New paradigms for access control in constrained environments
Title | New paradigms for access control in constrained environments |
Publication Type | Conference Paper |
Year of Publication | 2014 |
Authors | Cherkaoui, A., Bossuet, L., Seitz, L., Selander, G., Borgaonkar, R. |
Conference Name | Reconfigurable and Communication-Centric Systems-on-Chip (ReCoSoC), 2014 9th International Symposium on |
Date Published | May |
Keywords | Access Control, access management framework, authentication, authorisation, Authorization, authorization scheme, Building automation, cellular connectivity, constrained M2M devices, constrained resource server, embedded subscriber identity module, eSIM, field programmable gate arrays, identity management framework, Internet of Things, interoperability, IoT, message authentication, mobile computing, open systems, Oscillators, physical unclonable functions, private key cryptography, PUF, reliability, SCADA, Servers, standard compliant security protocols, tamper-proof secret keys |
Abstract | The Internet of Things (IoT) is here, more than 10 billion units are already connected and five times more devices are expected to be deployed in the next five years. Technological standarization and the management and fostering of rapid innovation by governments are among the main challenges of the IoT. However, security and privacy are the key to make the IoT reliable and trusted. Security mechanisms for the IoT should provide features such as scalability, interoperability and lightness. This paper addresses authentication and access control in the frame of the IoT. It presents Physical Unclonable Functions (PUF), which can provide cheap, secure, tamper-proof secret keys to authentify constrained M2M devices. To be successfully used in the IoT context, this technology needs to be embedded in a standardized identity and access management framework. On the other hand, Embedded Subscriber Identity Module (eSIM) can provide cellular connectivity with scalability, interoperability and standard compliant security protocols. The paper discusses an authorization scheme for a constrained resource server taking advantage of PUF and eSIM features. Concrete IoT uses cases are discussed (SCADA and building automation). |
DOI | 10.1109/ReCoSoC.2014.6861362 |
Citation Key | 6861362 |
- Internet of Things
- tamper-proof secret keys
- standard compliant security protocols
- Servers
- SCADA
- Reliability
- PUF
- private key cryptography
- physical unclonable functions
- Oscillators
- open systems
- mobile computing
- message authentication
- IoT
- interoperability
- Access Control
- identity management framework
- field programmable gate arrays
- eSIM
- embedded subscriber identity module
- constrained resource server
- constrained M2M devices
- cellular connectivity
- Building automation
- authorization scheme
- authorization
- authorisation
- authentication
- access management framework