Weitere Artikel dieser Ausgabe durch Wischen aufrufen
One of the critical requirement in managing security of any computing system is access control, which includes protection and access management to the available resources. This requirement becomes more strict especially in a distributed computing environment that consists of constrained devices such as Machine-to-Machine (M2M). New challenges in access control are identified in a system comprises a group of distributed multiple M2M gateways forming a so called M2M local cloud platform (Vallati et al. in Wirel Trans Commun 87(3):1071–1091, 2016). Scalability is obviously a necessity which is lacking in some existing access control system. In addition, flexibility in managing access from users or entity belonging to other authorization domains as well as delegating access right are not provided as an integrated features. Lately, the capability-based access control has been suggested as method to manage access for M2M as the key enabler of Internet of Things. In this paper, a capability based access control equipped with Elliptic Curve Cryptography based key management is proposed for the M2M local cloud platform. The feasibility of the proposed capability based access control and key management are tested by implementing them within the security manager that is part of the overall component of the platform architecture, and evaluating their performances by a series of experimentations.
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten
Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:
Vallati, C., Mingozzi, E., Tanganelli, G., Buonaccorsi, N., Valdambrini, N., Zonidis, N., et al. (2016). BeTaaS: A platform for development and execution of machine-to-machine applications in the Internet of Things. Wireless Personal Communications, 87(3), 1071–1091. CrossRef
Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in distributed Internet of Things. Computer Networks, 57(10), 2266–2279. CrossRef
Gusmeroli, S., Piccione, S., & Rotondi, D. (2013). A capability-based security approach to manage access control in the Internet of Things. Mathematical and Computer Modelling, 58(5–6), 1189–1205. CrossRef
Anggorojati, B., Prasad, N., & Prasad, R. (2016). Evaluation of secure capability-based access control in the M2M local cloud platform. In 2016 10th International conference on telecommunication systems services and applications (TSSA).
Xively. (2016). Api docs—Authentication. https://developer.xively.com/v1.0/reference#getting-user-credentials.
Hardt, D. (2012). The OAuth 2.0 authorization framework. RFC 6749.
Anggorojati, B., Mahalle, P. N., Prasad, N. R., & Prasad, R. (2013). Secure access control and authority delegation based on capability and context awareness for federated IoT. In F. Theoleyre & A. C. Pang (Eds.), Internet of Things and M2M communications. San Francisco: River Publisher.
Anggorojati, B., Prasad, N., & Prasad, R. (2014). Secure capability-based access control in the M2M local cloud platform. In 4th International conference on wireless communications, vehicular technology, information theory and aerospace electronic systems (VITAE), 2014.
Mahalle, P. N., Anggorojati, B., Prasad, N. R., & Prasad, R. (2012). Identity driven Capability based Access Control (ICAC) scheme for the Internet of Things. In 2012 IEEE international conference on advanced networks and telecommunciations systems, ANTS 2012, pp. 49–54.
Anggorojati, B., Prasad, N., & Prasad, R. (2016). Elliptic Curve Cryptography based key management for the M2M local cloud platform. In 2016 International conference on advanced computer science and information systems (ICACSIS), pp. 73–78.
Sandhu, R., Coyne, E., Feinstein, H., & Youman, C. (1996). Role-based access control models. Computer, 29(2), 38–47. CrossRef
Zhang, J., & Varadharajan, V. (2010). Review: Wireless sensor network key management survey and taxonomy. Journal of Network and Computer Applications, 33(2), 63–75. CrossRef
Boubakri, W., Abdallah, W., & Boudriga, N. (2014). A chaos-based authentication and key management scheme for M2M communication. In 9th International conference for internet technology and secured transactions (ICITST), 2014, pp. 366–371
Watro, R., Kong, D., Cuti, S. F., Gardiner, C., Lynn, C., & Kruus, P. (2004). TinyPK: Securing sensor networks with public key technology. In Proceedings of the 2Nd ACM workshop on security of ad hoc and sensor networks. SASN ’04, pp. 59–64
Malan, D., Welsh, M., & Smith, M. (2004). A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography. In 2004 First annual IEEE communications society conference on sensor and ad hoc communications and networks, 2004. IEEE SECON 2004, pp. 71–80
Gura, N., Patel, A., Wander, A., Eberle, H., & Shantz, S. (2004). Comparing Elliptic Curve Cryptography and rsa on 8-bit CPUs. In M. Joye & J. J. Quisquater (Eds.), Cryptographic hardware and embedded systems–CHES 2004 (Vol. 3156, pp. 119–132)., Lecture Notes in Computer Science Berlin Heidelberg: Springer. CrossRef
Shamir, A. (1985). Identity-based cryptosystems and signature schemes. In Advances in cryptology Volume 196 of Lecture Notes in Computer Science (pp. 47–53) Berlin:Springer.
Boneh, D., & Franklin, M. (2001). Identity-based encryption from the weil pairing. In J. Kilian (Ed.), Advances in cryptology—CRYPTO 2001: 21st annual international cryptology conference (pp. 213–229). Berlin: Springer.
Yang, G., Rong, C. M., Veigner, C., Wang, J. T., & Cheng, H. B. (2006). Identity-based key agreement and encryption for wireless sensor networks. The Journal of China Universities of Posts and Telecommunications, 13(4), 54–60. CrossRef
Adiga, B. S., Balamuralidhar, P., Rajan, M. A., Shastry, R., & Shivraj, V. L. (2012). An identity based encryption using Elliptic Curve Cryptography for secure M2M communication. In Proceedings of the first international conference on security of Internet of Things. SecurIT ’12.
BETaaS. (2012). D1.2.1—user and system requirements. Technical report, Building the Environment for the Things as a Service (BETaaS).
BETaaS. (2014). D3.1.2—BETaaS architecture. Technical report, Building the Environment for the Things as a Service (BETaaS)
Vanstone, S., & Campagna, M. (2011). A cryptographic suite for embedded systems (SuiteE). In 6th ETSI security workshop.
Hankerson, D., Menezes, A. J., & Vanstone, S. (2004). Guide to Elliptic Curve Cryptography. Secaucus, NJ: Springer-Verlag New York Inc. MATH
Research, C. (2000). SEC2: Recommended Elliptic Curve Domain Parameters. Mississauga: Certicom Corp.
- Capability-Based Access Control with ECC Key Management for the M2M Local Cloud Platform
Neeli Rashmi Prasad
- Springer US