New paradigms for access control in constrained environments

Cherkaoui, Abdelkarim; Bossuet, Lilian; Seitz, Lüdwig; Selander, Göran; Borgaonkar, Ravishankar

doi:10.1109/recosoc.2014.6861362

Cited by 26 publications

(15 citation statements)

References 8 publications

(8 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There is much work on establishing secure communication channels between 'things' [31,37]; standards for this purpose are summarised in [46]. Others have designed access control schemes specifically for IoT [25,63], and some research focuses on lightweight authentication mechanisms [49,65,74].…”

Section: Current Iot Security Researchmentioning

confidence: 99%

Big ideas paper

Singh

Pasquier

Bacon

et al. 2016

Proceedings of the 17th International Middleware Conference

View full text Add to dashboard Cite

Internet of Things (IoT) applications, systems and services are subject to law. We argue that for the IoT to develop lawfully, there must be technical mechanisms that allow the enforcement of specified policy, such that systems align with legal realities. The audit of policy enforcement must assist the apportionment of liability, demonstrate compliance with regulation, and indicate whether policy correctly captures legal responsibilities. As both systems and obligations evolve dynamically, this cycle must be continuously maintained. This poses a huge challenge given the global scale of the IoT vision. The IoT entails dynamically creating new services through managed and flexible data exchange. Data management is complex in this dynamic environment, given the need to both control and share information, often across federated domains of administration. We see middleware playing a key role in managing the IoT. Our vision is for a middleware-enforced, unified policy model that applies end-to-end, throughout the IoT. This is because policy cannot be bound to things, applications, or administrative domains, since functionality is the result of composition, with dynamically formed chains of data flows. We have investigated the use of Information Flow Control (IFC) to manage and audit data flows in cloud computing; a domain where trust can be well-founded, regulations are more mature and associated responsibilities clearer. We feel that IFC has great potential in the broader IoT context. However, the sheer scale and the dynamic, federated nature of the IoT pose a number of significant research challenges.

show abstract

Section: Current Iot Security Researchmentioning

confidence: 99%

Big ideas paper

Singh

Pasquier

Bacon

et al. 2016

Proceedings of the 17th International Middleware Conference

View full text Add to dashboard Cite

show abstract

“…Such concerns are orthogonal to our work, and could be leveraged to support lower-end device implementations. Others have designed access control schemes specifically for IoT [26], [27]. These focus on adapting existing techniques to resource constrained devices, rather than on developing new approaches towards the wider IoT requirements.…”

Section: Related Workmentioning

confidence: 99%

Securing tags to control information flows within the Internet of Things

Singh

Pasquier

Bacon

2015

2015 International Conference on Recent Advances in Internet of Things (RIoT)

View full text Add to dashboard Cite

To realise the full potential of the Internet of Things (IoT), IoT architectures are moving towards open and dynamic interoperability, as opposed to closed application silos. This is because functionality is realised through the interactions, i.e. the exchange of data, between a wide-range of 'things'.Data sharing requires management. Towards this, we are exploring distributed, decentralised Information Flow Control (IFC) to enable controlled data flows, end-to-end, according to policy. In this paper we make the case for IFC, as a data-centric control mechanism, for securing IoT architectures.Previous research on IFC focuses on a particular system or application, e.g. within an operating system, with little concern for wide-scale, dynamic systems. To render IFC applicable to IoT, we present a certificate-based model for secure, trustworthy policy specification, that also reflects real-world IoT concerns such as 'thing' ownership. This approach enables decentralised, distributed, verifiable policy specification, crucial for securing the wide-ranging, dynamic interactions of future IoT applications.

show abstract

“…may be re-programmable. Thus, users may define policies and permissions for their own use, and protection mechanisms should provide interoperability, flexibility and scalability while remaining lightweight [9]. Physical unclonable functions (PUFs) are a promising way to ensure authentication, access control and traceability.…”

Section: Introductionmentioning

confidence: 99%

“…Physical unclonable functions (PUFs) are a promising way to ensure authentication, access control and traceability. PUFs provide secure and low-cost authentication [9], [4]. Many architectures have been proposed for PUFs in the related literature, and they can be divided into groups [10].…”

Section: Introductionmentioning

confidence: 99%

Implementation and Characterization of a Physical Unclonable Function for IoT: A Case Study With the TERO-PUF

Marchand

Bossuet

Mureddu

et al. 2018

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

Today, life is becoming increasingly connected. From TVs to smartphones, including vehicles, buildings, and household appliances, everything is interconnected in what we call the "Internet of Things" (IoT). IoT is now part of our life and we have to deal with it. More than 10 billion devices are already connected and five times more are expected to be deployed in the next five years. While deployment and integration of IoT is expanding, one of the main challenge is to provide practical solutions to security, privacy and trust issues in IoT. Protection and security mechanisms need to include features such as interoperability and scalability but also traceability, authentication and access control while remaining lightweight. Among the most promising approaches to such security mechanisms, physical unclonable functions (PUF) provide a unique identifier for similar but different integrated circuits using some of their physical characteristics. These types of functions can thus be used to authenticate integrated circuits, provide traceability and access control. This paper presents a comprehensive case study of the transient effect ring oscillator (TERO) PUF from its implementation on FPGAs to its complete characterization. The implementation of the PUF is detailed for two different families of FPGAs: Xilinx Spartan 6 and Altera Cyclone V. All the metrics used for the characterization are explained in detail and the results of the characterization include robustness to environmental parameters including variations in temperature and voltage. Finally, we compare our results with those obtained for another PUF: the ring oscillator (RO) PUF. All the design files are available online to ensure repeatability and enable comparison of our contribution with other studies.

show abstract

New paradigms for access control in constrained environments

Cited by 26 publications

References 8 publications

Big ideas paper

Big ideas paper

Securing tags to control information flows within the Internet of Things

Implementation and Characterization of a Physical Unclonable Function for IoT: A Case Study With the TERO-PUF

Contact Info

Product

Resources

About