No Arabic abstract
Ever since the advent of computing, managing data has been of extreme importance. With innumerable devices getting added to network infrastructure, there has been a proportionate increase in the data which needs to be stored. With the advent of Internet of Things (IOT) it is anticipated that billions of devices will be a part of the internet in another decade. Since those devices will be communicating with each other on a regular basis with little or no human intervention, plethora of real time data will be generated in quick time which will result in large number of log files. Apart from complexity pertaining to storage, it will be mandatory to maintain confidentiality and integrity of these logs in IOT enabled devices. This paper will provide a brief overview about how logs can be efficiently and securely stored in IOT devices.
This paper analyses the various authentication systems implemented for enhanced security and private re-position of an individuals log-in credentials. The first part of the paper describes the multi-factor authentication (MFA) systems, which, though not applicable to the field of Internet of Things, provides great security to a users credentials. MFA is followed by a brief description of the working mechanism of interaction of third party clients with private resources over the OAuth protocol framework and a study of the delegation based authentication system in IP-based IoT.
In the Internet-of-Things, the number of connected devices is expected to be extremely huge, i.e., more than a couple of ten billion. It is however well-known that the security for the Internet-of-Things is still open problem. In particular, it is difficult to certify the identification of connected devices and to prevent the illegal spoofing. It is because the conventional security technologies have advanced for mainly protecting logical network and not for physical network like the Internet-of-Things. In order to protect the Internet-of-Things with advanced security technologies, we propose a new concept (datachain layer) which is a well-designed combination of physical chip identification and blockchain. With a proposed solution of the physical chip identification, the physical addresses of connected devices are uniquely connected to the logical addresses to be protected by blockchain.
A secure downlink transmission system which is exposed to multiple eavesdroppers and is appropriate for Internet of Things (IoT) applications is considered. A worst case scenario is assumed, in the sense that, in order to enhance their interception ability all eavesdroppers are located close to each other, near the controller and collude to form joint receive beamforming. For such a system, a novel cooperative non-orthogonal multiple access (NOMA) secure transmission scheme for which an IoT device with a stronger channel condition acts as an energy harvesting relay in order to assist a second IoT device operating under weaker channel conditions, is proposed and its performance is analyzed and evaluated. A secrecy sum rate (SSR) maximization problem is formulated and solved under three constraints: i) Transmit power; ii) Successive interference cancellation; iii) Quality of Service. By considering both passive and active eavesdroppers scenarios, two optimization schemes are proposed to improve the overall system SSR. On the one hand, for the passive eavesdropper scenario, an artificial noise-aided secure beamforming scheme is proposed. Since this optimization problem is nonconvex, instead of using traditional but highly complex, bruteforce two-dimensional search, it is conveniently transformed into a convex one by using an epigraph reformulation. On the other hand, for the active multi-antennas eavesdroppers scenario, the orthogonal-projection-based beamforming scheme is considered, and by employing the successive convex approximation method, a suboptimal solution is proposed. Furthermore, since for single antenna transmission the orthogonal-projection-based scheme may not be applicable a simple power control scheme is proposed.
Authentication forms the gateway to any secure system. Together with integrity, confidentiality and authorization it helps in preventing any sort of intrusions into the system. Up until a few years back password based authentication was the most common form of authentication to any secure network. But with the advent of more sophisticated technologies this form of authentication although still widely used has become insecure. Furthermore, with the rise of Internet of Things where the number of devices would grow manifold it would be infeasible for user to remember innumerable passwords. Therefore, its important to address this concern by devising ways in which multiple forms of authentication would be required to gain access to any smart devices and at the same time its usability would be high. In this paper, a methodology is discussed as to what kind of authentication mechanisms could be deployed in internet of things (IOT).
Internet of Things (IoT) based applications face an increasing number of potential security risks, which need to be systematically assessed and addressed. Expert-based manual assessment of IoT security is a predominant approach, which is usually inefficient. To address this problem, we propose an automated security assessment framework for IoT networks. Our framework first leverages machine learning and natural language processing to analyze vulnerability descriptions for predicting vulnerability metrics. The predicted metrics are then input into a two-layered graphical security model, which consists of an attack graph at the upper layer to present the network connectivity and an attack tree for each node in the network at the bottom layer to depict the vulnerability information. This security model automatically assesses the security of the IoT network by capturing potential attack paths. We evaluate the viability of our approach using a proof-of-concept smart building system model which contains a variety of real-world IoT devices and potential vulnerabilities. Our evaluation of the proposed framework demonstrates its effectiveness in terms of automatically predicting the vulnerability metrics of new vulnerabilities with more than 90% accuracy, on average, and identifying the most vulnerable attack paths within an IoT network. The produced assessment results can serve as a guideline for cybersecurity professionals to take further actions and mitigate risks in a timely manner.