Long-term secure management of large scale Internet of Things applications

Jun Young Kim, Wen Hu, Dilip Sarkar, Sanjay Jha

Research output: Contribution to journalArticle

Abstract

The Internet of Things (IoT)is an emerging paradigm, where the ubiquitous devices can form the networks and connect to Internet. Security and management of devices remain open challenges for the IoT. We adopt the management framework of industry consortium THREAD, where a group of devices cooperating to accomplish the same task (called policy)are administrated by a designated device called commissioner and together they form a policy group. All these policy groups are further managed by a centralized server. In this hierarchical network structure, the secure distribution of the policy information, access control, and group key from the centralized server to commissioner and its peers become challenging given the pervasive, complex and heterogeneous properties of devices. To solve this, we propose protocols/mechanisms along with a variant of Broadcast Encryption called Secure Identity-Based Broadcast Encryption (SIBBE)and demonstrate the feasibility for secure distribution of information to the IoT devices from centralized server. Most of the related work is based on the Attribute-based Encryption (ABE)for IoT devices, which has scalability issues with the number of attributes. Our experimental and simulation evaluations show that our scheme outperforms the existing schemes in terms of scalability, latency, and communication overhead.

Original languageEnglish (US)
Pages (from-to)15-26
Number of pages12
JournalJournal of Network and Computer Applications
Volume138
DOIs
StatePublished - Jul 15 2019

Fingerprint

Cryptography
Servers
Scalability
Access control
Internet
Network protocols
Internet of things
Communication
Industry

Keywords

  • Attribute based encryption
  • Broadcast encryption
  • Commissioning
  • Grouping
  • Identity based encryption
  • IoT
  • Key distribution
  • Management
  • Security
  • THREAD

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications

Cite this

Long-term secure management of large scale Internet of Things applications. / Kim, Jun Young; Hu, Wen; Sarkar, Dilip; Jha, Sanjay.

In: Journal of Network and Computer Applications, Vol. 138, 15.07.2019, p. 15-26.

Research output: Contribution to journalArticle

@article{82da9da38812407db0c1e9fb06b56001,
title = "Long-term secure management of large scale Internet of Things applications",
abstract = "The Internet of Things (IoT)is an emerging paradigm, where the ubiquitous devices can form the networks and connect to Internet. Security and management of devices remain open challenges for the IoT. We adopt the management framework of industry consortium THREAD, where a group of devices cooperating to accomplish the same task (called policy)are administrated by a designated device called commissioner and together they form a policy group. All these policy groups are further managed by a centralized server. In this hierarchical network structure, the secure distribution of the policy information, access control, and group key from the centralized server to commissioner and its peers become challenging given the pervasive, complex and heterogeneous properties of devices. To solve this, we propose protocols/mechanisms along with a variant of Broadcast Encryption called Secure Identity-Based Broadcast Encryption (SIBBE)and demonstrate the feasibility for secure distribution of information to the IoT devices from centralized server. Most of the related work is based on the Attribute-based Encryption (ABE)for IoT devices, which has scalability issues with the number of attributes. Our experimental and simulation evaluations show that our scheme outperforms the existing schemes in terms of scalability, latency, and communication overhead.",
keywords = "Attribute based encryption, Broadcast encryption, Commissioning, Grouping, Identity based encryption, IoT, Key distribution, Management, Security, THREAD",
author = "Kim, {Jun Young} and Wen Hu and Dilip Sarkar and Sanjay Jha",
year = "2019",
month = "7",
day = "15",
doi = "10.1016/j.jnca.2019.04.015",
language = "English (US)",
volume = "138",
pages = "15--26",
journal = "Journal of Network and Computer Applications",
issn = "1084-8045",
publisher = "Academic Press Inc.",

}

TY - JOUR

T1 - Long-term secure management of large scale Internet of Things applications

AU - Kim, Jun Young

AU - Hu, Wen

AU - Sarkar, Dilip

AU - Jha, Sanjay

PY - 2019/7/15

Y1 - 2019/7/15

N2 - The Internet of Things (IoT)is an emerging paradigm, where the ubiquitous devices can form the networks and connect to Internet. Security and management of devices remain open challenges for the IoT. We adopt the management framework of industry consortium THREAD, where a group of devices cooperating to accomplish the same task (called policy)are administrated by a designated device called commissioner and together they form a policy group. All these policy groups are further managed by a centralized server. In this hierarchical network structure, the secure distribution of the policy information, access control, and group key from the centralized server to commissioner and its peers become challenging given the pervasive, complex and heterogeneous properties of devices. To solve this, we propose protocols/mechanisms along with a variant of Broadcast Encryption called Secure Identity-Based Broadcast Encryption (SIBBE)and demonstrate the feasibility for secure distribution of information to the IoT devices from centralized server. Most of the related work is based on the Attribute-based Encryption (ABE)for IoT devices, which has scalability issues with the number of attributes. Our experimental and simulation evaluations show that our scheme outperforms the existing schemes in terms of scalability, latency, and communication overhead.

AB - The Internet of Things (IoT)is an emerging paradigm, where the ubiquitous devices can form the networks and connect to Internet. Security and management of devices remain open challenges for the IoT. We adopt the management framework of industry consortium THREAD, where a group of devices cooperating to accomplish the same task (called policy)are administrated by a designated device called commissioner and together they form a policy group. All these policy groups are further managed by a centralized server. In this hierarchical network structure, the secure distribution of the policy information, access control, and group key from the centralized server to commissioner and its peers become challenging given the pervasive, complex and heterogeneous properties of devices. To solve this, we propose protocols/mechanisms along with a variant of Broadcast Encryption called Secure Identity-Based Broadcast Encryption (SIBBE)and demonstrate the feasibility for secure distribution of information to the IoT devices from centralized server. Most of the related work is based on the Attribute-based Encryption (ABE)for IoT devices, which has scalability issues with the number of attributes. Our experimental and simulation evaluations show that our scheme outperforms the existing schemes in terms of scalability, latency, and communication overhead.

KW - Attribute based encryption

KW - Broadcast encryption

KW - Commissioning

KW - Grouping

KW - Identity based encryption

KW - IoT

KW - Key distribution

KW - Management

KW - Security

KW - THREAD

UR - http://www.scopus.com/inward/record.url?scp=85065186063&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85065186063&partnerID=8YFLogxK

U2 - 10.1016/j.jnca.2019.04.015

DO - 10.1016/j.jnca.2019.04.015

M3 - Article

AN - SCOPUS:85065186063

VL - 138

SP - 15

EP - 26

JO - Journal of Network and Computer Applications

JF - Journal of Network and Computer Applications

SN - 1084-8045

ER -