Abstract:Hardware Security Modules (HSM) serve as a hardware based root of trust that offers physical protection while adding a new security layer in the system architecture. When combined with decentralized access technologies as Blockchain, HSM offers robustness and complete reliability enabling secured end-to-end mechanisms for authenticity, authorization and integrity. This work proposes an efficient integration of HSM and Blockchain technologies focusing on, mainly, public-key cryptography algorithms and standards… Show more
“…Smart home devices have varying lifespans and may become vulnerable to security exploits as they age or become obsolete. Researchers propose security-aware practices such as secure firmware updates, end-of-life protocols, and responsible disposal mechanisms to mitigate the risks of dormant vulnerabilities and ensure the long-term security of smart home infrastructures [62]. By addressing security issues at each stage of the device lifecycle, stakeholders can minimize exposure to potential threats and maintain the integrity of smart home environments [8].…”
This paper discusses current technologies for lessening these risks and suggests an approach with multiple layers toward tackling these concerns. This plan integrates security measures at the device level, as well as security measures for networks, and even educational measures for users. Real-world instances and illustrations of the efficacy of the suggested method are presented. Various research gaps in IoT security and privacy have been identified, like the necessity for scalable security solutions, business-related problems, security policies focused on users, protection of privacy using data analysis, and the evolving threat landscape!! It also emphasizes the need for security measures for energy storage and contemplates the legal and ethical consequences of IoT security and privacy in intelligent homes. The discussion concludes with future research directions and challenges related to IoT security and privacy strategies and recognizes potential areas for innovation and enhancement. The intention is to contribute to the continuing discussion on IoT security and privacy, offering perspectives and recommendations to safeguard the integrity and privacy of the ecosystem in intelligent homes in an increasingly interconnected world.
“…Smart home devices have varying lifespans and may become vulnerable to security exploits as they age or become obsolete. Researchers propose security-aware practices such as secure firmware updates, end-of-life protocols, and responsible disposal mechanisms to mitigate the risks of dormant vulnerabilities and ensure the long-term security of smart home infrastructures [62]. By addressing security issues at each stage of the device lifecycle, stakeholders can minimize exposure to potential threats and maintain the integrity of smart home environments [8].…”
This paper discusses current technologies for lessening these risks and suggests an approach with multiple layers toward tackling these concerns. This plan integrates security measures at the device level, as well as security measures for networks, and even educational measures for users. Real-world instances and illustrations of the efficacy of the suggested method are presented. Various research gaps in IoT security and privacy have been identified, like the necessity for scalable security solutions, business-related problems, security policies focused on users, protection of privacy using data analysis, and the evolving threat landscape!! It also emphasizes the need for security measures for energy storage and contemplates the legal and ethical consequences of IoT security and privacy in intelligent homes. The discussion concludes with future research directions and challenges related to IoT security and privacy strategies and recognizes potential areas for innovation and enhancement. The intention is to contribute to the continuing discussion on IoT security and privacy, offering perspectives and recommendations to safeguard the integrity and privacy of the ecosystem in intelligent homes in an increasingly interconnected world.
“…A method to prevent malicious attacks such as spoofing has been proposed by generating a device-specific signature using a function that cannot be duplicated physically, i.e., Physically Unclonable Function (PUF) [17]. Cabrera Gutierrez et al [18] claim that the robustness and reliability of HSM are essential for IoT devices. While countermeasures to improve the security based on these HSMs can optimize the design of IoT devices for specific purposes, development time and cost increase since different hardware and software designs are required for each application.…”
Section: Analysis Of Existing Security Service For Iot Devicesmentioning
The rapid expansion of the Internet of Things (IoT) has led to increased concerns regarding the security of IoT systems. Attacks targeting IoT devices, such as code injection and code reuse, have become more sophisticated, compromising device control and functionality. Existing security schemes, designed primarily for the ×86 architecture, are not well-suited for resource-constrained IoT devices. While numerous studies aim to strengthen IoT device security, practical implementation faces challenges due to time-to-market requirements and manufacturing costs. To address these issues, this paper proposes an Augmented Security Module (ASM) that provides essential security services for IoT devices within the same network, requiring minimal device modifications. The ASM includes Hardware Security Modules (HSMs) like Trusted Platform Module (TPM) and Secure Element (SE) to ensure data integrity and execute requested security services. By adding ASM Agents, which perform minimal operations to request security services, IoT devices can easily access the provided security services. The proposed ASM enables flexible adaptation to evolving security requirements at a low cost, meeting practical manufacturing and time-to-market demands. To validate the effectiveness of the proposed ASM, four representative scenarios are presented and analyzed, demonstrating its ability to enhance IoT device security and prevent attacks. The proposed ASM contributes to the widespread adoption of secure IoT systems by ensuring the security of IoT devices within the network.
“…Elliptic Curve Cryptography is a relatively new type of cryptography that Koblitz et al 25 independently proposed in the latter half of the 19th century. Due to the same level of security they offer with significantly smaller key sizes than traditional public-key cryptosystems, it has since attracted a lot of attention and grown immensely popular 26,27 . The ECC includes key exchange, the Elliptic Curve Digital Signature Algorithm(ECDSA), and all pertinent asymmetric cryptographic primitives 28,29 .…”
Blockchain is an innovative technology that has gained interest in all sectors in the era of digital transformation where it manages transactions and saves them in a database. With the increasing financial transactions and the rapidly developed society with growing businesses many people looking for the dream of a better financially independent life, stray from large corporations and organizations to form startups and small businesses. Recently, the increasing demand for employees or institutes to prepare and manage contracts, papers, and the verifications process, in addition to human mistakes led to the emergence of a smart contract. The smart contract has been developed to save time and provide more confidence while dealing, as well as to cover the security aspects of digital management and to solve negotiation concerns. The smart contract was employed in creating a distributed ledger to eliminate the need for centralization. In this paper, a simple prototype has been implemented for the smart contract integrated with blockchain which is simulated in a local server with a set of nodes. Several security objectives, such as confidentiality, authorization, integrity, and non-repudiation, have been achieved in the proposed system. Besides, the paper discussed the importance of using the Blockchain technique, and how it contributed to the management of transactions in addition to how it was implemented in highly transparent real-estate scenarios. The smart contract was employed in creating a distributed ledger to eliminate the need for centralization. The elliptic-curve public key has been adopted as an alternative for the RSA in a signature generation/verification process and encryption protocol. For secure transactions, The Secure Socket Layer (SSL) also has been adopted as a secure layer in the web browser. The results have been investigated and evaluated from different aspects and the implementation was in a restricted environment. Experiments showed us the complexity of time and cost when using the (ECC) algorithm and using (RSA) algorithm depending on the size and length of the key. So if the size of the key in (ECC) equals (160) bits, and it corresponds to (1024) bits in (RSA), which is equivalent to 40% for (ECC) and 30% for (RSA). As a result, the (ECC) algorithm is complex, its key is smaller and the process of generating the key is faster, so it has achieved a high level of security.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.