Securing Complex IoT Platforms with Token Based Access Control and Authenticated Key Establishment - DRAKKAR Accéder directement au contenu
Communication Dans Un Congrès Année : 2017

Securing Complex IoT Platforms with Token Based Access Control and Authenticated Key Establishment

Timothy Claeys
Franck Rousseau
Bernard Tourancheau

Résumé

In this paper we propose a new authorization and authentication framework for the IoT that combines the security model of OAuth 1.0a with the lightweight building blocks of ACE. By designing self-securing tokens the security of the framework no longer depends on the security of the network stack. We use basic PKI functionalities to bootstrap a chain-of-trust between the devices which simplifies future token exchanges. Finally, we propose an alternate key establishment scheme for use cases where devices cannot directly communicate. We test our proposal by implementing the critical aspects on a STM32L4 microcontroller. The results indicate that our framework guarantees a strong level of security for IoT devices with basic asymmetric cryptography capabilities.
Fichier principal
Vignette du fichier
siot_auth.pdf (246.03 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01596135 , version 1 (09-02-2018)

Identifiants

  • HAL Id : hal-01596135 , version 1

Citer

Timothy Claeys, Franck Rousseau, Bernard Tourancheau. Securing Complex IoT Platforms with Token Based Access Control and Authenticated Key Establishment. International Workshop on Secure Internet of Things (SIOT), Sep 2017, Oslo, Norway. ⟨hal-01596135⟩
383 Consultations
1496 Téléchargements

Partager

Gmail Facebook X LinkedIn More