SECURING AND GOVERNING ACCESS IN AD-HOC NETWORKS OF INTERNET OF THINGS

The emergence of Internet of Things (IoT) brings tremendous benefits and opportunities for individuals and businesses. However, there exist several challenges that need to be addressed before a full realization of IoT can be achieved. Fundamentally, IoT enables constant transfer and sharing of data between several “things” (i.e. humans and objects) in order to achieve particular objectives. In such sharing environments, security and privacy of data and messages become important. Authentication, authorization. access control, non-repudiation are important to ensure secure communication in an IoT environment. The lack of computing resources (such as processing power, storage, etc.) and ad-hoc nature of such networks requires researcher to re-think existing techniques to adopt to such environments. In this paper, we propose a framework for authentication, authorization and access control for an IoT environment using capability tokens, PKI and encryption which aims to use minimal computing resources.

[1]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[2]  Hristo Koshutanski,et al.  Distributed Identity Management Model for Digital Ecosystems , 2007, The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007).

[3]  Thomas Erl,et al.  Service-Oriented Architecture: A Field Guide to Integrating XML and Web Services , 2004 .

[4]  Christian Huitema,et al.  IPv6—the new Internet protocol (2nd ed.) , 1997 .

[5]  Charlie Kaufman,et al.  Internet Key Exchange (IKEv2) Protocol , 2005, RFC.

[6]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[7]  Larry J. Blunk,et al.  PPP Extensible Authentication Protocol (EAP) , 1998, RFC.

[8]  Bodo Möller,et al.  Network Working Group Elliptic Curve Cryptography (ecc) Cipher Suites for Transport Layer Security (tls) , 2006 .

[9]  Antti Ylä-Jääski,et al.  Host Identity Protocol Version 2.5 , 2012 .

[10]  C. M. Sperberg-McQueen,et al.  Extensible markup language , 1997 .

[11]  Rukshan Athauda,et al.  A Distributed Secure Mechanism for Resource Protection in a Digital Ecosystem Environment , 2012, J. Information Security.

[12]  Peter Friess,et al.  Internet of Things Strategic Research Roadmap , 2011 .

[13]  Ian T. Foster,et al.  The Community Authorization Service: Status and Future , 2003, ArXiv.

[14]  Laura M. Roa,et al.  Privilege Management Infrastructure for Virtual Organizations in Healthcare Grids , 2009, IEEE Transactions on Information Technology in Biomedicine.

[15]  John Hughes,et al.  Security Assertion Markup Language (SAML) 2.0 Technical Overview , 2004 .

[16]  Klaus Wehrle,et al.  Security Challenges in the IP-based Internet of Things , 2011, Wirel. Pers. Commun..

[17]  William Stallings IPv6: the new Internet protocol , 1996 .

[18]  Tom Phelan Datagram Transport Layer Security (DTLS) over the Datagram Congestion Control Protocol (DCCP) , 2008, RFC.

[19]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) , 2004, RFC.

[20]  Steven Tuecke,et al.  An online credential repository for the Grid: MyProxy , 2001, Proceedings 10th IEEE International Symposium on High Performance Distributed Computing.

[21]  J.-M. Seigneur Demonstration of security through collaboration in the digital business ecosystem , 2005, Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005..

[22]  Von Welch,et al.  Fine-Grained Authorization for Job and Resource Management Using Akenti and the Globus Toolkit , 2003, ArXiv.