nach oben

International Journal of Information Security

Erschienen in:

28.08.2021 | regular contribution

Establishing and validating secured keys for IoT devices: using P3 connection model on a cloud-based architecture

verfasst von: Sairath Bhattacharjya, Hossein Saiedian

Erschienen in: International Journal of Information Security | Ausgabe 3/2022

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

IoT devices are slowly turning out to be an essential part of our everyday lives. These devices perform one operation, and they specialize in doing so. When communicating with these devices, we need to set up a secured key preventing unauthorized communications. We have been using the plug-and-play model for electronic devices for decades. These IoT devices fall into the same realm. The plug–pair–play connection model follows the same principle so that the user does not feel the added pressure of remembering a complex password or rely on a default credential. It helps to generate a secret that is only known to the device and its user. We used elliptic curve cryptography to circumvent the resource limitations on the device. The model establishes a zero-trust pattern where all requests and responses are validated and verified before being processed. This paper provides a unique way to set up a secret key for each user and device pair without much user interaction. The model sets the path to end-to-end secured communication.

Nächster Artikel Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Adame, T., Bel, A., Bellalta, B.: Increasing lpwan scalability by means of concurrent multiband iot technologies: an industry 4.0 use case. IEEE. Access 7, 46990–47010 (2019)CrossRef

Atwady, Y., Hammoudeh, M.: A survey on authentication techniques for the internet of things. In: Proceedings of the International Conference on Future Networks and Distributed Systems, ICFNDS ’17, New York, NY, USA. Association for Computing Machinery (2017)

Bertino, E., Islam, N.: Botnets and internet of things security. IEEE Computer 50(2), 76–79 (2017)CrossRef

S. Bhattarai and Y. Wang. End-to-end trust and security for internet of things applications. Computer, 51(4), 20–27, 2018CrossRef

Columbus, L.: 2018 roundup of internet of things forecasts and market estimates. shorturl.at/qMPTU, 2019. Accessed 21 Jan 2020

Fomichev, M., Maass, M., Almon, L., Molina, A., Hollick, M.: Perils of zero-interaction security in the internet of things. In: Proceedings of ACM Interactive Mobile Wearable Ubiquitous Technology, vol. 3(1) (2019)

Gao, M., Wang, Q., Arafin, M.T., Lyu, Y., Qu, G.: Approximate computing for low power and security in the internet of things. IEEE Computer 50(6), 27–34 (2017)CrossRef

Goasduff, L.: Gartner says 5.8 billion enterprise and automotive IoT endpoints will be in use in 2020. shorturl.at/jlosS, 2019. Accessed 21 January 2020

Hilton, S.: Dyn analysis summary of Friday October 21 attack. https://bit.ly/39mqJl6, 2016. Accessed 28 January (2020)

10.

Huth, C., Zibuschka, J., Duplys, P., Guneysu, T.: Securing systems on the internet of things via physical properties of devices and communications. In: 2015 Annual IEEE Systems Conference (SysCon) Proceedings, pp. 8–13 (2015)

11.

Neshenko, N., Bou-Harb, E., Crichigno, J., Kaddoum, G., Ghani, N.: Demystifying IoT security: An exhaustive survey on iot vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Communications Surveys Tutorials 21(3), 2702–2733 (2019)CrossRef

12.

Nieminen, J., Gomez, C., Isomaki, M., Savolainen, T., Patil, B., Shelby, Z., Xi, M., Oller, J.: Networking solutions for connecting Bluetooth low energy enabled machines to the internet of things. IEEE Networks 28(6), 83–90 (Nov 2014)CrossRef

13.

Pazos, N., Muller, M., Aeberli, M., Ouerhani, N.: Connectopen: automatic integration of IoT devices. In: 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT), pp. 640–644 (2015)

14.

Puliafito, C., Mingozzi, E., Longo, F., Puliafito, A., Rana, O.: Fog computing for the internet of things: A survey. ACM Transactions on Internet Technology 19(2), 1-41 (2019)CrossRef

15.

Ronen, E., Shamir, A.: Extended functionality attacks on IoT devices: the case of smart lights. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 3–12 (2016)

16.

Sharma, S.K., Wang, X.: Toward massive machine type communications in ultra-dense cellular iot networks: Current issues and machine learning-assisted solutions. IEEE Communications Surveys Tutorials 22(1), 426–471 (2020)CrossRef

17.

Trappe, W., Howard, R., Moore, R.S.: Low-energy security: Limits and opportunities in the internet of things. IEEE Security & Privacy 13(1), 14–21 (Jan 2015)CrossRef

18.

Uslaner, E.M.: Trust online, trust offline. Communications of the ACM 47(4), 28–29 (April 2004)CrossRef

19.

van Oorschot, P.C., Smith, S.W.: The internet of things: Security challenges. IEEE Security & Privacy 17(5), 7–9 (2019)CrossRef

Titel: Establishing and validating secured keys for IoT devices: using P3 connection model on a cloud-based architecture
verfasst von: Sairath Bhattacharjya
Hossein Saiedian
Publikationsdatum: 28.08.2021
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 3/2022
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-021-00562-7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 3/2022

Narrow privacy and desynchronization in Vaudenay’s RFID model

Maintaining the level of operational effectiveness of a CSOC under adverse conditions

Anomalous behavior detection-based approach for authenticating smart home system users

Data space randomization for securing cyber-physical systems

Novel trust-aware intrusion detection and prevention system for 5G MANET–Cloud

Defeating traffic analysis via differential privacy: a case study on streaming traffic