AdC: um Mecanismo de Controle de Acesso para o Ciclo de Vida das Coisas Inteligentes
Abstract
In this paper, we present AdC, a suite of protocols to incorporate authentication and access control for devices in the Internet of Things. AdC relies on cryptographic primitives from the state of the art to enforce an IoT-adequate access control scheme. AdC makes it possible to add new devices to Domestic domains in a wireless and authenticated way. AdC also allows devices from different domains to establish a trust relationship, making possible their inter-operation. To validate our solution, we have developed an AdC prototype for Android smartphones and evaluated the most resource-consuming cryptographic schemes over more constrained devices.
References
Aranha, D. F. and Gouvêa, C. P. L. RELIC is an Efficient LIbrary for Cryptography. https://github.com/relic-toolkit/relic.
Ashton, K. (2009). That ’Internet of Things’ Thing. RFiD Journal, 22:97–114.
Barreto, P. S. L. M. and Naehrig, M. (2005). Pairing-friendly Elliptic Curves of Prime Order. In SAC.
Bethencourt, J., Sahai, A., and Waters, B. (2007). Ciphertext-policy Attribute-based Encryption. In S&P.
Boneh, D. and Franklin, M. K. (2001). Identity-Based Encryption from the Weil Pairing. In CRYPTO.
Cao, X., Kou, W., Dang, L., and Zhao, B. (2008). IMBAS: Identity-based Multi-user Broadcast Authentication in Wireless Sensor Networks. Computer Communications, 31(4):659 – 667.
Cremers, C. (2008). The scyther tool: Verification, falsification, and analysis of security protocols. In CAV.
Goyal, V., Pandey, O., Sahai, A., and Waters, B. (2006). Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data. In CCS.
Liang, C.-J. M., Karlsson, B. F., Lane, N. D., Zhao, F., Zhang, J., Pan, Z., Li, Z., and Yu, Y. (2015). SIFT: Building an Internet of Safe Things. In IPSN.
Liu, D., Ning, P., and Li, R. (2005). Establishing Pairwise Keys in Distributed Sensor Networks. TISSEC.
Maji, H. K., Prabhakaran, M., and Rosulek, M. (2008). Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance. IACR Cryptology ePrint Archive, 2008:328.
Margi, C., Simplicio, M., Barreto, P., and Carvalho, T. (2009). Segurança em redes de sensores sem fio. Minicursos: SBSeg.
Markmann, T., Schmidt, T. C., and Wählisch, M. (2015). Federated End-to-End Authentication for the Constrained Internet of Things Using IBC and ECC. In SIGCOMM.
McCullagh, N. and Barreto, P. S. L. M. (2005). A New Two-party Identity-based Authenticated Key Agreement. In CT-RSA.
Mora-Afonso, V., Caballero-Gil, P., and Molina-Gil, J. (2013). Strong Authentication on Smart Wireless Devices. In FGTC.
Oliveira, L. B. and Dahab, R. (2006). Pairing-based cryptography for sensor networks. In NCA.
Oliveira, L. B., Kansal, A., Priyantha, B., Goraczko, M., and Zhao, F. (2009). Secure-TWS: Authenticating Node to Multi-user Communication in Shared Sensor Networks. In IPSN.
Oliveira, L. B., Scott, M., Lopez, J., and Dahab, R. (2008). TinyPBC: Pairings for Authenticated Identity-Based Non-Interactive Key Distribution in Sensor Networks. In INSS.
Patil, H. K. and Szygenda, S. A. (2012). Security for Wireless Sensor Networks Using Identity- Based Cryptography. CRC Press.
Perrig, A., Szewczyk, R., Wen, V., Culler, D. E., and Tygar, J. D. (2001). SPINS: Security Protocols for Sensor Netowrks. In MobiCom.
Sakai, R., Ohgishi, K., and Kasahara, M. (2000). Cryptosystems Based on Pairing. In SCIS.
Shamir, A. (1984). Identity-based Cryptosystems and Signature Schemes. In CRYPTO.
Silva, B., da Silva Jr, D. C., Souza, E. M., Pereira, F., Teixeira, F.,Wong, H. C., Nazaré, H., Maffra, I., Freire, J., Santos, W. F., et al. (2013). Segurança de software em sistemas embarcados: Ataques & defesas. Minicursos: SBSeg.
Stinson, D. (2002). Cryptography: Theory and Practice. CRC/C&H.
Venkatraman, L. and Agrawal, D. P. (2002). A novel authentication scheme for ad hoc networks. In WCNC.
Wangham, M. S., Domenech, M. C., and de Mello, E. R. (2013). Infraestrutura de autenticação e de autorização para internet das coisas. Minicursos: SBSeg.
Yavuz, A. A. (2013). ETA: Efficient and Tiny and Authentication for Heterogeneous Wireless Systems. In WiSec.
Yuan, E. and Tong, J. (2005). Attributed Based Access Control (ABAC) for Web Services. In ICWS.
Zhou, L. and Haas, Z. J. (1999). Securing Ad Hoc Networks. IEEE Network, 13(6):24–30.
Zhu, S., Setia, S., and Jajodia, S. (2003). LEAP: Efficient Security Mechanisms for Large-scale Distributed Sensor Networks. In CCS.
Ashton, K. (2009). That ’Internet of Things’ Thing. RFiD Journal, 22:97–114.
Barreto, P. S. L. M. and Naehrig, M. (2005). Pairing-friendly Elliptic Curves of Prime Order. In SAC.
Bethencourt, J., Sahai, A., and Waters, B. (2007). Ciphertext-policy Attribute-based Encryption. In S&P.
Boneh, D. and Franklin, M. K. (2001). Identity-Based Encryption from the Weil Pairing. In CRYPTO.
Cao, X., Kou, W., Dang, L., and Zhao, B. (2008). IMBAS: Identity-based Multi-user Broadcast Authentication in Wireless Sensor Networks. Computer Communications, 31(4):659 – 667.
Cremers, C. (2008). The scyther tool: Verification, falsification, and analysis of security protocols. In CAV.
Goyal, V., Pandey, O., Sahai, A., and Waters, B. (2006). Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data. In CCS.
Liang, C.-J. M., Karlsson, B. F., Lane, N. D., Zhao, F., Zhang, J., Pan, Z., Li, Z., and Yu, Y. (2015). SIFT: Building an Internet of Safe Things. In IPSN.
Liu, D., Ning, P., and Li, R. (2005). Establishing Pairwise Keys in Distributed Sensor Networks. TISSEC.
Maji, H. K., Prabhakaran, M., and Rosulek, M. (2008). Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance. IACR Cryptology ePrint Archive, 2008:328.
Margi, C., Simplicio, M., Barreto, P., and Carvalho, T. (2009). Segurança em redes de sensores sem fio. Minicursos: SBSeg.
Markmann, T., Schmidt, T. C., and Wählisch, M. (2015). Federated End-to-End Authentication for the Constrained Internet of Things Using IBC and ECC. In SIGCOMM.
McCullagh, N. and Barreto, P. S. L. M. (2005). A New Two-party Identity-based Authenticated Key Agreement. In CT-RSA.
Mora-Afonso, V., Caballero-Gil, P., and Molina-Gil, J. (2013). Strong Authentication on Smart Wireless Devices. In FGTC.
Oliveira, L. B. and Dahab, R. (2006). Pairing-based cryptography for sensor networks. In NCA.
Oliveira, L. B., Kansal, A., Priyantha, B., Goraczko, M., and Zhao, F. (2009). Secure-TWS: Authenticating Node to Multi-user Communication in Shared Sensor Networks. In IPSN.
Oliveira, L. B., Scott, M., Lopez, J., and Dahab, R. (2008). TinyPBC: Pairings for Authenticated Identity-Based Non-Interactive Key Distribution in Sensor Networks. In INSS.
Patil, H. K. and Szygenda, S. A. (2012). Security for Wireless Sensor Networks Using Identity- Based Cryptography. CRC Press.
Perrig, A., Szewczyk, R., Wen, V., Culler, D. E., and Tygar, J. D. (2001). SPINS: Security Protocols for Sensor Netowrks. In MobiCom.
Sakai, R., Ohgishi, K., and Kasahara, M. (2000). Cryptosystems Based on Pairing. In SCIS.
Shamir, A. (1984). Identity-based Cryptosystems and Signature Schemes. In CRYPTO.
Silva, B., da Silva Jr, D. C., Souza, E. M., Pereira, F., Teixeira, F.,Wong, H. C., Nazaré, H., Maffra, I., Freire, J., Santos, W. F., et al. (2013). Segurança de software em sistemas embarcados: Ataques & defesas. Minicursos: SBSeg.
Stinson, D. (2002). Cryptography: Theory and Practice. CRC/C&H.
Venkatraman, L. and Agrawal, D. P. (2002). A novel authentication scheme for ad hoc networks. In WCNC.
Wangham, M. S., Domenech, M. C., and de Mello, E. R. (2013). Infraestrutura de autenticação e de autorização para internet das coisas. Minicursos: SBSeg.
Yavuz, A. A. (2013). ETA: Efficient and Tiny and Authentication for Heterogeneous Wireless Systems. In WiSec.
Yuan, E. and Tong, J. (2005). Attributed Based Access Control (ABAC) for Web Services. In ICWS.
Zhou, L. and Haas, Z. J. (1999). Securing Ad Hoc Networks. IEEE Network, 13(6):24–30.
Zhu, S., Setia, S., and Jajodia, S. (2003). LEAP: Efficient Security Mechanisms for Large-scale Distributed Sensor Networks. In CCS.
Published
2016-11-07
How to Cite
MAIA NETO, Antonio L. et al.
AdC: um Mecanismo de Controle de Acesso para o Ciclo de Vida das Coisas Inteligentes. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 16. , 2016, Niterói.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2016
.
p. 44-57.
DOI: https://doi.org/10.5753/sbseg.2016.19297.
