Visible to the public New paradigms for access control in constrained environments

TitleNew paradigms for access control in constrained environments
Publication TypeConference Paper
Year of Publication2014
AuthorsCherkaoui, A., Bossuet, L., Seitz, L., Selander, G., Borgaonkar, R.
Conference NameReconfigurable and Communication-Centric Systems-on-Chip (ReCoSoC), 2014 9th International Symposium on
Date PublishedMay
KeywordsAccess Control, access management framework, authentication, authorisation, Authorization, authorization scheme, Building automation, cellular connectivity, constrained M2M devices, constrained resource server, embedded subscriber identity module, eSIM, field programmable gate arrays, identity management framework, Internet of Things, interoperability, IoT, message authentication, mobile computing, open systems, Oscillators, physical unclonable functions, private key cryptography, PUF, reliability, SCADA, Servers, standard compliant security protocols, tamper-proof secret keys
Abstract

The Internet of Things (IoT) is here, more than 10 billion units are already connected and five times more devices are expected to be deployed in the next five years. Technological standarization and the management and fostering of rapid innovation by governments are among the main challenges of the IoT. However, security and privacy are the key to make the IoT reliable and trusted. Security mechanisms for the IoT should provide features such as scalability, interoperability and lightness. This paper addresses authentication and access control in the frame of the IoT. It presents Physical Unclonable Functions (PUF), which can provide cheap, secure, tamper-proof secret keys to authentify constrained M2M devices. To be successfully used in the IoT context, this technology needs to be embedded in a standardized identity and access management framework. On the other hand, Embedded Subscriber Identity Module (eSIM) can provide cellular connectivity with scalability, interoperability and standard compliant security protocols. The paper discusses an authorization scheme for a constrained resource server taking advantage of PUF and eSIM features. Concrete IoT uses cases are discussed (SCADA and building automation).

DOI10.1109/ReCoSoC.2014.6861362
Citation Key6861362