Autenticação Federada para IoT Aplicada a um Sistema Automático de Estacionamento

Maria Santos; Jéssica Carneiro; Antônio Franco; Fernando Teixeira; Marco Henriques; Leonardo Oliveira

doi:10.5753/sbrc_estendido.2018.14166

Maria Santos UFMG
Jéssica Carneiro UFMG
Antônio Franco UFMG
Fernando Teixeira UFSJ
Marco Henriques UNICAMP
Leonardo Oliveira UFMG

DOI: https://doi.org/10.5753/sbrc_estendido.2018.14166

Abstract

One of the biggest challenges in the Internet of Things is to provide authentication to devices, especially considering the resource restriction and the potential mobility between different domains of these devices. We present a demonstration of FLAT, our federated authentication solution specially modeled to the IoT environment. In our demo, we apply FLAT to a real scenario: an automatic parking system. The use of only symmetric cryptographic primitives in the IoT Client and implicit certiﬁcates make FLAT a lightweight tool to the IoT environment, able to provide security and privacy in device authentication. This demonstration accompanies the paper "FLAT: A Federated Authentication Protocol for the Internet of Things", published in SBRC 2018.

References

Aranha, D. F. and Gouvêa, C. P. L. RELIC is an Efficient LIbrary for Cryptography. https://github.com/relic-toolkit/relic.

Atzori, L., Iera, A., and Morabito, G. (2010). The Internet of Things: A survey. Computer Networks, 54(15):2787 – 2805.

Brown, D. R., Gallant, R., and Vanstone, S. A. (2001). Provably Secure Implicit Certificate Schemes. In FC’01. Springer.

Cirani, S., Picone, M., Gonizzi, P., Veltri, L., and Ferrari, G. (2015). IoT-OAS: An OAuthbased Authorization Service Architecture for Secure Services in IoT Scenarios. IEEE Sensors Journal, 15(2):1224–1234.

Domenech, M. C., Boukerche, A., and Wangham, M. S. (2016). An Authentication and Authorization Infrastructure for the Web of Things. In Q2SWinet. ACM.

Fremantle, P. and Aziz, B. (2016). OAuthing: Privacy-enhancing Federation for the Internet of Things. In CIoT’16. IEEE.

Fremantle, P., Aziz, B., Kopeck´y, J., and Scott, P. (2014). Federated Identity and Access Management for the Internet of Things. In SIoT’14. IEEE.

Hong, J., Levy, A., and Levis, P. (2016). Demo: Building Comprehensible Access Control for the Internet of Things Using Beetle. In MobiSys’16. ACM.

Lopez, D. R., Macias, J., Molina, M., Rauschenbach, J., Solberg, A., and Stanica, M. (2006). Deliverable DJ5.2.3.1: Best Practice Guide – AAI Cookbook. Géant 2.

Santos, M. L. B. A., Carneiro, J. C., Franco, A. M. R., Teixeira, F. A., Henriques, M.

A. A., and Oliveira, L. B. (2018). FLAT: Um Protocolo de Autenticação Federada para a Internet das Coisas. In SBRC’18. SBC.

Shim, S. S., Bhalla, G., and Pendyala, V. (2005). Federated Identity Management. IEEE Computer, 38(12):120–122.

Silva, C. E. and Silva, G. C. (2017). Uma Proposta de Arquitetura para Autorizac¸ ˜ao Federada com Internet das Coisas. In SBSeg’17. SBC.

Suh, G. E. and Devadas, S. (2007). Physical Unclonable Functions for Device Authentication and Secret Key Generation. In 44th DAC. ACM.

Wangham, M. S., Mello, E. R. d., Souza, M. C., and Coelho, H. (2013). Gidlab: Laboratório de experimentaçao em gest˜ao de identidades. In SBSeg’13. SBC.

Windley, P. J. (2005). Digital Identity: Unmasking Identity Management Architecture (IMA). O’Reilly Media, Inc.

Witkovski, A., Santin, A., Abreu, V., and Marynowski, J. (2015). An IdM and Key-based Authentication Method for Providing Single Sign-On in IoT. In GLOBECOM. IEEE.