*banner
 

A Toolkit for Construction of Authorization Service Infrastructure for the Internet of Things
Hokeun Kim, Eunsuk Kang, Edward A. Lee, David Broman

Citation
Hokeun Kim, Eunsuk Kang, Edward A. Lee, David Broman. "A Toolkit for Construction of Authorization Service Infrastructure for the Internet of Things". Proceedings of the 2nd ACM/IEEE International Conference on Internet-of-Things Design and Implementation (IoTDI), 19, April, 2017; Winner of the Best Paper Award, presented during CPS Week, 2017, Pittsburgh, PA.

Abstract
The challenges posed by the Internet of Things (IoT) render existing security measures ineffective against emerging networks and devices. These challenges include heterogeneity, operation in open environments, and scalability. In this paper, we propose SST (Secure Swarm Toolkit), an open-source toolkit for construction and deployment of an authorization service infrastructure for the IoT. The infrastructure uses distributed local authorization entities, which provide authorization services that can address heterogeneous security requirements and resource constraints in the IoT. The authorization services can be accessed by network entities through software interfaces provided by SST, called accessors. The accessors enable IoT developers to readily integrate their devices with authorization services without needing to manage cryptographic keys and operations. To rigorously show that SST provides necessary security guarantees, we have performed a formal security analysis using an automated verification tool. In addition, we demonstrate the scalability of our approach with a mathematical analysis, as well as experiments to evaluate security overhead of network entities under different security profiles supported by SST.

Electronic downloads

Citation formats  
  • HTML
    Hokeun Kim, Eunsuk Kang, Edward A. Lee, David Broman. <a
    href="http://chess.eecs.berkeley.edu/pubs/1187.html"
    >A Toolkit for Construction of Authorization Service
    Infrastructure for the Internet of Things</a>,
    Proceedings of the 2nd ACM/IEEE International Conference on
    Internet-of-Things Design and Implementation (IoTDI), 19,
    April, 2017; Winner of the <b>Best Paper
    Award</b>, presented during CPS Week, 2017,
    Pittsburgh, PA.
  • Plain text
    Hokeun Kim, Eunsuk Kang, Edward A. Lee, David Broman.
    "A Toolkit for Construction of Authorization Service
    Infrastructure for the Internet of Things". Proceedings
    of the 2nd ACM/IEEE International Conference on
    Internet-of-Things Design and Implementation (IoTDI), 19,
    April, 2017; Winner of the <b>Best Paper
    Award</b>, presented during CPS Week, 2017,
    Pittsburgh, PA.
  • BibTeX
    @inproceedings{KimKangLeeBroman17_ToolkitForConstructionOfAuthorizationServiceInfrastructure,
        author = {Hokeun Kim and Eunsuk Kang and Edward A. Lee and
                  David Broman},
        title = {A Toolkit for Construction of Authorization
                  Service Infrastructure for the Internet of Things},
        booktitle = {Proceedings of the 2nd ACM/IEEE International
                  Conference on Internet-of-Things Design and
                  Implementation (IoTDI)},
        day = {19},
        month = {April},
        year = {2017},
        note = {Winner of the <b>Best Paper Award</b>, presented
                  during CPS Week, 2017, Pittsburgh, PA.},
        abstract = {The challenges posed by the Internet of Things
                  (IoT) render existing security measures
                  ineffective against emerging networks and devices.
                  These challenges include heterogeneity, operation
                  in open environments, and scalability. In this
                  paper, we propose SST (Secure Swarm Toolkit), an
                  open-source toolkit for construction and
                  deployment of an authorization service
                  infrastructure for the IoT. The infrastructure
                  uses distributed local authorization entities,
                  which provide authorization services that can
                  address heterogeneous security requirements and
                  resource constraints in the IoT. The authorization
                  services can be accessed by network entities
                  through software interfaces provided by SST,
                  called accessors. The accessors enable IoT
                  developers to readily integrate their devices with
                  authorization services without needing to manage
                  cryptographic keys and operations. To rigorously
                  show that SST provides necessary security
                  guarantees, we have performed a formal security
                  analysis using an automated verification tool. In
                  addition, we demonstrate the scalability of our
                  approach with a mathematical analysis, as well as
                  experiments to evaluate security overhead of
                  network entities under different security profiles
                  supported by SST.},
        URL = {http://chess.eecs.berkeley.edu/pubs/1187.html}
    }
    

Posted by Hokeun Kim on 26 Feb 2017.
Groups: chess
For additional information, see the Publications FAQ or contact webmaster at chess eecs berkeley edu.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.

©2002-2018 Chess