Secure management architecture for the internet of things

Download files
Access & Terms of Use
open access
Copyright: Kim, Jun
CC BY-NC-ND 3.0
Altmetric
Abstract
The Internet of Things (IoT) introduces a new era of ubiquitous computing for service providers, developers, and users. The advent of Internet-connected heterogeneous devices enables a wide range of smart applications. Although the securing of such wireless applications has been thoroughly studied in Wireless Sensor Networks (WSNs), IoT applications face emerging security challenges due to unique IoT characteristics. These challenges endanger the vision of the next generation ubiquitous Internet and the proliferation of the IoT. This dissertation first discusses the unique IoT characteristics that generate stronger adversaries with motives other than traditional attacker models. We propose an automated formal security analysis approach for seamless tracking and analysis of IoT protocols under various adversaries and security goals. Our analysis approach is designed to provide security guarantees to IoT protocols even under frequent code, model, and environment changes. We address practical issues in existing formal analysis tools while modeling complex IoT protocols and cryptographic algorithms. When new attack models or vulnerabilities are detected, remotely patching deployed IoT devices is essential. We present a secure over-the-air (OTA) update protocol called SEDA. SEDA adopts a multicast propagation approach to address capability issues in existing OTA systems. To secure the multicast propagation session, we propose to use a variant of Broadcast Encryption (BE). Our extensive experiments in a practical testbed and simulator show our fast and e fficient OTA performance. Securely managing a large number of IoT devices for years is a practical problem. Many security features such as device life-cycle management, access control, key distribution, and authentication are necessary to achieve this problem. We propose a secure IoT management protocol called ESIoT to provide such security features. We show practical problems in existing management protocols using Public Key Cryptography (PKC) and End-to-End (E2E) communication. We propose anv Identity Based Encryption (IBE) scheme called SIBBE to provide device life-cycle management, access control, authentication, and key distribution. The main contribution of this dissertation is to address security vulnerabilities and practical issues in existing IoT systems.
Persistent link to this record
http://hdl.handle.net/1959.4/58870
DOI
https://doi.org/10.26190/unsworks/20057
Link to Publisher Version
Link to Open Access Version
Additional Link
Author(s)
Kim, Jun
Supervisor(s)
Jha, Sanjay
Hu, Wen
Creator(s)
Editor(s)
Translator(s)
Curator(s)
Designer(s)
Arranger(s)
Composer(s)
Recordist(s)
Conference Proceedings Editor(s)
Other Contributor(s)
Corporate/Industry Contributor(s)
Publication Year
2017
Resource Type
Thesis
Degree Type
PhD Doctorate
UNSW Faculty
Files
download public version.pdf 4.07 MB Adobe Portable Document Format
Related dataset(s)
View full record Show statistics