Visible to the public End to End Security and the Internet of Things, 2014

SoS Newsletter- Advanced Book Block

SoS Logo

End to End Security and the Internet of Things, 2014


End to end security focuses on the concept of uninterrupted protection of data traveling between two communicating partners. Generally, encryption is the method of choice. For the Internet of Things (IOT), “baked in” security is a major challenge.  The research cited here was presented during 2014.


Sahraoui, S.; Bilami, A., "Compressed And Distributed Host Identity Protocol For End-To-End Security In The Iot," Next Generation Networks and Services (NGNS), 2014 Fifth International Conference on , vol., no., pp.295,301, 28-30 May 2014. doi: 10.1109/NGNS.2014.6990267
Abstract: Wireless Sensor Networks (WSNs), as a key part of the Internet of Things (IoT), allow the representation of the dynamic characteristics of the physical world in the Internet's virtual world. Thus, sensor nodes are henceforth considered as Internet hosts and may act freely as web clients or servers. Undoubtedly, security and end-users privacy issues rise and become more severe in the IoT, due to the asymmetric nature of the communications between sensor nodes and the ordinary Internet hosts. Many solutions propose to use the classical IP-based security protocols for IoT, after adapting them to WSN's constraints by either messages compression or computational-load distribution techniques. In this paper we propose a 6LoWPAN (IPv6 over Low power Wireless Personal Area Networks) compression model for HIP (Host Identity Protocol) header, as well as, an adapted distribution scheme of the computational load in HIP's key agreement process. For an extreme lightweight end-to-end security, we propose to combine both compression and distribution models for HIP in WSNs side, in the IoT. The partial evaluation results show that the proposed protocol, named compressed and distributed HIP (CD-HIP), is more adapted than the standard HIP, while introducing minor header communication overhead.
Keywords: IP networks; Internet; Internet of Things; file servers; personal area networks; protocols; telecommunication security; wireless sensor networks; 6LoWPAN; CD-HIP; IP-based security protocols;IPv6 over low power wireless personal area networks; Internet of Things; IoT; WSN; Web clients; Web servers; communication overhead; compressed and distributed HIP; computational-load distribution techniques; distribution scheme; end-to-end security; host identity protocol; messages compression; wireless sensor networks; Hip; IP networks; Internet; Peer-to-peer computing; Protocols; Security; Wireless sensor networks; 6LoWPAN compression; Host Identity Protocol ; Internet of Things; IoT; Wireless Sensor Networks; distributed HIP Base Exchange; end-to-end security (ID#: 15-5196)


Jiye Park; Namhi Kang, "Lightweight Secure Communication For CoAP-Enabled Internet Of Things Using Delegated DTLS Handshake," Information and Communication Technology Convergence (ICTC), 2014 International Conference on, pp. 28, 33, 22-24 Oct. 2014. doi: 10.1109/ICTC.2014.6983078
Abstract: IETF CoRE working group proposed to use DTLS for supporting secure IoT services. In this paper, we examine problems that can happen when applying the DTLS protocol to IoT networks directly. To solve the problems, we separate the DTLS protocol into two; the handshake phase and the encryption phase. Our approach enhances performance in both device and network by using a way to delegate the DTLS handshake phase. We also present two scenarios (inbound and outbound) based on the properties of Constrained Application Protocol (CoAP) enabled sensors. The proposed scheme supports secure end-to-end communication despite using delegation.
Keywords: Internet of Things; cryptography; telecommunication security; CoAP enabled sensors; CoAP-enabled Internet of Things; DTLS protocol; IETF CoRE working group; IoT networks; constrained application protocol; delegated DTLS handshake; delegation; encryption phase; handshake phase; lightweight secure communication; secure end-to-end communication;Encryption;Internet;Protocols;Sensors;Servers;CoAP Security; DTLS; Delegation; End-to-end Security; Internet of Things (ID#: 15-5197)


Curtis, Bill, "Delivering Security By Design In The Internet Of Things," Test Conference (ITC), 2014 IEEE International, pp. 1, 1, 20-23 Oct. 2014. doi: 10.1109/TEST.2014.7035283
Abstract: End to end security is becoming a prerequisite of the Internet of Things. Data must be managed securely at generation, in flight and at rest to avoid critical enterprise or personal data being intercepted. Privacy becomes paramount as our lives and health become increasingly digital, and devices must evolve to deliver security and robustness while pricing continues to be constrained. This talk will highlight the security requirements of the IoT as outlined by the Dept. of Homeland Security and the UK Centre for Protection of National Infrastructure to counter the emergence of threats ranging from advanced persistent software threats to physical tampering and side channel attacks. Following the definition of the attack threats we will then establish the definition of advanced device security features, system implementation requirements and testability criteria to develop Security by Design within the Internet of Things.
Keywords:  (not provided) (ID#: 15-5198)


Shafagh, H.; Hithnawi, A., "Poster Abstract: Security Comes First, a Public-key Cryptography Framework for the Internet of Things," Distributed Computing in Sensor Systems (DCOSS), 2014 IEEE International Conference on, pp. 135, 136, 26-28 May 2014. doi: 10.1109/DCOSS.2014.62
Abstract: Novel Internet services are emerging around an increasing number of sensors and actuators in our surroundings, commonly referred to as smart devices. Smart devices, which form the backbone of the Internet of Things (IoT), enable alternative forms of user experience by means of automation, convenience, and efficiency. At the same time new security and safety issues arise, given the Internet-connectivity and the interaction possibility of smart devices with human's proximate living space. Hence, security is a fundamental requirement of the IoT design. In order to remain interoperable with the existing infrastructure, we postulate a security framework compatible to standard IP-based security solutions, yet optimized to meet the constraints of the IoT ecosystem. In this ongoing work, we first identify necessary components of an interoperable secure End-to-End communication while incorporating Public-key Cryptography (PKC). To this end, we tackle involved computational and communication overheads. The required components on the hardware side are the affordable hardware acceleration engines for cryptographic operations and on the software side header compression and long-lasting secure sessions. In future work, we focus on integration of these components into a framework and the evaluation of an early prototype of this framework.
Keywords: IP networks; Internet; Internet of Things; open systems; public key cryptography; IP-based security solutions; Internet of Things; Internet services; Internet-connectivity; IoT; end-to-end communication; interoperability; public-key cryptography; safety issues; security issues; smart devices; Acceleration; Cryptography; Engines; Hardware; Internet of Things; Protocols (ID#: 15-5199)


Ahrary, A.; Ludena, R.D.A., "Big Data Application To The Vegetable Production And Distribution System," Signal Processing & its Applications (CSPA), 2014 IEEE 10th International Colloquium on, pp. 20, 24, 7-9 March 2014. doi: 10.1109/CSPA.2014.6805713
Abstract: The new paradigm of Big Data and its multiple benefits have being used in the novel nutrition-based vegetable production and distribution system in order to generate a healthy food recommendation to the end user and to provide different analytics to improve the system efficiency. As next step in this study, the new paradigm Internet of Things (IoT) is included in the Big Data approach of the system to use its benefits, particularly automation, to add much more precise data to the system to provide to the user a much richer experience. The IoT paradigm is bridging the real world with its virtual image, where devices located in different areas could exchange information each other without any type of supervision or control. But, spite of all the benefits that IoT could bring to society, the security of the information as well as privacy must be strongly enforced and managed in this new environment with unique characteristics. In our project we make a particular approach and security assessment of the use of IoT to provide automatic data to the system.
Keywords: Big Data; Internet of Things; agriculture; goods distribution; security of data; Big Data; Internet of Things; IoT paradigm; healthy food recommendation; nutrition-based vegetable; security assessment; vegetable distribution system; vegetable production system; virtual image; Authentication; Data handling; Data storage systems; Information management; Internet; Radiofrequency identification; Big Data; Computer Science; Data Analysis; Data systems; IoT (ID#: 15-5200)


Poulymenopoulou, M.; Malamateniou, F.; Vassilacopoulos, G., "A Virtual PHR Authorization System," Biomedical and Health Informatics (BHI), 2014 IEEE-EMBS International Conference on, pp. 73, 76, 1-4 June 2014. doi: 10.1109/BHI.2014.6864307
Abstract: Cloud computing and Internet of things (IOT) technologies can support a new generation of PHR systems which are provided as cloud services that contain patient data (health and social) from various sources, including automatically transmitted data from Internet connected devices of patient living space (e.g. medical devices connected to patients at home care). In this paper, the virtual PHR concept is introduced as an entity on the network consisted of (a) a non-healthcare component containing health and social information collected by either the patient or non-healthcare providers, (b) a medical device component containing health information transmitted from Internet connected medical devices and (c) a healthcare professional component containing information stored into various healthcare information systems. The PHR concept is based on the patient-centered model dictating that patients are the owners of their information. Hence, patients are empowered to authorize other subjects to access it that introduces specific security challenges which are further accentuated by the fact that diverse local security policies may need to be reconciled. The PHR authorization system proposed here is based on a combination of role-based and attribute-based access control (RABAC) and supports patient-specified authorization policies of various granularity levels subject to constraints imposed by the security policies of the various health and social care providers involved. To this end, an ontology of granular security concepts is built to aid in semantically matching diverse authorization requests and to enable semantic rule reasoning on whether a requested access should be permitted or denied.
Keywords: authorisation; electronic health records; granular computing; ontologies (artificial intelligence);IOT; Internet of things; RABAC; attribute-based access control; cloud computing; data access; granular security concepts; granularity levels; health care providers; health information collection; health information transmission; healthcare information systems; healthcare professional component; information storage; local security policies; medical device component; nonhealthcare component; nonhealthcare providers; ontology; patient data; patient-centered model; patient-specified authorization policies; personal health record; role-based access control; semantic matching; semantic rule reasoning; social care providers; social information collection; virtual PHR authorization system; Authorization; Cloud computing; Filtering; Medical services; Ontologies; Semantics (ID#: 15-5201)


Ludena R, D.A.; Ahrary, A.; Horibe, N.; Won Seok Yang, "IoT-security Approach Analysis for the Novel Nutrition-Based Vegetable Production and Distribution System," Advanced Applied Informatics (IIAIAAI), 2014 IIAI 3rd International Conference on, pp. 185, 189, Aug. 31 2014-Sept. 4 2014. doi: 10.1109/IIAI-AAI.2014.47
Abstract: The new Internet of Things (IoT) paradigm is giving to the scientific community the possibility to create integrated environments where information could be exchanged among heterogeneous characteristic networks in an automated way, in order to provide a richer experience to the user and to give specific relevant information regarding the particular environment in which the user is interacting with. Those characteristic are highly valuable for the novel nutrition-based vegetable production and distribution system, in which the multiple benefits of Big Data where used in order to generate a healthy food recommendation to the end user and to feed to the system different analytics to improve the system efficiency. Moreover, the different IoT capabilities, specifically automation and heterogeneous network communication are valuable to improve the information matrix of our project. This paper discusses the different IoT available technologies, their security capabilities and assessment, and how could be useful for our project.
Keywords: Big Data; Internet of Things; agricultural products; computer network security; production engineering computing; recommender systems; Internet of Things paradigm; IoT-security approach analysis; automation network communication; big data; healthy food recommendation; heterogeneous characteristic networks; heterogeneous network communication; nutrition-based vegetable production and distribution system; security capabilities; Authentication; Big data; Educational institutions ;Internet; Radiofrequency identification; Big Data; Computer Science; Data Analysis; Data systems; IoT (ID#: 15-5202)


Porambage, P.; Schmitt, C.; Kumar, P.; Gurtov, A.; Ylianttila, M., "Two-Phase Authentication Protocol For Wireless Sensor Networks In Distributed IoT Applications," Wireless Communications and Networking Conference (WCNC), 2014 IEEE , vol., no., pp.2728,2733, 6-9 April 2014. doi: 10.1109/WCNC.2014.6952860
Abstract: In the centralized Wireless Sensor Network (WSN) architecture there exists a central entity, which acquires, processes and provides information from sensor nodes. Conversely, in the WSN applications in distributed Internet of Things (IoT) architecture, sensor nodes sense data, process, exchange information and perform collaboratively with other sensor nodes and endusers. In order to maintain the trustworthy connectivity and the accessibility of distributed IoT, it is important to establish secure links for end-to-end communication with proper authentication. The authors propose an implicit certificate-based authentication mechanism for WSNs in distributed IoT applications. The developed two-phase authentication protocol allows the sensor nodes and the end-users to authenticate each other and initiate secure connections. The proposed protocol supports the resource scarcity of the sensor nodes, heterogeneity and scalability of the network. The performance and security analysis justify that the proposed scheme is viable to deploy in resource constrained WSNs.
Keywords: Internet of Things; cryptographic protocols; wireless sensor networks; centralized WSN architecture; centralized wireless sensor network architecture; certificate-based authentication mechanism; distributed Internet of Things architecture; distributed IoT architecture; end-to-end communication; end-users; heterogeneity; resource constrained WSN; resource scarcity; security analysis; sensor nodes; trustworthy connectivity; two-phase authentication protocol; Authentication; Ciphers;Protocols; Public key; Servers; Wireless sensor networks; Distributed Internet of Things; Wireless Sensor Networks; authentication; implicit certificate; security (ID#: 15-5203)


Addo, I.D.; Ahamed, S.I.; Yau, S.S.; Buduru, A., "A Reference Architecture for Improving Security and Privacy in Internet of Things Applications," Mobile Services (MS), 2014 IEEE International Conference on, pp. 108, 115, June 27 2014-July 2 2014. doi: 10.1109/MobServ.2014.24
Abstract: As the promise of the Internet of Things (IoT) materializes in our everyday lives, we are often challenged with a number of concerns regarding the efficacy of the current data privacy solutions that support the pervasive components at play in IoT. The privacy and security concerns surrounding IoT often manifests themselves as a treat to end-user adoption and negatively impacts trust among end-users in these solutions. In this paper, we present a reference software architecture for building cloud-enabled IoT applications in support of collaborative pervasive systems aimed at achieving trustworthiness among end-users in IoT scenarios. We present a case study that leverages this reference architecture to protect sensitive user data in an IoT application implementation and evaluate the response of an end-user study accomplished through a survey.
Keywords: Internet; Internet of Things; cloud computing; computer network security; data privacy; ubiquitous computing; Internet of Things application; cloud-enabled IoT application; collaborative pervasive system; data privacy solution; reference software architecture; security; Cloud computing; Computer architecture; Data privacy; Mobile communication; Motion pictures; Privacy; Security; Cloud- Enabled Service Privacy and Security; Collective Intelligence; Internet of Things; Software Reference Architecture (ID#: 15-5204)


Pokrić, B.; Krc̆o, S.; Pokrić, M., "Augmented Reality Based Smart City Services Using Secure IoT Infrastructure," Advanced Information Networking and Applications Workshops (WAINA), 2014 28th International Conference on, pp. 803, 808, 13-16 May 2014. doi: 10.1109/WAINA.2014.127
Abstract: This paper presents an application of Augmented Reality (AR) within a smart city service to be deployed in the domain of public transport in the city of Novi Sad in Serbia. The described solution is focused on providing a simple and efficient method to citizens for accessing important information such as bus arrival times, bus routes and tourist landmarks using smart phones and AR technology. The AR information is triggered by image and geo-location markers and the data is provided via secure IoT infrastructure. The IoT infrastructure is based on bus-mounted IoT devices which utilize secure CoAP software protocol to transmit the data to the associated cloud servers. Description of the complete end-to-end solution is presented, providing the overall system set-up, user experience aspects and the security of the overall system, focusing on the lightweight encryption used within the low-powered IoT devices.
Keywords: Internet of Things; augmented reality; cloud computing; cryptography; low-power electronics; public administration; public information systems; smart phones; transportation; AR technology; Novi Sad; Serbia; associated cloud servers; augmented reality based smart city services; bus arrival times; bus routes; bus-mounted IoT devices; geo-location markers; lightweight encryption; low-powered IoT devices; public transport; secure CoAP software protocol; secure IoT infrastructure; smart phones; tourist landmarks; Augmented reality; Cities and towns; Companies; Cryptography; Smart phones; Transportation; AR; Augmented Reality; Smart City; Smart Transport; secure CoAP; secure IoT (ID#: 15-5205)


Ray, B.; Chowdhury, M.; Abawaiy, J., "PUF-based Secure Checker Protocol for Networked RFID Systems," Open Systems (ICOS), 2014 IEEE Conference on, pp.78,83, 26-28 Oct. 2014. doi: 10.1109/ICOS.2014.7042633
Abstract: Radio Frequency Identification (RFID) system is an emerging technology for automating object identification. The Networked RFID System (NRS) is a component of a distributed object identification network which facilitates automated supply chain management. It also makes the Internet of Things (IoT) concept a reality. To increase the business feasibility of NRS implementation, the system should be able to ensure the visibility and traceability of the object throughout the chain using a checker protocol. By doing so, the protocol will check the genuineness of the object and the genuineness of the object's previous travel path on-site. While doing so, the protocol needs to ensure the security requirement of the system. To this end, we propose a secure checker protocol for NRS which will use a PUF (Physically Unclonable Function) and simple cryptographic primitives. The protocol provides security (protect privacy of the partners, injection of fake objects, non-repudiation, and unclonability), visibility and traceability for NRS. It is also suitable for passive tags.
Keywords: Internet of Things; cryptographic protocols; radiofrequency identification; supply chain management; telecommunication security; Internet of Things; IoT; NRS; PUF; checker protocol; cryptographic primitives; distributed object identification network; networked RFID system; passive tags; physically unclonable function; radio frequency identification system; supply chain management; Equations; Privacy; Protocols; Radiofrequency identification; Security; Supply chains; NRS; PUF; RFID; checker; injection of fake objects; non-repudiation; privacy; protocol; unclonable (ID#: 15-5206)


Flood, P.; Schukat, M., "Peer To Peer Authentication for Small Embedded Systems: A Zero-Knowledge-Based Approach to Security For The Internet Of Things," Digital Technologies (DT), 2014 10th International Conference on, pp. 68, 72, 9-11 July 2014. doi: 10.1109/DT.2014.6868693
Abstract: With an estimated 50 billion internet-enabled devices deployed by 2020, the arrival of the Internet of Things (IoT) or Internet of Everything (IoE) raises many questions regarding the suitability and adaptability of current computer security standards to provide privacy, data integrity and end entity authentication between communicating peers. In this paper we present a new protocol which combines zero-knowledge proofs and key exchange mechanisms to provide secure and authenticated communication in static machine-to-machine (M2M) networks. This approach addresses all of the aforementioned issues while also being suitable for devices with limited computational resources and can be deployed in wireless sensor networks. While the protocol requires an a-priori knowledge about the network setup and structure, it guarantees perfect forward secrecy.
Keywords: Internet of Things; cryptographic protocols; data integrity; data privacy; embedded systems; peer-to-peer computing; wireless sensor networks; Internet of Everything; Internet of Things security; Internet-enabled devices; IoE; IoT;M2M network; computer security standards; data integrity; embedded systems; end entity authentication; key exchange mechanisms; peer to peer authentication; perfect forward secrecy; privacy; static machine-to-machine network; wireless sensor networks; zero-knowledge proofs; zero-knowledge-based approach; Authentication; Elliptic curve cryptography; Embedded systems; Protocols; Diffie-Hellman key exchange; GMW protocol; Zero knowledge proof (ID#: 15-5207)


Isa, M.A.M.; Hashim, H.; Ab Manan, J.-L.; Adnan, S.F.S.; Mahmod, R., "RF Simulator for Cryptographic Protocol," Control System, Computing and Engineering (ICCSCE), 2014 IEEE International Conference on, pp. 518, 523, 28-30 Nov. 2014. doi: 10.1109/ICCSCE.2014.7072773
Abstract: Advances in embedded RF devices and sensor nodes have witnessed major expansion of end user services such as Internet of Things (IoT) and Cloud Computing. These prospective smart embedded and sensor devices normally interconnect to the internet using wireless technology (e.g. radio frequency, Wi-Fi) and run on top of CoAP and TFTP protocols. In this paper, we present a RF Simulator v1.1 which simulates lightweight security protocols for RF devices communications using Stop and Wait Automatic Repeat Request (SW-ARQ) protocol. The RF Simulator can be used for a quick trial and debugging for any new cryptography protocol in the simulator before actual implementation or experiment of the protocol in the physical embedded devices. We believe that the RF Simulator may provide an alternate way for a computer scientist, cryptographer or engineer to do a rapid product research and development of any cryptographic protocol for smart devices. The major advantage of the RF Simulator is that the source codes in the simulator can be used directly into its physical implementation of the embedded RF devices communication. We also presented simulation results of DHKE and AES encryption schemes using SW-ARQ protocol as a use case of the RF Simulator. The simulation was executed in ARM Raspberry Pi board and HP DC7800 PC as hardware platforms for the simulator setup.
Keywords: IP networks; automatic repeat request; computer network security; cryptographic protocols; embedded systems; microcontrollers; AES encryption scheme; ARM Raspberry Pi board; CoAP protocol; DHKE encryption scheme; HP DC7800 PC; Internet of Things; IoT; RF Simulator v1.1;SW-ARQ protocol; TFTP protocol; Wi-Fi; cloud computing; cryptographic protocol; embedded RF device communication; embedded RF devices; end user services; hardware platforms; lightweight security protocols; physical embedded devices; physical implementation; radio frequency; sensor devices; sensor nodes; smart embedded devices; source codes; stop-and-wait automatic repeat request protocol; wireless technology; Computational modeling; Cryptographic protocols; Cryptography; Radio frequency; Servers; Simulation; AES; AP; Access Point; Asymmetric; BS; Base Station;Cryptography;DHKE;Diffie-Hellman;IOT;Lightweight;Privacy; RF; Radio Frequency; Raspberry Pi; Security; Simulation; Simulator; Stop and Wait ARQ; Symmetric; TFTP; Trivial File Transfer Protocol; Trust; UBOOT; UDP; WIFI; Wi-Fi AP (ID#: 15-5208)


Dores, C.; Reis, L.P.; Vasco Lopes, N., "Internet Of Things And Cloud Computing," Information Systems and Technologies (CISTI), 2014 9th Iberian Conference on, pp. 1, 4, 18-21 June 2014. doi: 10.1109/CISTI.2014.6877071
Abstract: With advances in communication technology, future internet presents numerous opportunities to develop new systems designed to make day to day life easier and to enhance and prolong the life of people with disabilities. This motivation propels the development of new services that integrate the mobility of cloud systems and the diversity of IoT (Internet of Things). It will enable us to create new and more independent care systems for people with disabilities, enabling a certain degree of independence. This can have a psychological and social impact due to the better quality of life that enables. Other motivation is the versatility and mobility of services it can provide, making those services available. In this paper is explored and explained the different kinds of technologies that can be integrated to enable creation of future internet platforms. Also, an IoT Cloud platform will be analyzed and some tests will be made, ending with some conclusions and lessons learned in this work.
Keywords: Internet of Things; assisted living; body sensor networks; cloud computing; human factors; mobile computing; BSN; Internet of Things; IoT cloud platform; WSN; body sensor networks; cloud computing; cloud systems; communication technology; disabled people; future Internet platforms; independent care systems; motivation; psychological impact; social impact; wireless sensor networks; Cloud computing; Delays; IP networks; Multimedia communication; Security; Wireless sensor networks; BSN; Cloud computing; Disabled People; IoT; NGN's (ID#: 15-5209)


Priller, P.; Aldrian, A.; Ebner, T., "Case Study: From Legacy To Connectivity Migrating Industrial Devices Into The World Of Smart Services," Emerging Technology and Factory Automation (ETFA), 2014 IEEE,  pp. 1, 8, 16-19 Sept. 2014. doi: 10.1109/ETFA.2014.7005136
Abstract: Europa has launched multiple initiatives and research projects to remain competitive in a globalized world and keep industry and manufacturing on-shore. Funded by EU and member countries, project ARROWHEAD[1] focuses research and innovation for collaborative automation using interoperable services for smart production, to improve quality, efficiency, flexibility and cost competiveness. This includes an important new aspect called “Smart Services”, which aims to apply SOA (service oriented architecture) to maintenance and service of production systems and its parts, which still carry a huge potential for further gains in cost and energy savings. However, there will be no “big bang”. How can we turn present-day variety of diverse, specialized, and legacy loaded embedded systems into connected, SOA based cooperating participants of the Internet of Things (IoT)? This case study portrays the solution followed in ARROWHEAD WP1.1, for devices used in end-of-line (EoL) test systems in automotive powertrain production.
Keywords: Internet of Things; embedded systems; production engineering computing; production equipment; service-oriented architecture; EoL test systems; Europa; Internet of Things; IoT; SOA; automotive powertrain production; collaborative automation; connectivity migrating industrial devices; end-of-line test systems; interoperable services; legacy loaded embedded systems; production systems maintenance; production systems service; project ARROWHEAD; service oriented architecture; smart production; smart services; Automation; Maintenance engineering; Production; Protocols; Security; Service-oriented architecture; Testing (ID#: 15-5210)


Schukat, M.; Flood, P., "Zero-knowledge Proofs in M2M Communication," Irish Signals & Systems Conference 2014 and 2014 China-Ireland International Conference on Information and Communications Technologies (ISSC 2014/CIICT 2014). 25th IET, pp. 269, 273, 26-27 June 2013. doi: 10.1049/cp.2014.0697
Abstract: The advent of the IoT with an estimated 50 billion internet enabled devices by the year 2020 raises questions about the suitability and scalability of existing mechanisms to provide privacy, data integrity and end-entity authentication between communicating peers. In this paper we present a new protocol that combines zero-knowledge proofs and key exchange mechanisms to provide secure and authenticated communication in static M2M networks, therefore addressing all the above problems. The protocol is suitable for devices with limited computational resources and can be deployed in wireless sensor networks. While the protocol requires an a-priori knowledge about the network setup and structure, it guarantees perfect forward secrecy.
Keywords: Internet of Things; computer network security; cryptographic protocols; wireless sensor networks; Internet enabled devices; Internet of Things; IoT; M2M communication; data integrity; data privacy; end-entity authentication; key exchange mechanisms; machine-to-machine communication; perfect forward secrecy; static M2M networks; wireless sensor networks; zero-knowledge proofs; Diffie Hellman key exchange; GMW protocol; Zero knowledge proof (ID#: 15-5211)


Dsouza, C.; Ahn, G.-J.; Taguinod, M., "Policy-Driven Security Management For Fog Computing: Preliminary Framework And A Case Study," Information Reuse and Integration (IRI), 2014 IEEE 15th International Conference on, pp. 16, 23, 13-15 Aug. 2014. doi: 10.1109/IRI.2014.7051866
Abstract: With the increasing user demand for elastic provisioning of resources coupled with ubiquitous and on-demand access to data, cloud computing has been recognized as an emerging technology to meet such dynamic user demands. In addition, with the introduction and rising use of mobile devices, the Internet of Things (IoT) has recently received considerable attention since the IoT has brought physical devices and connected them to the Internet, enabling each device to share data with surrounding devices and virtualized technologies in real-time. Consequently, the exploding data usage requires a new, innovative computing platform that can provide robust real-time data analytics and resource provisioning to clients. As a result, fog computing has recently been introduced to provide computation, storage and networking services between the end-users and traditional cloud computing data centers. This paper proposes a policy-based management of resources in fog computing, expanding the current fog computing platform to support secure collaboration and interoperability between different user-requested resources in fog computing.
Keywords: Internet of Things; cloud computing; computer centres; open systems; resource allocation; security of data; Internet of things; IoT; cloud computing data centers; dynamic user demands; elastic resources provisioning; exploding data usage; fog computing; interoperability; networking services; on-demand data access; policy-driven security management; real-time data analytics; secure collaboration; storage services; ubiquitous data access; user-requested resources; virtualized technologies; Cloud computing; Collaboration; Computer architecture; Educational institutions; Global Positioning System; Security; Vehicles (ID#: 15-5212)


Van den Abeele, F.; Hoebeke, J.; Moerman, I.; Demeester, P., "Fine-Grained Management Of COAP Interactions With Constrained IoT Devices," Network Operations and Management Symposium (NOMS), 2014 IEEE, pp. 1, 5, 5-9 May 2014. doi: 10.1109/NOMS.2014.6838368
Abstract: As open standards for the Internet of Things gain traction, the current Intranet of Things will evolve to a truly open Internet of Things, where constrained devices are first class citizens of the public Internet. However, the large amount of control over constrained networks offered by today's vertically integrated platforms, becomes even more important in an open IoT considering its promise of direct end-to-end interactions with constrained devices. In this paper a set of challenges is identified for controlling interactions with constrained networks that arise due to their constrained nature and their integration with the public Internet. Furthermore, a number of solutions are presented for overcoming these challenges by means of an intercepting intermediary at the edge of the constrained network.
Keywords: Internet; Internet of Things; open systems; protocols; telecommunication network management; CoAP interactions; Internet of Things; Intranet of Things; constrained devices; constrained networks; direct end-to-end interactions; fine-grained management; intercepting intermediary; open IoT; open standards; public Internet; vertically integrated platforms; Internet of Things; Logic gates; Protocols; Routing; Security; Standards (ID#: 15-5213)


Chaoliang Li; Qin Li; Guojun Wang, "Survey of Integrity Detection Methods in Internet of Things," Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on, pp.906,913, 24-26 Sept. 2014. doi: 10.1109/TrustCom.2014.120
Abstract: Internet of Things (IoT) has received more and more concerns in academia and industry since it was first proposed. With the decrease of tag price and the development of electronic equipments, IoT is widely used to manage the commodities in modern logistic warehouse. As the commodities move in and out of the warehouse frequently every day, there is a need to devise an efficient solution to detect the integrity of a batch of commodities in such an environment. Many detection methods are analyzed and compared in the paper. At the same time, some promising and potential research directions on integrity detection are listed at the end of the paper.
Keywords: Internet of Things; data integrity; radiofrequency identification; warehouse automation; Internet of Things; IoT; electronic equipments; integrity detection methods; modern logistic warehouse; tag price; Detection algorithms; Educational institutions; Internet; Logistics; Privacy; Protocols; Radiofrequency identification; Internet of Things (IoT);integrity detection; survey (ID#: 15-5214)



Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.