Gerência de Autenticação de Dispositivos IoT Adaptativa Aos Ambientes Urbanos Apoiada em Políticas e Confiança Social
Abstract
Devices' authentication is one of the key requirements to provide security in IoT environments. However, current Adaptative Authentication Systems (AAS) employ adaptation factors in an isolated way and ignore the correlation between them, as well as the relations that the devices build in the contexts where they are located. Those AASs show themselves as rigid about the most compatible mechanisms in one given context and do not provide multi-factor adaptation. This work proposes GALENA as an adaptive authentication management system in IoT networks, based on social trust strategies, devices' context, and policies. The GALENA evaluation showed its efficiency in adapting and selecting the authentication mechanism appropriated for each interaction, achieving a compatibility rate of about 97% with 200 devices and 98% with 400 devices in all scenarios, with maximum trust accuracy of 0,45 and 0,38 respectively.References
Aman, W. and Snekkenes, E. (2015). EDAS: An evaluation prototype for autonomic event-driven adaptive security in the internet of things. Future Internet, 7(4):225–256.
Arias-Cabarcos, P., Krupitzer, C., and Becker, C. (2019). A survey on adaptive authentication. ACM Computing Surveys, 52(4):1–30.
Assis, M. V. O. D., Hamamoto, A. H., Abrao, T., and Proenca, M. L. (2017). A game theoretical based system using holt-winters and genetic algorithm with fuzzy logic for DoS/DDoS mitigation on SDN networks. IEEE Access, 5:9485–9496.
Chen, I.-R., Guo, J., Wang, D.-C., Tsai, J. J., Al-Hamadi, H., and You, I. (2018). Trust as a Service for IoT Service Management in Smart Cities. In 2018 IEEE 20th International Conference on High Performance Computing and Communications., pages 1358–1365. IEEE.
de Oliveira, G. H., de Souza Batista, A., Nogueira, M., and dos Santos, A. L. (2022). An access control for iot based on network community perception and social trust against sybil attacks. International Journal of Network Management, 32(1):e2181.
El-hajj, M., Fadlallah, A., Chamoun, M., and Serhrouchni, A. (2019). A survey of internet of things (IoT) authentication schemes. Sensors, 19(5):1141.
Gebrie, M. T. and Abie, H. (2017). Risk-based adaptive authentication for internet of things in smart home ehealth. In Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings, pages 102–108.
Gwak, B., Cho, J. H., Lee, D., and Son, H. (2018). TARAS: Trust-Aware Role-Based Access Control System in Public Internet-of-Things. 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pages 74–85.
Hamdi, M. and Abie, H. (2014). Game-based adaptive security in the internet of things for eHealth. In 2014 IEEE International Conference on Communications (ICC). IEEE.
Hayashi, E., Das, S., Amini, S., Hong, J., and Oakley, I. (2013). Casa: context-aware scalable authentication. In Proc. of the Ninth Symposium on Usable Privacy and Security, pages 1–10.
Huertas Celdrán, A., Gil Pérez, M., García Clemente, F. J., and Martínez Pérez, G. (2019). Towards the autonomous provision of self-protection capabilities in 5G networks. Journal of Ambient Intelligence and Humanized Computing, 10(12):4707–4720.
Jafarian, B., Yazdani, N., and Haghighi, M. S. (2020). Discrimination-aware trust management for social internet of things. Computer Networks, 178:107254.
Marche, C., Atzori, L., and Nitti, M. (2018). A dataset for performance analysis of the social internet of things. In 2018 IEEE 29th Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), pages 1–5. IEEE.
Morabito, R. and Jimenez, J. (2020). IETF protocol suite for the internet of things: Overview and recent advancements. IEEE Communications Standards Magazine, 4(2):41–49.
Patwary, A. A.-N., Fu, A., Naha, R. K., Battula, S. K., Garg, S., Patwary, M. A. K., and Aghasian, E. (2020). Authentication, access control, privacy, threats and trust management towards securing fog computing environments: A review. arXiv preprint arXiv:2003.00395.
Qin, W., Chen, S., and Peng, M. (2020). Recent advances in industrial internet: insights and challenges. Digital Communications and Networks, 6(1):1–13.
Sylla, T., Chalouf, M. A., Krief, F., and Samaké, K. (2020). Towards a context-aware security and privacy as a service in the internet of things. In IFIP Info Security Theory and Practice.
Tan, S., Liu, Y., Li, X., and Dong, Q. (2016). A similarity-based indirect trust model with antispoofing capability. Security and Communication Networks, 9(18):5868–5881.
Arias-Cabarcos, P., Krupitzer, C., and Becker, C. (2019). A survey on adaptive authentication. ACM Computing Surveys, 52(4):1–30.
Assis, M. V. O. D., Hamamoto, A. H., Abrao, T., and Proenca, M. L. (2017). A game theoretical based system using holt-winters and genetic algorithm with fuzzy logic for DoS/DDoS mitigation on SDN networks. IEEE Access, 5:9485–9496.
Chen, I.-R., Guo, J., Wang, D.-C., Tsai, J. J., Al-Hamadi, H., and You, I. (2018). Trust as a Service for IoT Service Management in Smart Cities. In 2018 IEEE 20th International Conference on High Performance Computing and Communications., pages 1358–1365. IEEE.
de Oliveira, G. H., de Souza Batista, A., Nogueira, M., and dos Santos, A. L. (2022). An access control for iot based on network community perception and social trust against sybil attacks. International Journal of Network Management, 32(1):e2181.
El-hajj, M., Fadlallah, A., Chamoun, M., and Serhrouchni, A. (2019). A survey of internet of things (IoT) authentication schemes. Sensors, 19(5):1141.
Gebrie, M. T. and Abie, H. (2017). Risk-based adaptive authentication for internet of things in smart home ehealth. In Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings, pages 102–108.
Gwak, B., Cho, J. H., Lee, D., and Son, H. (2018). TARAS: Trust-Aware Role-Based Access Control System in Public Internet-of-Things. 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pages 74–85.
Hamdi, M. and Abie, H. (2014). Game-based adaptive security in the internet of things for eHealth. In 2014 IEEE International Conference on Communications (ICC). IEEE.
Hayashi, E., Das, S., Amini, S., Hong, J., and Oakley, I. (2013). Casa: context-aware scalable authentication. In Proc. of the Ninth Symposium on Usable Privacy and Security, pages 1–10.
Huertas Celdrán, A., Gil Pérez, M., García Clemente, F. J., and Martínez Pérez, G. (2019). Towards the autonomous provision of self-protection capabilities in 5G networks. Journal of Ambient Intelligence and Humanized Computing, 10(12):4707–4720.
Jafarian, B., Yazdani, N., and Haghighi, M. S. (2020). Discrimination-aware trust management for social internet of things. Computer Networks, 178:107254.
Marche, C., Atzori, L., and Nitti, M. (2018). A dataset for performance analysis of the social internet of things. In 2018 IEEE 29th Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), pages 1–5. IEEE.
Morabito, R. and Jimenez, J. (2020). IETF protocol suite for the internet of things: Overview and recent advancements. IEEE Communications Standards Magazine, 4(2):41–49.
Patwary, A. A.-N., Fu, A., Naha, R. K., Battula, S. K., Garg, S., Patwary, M. A. K., and Aghasian, E. (2020). Authentication, access control, privacy, threats and trust management towards securing fog computing environments: A review. arXiv preprint arXiv:2003.00395.
Qin, W., Chen, S., and Peng, M. (2020). Recent advances in industrial internet: insights and challenges. Digital Communications and Networks, 6(1):1–13.
Sylla, T., Chalouf, M. A., Krief, F., and Samaké, K. (2020). Towards a context-aware security and privacy as a service in the internet of things. In IFIP Info Security Theory and Practice.
Tan, S., Liu, Y., Li, X., and Dong, Q. (2016). A similarity-based indirect trust model with antispoofing capability. Security and Communication Networks, 9(18):5868–5881.
Published
2022-05-23
How to Cite
MORAES, Yan Uehara de; PEDROSO, Carlos; NOGUEIRA, José Marcos; SANTOS, Aldri.
Gerência de Autenticação de Dispositivos IoT Adaptativa Aos Ambientes Urbanos Apoiada em Políticas e Confiança Social. In: BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 40. , 2022, Fortaleza.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 84-97.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2022.221966.
