Putting Things in Context: Securing Industrial Authentication with Context Information

Antón, Simon D. Duque; Fraunholz, Daniel; Lipps, Christoph; Alam, Khurshid; Schotten, Hans D.

doi:10.22619/ijcsa.2018.100122

Cited by 2 publications

(5 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Deployability. Prior work on context sensitivity for cryptographic operations [6,14,43,[60][61][62]66] has not been deployed in practice due to its reliance on specific hardware to provide security properties or non-standard adversarial models. Therefore, we aim to use existing devices to build the context: namely, the IoT devices of the user's smart home.…”

Section: Design Goalsmentioning

confidence: 99%

“…Certain works employ IoT-specific characteristics for user authentication; in particular, [16,21,59] use wearable IoT devices as a second-factor for authentication. Anton et al [6] propose context authentication for industrial IoT systems. Location-sensitive cryptography.…”

Section: Related Workmentioning

confidence: 99%

“…Past research efforts also focus on the use of dedicated hardware to build this functionality. While context-sensitive cryptography (of which at-home cryptography is a subset) has been studied in both the theoretical [13,15,17,34,50] and applied [6,43,[60][61][62]66] literature, no practical constructions have been realized or widely deployed. 1 As such, we turn to a more pragmatic approach: re-use the devices users already have to establish a context.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

SocIoTy: Practical Cryptography in Smart Home Contexts

Jois,

Beck,

Belikovetsky

et al. 2024

PoPETs

View full text Add to dashboard Cite

Smartphones form an important source of trust in modern computing. But, while their mobility is convenient, smartphones can be stolen or seized, allowing an adversary to impersonate the user in their digital life: accessing the user's services and decrypting their sensitive files. With this in mind, we build SocIoTy, which leverages a user's existing IoT devices to add a context-sensitive layer of security for non-expert users. Instead of assuming the existence of dedicated hardware, SocIoTy re-uses the devices of a user's smart home to provide cryptographic services, which we term at-home cryptography. We show that at-home cryptography can be built from simple cryptographic primitives, and that our SocIoTy solution is able to provide useful functionalities, like two-factor authentication (2FA) and secure file storage, while protecting against powerful adversaries in this setting. We implement and evaluate SocIoTy in real-world use cases and provide microbenchmarks for individual cryptographic operations on realistic models of IoT devices. We also provide full benchmarks of an end-to-end deployment on a simulated smart home, using a smartphone and 9 IoT devices to generate and display 2FA one-time passwords in less than 200 milliseconds. SocIoTy is able to provide strong, practical cryptography while binding its execution to the smart home itself, all without requiring additional hardware.

show abstract

Section: Design Goalsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

SocIoTy: Practical Cryptography in Smart Home Contexts

Jois,

Beck,

Belikovetsky

et al. 2024

PoPETs

View full text Add to dashboard Cite

show abstract

Section: ) ''Putting Things In Context: Securing Industrial Authentication With Context Information'' [151]mentioning

confidence: 99%

“…The group of Anton et al addresses with several publications the security of industrial IoT and SCADA environments [151]- [153]. In [151], the authors focus on including context information in the authentication mechanism RADIUS. They use a simple scheme of location, access time, and the criticality of the action that shall be authorized (i.e.…”

Section: ) ''Putting Things In Context: Securing Industrial Authentication With Context Information'' [151]mentioning

confidence: 99%

Context-Aware Security for Vehicles and Fleets: A Survey

2021

View full text Add to dashboard Cite

Vehicles are becoming increasingly intelligent and connected. Interfaces for communication with the vehicle, such as WiFi and 5G, enable seamless integration into the user's life, but also cyber attacks on the vehicle. Therefore, research is working on in-vehicle countermeasures such as authentication, access controls, or intrusion detection. Recently, legal regulations have also become effective that require automobile manufacturers to set up a monitoring system for fleet-wide security analysis. The growing amount of software, networking, and the automation of driving create new challenges for security. Context-awareness, situational understanding, adaptive security, and threat intelligence are necessary to cope with these everincreasing risks. In-vehicle security should be adaptive to secure the car in an infinite number of (driving) situations. For fleet-wide analysis and alert triage, knowledge and understanding of the circumstances are required. Context-awareness, nonetheless, has been sparsely considered in the field of vehicle security. This work aims to be a precursor to context-aware, adaptive and intelligent security for vehicles and fleets. To this end, we provide a comprehensive literature review that analyzes the vehicular as well as related domains. Our survey is mainly characterized by the detailed analysis of the context information that is relevant for vehicle security in the future.

show abstract

Putting Things in Context: Securing Industrial Authentication with Context Information

Cited by 2 publications

References 29 publications

SocIoTy: Practical Cryptography in Smart Home Contexts

SocIoTy: Practical Cryptography in Smart Home Contexts

Context-Aware Security for Vehicles and Fleets: A Survey

Contact Info

Product

Resources

About