Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Securing Industrial Control Systems Kapitel lesen Erstes Kapitel lesen

2019 | OriginalPaper | Buchkapitel

Security and Privacy Techniques for the Industrial Internet of Things

verfasst von : Yuexin Zhang, Xinyi Huang

Erschienen in: Security and Privacy Trends in the Industrial Internet of Things

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The wide employment of Internet of Things (IoT) across industrial sectors creates the Industrial Internet of Things (IIoT). In practical applications, however, the IIoT has many attack surfaces. As a result, the IIoT is vulnerable to kinds of attacks, including physical attacks (such as the invasive hardware attacks, side-channel attacks and reverse-engineering attacks), malicious code (such as Trojans, viruses and runtime attacks), and other attacks (such as phishing and sabotage). To ensure the security and privacy of the IIoT, many countermeasures have been proposed, a non-exhaustive list includes authentication techniques, secure routing techniques, intrusion detection techniques, signature techniques, and key establishment techniques. As a fundamental countermeasure, key establishment has been extensively and intensively studied. In this chapter, we will present a survey and taxonomy of the key establishment protocols. Specifically, we will review the conventional key establishment protocols which are designed at higher layers and the physical layer. By reviewing the conventional key establishment protocols, we aim to illustrate the necessity of designing cross-layer key establishment protocols for the IIoT. Then, we will provide the detailed review of cross-layer key establishment protocols. The review illustrates that, the cross-layer design enables the IIoT devices to establish communication keys without the trusted entity and the secret sharing assumption. At the end of this chapter, we will provide a conclusion and point out some future research trends of the IIoT.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Modelling the Privacy Impact of External Knowledge for Sensor Data in the Industrial Internet of Things
Nächstes Kapitel IIoT in the Hospital Scenario: Hospital 4.0, Blockchain and Robust Data Management
Fußnoten
1
Here \(|\mathbb {D}|\) is the size of the password dictionary \(\mathbb {D}\). Recall that physical layer key extraction algorithms extract secrets bits using the channel’s randomness, and the algorithms are designed without assuming the computationally-bounded adversary. Namely, the physical layer key extraction algorithms achieve information-theoretical secrecy. Thus, in [70], the extracted passwords are independently and uniformly distributed in the password dictionary \(\mathbb {D}\). Furthermore, \(|\mathbb {D}|\ll q\), i.e., \(\mathbb {D}\subset \mathbb {Z}_{q}^{*}\).
 
2
In practice, at the end of the time slot ST 1, device V  has phase offset ϕ UV = ϕ 1 + ϕ UV and amplitude deviation A UV = A + A UV. Both ϕ UV and A UV can be used to extract secrets. In [70], only the phase offsets are used to extract secrets in order to simplify the descriptions.
 
Literatur
1.
Abdalla M, Pointcheval D (2006) A scalable password-based group key exchange protocol in the standard model. In: Advances in Cryptology – ASIACRYPT 2006, 12th International Conference on the Theory and Application of Cryptology and Information Security, Shanghai, 3–7 Dec 2006, Proceedings, pp 332–347
2.
Abdalla M, Bresson E, Chevassut O, Pointcheval D (2006) Password-based group key exchange in a constant number of rounds. In: Public Key Cryptography – PKC 2006, 9th International Conference on Theory and Practice of Public-Key Cryptography, New York, 24–26 Apr 2006, Proceedings, pp 427–442
3.
Abdalla M, Bohli J, Vasco MIG, Steinwandt R (2007) (Password) authenticated key establishment: from 2-party to group. In: Theory of Cryptography, 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, 21–24 Feb 2007, Proceedings, pp 499–514
4.
Abdalla M, Chevalier C, Granboulan L, Pointcheval D (2011) Contributory password-authenticated group key exchange with join capability. In: Topics in Cryptology – CT-RSA 2011 – The Cryptographers’ Track at the RSA Conference 2011, San Francisco, 14–18 Feb 2011. Proceedings, pp 142–160
5.
Abdalla M, Benhamouda F, MacKenzie P (2015) Security of the J-PAKE password-authenticated key exchange protocol. In: 2015 IEEE Symposium on Security and Privacy (SP), pp 571–587
6.
Bellare M, Pointcheval D, Rogaway P (2000) Authenticated key exchange secure against dictionary attacks. In: Advances in Cryptology – EUROCRYPT 2000, International Conference on the Theory and Application of Cryptographic Techniques, Bruges, 14–18 May 2000, Proceeding, pp 139–155CrossRef
7.
Blom R (1984) An optimal class of symmetric key generation systems. In: Advances in Cryptology: Proceedings of EUROCRYPT 84, A Workshop on the Theory and Application of Cryptographic Techniques, Paris, 9–11 Apr 1984, Proceedings, pp 335–338
8.
Burmester M, Desmedt Y (1994) A secure and efficient conference key distribution system (extended abstract). In: Advances in Cryptology – EUROCRYPT’94, Workshop on the Theory and Application of Cryptographic Techniques, Perugia, 9–12 May 1994, Proceedings, pp 275–286
9.
Çamtepe SA, Yener B (2007) Combinatorial design of key distribution mechanisms for wireless sensor networks. IEEE/ACM Trans Netw 15(2):346–358CrossRef
10.
Cao X, Xu L, Zhang Y, Wu W (2012) Identity-based proxy signature for cloud service in saas. In: 2012 Fourth International Conference on Intelligent Networking and Collaborative Systems, INCoS 2012, Bucharest, 19–21 Sept 2012, pp 594–599
11.
Castelluccia C, Mutaf P (2005) Shake them up! a movement-based pairing protocol for CPU-constrained devices. In: Proceedings of the 3rd International Conference on Mobile Systems, Applications, and Services, MobiSys 2005, Seattle, 6–8 June 2005, pp 51–64
12.
Chan H, Perrig A, Song DX (2003) Random key predistribution schemes for sensor networks. In: 2003 IEEE Symposium on Security and Privacy (S&P 2003), 11–14 May 2003, Berkeley, p 197
13.
Du W, Deng J, Han YS, Varshney PK (2003) A pairwise key pre-distribution scheme for wireless sensor networks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, Washington, 27–30 Oct 2003, pp 42–51
14.
Du W, Deng J, Han YS, Chen S, Varshney PK (2004) A key management scheme for wireless sensor networks using deployment knowledge. In: Proceedings IEEE INFOCOM 2004, The 23rd Annual Joint Conference of the IEEE Computer and Communications Societies, Hong Kong, 7–11 Mar 2004
15.
Du W, Deng J, Han YS, Varshney PK (2006) A key predistribution scheme for sensor networks using deployment knowledge. IEEE Trans Dependable Secure Comput 3(1):62–77CrossRef
16.
Du H, Li J, Zhang Y, Li T, Zhang Y (2012) Certificate-based key-insulated signature. In: Data and Knowledge Engineering – Third International Conference, ICDKE 2012, Wuyishan, 21–23 Nov 2012. Proceedings, pp 206–220CrossRef
17.
Eschenauer L, Gligor VD (2002) A key-management scheme for distributed sensor networks. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, Washington, 18–22 Nov 2002, pp 41–47
18.
Groce A, Katz J (2010) A new framework for efficient password-based authenticated key exchange. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, 4–8 Oct 2010, pp 516–525
19.
Huang X, Susilo W, Mu Y, Zhang F (2005) On the security of certificateless signature schemes from asiacrypt 2003. In: Cryptology and Network Security, 4th International Conference, CANS 2005, Xiamen, 14–16 Dec 2005, Proceedings, pp 13–25CrossRef
20.
Huang X, Mu Y, Susilo W, Wong DS, Wu W (2007) Certificateless signature revisited. In: Information Security and Privacy, 12th Australasian Conference, ACISP 2007, Townsville, 2–4 July 2007, Proceedings, pp 308–322
21.
Jana S, Premnath SN, Clark M, Kasera SK, Patwari N, Krishnamurthy SV (2009) On the effectiveness of secret key extraction from wireless signal strength in real environments. In: Proceedings of the 15th Annual International Conference on Mobile Computing and Networking, MOBICOM 2009, Beijing, 20–25 Sept 2009, pp 321–332
22.
Jiang S, Gong G (2004) Password based key exchange with mutual authentication. In: Selected Areas in Cryptography, 11th International Workshop, SAC 2004, Waterloo, 9–10 Aug 2004, Revised Selected Papers, pp 267–279CrossRef
23.
Katz J, Vaikuntanathan V (2013) Round-optimal password-based authenticated key exchange. J Cryptol 26(4):714–743MathSciNetCrossRef
24.
Katz J, Ostrovsky R, Yung M (2001) Efficient password-authenticated key exchange using human-memorable passwords. In: Advances in Cryptology – EUROCRYPT 2001, International Conference on the Theory and Application of Cryptographic Techniques, Innsbruck, 6–10 May 2001, Proceeding, pp 475–494
25.
Lai B, Kim S, Verbauwhede I (2002) Scalable session key construction protocol for wireless sensor networks. In: IEEE Workshop on Large Scale RealTime and Embedded Systems (LARTES), p 7
26.
Li J, Du H, Zhang Y, Li T, Zhang Y (2014) Provably secure certificate-based key-insulated signature scheme. Concurr Comput Pract Exp 26(8):1546–1560CrossRef
27.
Liu D, Ning P (2003) Establishing pairwise keys in distributed sensor networks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, Washington, 27–30 Oct 2003, pp 52–61
28.
Mathur S, Trappe W, Mandayam NB, Ye C, Reznik A (2008) Radio-telepathy: extracting a secret key from an unauthenticated wireless channel. In: Proceedings of the 14th Annual International Conference on Mobile Computing and Networking, MOBICOM 2008, San Francisco, 14–19 Sept 2008, pp 128–139
29.
Peng K, Zhang Y (2012) A secure mix network with an efficient validity verification mechanism. In: Internet and Distributed Computing Systems – 5th International Conference, IDCS 2012, Wuyishan, Fujian, 21–23 Nov 2012. Proceedings, pp 85–96
30.
Peng J, Choo KR, Ashman H (2016) User profiling in intrusion detection: a review. J Netw Comput Appl 72:14–27CrossRef
31.
Peng Y, Wang P, Xiang W, Li Y (2017) Secret key generation based on estimated channel state information for TDD-OFDM systems over fading channels. IEEE Trans Wirel Commun 16(8):5176–5186CrossRef
32.
Perrig A, Szewczyk R, Wen V, Culler DE, Tygar JD (2001) SPINS: security protocols for sensor netowrks. In: MOBICOM 2001, Proceedings of the Seventh Annual International Conference on Mobile Computing and Networking, Rome, 16–21 July 2001, pp 189–199
33.
Pietro RD, Oligeri G (2013) COKE crypto-less over-the-air key establishment. IEEE IEEE Trans Inf Forensics Secur 8(1):163–173CrossRef
34.
Premnath SN, Jana S, Croft J, Gowda PL, Clark M, Kasera SK, Patwari N, Krishnamurthy SV (2013) Secret key extraction from wireless signal strength in real environments. IEEE Trans Mob Comput 12(5):917–930CrossRef
35.
Ruj S, Nayak A, Stojmenovic I (2013) Pairwise and triple key distribution in wireless sensor networks with applications. IEEE Trans Comput 62(11):2224–2237MathSciNetCrossRef
36.
Sadeghi A, Wachsmann C, Waidner M (2015) Security and privacy challenges in industrial Internet of Things. In: Proceedings of the 52nd Annual Design Automation Conference, San Francisco, 7–11 June 2015, pp 54:1–54:6
37.
Shen J, Moh S, Chung I (2012) Identity-based key agreement protocol employing a symmetric balanced incomplete block design. J Commun Netw 14(6):682–691CrossRef
38.
Shen J, Wang A, Wang C, Hung PCK, Lai C (2017) An efficient centroid-based routing protocol for energy management in WSN-assisted IoT. IEEE Access 5:18469–18479CrossRef
39.
Shen J, Zhou T, He D, Zhang Y, Sun X, Xiang Y (2017, to be appear) Block design-based key agreement for group data sharing in cloud computing. IEEE Trans Dependable Secure Comput
40.
Shen J, Zhou T, Lai CF, Li J, Li X (2017) Hierarchical trust level evaluation for pervasive social networking. IEEE Access 5:1178–1187CrossRef
41.
Shen J, Zhou T, Wei F, Sun X, Xiang Y (2018) Privacy-preserving and lightweight key agreement protocol for v2g in the social internet of things. IEEE Internet Things J 5(4):2526–2536CrossRef
42.
Shen J, Zhou T, Chen X, Li J, Susilo W (2018) Anonymous and traceable group data sharing in cloud computing. IEEE Trans Inf Forensics Secur 13(4):912–925CrossRef
43.
Shimizu T, Iwai H, Sasaoka H (2011) Physical-layer secret key agreement in two-way wireless relaying systems. IEEE Trans Inf Forensics Secur 6(3–1):650–660CrossRef
44.
Tang Q, Choo KR (2006) Secure password-based authenticated group key agreement for data-sharing peer-to-peer networks. In: Applied Cryptography and Network Security, 4th International Conference, ACNS 2006, Singapore, 6–9 June 2006, Proceedings, pp 162–177CrossRef
45.
Wallner D, Harder E, Agee R (1999) Key management for multicast: issues and architectures. No. RFC 2627
46.
Wan Z, Deng RH, Bao F, Preneel B (2007) nPAKE+: a hierarchical group password-authenticated key exchange protocol using different passwords. In: Information and Communications Security, 9th International Conference, ICICS 2007, Zhengzhou, 12–15 Dec 2007, Proceedings, pp 31–43
47.
Wang D, Zhang Z, Wang P, Yan J, Huang X (2016) Targeted online password guessing: an underestimated threat. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, 24–28 Oct 2016, pp 1242–1254
48.
Wang D, Cheng H, Wang P, Huang X, Jian G (2017) Zipf’s law in passwords. IEEE Trans Inf Forensics Secur 12(11):2776–2791CrossRef
49.
Wang D, Cheng H, He D, Wang P (2018) On the challenges in designing identity-based privacy-preserving authentication schemes for mobile devices. IEEE Syst J 12(1):916–925CrossRef
50.
Wang D, Li W, Wang P (2018) Measuring two-factor authentication schemes for real-time data access in industrial wireless sensor networks. IEEE Trans Ind Inf 14(9):4081–4092CrossRef
51.
Wang M, Zhang Y, Ma J, Wu W (2018, to appear) A universal designated multi verifiers content extraction signature scheme. Int J Comput Sci Eng
52.
Xi W, Qian C, Han J, Zhao K, Zhong S, Li X, Zhao J (2016) Instant and robust authentication and key agreement among mobile devices. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, 24–28 Oct 2016, pp 616–627
53.
Xu L, Zhang Y (2014) Matrix-based pairwise key establishment for wireless mesh networks. Futur Gener Comput Syst 30:140–145CrossRef
54.
Xu S, Mu Y, Susilo W, Chen X, Huang X, Zhang F (2006) Online/offline signatures and multisignatures for AODV and DSR routing security. IACR Cryptol ePrint Archive 2006, 236
55.
Xu L, Cao X, Zhang Y, Wu W (2013) Software service signature (S3) for authentication in cloud computing. Clust Comput 16(4):905–914CrossRef
56.
Yang X, Zhang Y, Liu JK, Zeng Y (2016) A trust and privacy preserving handover authentication protocol for wireless networks. In: 2016 IEEE Trustcom/BigDataSE/ISPA, Tianjin, 23–26 Aug 2016, pp 138–143
57.
Ye A, Zheng Y, Xu L, Zhang Y (2017) A road-network based privacy-preserving approach in trajectory publishing. J Internet Technol 18(4):867–876
58.
Zan B, Gruteser M, Hu F (2013) Key agreement algorithms for vehicular communication networks based on reciprocity and diversity theorems. IEEE Trans Veh Technol 62(8):4020–4027CrossRef
59.
Zeng K, Wu D, Chan AJ, Mohapatra P (2010) Exploiting multiple-antenna diversity for shared secret key generation in wireless networks. In: INFOCOM 2010. 29th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, 15–19 Mar 2010, San Diego, pp 1837–1845
60.
Zhang Y, Xu L, Huang X (2012) Polynomial based key predistribution scheme in wireless mesh networks. J Comput Inf Syst 8(6):2539–2549
61.
Zhang Y, Xu L, Huang X, Li J (2013) Matrix-based pairwise key establishment with pre and post deployment knowledge for wireless mesh networks. In: Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2013, Taichung, 3–5 July 2013, pp 153–158
62.
Zhang Y, Xu L, Xiang Y, Huang X (2013) Matrix-based pairwise key establishment in wireless mesh networks using deployment knowledge. In: Proceedings of IEEE International Conference on Communications, ICC 2013, Budapest, 9–13 June 2013, pp 1604–1608
63.
Zhang Y, Xu L, Xiang Y, Huang X (2013) A matrix-based pairwise key establishment scheme for wireless mesh networks using pre deployment knowledge. IEEE Trans Emerg Top Comput 1(2):331–340CrossRef
64.
Zhang Y, Xiang Y, Huang X, Xu L (2014) A cross-layer key establishment scheme in wireless mesh networks. In: Computer Security – ESORICS 2014 – 19th European Symposium on Research in Computer Security, Wroclaw, 7–11 Sept 2014. Proceedings, Part I, pp 526–541
65.
Zhang Y, Xu L, Huang X, Li J (2015) Matrix-based key pre-distribution schemes in WMNS using pre and post deployment knowledge. Int J Ad Hoc Ubiquitous Comput 20(4):262–273CrossRef
66.
Zhang Y, Xiang Y, Huang X (2016) Password-authenticated group key exchange: a cross-layer design. ACM Trans Internet Technol 16(4):24:1–24:20CrossRef
67.
Zhang Y, Xiang Y, Huang X (2017) A cross-layer key establishment model for wireless devices in cyber-physical systems. In: Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security, CPSS@AsiaCCS 2017, Abu Dhabi, 2 Apr 2017, pp 43–53
68.
Zhang Y, Xiang Y, Huang X, Chen X, Alelaiwi A (2018) A matrix-based cross-layer key establishment protocol for smart homes. Inf Sci 429:390–405CrossRef
69.
Zhang Y, Xiang Y, Wang T, Wu W, Shen J (2018) An over-the-air key establishment protocol using keyless cryptography. Futur Gener Comput Syst 79:284–294CrossRef
70.
Zhang Y, Xiang Y, Wu W, Alelaiwi A (2018) A variant of password authenticated key exchange protocol. Futur Gener Comput Syst 78:699–711CrossRef
71.
Zhu S, Setia S, Jajodia S (2003) LEAP: efficient security mechanisms for large-scale distributed sensor networks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, Washington, DC, 27–30 Oct 2003, pp 62–72
72.
Zhu F, Zhang Y, Lin C, Wu W, Meng R (2017) A universal designated multi-verifier transitive signature scheme. In: Information Security and Cryptology – 13th International Conference, Inscrypt 2017, Xi’an, 3–5 Nov 2017, Revised Selected Papers, pp 180–195
73.
Zhu X, Xu F, Novak E, Tan CC, Li Q, Chen G (2017) Using wireless link dynamics to extract a secret key in vehicular scenarios. IEEE Trans Mob Comput 16(7):2065–2078CrossRef
Metadaten
Titel
Security and Privacy Techniques for the Industrial Internet of Things
verfasst von
Yuexin Zhang
Xinyi Huang
Copyright-Jahr
2019
Buch
Security and Privacy Trends in the Industrial Internet of Things

Print ISBN: 978-3-030-12329-1

Electronic ISBN: 978-3-030-12330-7

Copyright-Jahr: 2019

DOI
https://doi.org/10.1007/978-3-030-12330-7_12