Personal tools



Jump to: navigation, search


Title Security-Oriented Architecture for Managing IoT Deployments
Author André Zúquete, Hélder Gomes, João Amaral, Carlos Oliveira
Journal Symmetry
Volume 11
Number 10
Month October
Year 2019
Group Information Systems and Processing
Group (before 2015) Information Systems and Telematics Laboratory
Indexed by ISI Yes

Assuring security and privacy is one of the key issues affecting the Internet of Things (IoT), mostly due to its distributed nature. Therefore, for the IoT to thrive, this problem needs to be tackled and solved. This paper describes a security-oriented architecture for managing IoT deployments. Our main goal was to deal with a fine-grained control in the access to IoT data and devices, to prevent devices from being manipulated by attackers and to avoid information leaking from IoT devices to unauthorized recipients. The access control is split: the management of authentication and access control policies is centered on special components (Authentication, Authorization, and Accounting Controllers), which can be distributed or centralized, and the actual enforcement of access control decisions happens on the entities that stay in the path to the IoT devices (Gateways and Device Drivers). The authentication in the entire system uses asymmetric cryptography and pre-distributed unique identifiers derived from public keys; no Public Key Infrastructure (PKI) is used. A Kerberos-like ticket-based approach is used to establish secure sessions.