Top

Published in:

2021 | OriginalPaper | Chapter

21. IoT Security Best Practices

Eine Fallstudie zur Clientseitigen-Authentifizierung im IoT

Author : Marco Barenkamp

Published in: IoT – Best Practices

Publisher: Springer Fachmedien Wiesbaden

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Zusammenfassung

Der Artikel gibt einen Überblick über Best-Practice-Standards zur Authentifizierung von IoT (Internet of Things) Zugängen. Es wird aufgezeigt, dass clientseitige Authentifizierung gegenüber einer herkömmlichen Authentifizierung und Blockchain-basierten Ansätzen das höchste Potenzial für sichere Prozessautomatisierung bei hoher Interaktionsfrequenz bietet.

Ein neuartiges Konzept des clientseitigen automatisierten Zugangsmanagements auf Basis von TLS (transport layer security), welches sich im Agriculture Segment seit über einem Jahr bewährt hat, wird vorgestellt. Gegenüber derzeitig eingesetzten Authentifizierungsverfahren bietet es den Vorteil höherer Sicherheit bei gleichzeitig automatisierter Anmeldung jeglicher Endgeräte auf dem IoT-Server. Aufgrund dieser Potenziale eignet sich der dargestellte Authentifizierungsstandard zukünftig als allgemeines branchenübergreifendes Zugangssystem für IoT-Anwendungen.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Das Internet of Things – zwischen Usability und Verlust der Datensouveränität

Amann B, Vallentin M, Hall S, Sommer R (2012) Revisiting SSL: a large-scale study of the internet’s most trusted protocol. ICSI Tech Rep. http://icir.org/johanna/papers/icsi12revisitingssl.pdf

Angelova N, Kiryakova G, Yordanova L (2017) The great impact of internet of things on business. Trakia J Sci 15(1):406–412CrossRef

Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Computer Netw 54(15):2787–2805CrossRef

Badra M, Hajjeh I (2006) Key-exchange authentication using shared secrets. Computer 39(3):58–66CrossRef

Bagheri N, Safkhani M, Peris-Lopez P, Tapiador JE (2014) Weaknesses in a new ultralightweight RFID authentication protocol with permutation—RAPP. Secur Commun Netw 7(6):945–949CrossRef

Biddle R, Van Oorschot PC, Patrick AS, Sobey J, Whalen T (2009, November) Browser interfaces and extended validation SSL certificates: an empirical study. In: Proceedings of the 2009 ACM workshop on cloud computing security, Chicago, S 19–30, Chicago Illinois USA

BMWi (Bundesministerium für Wirtschaft und Energie) (2019) Das Projekt GAIA-X. https://www.bmwi.de/Redaktion/DE/Publikationen/Digitale-Welt/das-projekt-gaia-x.pdf?__blob=publicationFile&v=24. Zugegriffen am 08.06.2020

BMWi (Bundesministerium für Wirtschaft und Energie) (2020) GAIA-X. https://www.bmwi.de/Redaktion/DE/Dossier/gaia-x.html. Zugegriffen am 08.06.2020

Brewster C, Roussaki I, Kalatzis N, Doolin K, Ellis K (2017) IoT in agriculture: designing a Europe-wide large-scale pilot. IEEE Commun Mag 55(9):26–33CrossRef

Camps-Mur D, Garcia-Villegas E, Lopez-Aguilera E, Loureiro P, Lambert P, Raissinia A (2015) Enabling always on service discovery: Wifi neighbor awareness networking. IEEE Wirel Commun 22(2):118–125CrossRef

Chadwick DW (2002) Internet X. 509 public key infrastructure operational protocols--LDAPv3

Chung T, Liu Y, Choffnes D, Levin D, Maggs BM, Mislove A, Wilson C (2016) Measuring and applying invalid SSL certificates: the silent majority. In: Proceedings of the 2016 internet measurement conference, Santa Monica, S 527–541

Churchill L (2020) IoT onboarding: the challenges businesses face – and the solutions. Tech See, intelligent visual Assistance. https://techsee.me/blog/iot-onboarding/. Zugegriffen am 03.04.2020

Cooper D, Santesson S, Farrell S, Boeyen S, Housley R, Polk WT (2008) Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280:1–151

Czernik A (2016) Authentisierung, Authentifizierung und Autorisierung, Datenschutzbeauftragter-Info. https://www.datenschutzbeauftragter-info.de/authentisierung-authentifizierung-und-autorisierung/. Zugegriffen am 03.04.2020

Erguler I (2015) A potential weakness in RFID-based Internet-of-things systems. Pervasive Mob Comput 20:115–126CrossRef

Farrell S, Kahan J (2005, September) Using the XML key management specification (and breaking x. 509 rules as you go. In: IFIP international conference on communications and multimedia security. Springer, Berlin/Heidelberg, S 348–357CrossRef

Ferrández-Pastor FJ, García-Chamizo JM, Nieto-Hidalgo M, Mora-Pascual J, Mora-Martínez J (2016) Developing ubiquitous sensor network platform using internet of things: Application in precision agriculture. Sensors 16(7):1141CrossRef

Fischer K, Geßner J (2012) Security architecture elements for IoT enabled automation networks. In: Proceedings of 2012 IEEE 17th international conference on Emerging Technologies & Factory Automation (ETFA 2012). IEEE, Krakow, S 1–8

Gansemer S, Sell J, Schulz S, Horster B, Horster-Möller T, Rusch C et al (2014) Machine-to-machine communication for process optimization in agriculture. In: 2014 2nd international symposium on wireless systems within the conferences on intelligent data acquisition and advanced computing systems. IEEE, Offenburg, S 48–54

Georgiev M, Iyengar S, Jana S, Anubhai R, Boneh D, Shmatikov V (2012) The most dangerous code in the world: validating SSL certificates in non-browser software. In: Proceedings of the 2012 ACM conference on computer and communications security, New York, S 38–49

Gupta H, and P. C. van Oorschot, „Onboarding and Software Update Architecture for IoT Devices,“ 2019 17th International Conference on Privacy, Security and Trust (PST), Fredericton, NB, Canada, 2019, pp. 1-11, doi: 10.1109/PST47121.2019.8949023

Han R, Gramoli V, Xu X (2018) Evaluating blockchains for IoT. In: 2018 9th IFIP international conference on new technologies, mobility and security (NTMS). IEEE, Paris, S 1–5

Ikovic O, Boˇskovic D (2019) Hyperledger fabric blockchain as a service for the IoT: proof of concept. In: Model and data engineering: 9th international conference, MEDI 2019, Toulouse, France, October 28–31, 2019, proceedings, Bd 11815. Springer Nature, Toulouse, S 172

Johnsson K (2017) Was ist Client-authentifizierung, und warum brauche ich sie? Beitrag vom 23.02.2016 in Global Sign blog. https://www.globalsign.com/de-de/blog/einfuehrung-client-authentifizierung/. Zugegriffen am 04.04.2020

Khor JH, Sidorov M (2018) Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFlD tags. In: 2018 Eighth international conference on Information Science and Technology (ICIST). IEEE, Cordoba, S 91–97

Koutanov, E. (2020) Effective Kafka. A hand-on guide to building robust and scalable event-driven applications with code examples in Java. Obsidian Dynamics

Lee JY, Lin WC, Huang YH (2014) A lightweight authentication protocol for internet of things. In Proceedings of the 2014, IEEE international symposiumon next-generation electronics, Kwei-Shan, Taiwan, 7–10.05 2014, S 1–2

Leng K, Bi Y, Jing L, Fu HC, Van Nieuwenhuyse I (2018) Research on agricultural supply chain system with double chain architecture based on blockchain technology. Futur Gener Comput Syst 86:641–649CrossRef

Li S, Da Xu L, Zhao S (2015) The internet of things: a survey. Inf Syst Front 17(2):243–259CrossRef

Lu RJ, Liu ZG, Zheng XH (2006) United authentication platform based on HTTPS tunnel technology [J]. Application research of computers, College of Computer Science, Southwest University of Science & Technology, Mianyang Sichuan, S 12

Luber S, Schmitz P (2017) Was ist TLS?, Security Insider, Beitrag vm 28.12.2017. https://www.security-insider.de/was-ist-tls-transport-layer-security-a-673066/. Zugegriffen am 05.04.2020

Mayer CP (2009) Security and privacy challenges in the internet of things. Electronic Communications of the EASST, Kassel, S 17

Mendez M, Papapanagiotou I, Yang B (2018) Internet of things: survey on security, information security journa. Glob Perspect 27(3):162–182. https://doi.org/10.1080/19393555.2018.1458258

Miettinen M, van Oorschot PC, Sadeghi AR (2018) Baseline functionality for security and control of commodity IoT devices and domain-controlled device lifecycle management. arXiv preprint. Cornell University. http://arxiv.org/abs/1808.03071

Mohanraj I, Ashokumar K, Naren J (2016) Field monitoring and automation using IOT in agriculture domain. Prog Comput Sci 93:931–939CrossRef

Nash E, Korduan P, Bill R (2009) Applications of open geospatial web services in precision agriculture: a review. Precis Agric 10(6):546CrossRef

Ojha T, Misra S, Raghuwanshi NS (2015) Wireless sensor networks for agriculture: the state-of-the-art in practice and future challenges. Comput Electron Agric 118:66–84CrossRef

Oksanen T, Linkolehto R, Seilonen I (2016) Adapting an industrial automation protocol to remote monitoring of mobile agricultural machinery: a combine harvester with IoT. IFAC-PapersOnLine 49(16):127–131CrossRef

Ouaddah A, Elkalam AA, Ouahman AA (2017) Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Europe and MENA cooperation advances in information and communication technologies. Springer, Cham, S 523–533CrossRef

Patil VC, Al-Gaadi KA, Biradar DP, Rangaswamy M (2012). Internet of things (Iot) and cloud computing for agriculture: an overview. Proceedings of agro-informatics and precision agriculture (AIPA 2012), India, 292–296

Pešić S, Radovanović M, Ivanović M, Tošić M, Iković O, Bošković D (2019) Hyperledger fabric blockchain as a service for the IoT: proof of concept. In: International conference on model and data engineering. Springer, Cham, S 172–183CrossRef

Porambage P, Schmitt C, Kumar P, Gurtov A, Ylianttila M (2014) Two-phase authentication protocol for wireless sensor networks in distributed IoT applications. In: 2014 IEEE wireless communications and networking conference (WCNC). IEEE, Istanbul, S 2728–2733

Potamitis I, Eliopoulos P, Rigakis I (2017) Automated remote insect surveillance at a global scale and the internet of things. Robotics 6(3):19CrossRef

Saloni S, Hegde A (2016) WiFi-aware as a connectivity solution for IoT pairing IoT with WiFi aware technology: enabling new proximity based services. In: 2016 international conference on internet of things and applications (IOTA). IEEE, Pune S 137–142

Schiller K (2020) Was ist Blockchain? – Definition, Blockchain-Welt, Beitrag vom 12.02.2020. https://blockchainwelt.de/blockchain-was-ist-das/. Zugegriffen am 03.04.2020

Schmeh K (2016) Kryptografie: Verfahren, Protokolle, Infrastrukturen. dpunkt, HeidelbergMATH

Shacham H, Boneh D (2001) Improving SSL handshake performance via batching. In: Cryptographers’ track at the RSA conference. Springer, Berlin/Heidelberg, S 28–43

Shenoy J, Pingle Y (2016) IOT in agriculture. In: 2016 3rd international conference on computing for sustainable global development (INDIACom). IEEE, New Delhi, S 1456–1458

Shi X, An X, Zhao Q, Liu H, Xia L, Sun X, Guo Y (2019) State-of-the-art internet of things in protected agriculture. Sensors 19(8):1833CrossRef

Shin S, Kobara K (2016) A security framework for MQTT. In 2016 IEEE conference on communications and network security (CNS), Philadelphia, S 432–436

Sicari S, Rizzardi A, Grieco LA, Coen-Porisini A (2015) Security, privacy and trust in internet of things: the road ahead. Comput Netw 76:146–164CrossRef

Sodiya AS, Folorunso O, Komolafe PB, Ogunderu OP (2011) Preventing authentication systems from keylogging attack. J Inform Privacy Secur 7(2):3–27CrossRef

Soltani R, Nguyen UT, An A (2018) A new approach to client onboarding using self-sovereign identity and distributed ledger. In: 2018 IEEE international conference on Internet of Things (iThings) and IEEE green computing and communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). IEEE, Halifax, S 1129–1136

Sonare S, Mishra A, Verma A (2012) An authentication mechanism based on client-server architecture for accessing cloud computing. Int J Emerg Technol Adv Eng 2(7):95–99

Stočes M, Vaněk J, Masner J, Pavlík J (2016) Internet of Things (IoT) in agriculture – selected aspects. AGRIS on-line Papers in Economics and Informatics, Bd 8, No. 1, S 83–88. ISSN 1804-1930. https://doi.org/10.7160/aol.2016.080108

Sukhwani H, Martínez JM, Chang X, Trivedi KS, Rindos A (2017) Performance modeling of PBFT consensus process for permissioned blockchain network (hyperledger fabric). In: 2017 IEEE 36th symposium on reliable distributed systems (SRDS). IEEE, S 253–255

Tasca P, Tessone CJ (2017) Taxonomy of blockchain technologies. Principles of identification and classification. arXiv preprint arXiv:1708.04872 https://arxiv.org/abs/1708.04872

Wagner D, Schneier B (1996) Analysis of the SSL 3.0 protocol. In The second USENIX workshop on electronic commerce proceedings, Bd 1, No. 1, Oakland, S 29–40

Weber RH (2009) Internet of things–need for a new legal environment? Comput Law Secur Rev. 25(6):522–527CrossRef

Weber RH (2010) Internet of things–new security and privacy challenges. Comput Law Secur Rev 26(1):23–30CrossRef

Weißbach M, Taing N, Wutzler M, Springer T, Schill A, Clarke S (2016) Decentralized coordination of dynamic software updates in the internet of things. In: 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), S 171–176CrossRef

Woodbury C, Botz P (2004) Experts’ guide to OS/400 & I5/OS security. System iNetwork

Yewale AJ (2018) Study of blockchain-as-a-service systems with a case study of hyperledger fabric implementation on Kubernetes, Las Vegas

Zhao K, Ge L (2013) A survey on the internet of things security. In: 2013 Ninth international conference on computational intelligence and security. IEEE, Emeishan, S 663–667

Zyskind G, Nathan O (2015) Decentralizing privacy: using blockchain to protect personal data. In: 2015 IEEE security and privacy workshops. IEEE, San Jose S 180–184

Title: IoT Security Best Practices
Author: Marco Barenkamp
Publisher: Springer Fachmedien Wiesbaden
Book: IoT – Best Practices
Print ISBN: 978-3-658-32438-4

Electronic ISBN: 978-3-658-32439-1

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-3-658-32439-1_21

Springer Professional

Zusammenfassung

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner