IoT applications are promising for future daily activities;therefore, the number of IoT connected devices is expected to reach billions in the coming few years. However, IoT has different application frameworks. Furth...IoT applications are promising for future daily activities;therefore, the number of IoT connected devices is expected to reach billions in the coming few years. However, IoT has different application frameworks. Furthermore, IoT applications require higher security standards. In this work, an IoT application framework is presented with a security embedded structure using the integration between message queue telemetry transport (MQTT) and user-managed access (UMA). The performance analysis of the model is presented. Comparing the model with existing models and different design structures shows that the model presented in this work is promising for a functioning IoT design model with security. The security in the model is a built-in feature in its structure. The model is built on recommended frameworks;therefore, it is ready for integration with other web standards for data sharing, which will help in making IoT applications integrated from different developing parties.展开更多
Internet of Things (IoT) environments are being deployed all over the globe. They have the potential to form solutions to applications, from small scale applications to national and international ones. Therefore, scal...Internet of Things (IoT) environments are being deployed all over the globe. They have the potential to form solutions to applications, from small scale applications to national and international ones. Therefore, scalability, performance, and security form a triangle of requirements that must be carefully set. Furthermore, IoT applications require higher security standards. A previously proposed IoT application framework with a security embedded structure using the integration between message queue telemetry transport (MQTT) and user-managed access (UMA) is analyzed in this work. The performance analysis of the model is presented. Comparing the model with existing models and different design structures shows that the model presented in this work is promising for a functioning IoT design model with security. The results and analysis showed that the built-in security model had performed better than models with other frameworks, especially with fog implementation.展开更多
Industrial IoT(IIoT)aims to enhance services provided by various industries,such as manufacturing and product processing.IIoT suffers from various challenges,and security is one of the key challenge among those challe...Industrial IoT(IIoT)aims to enhance services provided by various industries,such as manufacturing and product processing.IIoT suffers from various challenges,and security is one of the key challenge among those challenges.Authentication and access control are two notable challenges for any IIoT based industrial deployment.Any IoT based Industry 4.0 enterprise designs networks between hundreds of tiny devices such as sensors,actuators,fog devices and gateways.Thus,articulating a secure authentication protocol between sensing devices or a sensing device and user devices is an essential step in IoT security.In this paper,first,we present cryptanalysis for the certificate-based scheme proposed for a similar environment by Das et al.and prove that their scheme is vulnerable to various traditional attacks such as device anonymity,MITM,and DoS.We then put forward an interdevice authentication scheme using an ECC(Elliptic Curve Cryptography)that is highly secure and lightweight compared to other existing schemes for a similar environment.Furthermore,we set forth a formal security analysis using the random oracle-based ROR model and informal security analysis over the Doleve-Yao channel.In this paper,we present comparison of the proposed scheme with existing schemes based on communication cost,computation cost and security index to prove that the proposed EBAKE-SE is highly efficient,reliable,and trustworthy compared to other existing schemes for an inter-device authentication.At long last,we present an implementation for the proposed EBAKE-SE using MQTT protocol.展开更多
文摘IoT applications are promising for future daily activities;therefore, the number of IoT connected devices is expected to reach billions in the coming few years. However, IoT has different application frameworks. Furthermore, IoT applications require higher security standards. In this work, an IoT application framework is presented with a security embedded structure using the integration between message queue telemetry transport (MQTT) and user-managed access (UMA). The performance analysis of the model is presented. Comparing the model with existing models and different design structures shows that the model presented in this work is promising for a functioning IoT design model with security. The security in the model is a built-in feature in its structure. The model is built on recommended frameworks;therefore, it is ready for integration with other web standards for data sharing, which will help in making IoT applications integrated from different developing parties.
文摘Internet of Things (IoT) environments are being deployed all over the globe. They have the potential to form solutions to applications, from small scale applications to national and international ones. Therefore, scalability, performance, and security form a triangle of requirements that must be carefully set. Furthermore, IoT applications require higher security standards. A previously proposed IoT application framework with a security embedded structure using the integration between message queue telemetry transport (MQTT) and user-managed access (UMA) is analyzed in this work. The performance analysis of the model is presented. Comparing the model with existing models and different design structures shows that the model presented in this work is promising for a functioning IoT design model with security. The results and analysis showed that the built-in security model had performed better than models with other frameworks, especially with fog implementation.
基金supported by the Researchers Supporting Project(No.RSP-2021/395)King Saud University,Riyadh,Saudi Arabia.
文摘Industrial IoT(IIoT)aims to enhance services provided by various industries,such as manufacturing and product processing.IIoT suffers from various challenges,and security is one of the key challenge among those challenges.Authentication and access control are two notable challenges for any IIoT based industrial deployment.Any IoT based Industry 4.0 enterprise designs networks between hundreds of tiny devices such as sensors,actuators,fog devices and gateways.Thus,articulating a secure authentication protocol between sensing devices or a sensing device and user devices is an essential step in IoT security.In this paper,first,we present cryptanalysis for the certificate-based scheme proposed for a similar environment by Das et al.and prove that their scheme is vulnerable to various traditional attacks such as device anonymity,MITM,and DoS.We then put forward an interdevice authentication scheme using an ECC(Elliptic Curve Cryptography)that is highly secure and lightweight compared to other existing schemes for a similar environment.Furthermore,we set forth a formal security analysis using the random oracle-based ROR model and informal security analysis over the Doleve-Yao channel.In this paper,we present comparison of the proposed scheme with existing schemes based on communication cost,computation cost and security index to prove that the proposed EBAKE-SE is highly efficient,reliable,and trustworthy compared to other existing schemes for an inter-device authentication.At long last,we present an implementation for the proposed EBAKE-SE using MQTT protocol.