| 1. |
|
|
| 2. |
- Kim, Hokeun, et al.
(författare)
-
A Toolkit for Construction of Authorization Service Infrastructure for the Internet of Things
- 2017
-
Ingår i: Internet-of-Things Design and Implementation (IoTDI), 2017 IEEE/ACM Second International Conference on. - New York, NY, USA : ACM Digital Library. ; , s. 147-158
-
Konferensbidrag (refereegranskat)abstract
- The challenges posed by the Internet of Things (IoT) render existing security measures ineffective against emerging networks and devices. These challenges include heterogeneity, operation in open environments, and scalability. In this paper, we propose SST (Secure Swarm Toolkit), an open-source toolkit for construction and deployment of an authorization service infrastructure for the IoT. The infrastructure uses distributed local authorization entities, which provide authorization services that can address heterogeneous security requirements and resource constraints in the IoT. The authorization services can be accessed by network entities through software interfaces provided by SST, called accessors. The accessors enable IoT developers to readily integrate their devices with authorization services without needing to manage cryptographic keys and operations. To rigorously show that SST provides necessary security guarantees, we have performed a formal security analysis using an automated verification tool. In addition, we demonstrate the scalability of our approach with a mathematical analysis, as well as experiments to evaluate security overhead of network entities under different security profiles supported by SST
|
|
| 3. |
- Kim, Hokeun, et al.
(författare)
-
Resilient Authentication and Authorization for the Internet of Things (IoT) Using Edge Computing
- 2020
-
Ingår i: ACM Transactions on Internet of Things. - : ACM Press. - 2691-1914 .- 2577-6207. ; 1:1, s. -27
-
Tidskriftsartikel (refereegranskat)abstract
- An emerging type of network architecture called edge computing has the potential to improve the availability and resilience of IoT services under anomalous situations such as network failures or denial-of-service (DoS) attacks. However, relatively little has been explored on the problem of ensuring availability even when edge computers that provide key security services (e.g., authentication and authorization) become unavailable themselves. This article proposes a resilient authentication and authorization framework to enhance the availability of IoT services under DoS attacks or failures. The proposed approach leverages a technique called secure migration, which allows an IoT device to migrate to another trusted edge computer when its own local authorization service becomes unavailable. Specifically, we describe the design of a secure migration framework and its supporting mechanisms, including (1) automated migration policy construction and (2) protocols for preparing and executing the secure migration. We formalize secure migration policy con- struction as an integer linear programming (ILP) problem and show its effectiveness using a case study on smart buildings, where the proposed solution achieves significantly higher availability under simulated at- tacks on authorization services.
|
|
