Visible to the public Biblio

Filters: Keyword is public key infrastructure (pki)  [Clear All Filters]
2023-02-03
Sudarsan, Sreelakshmi Vattaparambil, Schelén, Olov, Bodin, Ulf, Nyström, Nicklas.  2022.  Device Onboarding in Eclipse Arrowhead Using Power of Attorney Based Authorization. 2022 IEEE 27th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD). :26–32.
Large-scale onboarding of industrial cyber physical systems requires efficiency and security. In situations with the dynamic addition of devices (e.g., from subcontractors entering a workplace), automation of the onboarding process is desired. The Eclipse Arrowhead framework, which provides a platform for industrial automation, requires reliable, flexible, and secure device onboarding to local clouds. In this paper, we propose a device onboarding method in the Arrowhead framework where decentralized authorization is provided by Power of Attorney. The model allows users to subgrant power to trusted autonomous devices to act on their behalf. We present concepts, an implementation of the proposed system, and a use case for scalable onboarding where Powers of Attorney at two levels are used to allow a subcontractor to onboard its devices to an industrial site. We also present performance evaluation results.
ISSN: 2378-4873
2017-04-24
Uda, Satoshi, Shikida, Mikifumi.  2016.  Challenges of Deploying PKI Based Client Digital Certification. Proceedings of the 2016 ACM on SIGUCCS Annual Conference. :55–60.

We are confronted with the threat from the theft of user-id / password information caused by phishing attacks. Now authentication by using the user-id and password is no longer safe. We can use the PKI-based authentication as a safer authentication mechanism. In our university, Japan Advanced Institute of Science and Technology (JAIST), we deployed On Demand Digital Certificate Issuing System for our users, and employ the PKI-based client certificates for log-on to web application, connecting to wireless network (including eduroam), using VPN service, and email sender signing. In addition, National In-stitute of Information (NII), which are providing common ICT infrastructure services for Japanese universities and institutes, started a service to issue client certificates in this year. So use of the electronic certificates will become more popular within a few years in Japan. However, there are not so enough cases deploying the electronic certificate based authentication in University infrastructure, we still has many tips and issues on operating this. In this paper, we introduce the use case of the electronic certificate in JAIST, the challenges and issues, and consider the future prospects.