AutoCert: Automated TOCTOU-secure digital certification for IoT with combined authentication and assurance

Khurshid, Anum; Raza, Shahid

doi:10.1016/j.cose.2022.102952

Cited by 9 publications

(10 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The related work [13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28] is illustrated in the introduction. Existing attestation methods are classified into symmetric and asymmetric categories.…”

Section: Discussionmentioning

confidence: 99%

“…These techniques aim to verify the integrity of these devices. Considering that IoT embedded devices often operate within networks, researchers have developed Collective Remote Attestation (CRA) schemes [13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28]. These schemes are proficient at performing remote attestation for networks of IoT devices.…”

Section: Introductionmentioning

confidence: 99%

“…According to the types of attestation keys, CRAs can be categorized into two types: symmetric [13][14][15][16][17][18][19] and asymmetric [20][21][22][23][24]. Certain schemes, including SEDA [25], DARPA [26], ERASMUS [27], and SALAD [28], offer support for both symmetric and asymmetric cryptography.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

SDATA: Symmetrical Device Identifier Composition Engine Complied Aggregate Trust Attestation

Yu,

Huang

2024

Symmetry

View full text Add to dashboard Cite

Efficient safeguarding of the security of interconnected devices, which are often resource-constrained, can be achieved through collective remote attestation schemes. However, in existing schemes, the attestation keys are independent of the device configuration, leading to increased requirements for the trusted computing base. This paper introduces a symmetrical aggregate trust attestation that is compatible with devices adhering to the device identifier composition engine framework. The proposed scheme simplifies the trusted computing base requirements by generating an attestation key that is derived from the device configuration. Moreover, the scheme employs distributed aggregate message authentication codes to reduce both the communication volume within the device network and the size of the attestation report, thereby enhancing the aggregation efficiency. In addition, the scheme incorporates interactive authentication to accurately identify compromised devices.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

SDATA: Symmetrical Device Identifier Composition Engine Complied Aggregate Trust Attestation

Yu,

Huang

2024

Symmetry

View full text Add to dashboard Cite

show abstract

“…When a device wants to join the network, it presents its digital certificate to the network for authentication [27]. The work presented by Khurshid and Raza [28] proposed an integrity certificate-based authentication scheme to address IoT security challenges by proposing automated certification for IoT (AutoCert), a novel time-of-check to time-of-use (TOCTOU)-secure mechanism combining software-state integrity with public key infrastructure (PKI) for device authentication. AutoCert, implementing internet engineering task force (IETF) remote attestation procedures and X509 IoT certificates, resolves the TOCTOU problem in integrity certificates.…”

Section: Certificate-basedmentioning

confidence: 99%

Authentication schemes in wireless internet of things sensor networks: a survey and comparison

Phalaagae,

Zungeru,

Sigweni

et al. 2024

IJEECS

View full text Add to dashboard Cite

The proliferation of wireless sensor networks (WSNs) fuels internet of things (IoT's) rapid global development, connecting diverse devices. IoT transforms devices into intelligent entities delivering exceptional services. This work addresses IoT authentication gaps through a comprehensive survey, analyzing recent works and exploring techniques in various applications. It includes a comparative analysis of authentication schemes, evaluating Bi-Phase authentication scheme (BAS) in WSNs. BAS outperforms sensor protocol for information via negotiation (SPIN), broadcast session key protocol (BROSK), and localized encryption and authentication protocol (LEAP), resulting in lower energy consumption and higher efficiency. With energy efficiency at 60 Kb/J for 25 nodes, BAS focuses on power optimization and lightweight security measures, reducing energy consumption, maximizing efficiency, and extending WSN lifespan. The evaluation, conducted using MATLAB/Simulink, demonstrates BAS's superiority, achieving 10 J, 12 J, 14 J, and 15 J energy consumption for 25 nodes during simulation, showcasing its effectiveness and future potential in advancing IoT authentication.

show abstract

“…Similarly, scheme [24] suggested an executable monitoring system with evidence to verify the system's status. Recently, a TPM-based scheme for smart grid IoT devices and server authentication was suggested by the authors of reference [25]. It used remote attestation and integrity measurement methods to authenticate smart grid remote IoT devices.…”

Section: Prior Work Related To Iot Device Security For Smart Gridsmentioning

confidence: 99%

Fortified-Grid: Fortifying Smart Grids through the Integration of the Trusted Platform Module in Internet of Things Devices

Sharma,

Joshi,

Mohanty

2023

Information

View full text Add to dashboard Cite

This paper presents a hardware-assisted security primitive that integrates the Trusted Platform Module (TPM) into IoT devices for authentication in smart grids. Data and device security plays a pivotal role in smart grids since they are vulnerable to various attacks that could risk grid failure. The proposed Fortified-Grid security primitive provides an innovative solution, leveraging the TPM for attestation coupled with standard X.509 certificates. This methodology serves a dual purpose, ensuring the authenticity of IoT devices and upholding software integrity, an indispensable foundation for any resilient smart grid security system. TPM is a hardware security module that can generate keys and store them with encryption so they cannot be compromised. Formal security verification has been performed using the random or real Oracle (ROR) model and widely accepted AVISPA simulation tool, while informal security verification uses the DY and CK adversary model. Fortified-Grid helps to validate the attested state of IoT devices with a minimal network overhead of 1984 bits.

show abstract

AutoCert: Automated TOCTOU-secure digital certification for IoT with combined authentication and assurance

Cited by 9 publications

References 10 publications

SDATA: Symmetrical Device Identifier Composition Engine Complied Aggregate Trust Attestation

SDATA: Symmetrical Device Identifier Composition Engine Complied Aggregate Trust Attestation

Authentication schemes in wireless internet of things sensor networks: a survey and comparison

Fortified-Grid: Fortifying Smart Grids through the Integration of the Trusted Platform Module in Internet of Things Devices

Contact Info

Product

Resources

About