Jianhong Zhang,Wenle Bai,Yuehai Wang

DOI: https://doi.org/10.1109/access.2019.2899828

IF: 3.9

2019-01-01

IEEE Access

Abstract:The Internet of Things (IoT) is the internetworking of terminal physical devices depends on application programming interfaces and sensors to be connected to the Internet for collecting and exchanging data. According to the characteristics of IoT, it can provide rich services for the terminal user. However, the centralized cloud computing-based storage architecture in IoT faces many challenges, such as data security, identity privacy, and high latency. To overcome these challenges, this paper introduces an IoT network storage architecture based on mobile edge computing, which not only achieves low-latency message response and computation offloading of the terminal user but also preserves identity-privacy of the terminal user. Afterward, we presented a novel non-interactive pairing-free ID-based proxy re-signature scheme (ID-PRS), which is a kernel technique to construct the aforementioned storage architecture. Compared with most of proxy re-signature schemes constructed based on traditional public-key-infrastructure, the proposed scheme avoids expensive pairing operation and intricate certificate-maintenance. And it is demonstrated to be provably secure under the classic security assumptions: integer factoring problem and the RSA assumption. Finally, in contrast to the other two ID-PRS schemes, the proposed ID-PRS scheme has more advantages in terms of security, functionability, and computation costs. Thus, it is very suitable to be applied to the resource-constrained mobile users.

Jie Yin,Yang Xiao,Qingqi Pei,Ying Ju,Lei Liu,Ming Xiao,Celimuge Wu

DOI: https://doi.org/10.1109/jiot.2022.3145089

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:Internet of Things (IoT) applications have penetrated into all aspects of human life. Millions of IoT users and devices, online services, and applications combine to create a complex and heterogeneous network, which complicates the digital identity management. Distributed identity is a promising paradigm to solve IoT identity problems and allows users to have soverignty over their private data. However, the existing state-of-the-art methods are unsuitable for IoT due to continuing issues regarding resource limitations for IoT devices, security and privacy issues, and lack of a systematic proof system. Accordingly, in this article, we propose SmartDID, a novel blockchain-based distributed identity aimed at establishing a self-sovereign identity and providing strong privacy preservation. First, we configure IoT devices as light nodes and design a Sybil-resistant, unlinkable, and supervisable distributed identity that does not rely on central identity providers. We further develop a dual-credential model based on commitment and zero-knowledge proofs to protect the privacy of sensitive attributes, on-chain identity data, and linkage of credentials. Moreover, we combine the basic credential proofs to prove the knowledge of solutions to more complex problems and create a systematic proof system. We go on to provide the security analysis of SmartDID. Experimental analysis shows that our scheme achieves better performance in terms of both credential generation and proof generation when compared with CanDID.

computer science, information systems,telecommunications,engineering, electrical & electronic

Han Bao,Youjian Zhao,Xiaoping Zhang,Gaoyuan Wang,Jinrong Duan,Renrui Tian,Jiaping Men,Mengyu Zhang

DOI: https://doi.org/10.1109/jiot.2023.3279849

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Artificial Intelligence of Things (AIoT) applications have advanced rapidly. However, most of them are inherently vulnerable to security threats and may be the source of spoofing attacks, and meanwhile, in AIoT systems, the transfer of real-time data from terminals and the cloud strains network bandwidth. To defend against attacks, save network forwarding resources, and relieve authentication pressure on the receiver end, it is essential to verify the source identity of AIoT terminals on the forwarding path. In this article, we propose PDIV, a probabilistic and distributed identity validation solution for AIoT applications. In the framework of PDIV, honest forwarders can verify the authenticity of the source identity of packets with a certain probability and filter spoofed packets to prevent them from spreading, reduce end-to-end network latency, and increase throughput as much as possible. Additionally, PDIV, a blockchain-based system that uses Merkle Patricia Trie (MPT) on the blockchain, makes it practical and efficient to realize distributed storage and verification of identity information. Moreover, we theorize about the tradeoff between PDIV network performance and detection effectiveness, as well as how PDIV enables defenses against different attacks, such as spoofing and Distributed Denial-of-Service attacks. Furthermore, we implement PDIV on network simulator version 3 (NS3) and evaluate its performance. The simulation results demonstrate that PDIV can prevent the spread of spoofed packets effectively and PDIV works better than currently available blockchain-based public-key infrastructure (PKI) approaches in terms of network latency.

Christos Patsonakis,Katerina Samari,Aggelos Kiayias,Mema Roussopoulos

DOI: https://doi.org/10.1109/DAPPCON.2019.00022

2019-02-03

Abstract:Public key infrastructures (PKIs) are one of the main building blocks for securing communications over the Internet. Currently, PKIs are under the control of centralized authorities, which is problematic as evidenced by numerous incidents where they have been compromised. The distributed, fault tolerant log of transactions provided by blockchains and more recently, smart contract platforms, constitutes a powerful tool for the decentralization of PKIs. To verify the validity of identity records, blockchain-based identity systems store on chain either all identity records, or, a small (or even constant) sized amount of data to verify identity records stored off chain. However, as most of these systems have never been implemented, there is little information regarding the practical implications of each design's tradeoffs. In this work, we first implement and evaluate the only provably secure, smart contract based PKI of [1] on top of Ethereum. This construction incurs constant-sized storage at the expense of computational complexity. To explore this tradeoff, we propose and implement a second construction which, eliminates the need for trusted setup, preserves the security properties of [1] and, as illustrated through our evaluation, is the only version with constant-sized state that can be deployed on the live chain of Ethereum. Furthermore, we compare these two systems with the simple approach of most prior works, e.g., the Ethereum Name Service, where all identity records are stored on the smart contract's state, to illustrate several shortcomings of Ethereum and its cost model. We propose several modifications for fine tuning the model, which would be useful to be considered for any smart contract platform like Ethereum so that it reaches its full potential to support arbitrary distributed applications.

Distributed, Parallel, and Cluster Computing

Avishaek Deep,Adolfo Perrusquía,Lamees Aljaburi,Saba Al-Rubaye,Weisi Guo

DOI: https://doi.org/10.1109/access.2024.3349955

IF: 3.9

2024-01-01

IEEE Access

Abstract:Internet of Things (IoT) is currently playing a major role in how intelligent devices are interconnected and deployed to automate services in transport and smart living sectors. However, IoT is facing challenges in terms of data protection and authentication due to the heterogeneous nature of IoT devices that do not exhibit a central authority. It is crucial to provide secure and trustworthy solutions for the increasing demands of decentralized IoT environments. To this end, this research proposes a novel integration of blockchain-technologies in IoT services to enhance security, data integrity, users privacy, system scalability and interoperability of devices. This is done by leveraging smart contracts to enforce authentication, access control and data exchange mechanisms for IoT devices. The proposed approach is verified by the construction and deployment of a smart contract over the Polygon blockchain network in a simulated real-world IoT scenario. The obtained results show that the proposed approach ensures fast and secure authentication in IoT networks by decreasing the risk of unauthorized access and data tampering.

computer science, information systems,telecommunications,engineering, electrical & electronic

Joel Höglund,Samuel Lindemer,Martin Furuhed,Shahid Raza

DOI: https://doi.org/10.1016/j.cose.2019.101658

2020-02-01

Abstract:Public Key Infrastructure is the state-of-the-art credential management solution on the Internet. However, the millions of constrained devices that make of the Internet of Things currently lack a centralized, scalable system for managing keys and identities. Modern PKI is built on a set of protocols which were not designed for constrained environments, and as a result many small, battery-powered IoT devices lack the required computing resources. In this paper, we develop an automated certificate enrollment protocol light enough for highly constrained devices, which provides end-to-end security between certificate authorities (CA) and the recipient IoT devices. We also design a lightweight profile for X.509 digital certificates with CBOR encoding, called XIOT. Existing CAs can now issue traditional X.509 to IoT devices. These are converted to and from the XIOT format by edge devices on constrained networks. This procedure preserves the integrity of the original CA signature, so the edge device performing certificate conversion need not be trusted. We implement these protocols within the Contiki embedded operating system and evaluate their performance on an ARM Cortex-M3 platform. Our evaluation demonstrates reductions in energy expenditure and communication latency. The RAM and ROM required to implement these protocols are on par with the other lightweight protocols in Contiki's network stack.

computer science, information systems

Mikail Mohammed Salim,Jungho Kang,Yi Pan,Jong Hyuk Park

DOI: https://doi.org/10.3934/mbe.2022546

2022-01-01

Mathematical Biosciences and Engineering

Abstract:Internet of Things (IoT) devices supporting intelligent cloud applications such as healthcare for hospitals rely on connecting with local base stations and access points to provide rich data analysis and real-time services to users. Devices authenticate with local base stations and perform handover operations to connect with access points with higher signal strength. Attackers disguise as valid base stations and access points using publicly accessible SSID information connect with local IoT devices during the handover process and give rise to data integrity and privacy concerns. This paper proposes a lightweight authentication scheme for private blockchain-based networks for securing devices from rogue base stations during the handover process. An authentication certificate is designed for base stations and machines in local clusters using SHA256 and modulo operations for enabling quick handover operations. The keys assigned to each device and base station joining the network are hashed, and their sizes are reduced using modulo operations. Furthermore, the compressed key size forms a certificate, which is used by the machines and the base stations to authenticate mutually. In comparison with existing studies, the performance analysis of the proposed scheme is based on the transmission of three messages required for completing the authentication process. Evaluation based on the Communication Overhead demonstrates a minimum improvement of 99.30% fewer bytes exchanged during the handover process and 89.58% reduced Storage Overhead compared with existing studies.

Ratna Halder,Dipanjan Das Roy,Dongwan Shin

DOI: https://doi.org/10.3390/jcp4020010

2024-03-31

Journal of Cybersecurity and Privacy

Abstract:Internet applications rely on Secure Socket Layer (SSL)/Transport Security Layer (TSL) certifications to establish secure communication. However, the centralized nature of certificate authorities (CAs) poses a risk, as malicious third parties could exploit the CA to issue fake certificates to malicious web servers, potentially compromising the privacy and integrity of user data. In this paper, we demonstrate how the utilization of decentralized certificate verification with blockchain technology can effectively address and mitigate such attacks. We present a decentralized public key infrastructure (PKI) based on a distributed trust model, e.g., Web of Trust (WoT) and blockchain technologies, to overcome vulnerabilities like single points of failure and to prevent tampering with existing certificates. In addition, our infrastructure establishes a trusted key-ring network that decouples the authentication process from CAs in order to enhance secure certificate issuance and accelerate the revocation process. Furthermore, as a proof of concept, we present the implementation of our proposed system in the Ethereum blockchain, confirming that the proposed framework meets the five identified requirements. Our experimental results demonstrate the effectiveness of our proposed system in practice, albeit with additional overhead compared to conventional PKIs.

computer science, information systems, interdisciplinary applications, software engineering

Siwei Li,Hui Zhang,Hui Shi,Maode Ma,Cong Wang

DOI: https://doi.org/10.1007/s11227-024-06262-y

IF: 3.3

2024-06-04

The Journal of Supercomputing

Abstract:The distributed authentication of a large number of resource-constrained power terminal devices (PTDs) is crucial for ensuring the security of the power IoT communication. However, existing solutions are inadequate in terms of security (such as vulnerability to single point failures or insider attacks) and communication costs, which do not meet the requirements of the power IoT environment. Therefore, we propose a zero-trust-based mutual authentication scheme in cloud-edge-end collaboration power IoT environment based on blockchain technology. The proposed solution involves deploying a distributed multi-point zero-trust engine around dense PTDs to collect real-time identity information. Through the maintenance of an alliance blockchain, the edge server securely shares and traces identity information, preventing tampering and effectively blocking threats related to lost terminals during authentication. Additionally, a lightweight ECC key management scheme ensures the security of authentication information. The proposed scheme effectively defends against common attacks such as replay attacks and identity forgery attacks through informal security analysis, while its security is evaluated using the Canetti and Krawczyk (CK) adversary models. Performance evaluation results demonstrate that the proposed scheme achieves effectiveness without the compromising required security attributes, which obtains up to 58% improvement 58% improvement in computation delay and a 56.9% improvement in communication costs over previous state-of-the-art methods.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Fei Tong,Xing Chen,Cheng Huang,Yujian Zhang,Xuemin Shen

DOI: https://doi.org/10.1109/JIOT.2022.3229676

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Multidomain Internet of Things (IoT) is faced with serious domain interoperability (DI) and compatibility issues since different intradomain authorization and authentication (A&A) mechanisms are deployed without the consideration of interdomain A&A. This article proposes a blockchain-assisted scheme to achieve flexible intra- and inter-domain A&A simultaneously and seamlessly. Specifically, we first design a contract-based mutual access control agreement on top of a consortium blockchain, where domain managers can manage their access permission without any trusted parties. Based on the agreement, a secure and privacy-preserving authentication protocol is further proposed by tailoring one-out-of-many proof techniques, which enables IoT devices to anonymously access authorized IoT domains. We additionally design a voting-based protocol by using a threshold-based cryptosystem. The protocol allows domain managers to transparently audit resource access with the assistance of the blockchain. Detailed security analysis demonstrates that the proposed scheme achieves the security properties, such as DI, privacy protection, and accountability. Finally, we develop two proof-of-concept prototypes in a physical testbed and virtual machine, respectively, based on an open-source blockchain platform to show our scheme's efficiency in terms of computation and communication overhead.

Abba Garba,Qinwen Hu,Zhong Chen,Muhammad Rizwan Asghar

DOI: https://doi.org/10.1109/hpcc-smartcity-dss50907.2020.00108

2020-01-01

Abstract:Recently, real-world attacks against the web Public Key Infrastructure (PKI) have arisen more frequently. The current PKI that use Registration Authorities/Certificate Authorities (RAs/CAs) model suffer from notorious security vulnerabilities. Most of these vulnerabilities are due to compromises of RAs, which lead to impersonation attacks resulting in CAs misbehaving to issue bogus certificates. To counter this problem, many approaches, such as Certificate Transparency (CT), ARPKI, and PoliCert, have been proposed. Nonetheless, no solution has yet gained widespread acceptance as a result of complexity and deployability issues. Moreover, existing approaches still require to satisfy complicated interactions and synchronisation among the entities that are involved during certificate issuance, updates, and revocations. In this paper, we propose a new Blockchain-Based PKI (BB-PKI) to address these vulnerabilities of CA misbehaviour caused by impersonation attacks against RAs. Certificate Issuance Request (CIR) should be vouched by manifold RAs. Multiple CAs shall sign and issue the certificate using an out-of-band secure communication channel. Any RA that contributes to the verification process of a user's request can publish the certificate in the blockchain by creating a smart contract certificate transaction. BB-PKI offers strong security guarantees, compromising $n - 1$ of the RAs or CAs is not enough to launch impersonation attacks, meaning that attackers cannot compromise more than the threshold of the latter signatures to launch an attack.

Oday A. Hassen,Ansam A. Abdulhussein,Saad M. Darwish,Zulaiha Ali Othman,Sabrina Tiun,Yasmin A. Lotfy

DOI: https://doi.org/10.3390/sym12101699

2020-10-15

Symmetry

Abstract:Blockchain technology has been commonly used in the last years in numerous fields, such as transactions documenting and monitoring real assets (house, cash) or intangible assets (copyright, intellectual property). The internet of things (IoT) technology, on the other hand, has become the main driver of the fourth industrial revolution, and is currently utilized in diverse fields of industry. New approaches have been established through improving the authentication methods in the blockchain to address the constraints of scalability and protection in IoT operating environments of distributed blockchain technology by control of a private key. However, these authentication mechanisms do not consider security when applying IoT to the network, as the nature of IoT communication with numerous entities all the time in various locations increases security risks resulting in extreme asset damage. This posed many difficulties in finding harmony between security and scalability. To address this gap, the work suggested in this paper adapts multimodal biometrics to strengthen network security by extracting a private key with high entropy. Additionally, via a whitelist, the suggested scheme evaluates the security score for the IoT system with a blockchain smart contract to guarantee that highly secured applications authenticate easily and restrict compromised devices. Experimental results indicate that our system is existentially unforgeable to an efficient message attack, and therefore, decreases the expansion of infected devices to the network by up to 49 percent relative to traditional schemes.

Joel Höglund,Simon Bouget,Martin Furuhed,John Preuß Mattsson,Göran Selander,Shahid Raza

DOI: https://doi.org/10.1007/s10207-024-00825-z

2024-03-04

International Journal of Information Security

Abstract:IoT deployments grow in numbers and size, which makes questions of long-term support and maintainability increasingly important. Without scalable and standard-compliant capabilities to transfer the control of IoT devices between service providers, IoT system owners cannot ensure long-term maintainability, and risk vendor lock-in. The manual overhead must be kept low for large-scale IoT installations to be economically feasible. We propose AutoPKI, a lightweight protocol to update the IoT PKI credentials and shift the trusted domains, enabling the transfer of control between IoT service providers, building upon the latest IoT standards for secure communication and efficient encodings. We show that the overhead for the involved IoT devices is small and that the overall required manual overhead can be minimized. We analyse the fulfilment of the security requirements, and for a subset of them, we demonstrate that the desired security properties hold through formal verification using the Tamarin prover.

computer science, information systems, theory & methods, software engineering

Cong Wang,Xu Deng,Maode Ma,Qiang Li,Hongpeng Bai,Yanan Zhang

DOI: https://doi.org/10.1002/ett.4979

IF: 3.6

2024-04-01

Transactions on Emerging Telecommunications Technologies

Abstract:Abstract The Named Data Networking (NDN) architecture, known for its caching strategies and name‐based routing, is an exemplary paradigm for content distribution across Internet of Things (IoT) devices. In the environment of NDN‐IoT, there is an urgent demand for a lightweight signature authentication scheme suitable for terminal devices to ensure the integrity of Data packets and the legitimacy of their sources. Many researchers opt for employing certificateless public key cryptography measures to enhance the security of communication among terminal devices in NDN‐IoT. However, among the array of proposed solutions, issues such as lack of resistance against signer identity exposure, susceptibility to man‐in‐the‐middle attacks, and replay attacks persist. Some researchers advocate for partitioning the devices in NDN‐IoT into different zones, yet there remains a deficiency in the design of packet exchange mechanisms across distinct zones. To address these issues, this paper proposes a novel blockchain‐based certificate‐less signature scheme in the NDN‐IoT environment that integrates key features such as distributed legitimate producer management, inter‐domain interaction mechanisms, anonymous identity protection, and blockchain storage optimization. The overarching goal is to provide robust security services for resource‐constrained devices within the NDN infrastructure while ensuring authenticity and integrity of data packets while alleviating the burden of certificate management on end devices. Compared to similar existing solutions, our proposed method incurs only 34% of the computational overhead required for Data packet signature verification, while maintaining equivalent cache occupancy and achieving higher security performance.

telecommunications

Jianhua Li,Jiong Jin,Lingjuan Lyu,Dong Yuan,Yingying Yang,Longxiang Gao,Chao Shen

DOI: https://doi.org/10.48550/arXiv.2011.06325

2020-11-12

Abstract:Numerous resource-limited smart objects (SOs) such as sensors and actuators have been widely deployed in smart environments, opening new attack surfaces to intruders. The severe security flaw discourages the adoption of the Internet of things in smart living. In this paper, we leverage fog computing and microservice to push certificate authority (CA) functions to the proximity of data sources. Through which, we can minimize attack surfaces and authentication latency, and result in a fast and scalable scheme in authenticating a large volume of resource-limited devices. Then, we design lightweight protocols to implement the scheme, where both a high level of security and low computation workloads on SO (no bilinear pairing requirement on the client-side) is accomplished. Evaluations demonstrate the efficiency and effectiveness of our scheme in handling authentication and registration for a large number of nodes, meanwhile protecting them against various threats to smart living. Finally, we showcase the success of computing intelligence movement towards data sources in handling complicated services.

Cryptography and Security,Networking and Internet Architecture

Soumyashree S. Panda,Debasish Jena,Bhabendu Kumar Mohanta,Somula Ramasubbareddy,Mahmoud Daneshmand,Amir H. Gandomi

DOI: https://doi.org/10.1109/jiot.2021.3063806

IF: 10.6

2021-08-15

IEEE Internet of Things Journal

Abstract:The exponential growth in the number of connected devices as well as the data produced from these devices call for a secure and efficient access control mechanism that can ensure the privacy of both users and data. Most of the conventional key management mechanisms depend upon a trusted third party like a registration center or key generation center for the generation and management of keys. Trusting a third party has its own ramifications and results in a centralized architecture; therefore, this article addresses these issues by designing a Blockchain-based distributed IoT architecture that uses hash chains for secure key management. The proposed architecture exploits the key characteristics of the Blockchain technology, such as openness, immutability, traceability, and fault tolerance, to ensure data privacy in IoT scenarios and, thus, provides a secure environment for communication. This article also proposes a scheme for secure and efficient key generation and management for mutual authentication between communication entities. The proposed scheme uses a one-way hash chain technique to provide a set of public and private key pairs to the IoT devices that allow the key pairs to verify themselves at any time. Experimental analysis confirms the superior performance of the proposed scheme to the conventional mechanisms.

computer science, information systems,telecommunications,engineering, electrical & electronic

Gholam Reza Zargar,Hamid Barati,Ali Barati

DOI: https://doi.org/10.1007/s10586-024-04565-6

2024-06-26

Cluster Computing

Abstract:The Internet of Things (IoT) is a network where physical objects with unique addresses can connect and communicate with each other through the Internet and telecommunications networks. However, the current methods of user authentication in this environment have limitations due to the need for a lightweight authentication process and limited resources. Therefore, this paper proposes a mutual authentication protocol for IoT that uses blockchain technology. The proposed protocol has a lightweight and secure architecture by using of Elliptic-Curve Cryptography and incorporates the AVISPA tool and BAN logic for formal/informal security analysis. Compared to previous protocols, this proposed protocol is more efficient in terms of communication and computation costs and is more resistant to various attacks.

computer science, information systems, theory & methods

Chenglong Fu,Qiang Zeng,Xiaojiang Du

DOI: https://doi.org/10.48550/arXiv.1912.00264

2019-12-01

Abstract:The booming Internet of Things (IoT) market has drawn tremendous interest from cyber attackers. The centralized cloud-based IoT service architecture has serious limitations in terms of security, availability, and scalability, and is subject to single points of failure (SPOF). Recently, accommodating IoT services on blockchains has become a trend for better security, privacy, and reliability. However, blockchain's shortcomings of high cost, low throughput, and long latency make it unsuitable for IoT applications. In this paper, we take a retrospection of existing blockchain-based IoT solutions and propose a framework for efficient blockchain and IoT integration. Following the framework, we design a novel blockchain-assisted decentralized IoT remote accessing system, RS-IoT, which has the advantage of defending IoT devices against zero-day attacks without relying on any trusted third-party. By introducing incentives and penalties enforced by smart contracts, our work enables "an economic approach" to thwarting the majority of attackers who aim to achieve monetary gains. Our work presents an example of how blockchain can be used to ensure the fairness of service trading in a decentralized environment and punish misbehaviors objectively. We show the security of RS-IoT via detailed security analyses. Finally, we demonstrate its scalability, efficiency, and usability through a proof-of-concept implementation on the Ethereum testnet blockchain.

Cryptography and Security,Distributed, Parallel, and Cluster Computing,Networking and Internet Architecture

Erhan Turan,Sevil Sen,Tamer Ergun

DOI: https://doi.org/10.1109/access.2024.3394657

IF: 3.9

2024-05-03

IEEE Access

Abstract:The conventional Public Key Infrastructure (PKI) has long been plagued by security issues stemming from its centralized and non-transparent design. In recent years, blockchain-based PKI architectures have emerged as promising solutions to overcome such issues. However, existing research has predominantly focused on SSL certificates, overlooking other certificate types used for purposes such as facilitating electronic signatures/seals, code signing, and S/MIME- all reliant on the foundational PKI infrastructure. In this study, we present a novel blockchain-based PKI architecture designed to accommodate diverse certificate types. Combining the principles of the Web of Trust with a centralized model, our SemiDec-PKI establishes a resilient, distributed infrastructure. This unique synergy minimizes reliance on a single central authority, mitigating the vulnerabilities associated with traditional PKI systems' single points of failure. With a cross-check mechanism and collective consensus of trusted entities, SemiDec-PKI provides higher fault tolerance, preventing disruptions from certificate misissuance or compromised certificate authorities. Furthermore, it introduces a stake-based reward-punishment mechanism which incentives honest behavior and penalizes malicious actions, serving as a potent deterrent against impersonation attacks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Samia Belattaf,Mohamed Mohammedi,Mawloud Omar,Rachida Aoudjit

DOI: https://doi.org/10.1007/s11277-021-08437-9

IF: 2.017

2021-04-03

Wireless Personal Communications

Abstract:The Internet of Things (IoT) is an emerging paradigm in the world of computer networks, where physical objects are connected over the Internet. Given the huge number of connected devices that are potentially vulnerable, highly significant risks emerge around the issues of communication security. Unfortunately, the conventional security methods are hard to adapt due to the heterogeneity and resource-constrained objects. In this paper, we propose a reliable and adaptive distributed public-key management infrastructure for the IoT. The main purpose of our proposal is to mitigate the resource issue for public-key certificate management to design an effective security mechanism, which offers reliable end-to-end security services. In order to evaluate the performances of our proposal, we have conducted intensive simulations with comparison to the literature, in which we have obtained promising results in terms of storage, communication, response time and resilience against malicious nodes.

telecommunications