CAAVI-RICS Model for Analyzing the Security of Fog Computing Systems: Authentication

The overarching connectivity of "things" in the Internet of Things presents an appealing environment for innovation and business ventures, but also brings a certain set of security challenges. Engineering secure Internet of Things systems requires addressing the peculiar circumstances under which they operate: constraints due to limited resources, high node churn, decentralized decision making, direct interfacing with end users etc. Thus, techniques and methodologies for building secure and robust Internet of Things systems should support these conditions. In this paper, we are presenting a description of the CAAVI-RICS framework, a novel security review methodology tightly coupled with distributed, Internet of Things and fog computing systems. With CAAVI-RICS we are exploring credibility, authentication, authorization, verification, and integrity (CAAVI) through explaining the rationale, influence, concerns and security solutions (RICS) that accompany them. Our contribution is a thorough systematic categorization and rationalization of security issues, covering the security landscape of Internet of Things/fog computing systems, as well as contributing to the discussion on the aspects of fog computing security and state-of-the-art solutions. Specifically, in this paper we explore the Authentication in Internet of Things systems through the RICS review methodology.

[1]  Anandarup Mukherjee,et al.  Design and implementation analysis of a public key infrastructure-enabled security framework for ZigBee sensor networks , 2016, Int. J. Commun. Syst..

[2]  Tharam S. Dillon,et al.  Cloud Computing: Issues and Challenges , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[3]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[4]  Josep Domingo-Ferrer,et al.  Anonymous and secure aggregation scheme in fog-based public cloud computing , 2018, Future Gener. Comput. Syst..

[5]  Sanjay Kumar Jena,et al.  A lightweight remote user authentication protocol for smart E-health networking environment , 2017, 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC).

[6]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[7]  Ramjee Prasad,et al.  Proposed Security Model and Threat Taxonomy for the Internet of Things (IoT) , 2010, CNSA.

[8]  Dongxi Liu,et al.  Lightweight Mutual Authentication for IoT and Its Applications , 2017, IEEE Transactions on Sustainable Computing.

[9]  Jian Shen,et al.  An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment , 2017, J. Netw. Comput. Appl..

[10]  Ralf Sasse,et al.  ARPKI: Attack Resilient Public-Key Infrastructure , 2014, CCS.

[11]  Tanupriya Choudhury,et al.  Fog computing: Common security issues and proposed countermeasures , 2016, 2016 International Conference System Modeling & Advancement in Research Trends (SMART).

[12]  Panos Papadimitratos,et al.  Blockchain-based Public Key Infrastructure for Inter-Domain Secure Routing , 2017 .

[13]  Yixian Yang,et al.  Secure Data Access Control With Ciphertext Update and Computation Outsourcing in Fog Computing for Internet of Things , 2017, IEEE Access.

[14]  Zhili Sun,et al.  Blockchain-Based Dynamic Key Management for Heterogeneous Intelligent Transportation Systems , 2017, IEEE Internet of Things Journal.

[15]  Panagiotis Papadimitratos,et al.  VPKIaaS: A Highly-Available and Dynamically-Scalable Vehicular Public-Key Infrastructure , 2018, WISEC.

[16]  Mohsen Guizani,et al.  An enhanced public key infrastructure to secure smart grid wireless communication networks , 2014, IEEE Network.

[17]  Ivan Stojmenovic,et al.  An overview of Fog computing and its security issues , 2016, Concurr. Comput. Pract. Exp..

[18]  Angelos D. Keromytis,et al.  Just fast keying: Key agreement in a hostile internet , 2004, TSEC.

[19]  Ronald L. Krutz,et al.  Cloud Security: A Comprehensive Guide to Secure Cloud Computing , 2010 .

[20]  P. Balamuralidhar,et al.  One time password authentication scheme based on elliptic curves for Internet of Things (IoT) , 2015, 2015 5th National Symposium on Information Technology: Towards New Smart World (NSITNSW).

[21]  PRADIP KUMAR SHARMA,et al.  A Software Defined Fog Node Based Distributed Blockchain Cloud Architecture for IoT , 2018, IEEE Access.

[22]  Wei-Chi Ku,et al.  Impersonation Attack on a Dynamic ID-Based Remote User Authentication Scheme Using Smart Cards , 2005, IEICE Trans. Commun..

[23]  Raheem A. Beyah,et al.  MACA: A privacy-preserving multi-factor cloud authentication system utilizing big data , 2014, 2014 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[24]  Marimuthu Palaniswami,et al.  WAKE: Key management scheme for wide-area measurement systems in smart grid , 2013, IEEE Communications Magazine.

[25]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[26]  Robert H. Deng,et al.  A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[27]  Joel J. P. C. Rodrigues,et al.  An intelligent approach for building a secure decentralized public key infrastructure in VANET , 2015, J. Comput. Syst. Sci..

[28]  Costin Badica,et al.  CAAVI-RICS Model for Analyzing the Security of Fog Computing Systems: Authentication , 2019, 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT).

[29]  Imran A. Zualkernan,et al.  Internet of things (IoT) security: Current status, challenges and prospective measures , 2015, 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST).

[30]  Philipp G. Sandner,et al.  Comparison of Ethereum, Hyperledger Fabric and Corda , 2017 .

[31]  Fuchun Guo,et al.  Ciphertext-policy attribute-based encryption against key-delegation abuse in fog computing , 2018, Future Gener. Comput. Syst..

[32]  Luca Veltri,et al.  Enforcing Security Mechanisms in the IP-Based Internet of Things: An Algorithmic Overview , 2013, Algorithms.

[33]  Hugo Krawczyk,et al.  SIGMA: The 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and Its Use in the IKE-Protocols , 2003, CRYPTO.

[34]  Erik Poll,et al.  Using Trusted Execution Environments in Two-factor Authentication: comparing approaches , 2013, Open Identity Summit.

[35]  Munindar P. Singh,et al.  Continuous Authentication and Authorization for the Internet of Things , 2017, IEEE Internet Computing.

[36]  N. Pokrovskaia,et al.  Tax, financial and social regulatory mechanisms within the knowledge-driven economy. Blockchain algorithms and fog computing for the efficient regulation , 2017, 2017 XX IEEE International Conference on Soft Computing and Measurements (SCM).

[37]  Simon Parkinson,et al.  Fog computing security: a review of current applications and security solutions , 2017, Journal of Cloud Computing.

[38]  A.H. Sayed,et al.  Network-based wireless location: challenges faced in developing techniques for accurate wireless location information , 2005, IEEE Signal Processing Magazine.

[39]  Ivan Stojmenovic,et al.  The Fog computing paradigm: Scenarios and security issues , 2014, 2014 Federated Conference on Computer Science and Information Systems.

[40]  Marthony Taguinod,et al.  Policy-driven security management for fog computing: Preliminary framework and a case study , 2014, Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014).

[41]  Maged Hamada Ibrahim,et al.  Octopus: An Edge-fog Mutual Authentication Scheme , 2016, Int. J. Netw. Secur..

[42]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[43]  Claudio Soriente,et al.  Smartphones as Practical and Secure Location Verification Tokens for Payments , 2014, NDSS.

[44]  Adnan Akhunzada,et al.  Secure Login Using Multi-Tier Authentication Schemes in Fog Computing , 2018, IoT 2018.

[45]  Qun Li,et al.  Security and Privacy Issues of Fog Computing: A Survey , 2015, WASA.