SECURECONFIG: NFC and QR-code based hybrid approach for smart sensor configuration

In smart factories and smart homes, devices such as smart sensors are connected to the Internet. Independent of the context in which such a smart sensor is deployed, the possibility to change its configuration parameters in a secure way is essential. Existing solutions do provide only minimal security or do not allow to transfer arbitrary configuration data. In this paper, we present an NFC- and QR-code based configuration interface for smart sensors which improves the security and practicability of the configuration altering process while introducing as little overhead as possible. We present a protocol for configuration as well as a hardware extension including a dedicated security controller (SC) for smart sensors. For customers, no additional hardware other than a commercially available smartphone will be necessary which makes the proposed approach highly applicable for smart factory and smart home contexts alike.

[1]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[2]  Hugo Krawczyk,et al.  The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?) , 2001, CRYPTO.

[3]  Yves Pigneur,et al.  An Assessment of NFC for Future Mobile Payment Systems , 2007, International Conference on the Management of Mobile Business (ICMB 2007).

[4]  Kofi A. A. Makinwa,et al.  Smart Sensor Systems: Emerging Technologies and Applications , 2014 .

[5]  F.J. Gonzalez-Castao,et al.  Secure eTickets based on QR-Codes with user-encrypted content , 2010, 2010 Digest of Technical Papers International Conference on Consumer Electronics (ICCE).

[6]  Paulo Trezentos,et al.  Secure hotspot authentication through a Near Field Communication side-channel , 2012, 2012 IEEE 8th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[7]  Hongwen Zhang Bring your own encryption: balancing security with practicality , 2015, Netw. Secur..

[8]  David Pointcheval,et al.  Simple Password-Based Encrypted Key Exchange Protocols , 2005, CT-RSA.

[9]  Abdelmadjid Bouabdallah,et al.  The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation , 2015, SEC.

[10]  Mario Piattini,et al.  A common criteria based security requirements engineering process for the development of secure information systems , 2007, Comput. Stand. Interfaces.

[11]  Hauptadministrator,et al.  QR code , 2016, The Fairchild Books Dictionary of Fashion.

[12]  Bernd Klauer,et al.  Wireless sensor/actuator device configuration by NFC , 2016, 2016 IEEE International Conference on Industrial Technology (ICIT).

[13]  Hugo Krawczyk,et al.  Cryptographic Extraction and Key Derivation: The HKDF Scheme , 2010, IACR Cryptol. ePrint Arch..

[14]  D. Mazzocchi,et al.  OPEN-NPP: An Open Source Library to Enable P2P over NFC , 2012, 2012 4th International Workshop on Near Field Communication.

[15]  Ernst Haselsteiner Security in Near Field Communication ( NFC ) Strengths and Weaknesses , 2006 .

[16]  Richard Harper,et al.  Inside the Smart Home , 2003, Springer London.

[17]  Carmen Constantinescu,et al.  Smart Factory - A Step towards the Next Generation of Manufacturing , 2008 .

[18]  Kenji Yoshigoe,et al.  Wireless sensor networks using Android Virtual Devices and Near Field Communication peer-to-peer emulation , 2013, 2013 Proceedings of IEEE Southeastcon.

[19]  James Newsome,et al.  Trustworthy Execution on Mobile Devices: What Security Properties Can My Mobile Platform Give Me? , 2012, TRUST.

[20]  Srivaths Ravi,et al.  Tamper resistance mechanisms for secure embedded systems , 2004, 17th International Conference on VLSI Design. Proceedings..

[21]  Chanathip Namprempre,et al.  Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm , 2000, Journal of Cryptology.

[22]  Busra Ozdenizci,et al.  A Survey on Near Field Communication (NFC) Technology , 2012, Wireless Personal Communications.

[23]  Die Wu,et al.  R2: Over-the-air reprogramming on computational RFIDs , 2016, 2016 IEEE International Conference on RFID (RFID).

[24]  K. Wouters,et al.  Practical Experiences with NFC Security on mobile Phones , 2009 .

[25]  Jeonghun Cho,et al.  Interoperability between Medical Devices Using near Field Communication , 2013, 2013 International Conference on Information Science and Applications (ICISA).

[26]  Eugen Brenner,et al.  Facilitating a Secured Status Data Acquisition from Industrial Equipment via NFC , 2015 .