Enabling Secure Guest Access for Command-and-Control of Internet of Things Devices

Internet of Things (IoT) devices are becoming ubiquitous, and may be arranged to form formal or ad hoc Command and Control (C2) networks. Such networks typically do not have a mechanism to facilitate the sharing of either data or control inputs. This paper examines this problem in the context of IoT devices operating within C2 systems which do not have a trusted relationship with each other. We propose a solution which we call syndication, to provide a controlled mechanism to share data between C2 systems of devices without a fully trusted relationship. This paper builds upon previous work which established a lightweight protocol for secure C2 operations within the IoT. Using the proposed approach enables not only sharing of data but also permits the external controller to submit moderated requests for actions to be performed. The paper concludes by examining how this approach could also be adopted to provide secure guest access to connected systems in a domestic or commercial context.

[1]  Jianhua Ma,et al.  A Social-Relationships-Based Service Recommendation System for SIoT Devices , 2021, IEEE Internet of Things Journal.

[2]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.3 , 2018, RFC.

[3]  André Zúquete,et al.  Security and privacy of the Internet of Things , 2020, Comput. Secur..

[4]  Nicola Zannone,et al.  Access control in Internet-of-Things: A survey , 2019, J. Netw. Comput. Appl..

[5]  Elena Ferrari,et al.  Regulating data sharing across MQTT environments , 2021, J. Netw. Comput. Appl..

[6]  Tianmiao Wang,et al.  Sambot: A self-assembly modular robot for swarm robot , 2010, 2010 IEEE International Conference on Robotics and Automation.

[7]  Roy T. Fielding,et al.  Principled design of the modern Web architecture , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[8]  Young-Gab Kim,et al.  Security Architecture for Cloud-Based Command and Control System in IoT Environment , 2020 .

[9]  Levent Gürgen,et al.  Sharing user IoT devices in the cloud , 2014, 2014 IEEE World Forum on Internet of Things (WF-IoT).

[10]  Ivan Hedi,et al.  IoT network protocols comparison for the purpose of IoT constrained networks , 2017, 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO).

[11]  Adrienne Raglin,et al.  Implementing Internet of Things in a military command and control environment , 2017, Defense + Security.

[12]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[13]  Steven J. Johnston,et al.  SRUP: The secure remote update protocol , 2016, 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT).

[14]  Steven J. Johnston,et al.  Extensions and Enhancements to "the Secure Remote Update Protocol" , 2017, Future Internet.

[15]  Simon J. Cox,et al.  Enabling the Secure Use of Dynamic Identity for the Internet of Things - Using the Secure Remote Update Protocol (SRUP) , 2020, Future Internet.

[16]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[17]  Zheng Qin,et al.  A Flexible Privacy-Preserving Data Sharing Scheme in Cloud-Assisted IoT , 2020, IEEE Internet of Things Journal.

[18]  M. Eremia,et al.  The Smart City Concept in the 21st Century , 2017 .