Securing IoT microservices with certificates

Pahl, Marc-Oliver; Donini, Lorenzo

doi:10.1109/noms.2018.8406189

Cited by 26 publications

(16 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…External attacks often aim at acquiring the same rights than the ones of authorized internal users. In order to avoid these attacks, the system typically relies on authentication methods based on cryptographic techniques [15]. Internal attacks may be more difficult to counter, and require behavioral patterns to be built, in order to detect deviations that characterize potential security attacks afterwards.…”

Section: Related Workmentioning

confidence: 99%

Comparative Assessment of Process Mining for Supporting IoT Predictive Security

Hemmer

Abderrahim

Badonnel

et al. 2021

IEEE Trans. Netw. Serv. Manage.

View full text Add to dashboard Cite

The growth of the Internet-of-Things (IoT) has been characterized by the large-scale deployment of sensors and connected objects. These ones are integrated with other Internet resources in order to elaborate more complex systems and applications. Security management is a major challenge for these systems due to their complexity, their heterogeneity and the limited resources of their devices. In this paper we evaluate the exploitability and performance of a process mining approach for detecting misbehaviors in such systems. We describe the considered architecture and detail its operation, from the generation of behavioral models to the detection of potential attacks. We formalize several alternative commonly-used detection methods, including elliptic envelope, support-vector machine, local outlier factor, and isolation forest techniques. After presenting a proofof-concept prototype, we quantify comparatively the benefits and limits of our process mining solution combined with data preprocessing, through extensive experiments based on different industrial datasets.

show abstract

Section: Related Workmentioning

confidence: 99%

Comparative Assessment of Process Mining for Supporting IoT Predictive Security

Hemmer

Abderrahim

Badonnel

et al. 2021

IEEE Trans. Netw. Serv. Manage.

View full text Add to dashboard Cite

show abstract

“…Pahl and Donini [24] proposed the use of public key certificates for authenticating IoT devices in order to strengthen DTLS services. Hewa et al [25] applied Elliptic Curve Qu-Vanstone (ECQV) certificates in IoT scenarios and used the blockchain-based smart contracts to manage the certificates.…”

Section: Related Workmentioning

confidence: 99%

Dynamic Public Key Certificates with Forward Secrecy

Chien¹

2021

Electronics

View full text Add to dashboard Cite

Conventionally, public key certificates bind one subject with one static public key so that the subject can facilitate the services of the public key infrastructure (PKI). In PKI, certificates need to be renewed (or revoked) for several practical reasons, including certificate expiration, private key breaches, condition changes, and possible risk reduction. The certificate renewal process is very costly, especially for those environments where online authorities are not available or the connection is not reliable. A dynamic public key certificate (DPKC) facilitates the dynamic changeover of the current public–private key pairs without renewing the certificate authority (CA). This paper extends the previous study in several aspects: (1) we formally define the DPKC; (2) we formally define the security properties; (3) we propose another implementation of the Krawczyk–Rabin chameleon-hash-based DPKC; (4) we propose two variants of DPKC, using the Ateniese–Medeiros key-exposure-free chameleon hash; (5) we detail two application scenarios.

show abstract

“…External attacks often aim at acquiring the same rights than the ones of authorized internal users. In order to avoid these attacks, the system typically relies on authentication methods based on cryptographic techniques [11]. Internal attacks may be more difficult to counter, and require behavioral patterns to be built, in order to detect deviations that characterize potential security attacks afterwards.…”

Section: Related Workmentioning

confidence: 99%

A Process Mining Approach for Supporting IoT Predictive Security

Hemmer

Badonnel

Chrisment

2020

NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium

View full text Add to dashboard Cite

The growing interest for the Internet-of-Things (IoT) is supported by the large-scale deployment of sensors and connected objects. These ones are integrated with other Internet resources in order to elaborate more complex and value-added systems and applications. While important efforts have been done for their protection, security management is a major challenge for these systems, due to their complexity, their heterogeneity and the limited resources of their devices. In this paper we introduce a process mining approach for detecting misbehaviors in such systems. It permits to characterize the behavioral models of IoT-based systems and to detect potential attacks, even in the case of heterogenous protocols and platforms. We then describe and formalize its underlying architecture and components, and detail a proof-of-concept prototype. Finally, we evaluate the performance of this solution through extensive experiments based on real industrial datasets.

show abstract

Securing IoT microservices with certificates

Cited by 26 publications

References 8 publications

Comparative Assessment of Process Mining for Supporting IoT Predictive Security

Comparative Assessment of Process Mining for Supporting IoT Predictive Security

Dynamic Public Key Certificates with Forward Secrecy

A Process Mining Approach for Supporting IoT Predictive Security

Contact Info

Product

Resources

About