nach oben

The Journal of Supercomputing

Erschienen in:

14.09.2020

Toward the inclusion of end-to-end security in the OM2M platform

verfasst von: Simone Patonico, Thanh-Long Nguyen, Placide Shabisha, An Braeken, Kris Steenhaut

Erschienen in: The Journal of Supercomputing | Ausgabe 4/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The exponential growth in the number of Internet of things (IoT) devices and their potential in many applications in a vast number of domains fuelled the development of different IoT platforms, supported by big companies and industry groups. These platforms are able to provide reliable services to IoT devices and reduce the time to market for the targeted applications. Unfortunately, these proprietary solutions fragment the IoT market and hamper horizontal integration. The need to interoperate the different IoT platforms and communication protocols pushed the Standards Developing Organizations (SDOs) to the specification of a machine-to-machine (M2M) service layer, published as the oneM2M (OM2M) standard. Although the OM2M standard provides generic guidelines to implement security solutions which include authentication, authorization, confidentiality and data integrity, more efficient security schemes should be investigated when constrained IoT devices are concerned. This paper presents two main contributions. First, a CoAPS binding for the OM2M platform is provided that enables secure and reliable communication with constrained IoT devices. Second, a lightweight dynamic access control system is designed, developed and integrated in a OM2M-based architecture. It allows to dynamically grant or revoke access permission in an anonymous way to constrained IoT devices for controlling some actuators. From the experimental results, we can conclude that the computational complexity of the proposed security scheme is extremely low for the client device which requests data access. We show that a constrained IoT device establishes a trust relationship with the OM2M server in few seconds.

Vorheriger Artikel Performance prediction of parallel applications: a systematic literature review

Nächster Artikel High-capacity ride-sharing via shortest path clustering on large road networks

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Balfour RE (2015) Building the “Internet of Everything” (IoE) for first responders. In: 2015 long Island systems, applications and technology, pp 1–6. IEEE. https://doi.org/10.1109/LISAT.2015.7160172. http://ieeexplore.ieee.org/document/7160172/

Brown DRL, Gallant R, Vanstone SA (2002) Provably secure implicit certificate schemes. Springer, Berlin, pp 156–165. https://doi.org/10.1007/3-540-46088-8_15CrossRefMATH

Capossele A, Cervo V, De Cicco G, Petrioli, C (2015) Security as a CoAP resource: an optimized DTLS implementation for the IoT. In: 2015 IEEE International Conference on Communications (ICC). IEEE (2015), pp 549–554. https://doi.org/10.1109/ICC.2015.7248379. http://ieeexplore.ieee.org/document/7248379/

Chen YC, Chuang SC, Yeh LY, Huang JL (2011) A practical authentication protocol with anonymity for wireless access networks. Wirel Commun Mobile Comput 11(10):1366–1375. https://doi.org/10.1002/wcm.933CrossRef

Corici A, Elmangoush A, Steinke R, Magedanz T, Mwangama J, Ventura N (2014) Utilizing M2M technologies for building reliable smart cities. In: 2014 6th International Conference on New Technologies, Mobility and Security (NTMS). IEEE, pp 1–5. https://doi.org/10.1109/NTMS.2014.6814059. http://ieeexplore.ieee.org/document/6814059/

Elmangoush A, Al-Hezmi A, Magedanz T (2014) The development of M2M standards for ubiquitous sensing service layer. In: 2014 IEEE globecom workshops (GC Wkshps). IEEE, pp 624–629. https://doi.org/10.1109/GLOCOMW.2014.7063502. http://ieeexplore.ieee.org/document/7063502/

Fotiou N, Kotsonis T, Marias GF, Polyzos GC (2016) Access control for the internet of things. In: 2016 international workshop on secure internet of things (SIoT). IEEE, pp 29–38. https://doi.org/10.1109/SIoT.2016.010. http://ieeexplore.ieee.org/document/7913563/

Gope P, Hwang T (2016) A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks. IEEE Trans Ind Electron 63(11):7124–7132. https://doi.org/10.1109/TIE.2016.2585081CrossRef

Granjal J, Monteiro E (2016) End-to-end transparent transport-layer security for internet-integrated mobile sensing devices. In: 2016 IFIP Networking Conference (IFIP Networking) and Workshops. IEEE, pp 306–314. https://doi.org/10.1109/IFIPNetworking.2016.7497235. http://ieeexplore.ieee.org/document/7497235/

10.

He D, Zhang Y, Chen J (2014) Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wirel Pers Commun 74(2):229–243. https://doi.org/10.1007/s11277-013-1282-xCrossRef

11.

Hsieh WB, Leu JS (2014) Anonymous authentication protocol based on elliptic curve Diffie–Hellman for wireless access networks. Wirel Commun Mobile Comput 14(10):995–1006. https://doi.org/10.1002/wcm.2252CrossRef

12.

Hsu YH, Lin FJ (2017) Preventing misuse of duplicate certificates in IoT/M2M systems. In: 2017 26th International Conference on Computer Communication and Networks (ICCCN). IEEE, pp. 1–8. https://doi.org/10.1109/ICCCN.2017.8038508. http://ieeexplore.ieee.org/document/8038508/

13.

Indu I, Anand PMR (2016) Hybrid authentication and authorization model for web based applications. In: 2016 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET). IEEE, pp 1187–1191. https://doi.org/10.1109/WiSPNET.2016.7566324. http://ieeexplore.ieee.org/document/7566324/

14.

Jan MA, Zhang W, Usman M, Tan Z, Khan F, Luo E (2019) SmartEdge: an end-to-end encryption framework for an edge-enabled smart city application. J Netw Comput Appl 137:1–10. https://doi.org/10.1016/J.JNCA.2019.02.023CrossRef

15.

Kim H, Lee EA (2017) Authentication and authorization for the internet of things. IT Prof 19(5):27–33. https://doi.org/10.1109/MITP.2017.3680960CrossRef

16.

Lee C, Nkenyereye L, Sung N, Song J (2018) Towards a Blockchain-enabled IoT platform using oneM2M standards. In: 2018 International Conference on Information and Communication Technology Convergence (ICTC). IEEE, pp 97–102. https://doi.org/10.1109/ICTC.2018.8539724

17.

Li J, Zhang W, Dabra V, Choo KKR, Kumari S, Hogrefe D (2019) AEP-PPA: an anonymous, efficient and provably-secure privacy-preserving authentication protocol for mobile services in smart cities. J Netw Comput Appl 134:52–61. https://doi.org/10.1016/J.JNCA.2019.02.003CrossRef

18.

Liu JK, Au MH, Huang X, Lu R, Li J (2016) Fine-grained two-factor access control for web-based cloud computing services. IEEE Trans Inf Forensics Sec 11(3):484–497. https://doi.org/10.1109/TIFS.2015.2493983CrossRef

19.

Naik N, Jenkins P (2016) A secure mobile cloud identity: criteria for effective identity and access management standards. In: 2016 4th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud). IEEE, pp 89–90. https://doi.org/10.1109/MobileCloud.2016.22. http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=7474415

20.

Neisse R, Baldini G, Steri G, Ahmad A, Fourneret E, Legeard B (2017) Improving internet of things device certification with policy-based management. In: 2017 global internet of things summit (GIoTS). IEEE, pp 1–6. https://doi.org/10.1109/GIOTS.2017.8016273. http://ieeexplore.ieee.org/document/8016273/

21.

Oh SR, Kim YG (2017) Development of IoT security component for interoperability. In: 2017 13th International Computer Engineering Conference (ICENCO). IEEE, pp 41–44. https://doi.org/10.1109/ICENCO.2017.8289760. http://ieeexplore.ieee.org/document/8289760/

22.

OneM2M: oneM2M - Home (2012). http://www.onem2m.org/

23.

Park CS (2017) A secure and efficient ECQV implicit certificate issuance protocol for the internet of things applications. IEEE Sens J 17(7):2215–2223. https://doi.org/10.1109/JSEN.2016.2625821CrossRef

24.

Patonico S, Nguyen TL, Shabisha P, Braeken A, Steenhaut K (2018) DTLS integration in oneM2M based on Zolertia RE-motes. In: 2018 4th International Conference on Cloud Computing Technologies and Applications, Cloudtech 2018. Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/CloudTech.2018.8713357

25.

Qu MVSA (2000) Implicit certificate scheme. https://patents.google.com/patent/US6792530

26.

Research C (2009) Standards for efficient cryptography SEC 1: elliptic curve cryptography. Tech. rep. https://www.secg.org/sec1-v2.pdf

27.

RfcDTLS: RFC 6347 - Datagram Transport Layer Security Version 1.2 (2012). http://www.rfc-editor.org/info/rfc6347

28.

Staudemeyer RC, Pohls HC, Wojcik M (2018) The road to privacy in IoT: beyond encryption and signatures, towards unobservable communication. In: 2018 IEEE 19th International Symposium on “A World of Wireless, Mobile and Multimedia Networks” (WoWMoM). IEEE, pp 14–20. https://doi.org/10.1109/WoWMoM.2018.8449779. https://ieeexplore.ieee.org/document/8449779/

29.

Sun G, Sun S, Sun J, Yu H, Du X, Guizani M (2019) Security and privacy preservation in fog-based crowd sensing on the internet of vehicles. J Netw Comput Appl 134:89–99. https://doi.org/10.1016/J.JNCA.2019.02.018CrossRef

30.

Swetina J, Lu G, Jacobs P, Ennesser F, Song J (2014) Toward a standardized common M2M service layer platform: introduction to oneM2M. IEEE Wirel Commun 21(3):20–26. https://doi.org/10.1109/MWC.2014.6845045CrossRef

31.

Tinydtls: GitHub - eclipse/tinydtls: Eclipse tinydtls (2015). https://github.com/eclipse/tinydtls

32.

Van den Abeele F, Vandewinckele T, Hoebeke J, Moerman I, Demeester P (2015) Secure communication in IP-based wireless sensor networks via a trusted gateway. In: 2015 IEEE Tenth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP). IEEE, pp 1–6. https://doi.org/10.1109/ISSNIP.2015.7106963. http://ieeexplore.ieee.org/document/7106963/

33.

Wu CW, Lin FJ, Wang CH, Chang N (2017) OneM2M-based IoT protocol integration. In: 2017 IEEE Conference on Standards for Communications and Networking (CSCN). IEEE, pp 252–257. https://doi.org/10.1109/CSCN.2017.8088630. http://ieeexplore.ieee.org/document/8088630/

34.

Younis YA, Kifayat K, Merabti M (2015) A novel evaluation criteria to cloud based access control models. In: 2015 11th International Conference on Innovations in Information Technology (IIT). IEEE, pp 68–73 https://doi.org/10.1109/INNOVATIONS.2015.7381517. http://ieeexplore.ieee.org/document/7381517/

35.

Zhang Z, Qi Q, Kumar N, Chilamkurti N, Jeong HY (2015) A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimed Tools Appl 74(10):3477–3488. https://doi.org/10.1007/s11042-014-1885-6CrossRef

Titel: Toward the inclusion of end-to-end security in the OM2M platform
verfasst von: Simone Patonico
Thanh-Long Nguyen
Placide Shabisha
An Braeken
Kris Steenhaut
Publikationsdatum: 14.09.2020
Verlag: Springer US
Erschienen in: The Journal of Supercomputing / Ausgabe 4/2021
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-020-03415-7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 4/2021

PerficientCloudSim: a tool to simulate large-scale computation in heterogeneous clouds

Construction and verification of retinal vessel segmentation algorithm for color fundus image under BP neural network model

DNetUnet: a semi-supervised CNN of medical image segmentation for super-computing AI service

Lower bounds for dilation, wirelength, and edge congestion of embedding graphs into hypercubes

A semi-supervised approach in detecting sentiment and emotion based on digital payment reviews

A novel enhanced region proposal network and modified loss function: threat object detection in secure screening using deep learning