Abstract With more and more devices becoming connectable to the Internet, the number of services, but also the number of threats increases dramatically. Security is often a secondary matter behind functionality and comfort, but the problem has already been recognized. Still, with many Internet of Things (IoT) devices being deployed already, security will come step by step and through updates, patches, and new versions of apps and IoT software. While these updates can be safely retrieved from app stores, the problems kick in via jailbroken devices and with the variety of untrusted sources arising on the Internet. Because hacking is typically a community effort these days, security could be a community goal too. The challenges are manifold, and one reason for weak or absent security on IoT devices is their weak computational power. In this chapter, we discuss a community-based security mechanism in which devices mutually aid each other in secure software management. We discuss game-theoretic methods of community formation and lightweight cryptographic means to accomplish authentic software deployment inside the IoT device community.
[1]
Peter Schartner,et al.
Multipath Authentication without shared Secrets and with Applications in Quantum Networks
,
2010,
Security and Management.
[2]
Stefan Rass,et al.
Secure Communication over Software-Defined Networks
,
2015,
Mob. Networks Appl..
[3]
David Shaw,et al.
OpenPGP Message Format
,
1998,
RFC.
[4]
Alfred Menezes,et al.
Another Look at "Provable Security"
,
2005,
Journal of Cryptology.
[5]
Tilman Börgers,et al.
An introduction to the theory of mechanism design
,
2015
.
[6]
Quanyan Zhu,et al.
GUIDEX: A Game-Theoretic Incentive-Based Mechanism for Intrusion Detection Networks
,
2012,
IEEE Journal on Selected Areas in Communications.
[7]
Collin Mulliner,et al.
Read It Twice! A Mass-Storage-Based TOCTTOU Attack
,
2012,
WOOT.