Existing Security Scheme for IoT

This chapter introduces the main concepts involved in the security of the Internet of Things (IoT). These include confidentiality; integrity and authenticity; availability; nonrepudiation; and access control, which further includes identification, authentication, and authorization. The differences between security and privacy are described, as well as Kerckhoff’s principle of cryptography, and the use of cryptographic algorithms, which fall into two categories: symmetric and asymmetric protocols. A discussion of key management protocols follows, taking into account the approaches to management as well as criteria to assess it, including distribution, authentication, extensibility, resilience, scalability, and collusion freedom. The chapter concludes with a brief literature review on IoT security issues.

[1]  Usman Tariq,et al.  Polynomial-based key management for secure intra-group and inter-group communication , 2013, Comput. Math. Appl..

[2]  Thiemo Voigt,et al.  Lightweight IKEv2: A Key Management Solution for both Compressed IPsec and IEEE 802.15.4 Security , 2012 .

[3]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[4]  Abdelmadjid Bouabdallah,et al.  IP mobile multicast: Challenges and solutions , 2004, IEEE Communications Surveys & Tutorials.

[5]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[6]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[7]  Hanno Wirtz,et al.  Tailoring end-to-end IP security protocols to the Internet of Things , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[8]  Luca Veltri,et al.  A novel batch-based group key management protocol applied to the Internet of Things , 2013, Ad Hoc Networks.

[9]  Azeddine Bilami,et al.  Efficient HIP-based approach to ensure lightweight end-to-end security in the internet of things , 2015, Comput. Networks.

[10]  Wen-Tsuen Chen,et al.  Secure Broadcasting Using the Secure Lock , 1989, IEEE Trans. Software Eng..

[11]  Shahaboddin Shamshirband,et al.  Toward secure group communication in wireless mobile environments: Issues, solutions, and challenges , 2015, J. Netw. Comput. Appl..

[12]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[13]  Mohammad Abdur Razzaque,et al.  Security and Privacy in Wireless Body Area Networks for Health Care Applications , 2013, Wireless Networks and Security.

[14]  Alexis Olivereau,et al.  HIP Tiny Exchange (TEX): A distributed key exchange scheme for HIP-based Internet of Things , 2012, Third International Conference on Communications and Networking.

[15]  Morris J. Dworkin SP 800-38C. Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2004 .

[16]  Eric Rescorla,et al.  Diffie-Hellman Key Agreement Method , 1999, RFC.

[17]  Cristina Alcaraz,et al.  Key management systems for sensor networks in the context of the Internet of Things , 2011, Comput. Electr. Eng..

[18]  Klaus Wehrle,et al.  Slimfit — A HIP DEX compression layer for the IP-based Internet of Things , 2013, 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[19]  François-Xavier Standaert,et al.  On the Energy Cost of Communication and Cryptography in Wireless Sensor Networks , 2008, 2008 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications.

[20]  Utz Roedig,et al.  Securing communication in 6LoWPAN with compressed IPsec , 2011, 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS).

[21]  Jianfeng Wang,et al.  Applications, challenges, and prospective in emerging body area networking technologies , 2010, IEEE Wireless Communications.

[22]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[23]  Thiemo Voigt,et al.  6LoWPAN Compressed DTLS for CoAP , 2012, 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems.

[24]  Robert W. Shirey,et al.  Internet Security Glossary, Version 2 , 2007, RFC.

[25]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[26]  Simon Duquennoy,et al.  Compression of IPsec AH and ESP Headers for Constrained Environments , 2013 .

[27]  Jorge Sá Silva,et al.  Enabling Network-Layer Security on IPv6 Wireless Sensor Networks , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[28]  Antonio Iera,et al.  The Social Internet of Things (SIoT) - When social networks meet the Internet of Things: Concept, architecture and network characterization , 2012, Comput. Networks.

[29]  David Hutchison,et al.  A survey of key management for secure group communication , 2003, CSUR.

[30]  Adam Dunkels,et al.  A database in every sensor , 2011, SenSys.

[31]  Kyung Sup Kwak,et al.  Security and Privacy Issues in Wireless Sensor Networks for Healthcare Applications , 2010, Journal of Medical Systems.

[32]  Antonio Iera,et al.  From "smart objects" to "social objects": The next evolutionary step of the internet of things , 2014, IEEE Communications Magazine.

[33]  Vipul Gupta,et al.  Energy analysis of public-key cryptography for wireless sensor networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[34]  Ming Li,et al.  Data security and privacy in wireless body area networks , 2010, IEEE Wireless Communications.

[35]  H. S. Ng,et al.  Security issues of wireless sensor networks in healthcare applications , 2006 .

[36]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[37]  Dieter Hayn,et al.  The Internet of Things for Ambient Assisted Living , 2010, 2010 Seventh International Conference on Information Technology: New Generations.

[38]  Yacine Challal,et al.  Group Key Management Protocols: A Novel Taxonomy , 2008 .

[39]  Klaus Wehrle,et al.  Towards viable certificate-based authentication for the internet of things , 2013, HotWiSec '13.

[40]  David Hutchison,et al.  Hydra: a decentralised group key management , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[41]  David K. Y. Yau,et al.  Distributed collaborative key agreement and authentication protocols for dynamic peer groups , 2006, TNET.

[42]  David Cooper,et al.  Server-Based Certificate Validation Protocol (SCVP) , 2007, RFC.

[43]  Noël Crespi,et al.  The Cluster Between Internet of Things and Social Networks: Review and Research Challenges , 2014, IEEE Internet of Things Journal.

[44]  Alan T. Sherman,et al.  Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization , 2000 .

[45]  Alexis Olivereau,et al.  (k, n) threshold distributed key exchange for HIP based internet of things , 2012, MobiWac '12.

[46]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[47]  Tony Ballardie,et al.  Scalable Multicast Key Distribution , 1996, RFC.

[48]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Architecture , 1997, RFC.

[49]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[50]  Bob Briscoe,et al.  MARKS: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences , 1999, Networked Group Communication.

[51]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[52]  Dharma P. Agrawal,et al.  Reduction in control overhead for a secure, scalable framework for mobile multicast , 2003, IEEE International Conference on Communications, 2003. ICC '03..

[53]  Carlo Maria Medaglia,et al.  An Overview of Privacy and Security Issues in the Internet of Things , 2010 .

[54]  Yacine Challal,et al.  Adaptive Group Key Management Protocol for Wireless Communications , 2012, J. Univers. Comput. Sci..

[55]  Tae Hwan Oh,et al.  Security Issues on Wireless Body Area Network for Remote Healthcare Monitoring , 2010, 2010 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing.

[56]  Riccardo Bonetto,et al.  Secure communication for smart IoT objects: Protocol stacks, use cases and practical examples , 2012, 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[57]  Gene Tsudik,et al.  Tree-based group key agreement , 2004, TSEC.

[58]  Alexis Olivereau,et al.  D-HIP: A distributed key exchange scheme for HIP-based Internet of Things , 2012, 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[59]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[60]  Mohamed Othman,et al.  Lightweight decentralized multicast-unicast key management method in wireless IPv6 networks , 2014, J. Netw. Comput. Appl..