2019
DOI: 10.1007/s42979-019-0018-8
|View full text |Cite
|
Sign up to set email alerts
|

Evaluation of Out-of-Band Channels for IoT Security

Abstract: Secure bootstrapping is the process by which a device gets the necessary configuration information and security credentials to become operational. In many pervasive computing and Internet-of-Things scenarios, it is often not possible to rely on the existence of a trusted third party or other network infrastructure for bootstrapping. Therefore, several device bootstrapping protocols rely on an out-of-band (OOB) channel for initial device authentication and configuration. We begin this paper by understanding the… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
8
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
5
2
2

Relationship

1
8

Authors

Journals

citations
Cited by 19 publications
(9 citation statements)
references
References 23 publications
0
8
0
Order By: Relevance
“…Currently, the widely-used methods to onboard IoT devices are mostly out-of-band and include the use of QR codes physically printed on devices, pin codes, and serial numbers [38]. For example, once a user buys a smart IoT camera, he/she scans a QR code printed on the camera (or the packaging) with his/her mobile phone and through a mobile application, he/she connects the camera with a cloud service usually offered by its manufacturer.…”
Section: A Authorized Iot Device Onboardingmentioning
confidence: 99%
“…Currently, the widely-used methods to onboard IoT devices are mostly out-of-band and include the use of QR codes physically printed on devices, pin codes, and serial numbers [38]. For example, once a user buys a smart IoT camera, he/she scans a QR code printed on the camera (or the packaging) with his/her mobile phone and through a mobile application, he/she connects the camera with a cloud service usually offered by its manufacturer.…”
Section: A Authorized Iot Device Onboardingmentioning
confidence: 99%
“…The human-check compares data across a visual channel, typically a display on the HM and on the computer interface. The visual channel is a type of out-of-band (OOB) communication channel, one which is independent of the primary in-band channel [LSA20] (in this case the communication between HM and computer interface). The OOB channel expands the effort required by an attacker to enact a payment or address generation attack since now both the in-band and OOB channels must be compromised.…”
Section: Mitigation For Corrupted Computer Interfacementioning
confidence: 99%
“…The selection of onboarding techniques depends on the design of the security architecture (e.g., distributed, centralized). Out-of-band techniques include the use of QR code and/or pre-defined passwords by users [2]. Onboarding in centralized architectures often relies on pre-established trust relations and utilize protocols, such as Extensible Authentication Protocol (EAP) [19], for authentication.…”
Section: Related Work On Iot Onboardingmentioning
confidence: 99%
“…In a world, where the number of IoT devices rapidly increases every year, the onboarding of such devices has been a challenge, especially when security becomes a requirement. One of the common techniques for IoT onboarding today is the use of Quick Response (QR) codes [1] (other popular out-of-band IoT onboarding techniques include the use pin codes or serial numbers [2]). A user scans the QR code of an IoT device with his/her mobile phone and this QR code is translated to a url, which allows the user to communicate with a server typically located on the cloud.…”
Section: Introductionmentioning
confidence: 99%