The New Advanced Society. Группа авторов
Чтение книги онлайн.

Читать онлайн книгу The New Advanced Society - Группа авторов страница 28

Название: The New Advanced Society

Автор: Группа авторов

Издательство: John Wiley & Sons Limited

Жанр: Программы

Серия:

isbn: 9781119884378

isbn:

СКАЧАТЬ uniquely. Deployment of IoT system was initially based up on the IP address range allocated as well as the physical location of IoT devices in the specified geographical area of the system. Identity management of IoT was initially addressed by assigning object naming and IP addressing schemes. Since there are increasing efforts by research community for secured identification, authentication, as well as access management issues with IoT system, several new methods and means have emerged. A few such methods used for identity establishment and resource authorization are Ubiquitous code, ODI, short OID, EPC and RFID identifiers.

      Various ways and means to address this concern of IAM are going to be one of the prime focuses for the chapter. The following section analyzes how cloud enabled IoT solutions have attempted to handle IAM related matters in IoT ecosystem.

      Many efforts have been made by research community to efficiently handle the security related matters of IoT ecosystem. The authors of the chapter on Open Web Application Security Project (OWASP) [3] have listed and described most prominent 10 vulnerabilities associated with architecture of IoT. These features include important features like interfaces of entities related to the IoT architecture which are known as not secured, aspects like physical security of the system, inappropriately configured security configuration matters, insecure associated software and firmware.

      In 2017 WAVE [4] was proposed. As best known to us, this was a novel and first approach using blockchain based and decentralized authorization in IoT environment. This made use of fine grained access control policies in conjunction with having smart contracts for event triggering functionality. However, functioning of blockchain nodes on constrained IoT devices was a troublesome matter. Hence to address this some trusted gateways were put to use for the devices in order to perform interaction to the blockchain network.

      Several methods have been proposed by various researchers which require a detailed analysis for judging their efficiency and applicability along with related pros and cons. In the subsequent paras we are deliberation on prominent methods proposed since 2017 and also summarize their central ideas with a comparison among them.

Proposal year Elementary method Type of encryption Key generation method Access control Mutual authentication Anonymity of data Integrity of data Reference
2017 Decentralized Symmetric XOR Operation Based Y Y N Y [5][6]
2018 Centralized Asymmetric Random No Generation & Hash Function Y N Y Y [7][8]
2018 Centralized Asymmetric Elliptic curve cryptography Y Y N Y [9]
2018 Centralized Asymmetric Fuzzy Extractor Gen Algorithm Y Y N Y [10]
2018 Decentralized Asymmetric Elliptic curve cryptography Y Y N Y [11]
2019 Centralized Symmetric Physical Unclonable Function And Fuzzy Extractor Y Y Y Y [12]

      A computationally light weight authentication mechanism has been proposed by Aman et al. [6]. There is no need of any central server for storage mechanism of secret keys. This is based on Physical Unclonable Functions (PUFs) mechanism. Though it may be difficult to impersonate physical properties of the associated IoT devices but swapping of such devices with a malicious one could not be ruled out. The main drawback of the system was that, the mechanism required storing corresponding authentication credential details centrally. Accordingly, PUF based credentials kept is always a potential location for single point of failure.

      In Vijaykumar et al. [7] introduced comparatively an updated authentication mechanism with respect to IoT devices. Better maintenance of privacy was achieved by using minimal information regarding used devices. This method used short group signatures and RSA algorithm. In order to have secured communication and associated generation and also distribution of encryption keys this is found to be a suitable mechanism. СКАЧАТЬ