data exchange especially when cellular control link is not available at all times. Within the research group, the author was tasked to provide the state-of-the-art technology overview and to propose a novel algorithm for maintaining security functions of proximate devices in case of unreliable cellular connectivity, whenever a new device joins the secure group of users or an existing device leaves it. The proposed solution and its rigorous practical implementation detailed in this work open door to a new generation of secure proximity-based services and applications in future wireless communications systems

Social, Private, and Trusted Wearable Technology under Cloud-Aided Intermittent Wireless Connectivity

There has been an unprecedented increase in the use of smart devices globally, together with novel forms of communication, computing, and control technologies that have paved the way for a new category of devices, known as high-end wearables. While massive deployments of these objects may improve the lives of people, unauthorized access to the said private equipment and its connectivity is potentially dangerous. Hence, communication enablers together with highly-secure human authentication mechanisms have to be designed.In addition, it is important to understand how human beings, as the primary users, interact with wearable devices on a day-to-day basis; usage should be comfortable, seamless, user-friendly, and mindful of urban dynamics. Usually the connectivity between wearables and the cloud is executed through the user’s more power independent gateway: this will usually be a smartphone, which may have potentially unreliable infrastructure connectivity. In response to these unique challenges, this thesis advocates for the adoption of direct, secure, proximity-based communication enablers enhanced with multi-factor authentication (hereafter refereed to MFA) that can integrate/interact with wearable technology. Their intelligent combination together with the connection establishment automation relying on the device/user social relations would allow to reliably grant or deny access in cases of both stable and intermittent connectivity to the trusted authority running in the cloud.The introduction will list the main communication paradigms, applications, conventional network architectures, and any relevant wearable-specific challenges. Next, the work examines the improved architecture and security enablers for clusterization between wearable gateways with a proximity-based communication as a baseline. Relying on this architecture, the author then elaborates on the social ties potentially overlaying the direct connectivity management in cases of both reliable and unreliable connection to the trusted cloud. The author discusses that social-aware cooperation and trust relations between users and/or the devices themselves are beneficial for the architecture under proposal. Next, the author introduces a protocol suite that enables temporary delegation of personal device use dependent on different connectivity conditions to the cloud.After these discussions, the wearable technology is analyzed as a biometric and behavior data provider for enabling MFA. The conventional approaches of the authentication factor combination strategies are compared with the ‘intelligent’ method proposed further. The assessment finds significant advantages to the developed solution over existing ones.On the practical side, the performance evaluation of existing cryptographic primitives, as part of the experimental work, shows the possibility of developing the experimental methods further on modern wearable devices.In summary, the set of enablers developed here for wearable technology connectivity is aimed at enriching people’s everyday lives in a secure and usable way, in cases when communication to the cloud is not consistently available

Networking Solutions for Integrated Heterogeneous Wireless Ecosystem

As wireless communications technology is steadily evolving to improve the offered connectivity levels, additional research on emerging network architectures is becoming timely to understand the applicability of both traditional and novel networking solutions. This chapter concentrates on the utilization of cloud computing techniques to construct feasible system prototypes and demonstrators within the rapidly maturing heterogeneous wireless ecosystem. Our first solution facilitates cooperative radio resource management in heterogeneous networks. The second solution enables assisted direct connectivity between proximate users. The contents of the chapter outline our corresponding research and development efforts as well as summarize the major experiences and lessons learned

Fairness characterization in contemporary IEEE 802.11 deployments with saturated traffic load

This paper studies a widely used wireless technology (IEEE 802.11-2014) and the simulation establishment of the efficient Wireless Local Area Network (WLAN) in modern environment. However, currently used saturation based analysis may be applied only for fair systems, hence, the question arises which system may be considered as fair. Mostly used metric for such an analysis (Jain's Fairness Index) does not apply for 802.11-2014 standard in a particular case of a small number of users. So, we propose a novel metric to define fairness

Multi-Factor Authentication: A Survey

Today, digitalization decisively penetrates all the sides of the modern society. One of the key enablers to maintain this process secure is authentication. It covers many different areas of a hyper-connected world, including online payments, communications, access right management, etc. This work sheds light on the evolution of authentication systems towards Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). Particularly, MFA is expected to be utilized for human-to-everything interactions by enabling fast, user-friendly, and reliable authentication when accessing a service. This paper surveys the already available and emerging sensors (factor providers) that allow for authenticating a user with the system directly or by involving the cloud. The corresponding challenges from the user as well as the service provider perspective are also reviewed. The MFA system based on reversed Lagrange polynomial within Shamir’s Secret Sharing (SSS) scheme is further proposed to enable more flexible authentication. This solution covers the cases of authenticating the user even if some of the factors are mismatched or absent. Our framework allows for qualifying the missing factors by authenticating the user without disclosing sensitive biometric data to the verification entity. Finally, a vision of the future trends in MFA is discussed.Peer reviewe

Will Edge Computing Enable Location-based Extended/Mixed Reality Mobile Gaming? Demystifying Trade-off of Execution Time vs. Energy Consumption

The trailblazing development in mobile and wearable-based gaming dictates both the support of new technology enablers to allow for current demand and the development of modern computational offloading strategies to decrease the energy of handheld devices and maintain the energy emissions caused both by computation and transmission of data. Modern cellular networks already provide some support for proximity-based gaming, e.g., Ingress, PokemonGo, and The Witcher: Monster Slayer, among others. However, the demand of users is pushing the boundaries toward full-immersive Extended and Mixed Reality (XR/MR) experiences. Thus, computational offloading to the wireless network Edge becomes inevitable to keep the immersion high. This paper aims to analyze the impact of computational offloading (and, thus, execution time) on energy consumption. Computationally demanding games are analyzed for cases run locally, sent to a conventional remote server (cloud), offloaded to the user-owned more energy-independent device, or to the network edge. The results show that Edge computing operates the most efficiently regarding the trade-off between energy spent for execution vs. data transmission. It is also noted that distance to the edge node remains one of the critical factors affecting energy consumption.Peer reviewe

Verification of Approximate Hardware Designs with ChiselVerify

Many popular applications show resilience to computational errors. Approximate Computing (AxC) exploits this to reduce their execution time and energy consumption by introducing approximations in software and hardware. Using AxC raises new challenges to ensure that hardware designs satisfy their demands before deployment, which hardware designers address by spending significant efforts on verification flows for their designs. However, there exist no tools for verifying approximate hardware designs, meaning that designers must replicate code to keep track of circuit outputs and subsequently compute relevant error metrics. We aim to solve this issue with a library that abstracts away port sampling and error computations behind a simple interface. With the library, designs can retrieve error metric values and constraint satisfaction results with only a few extra lines of code. We demonstrate these features with code examples and by characterizing a collection of inexact adders and multipliers and an approximate matrix-vector multiplier.Peer reviewe

Safe, Secure Executions at the Network Edge : Coordinating Cloud, Edge, and Fog Computing

System design where cyber-physical applications are securely coordinated from the cloud may simplify the development process. However, all private data are then pushed to these remote “swamps,” and human users lose actual control as compared to when the applications are executed directly on their devices. At the same time, computing at the network edge is still lacking support for such straightforward multidevice development, which is essential for a wide range of dynamic cyber-physical services. This article proposes a novel programming model as well as contributes the associated secure-connectivity framework for leveraging safe coordinated device proximity as an additional degree of freedom between the remote cloud and the safety-critical network edge, especially under uncertain environment constraints. This article is part of a special issue on Software Safety and Security Risk Mitigation in Cyber-physical Systems.Peer reviewe

On Applicability of Imagery-based CNN to Computational Offloading Location Selection

The progress in computational offloading is heavily pushing the development of the modern Information and Communications Technology domain. The growth in resource-constrained Internet of Things devices demands the development of new computational offloading strategies to be sustainably integrated in beyond 5G networks. One of the solutions to said demand is enabling Mobile Edge Computing (MEC) powered by advanced methods of Machine Learning (ML). This paper proposes the application of ML-powered computational offloading strategy in a wireless cellular network by applying the traditional fundamental Travelling Salesman Problem (TSP) on computational offloading location selection. The main specificity of the proposed approach is the use of imagery data. Thus, the paper executes a literature review to identify existing strategies. It further proposes a novel method utilizing the location-like imagery data to identify the most suitable computational location by executing the search for an identified route between locations using the proposed Deep Learning (DL) model. The model was evaluated and achieved MAE – 1,575, MSE – 10 119 205, R2 – 0.98 on the testing dataset, which outperforms or is comparable with other well-known architectures. Moreover, the training time is proven to be 2-10 times faster. Interestingly, the MAE values are relatively low compared to the target values that should be predicted (despite rather high MSE results), which is confirmed by the almost perfect R2 value. It is concluded that the proposed neural network can predict the target values, and this solution can be applied to real-world tasks.publishedVersionPeer reviewe