KESIC: Kerberos Extensions for Smart, IoT and CPS Devices
- URL: http://arxiv.org/abs/2407.04880v2
- Date: Wed, 17 Jul 2024 04:29:18 GMT
- Title: KESIC: Kerberos Extensions for Smart, IoT and CPS Devices
- Authors: Renascence Tarafder Prapty, Sashidhar Jakkamsetti, Gene Tsudik,
- Abstract summary: Kerberos is not directly suitable for IoT devices due to its heavy-weight protocols and the resource-constrained nature of the devices.
This paper presents KESIC, a system that enables efficient and secure multi-user access for IoT devices.
- Score: 11.898833102736255
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: Secure and efficient multi-user access mechanisms are increasingly important for the growing number of Internet of Things (IoT) devices being used today. Kerberos is a well-known and time-tried security authentication and access control system for distributed systems wherein many users securely access various distributed services. Traditionally, these services are software applications or devices, such as printers. However, Kerberos is not directly suitable for IoT devices due to its relatively heavy-weight protocols and the resource-constrained nature of the devices. This paper presents KESIC, a system that enables efficient and secure multi-user access for IoT devices. KESIC aims to facilitate mutual authentication of IoT devices and users via Kerberos without modifying the latter's protocols. To facilitate that, KESIC includes a special Kerberized service, called IoT Server, that manages access to IoT devices. KESIC presents two protocols for secure and comprehensive multi-user access system for two types of IoT devices: general and severely power constrained. In terms of performance, KESIC onsumes $\approx~47$ times less memory, and incurs $\approx~135$ times lower run-time overhead than Kerberos.
Related papers
- Intelligent Detection of Non-Essential IoT Traffic on the Home Gateway [45.70482328441101]
This work presents ML-IoTrim, a system for detecting and mitigating non-essential IoT traffic by analyzing network behavior at the edge.
We test our framework in a consumer smart home setup with IoT devices from five categories, demonstrating that the model can accurately identify and block non-essential traffic.
This research advances privacy-aware traffic control in smart homes, paving the way for future developments in IoT device privacy.
arXiv Detail & Related papers (2025-04-22T09:40:05Z) - OTA-Key: Over the Air Key Management for Flexible and Reliable IoT Device Provision [18.700561665322905]
IoT vendors frequently assign shared keys to batches of devices.
This practice can expose devices to risks, such as data theft by attackers.
We propose the OTA-Key scheme to address this issue.
arXiv Detail & Related papers (2024-12-16T08:50:00Z) - ASOP: A Sovereign and Secure Device Onboarding Protocol for Cloud-based IoT Services [1.4732811715354452]
ASOP is a sovereign and secure protocol for IoT devices without blindly trusting the device manufacturer, supply chain, and cloud service provider.
Our zero-trust' and human-in-the-loop' approach guarantees that the device owner does not remain at the mercy of third-party infrastructures.
arXiv Detail & Related papers (2024-03-18T15:45:14Z) - zk-IoT: Securing the Internet of Things with Zero-Knowledge Proofs on Blockchain Platforms [0.0]
This paper introduces the zk-IoT framework, a novel approach to enhancing the security of Internet of Things (IoT) ecosystems.
Our framework ensures the integrity of firmware execution and data processing in potentially compromised IoT devices.
arXiv Detail & Related papers (2024-02-13T09:34:23Z) - Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
This paper provides a classification of IoT malware.
Major targets and used exploits for attacks are identified and referred to the specific malware.
The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
arXiv Detail & Related papers (2023-12-01T16:10:43Z) - A Lightweight and Secure PUF-Based Authentication and Key-exchange Protocol for IoT Devices [0.0]
Device Authentication and Key exchange are major challenges for the Internet of Things.
PUF appears to offer a practical and economical security mechanism in place of typically sophisticated cryptosystems like PKI and IBE.
We present a system in which the IoT device does not require a continuous active internet connection to communicate with the server in order to Authenticate itself.
arXiv Detail & Related papers (2023-11-07T15:42:14Z) - IoTScent: Enhancing Forensic Capabilities in Internet of Things Gateways [45.44831696628473]
This paper presents IoTScent, an open-source forensic tool that enables IoT gateways and Home Automation platforms to perform IoT traffic capture and analysis.
IoTScent is specifically designed to operate over IEEE5.4-based traffic, which is the basis for many IoT-specific protocols such as Zigbee, 6LoWPAN and Thread.
This work provides a comprehensive description of the IoTScent tool, including a practical use case that demonstrates the use of the tool to perform device identification from Zigbee traffic.
arXiv Detail & Related papers (2023-10-05T09:10:05Z) - SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes.
SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices.
We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
arXiv Detail & Related papers (2023-09-26T08:11:38Z) - Caveat (IoT) Emptor: Towards Transparency of IoT Device Presence (Full Version) [12.842258850026878]
Hidden IoT devices can snoop (via sensing) on nearby unsuspecting users, and impact the environment where unaware users are present, via actuation.
This paper constructs a privacy-agileuation RootofTrust architecture for devices, called PAISA.
It guarantees timely and secure announcements about IoT devices' presence and their capabilities.
arXiv Detail & Related papers (2023-09-07T09:08:31Z) - IoT Device Identification Based on Network Communication Analysis Using
Deep Learning [43.0717346071013]
The risk of attacks on an organization's network has increased due to the growing use of less secure IoT devices.
To tackle this threat and protect their networks, organizations generally implement security policies in which only white listed IoT devices are allowed on the network.
In this research, deep learning is applied to network communication for the automated identification of IoT devices permitted on the network.
arXiv Detail & Related papers (2023-03-02T13:44:58Z) - Technical Report-IoT Devices Proximity Authentication In Ad Hoc Network
Environment [0.0]
Internet of Things (IoT) is a distributed communication technology system that offers the possibility for physical devices to connect and exchange data.
authentication to the IoT devices is essential as it is the first step in preventing any negative impact of possible attackers.
This paper implements an IoT devices authentication scheme based on something that is in the IoT devices environment.
arXiv Detail & Related papers (2022-10-01T03:07:42Z) - Smart Home, security concerns of IoT [91.3755431537592]
The IoT (Internet of Things) has become widely popular in the domestic environments.
People are renewing their homes into smart homes; however, the privacy concerns of owning many Internet connected devices with always-on environmental sensors remain insufficiently addressed.
Default and weak passwords, cheap materials and hardware, and unencrypted communication are identified as the principal threats and vulnerabilities of IoT devices.
arXiv Detail & Related papers (2020-07-06T10:36:11Z) - IoT Device Identification Using Deep Learning [43.0717346071013]
The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers.
The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks.
In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
arXiv Detail & Related papers (2020-02-25T12:24:49Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.