Next Article in Journal
Joint Optimization of Deep Neural Network-Based Dereverberation and Beamforming for Sound Event Detection in Multi-Channel Environments
Next Article in Special Issue
Fast Number Theoretic Transform for Ring-LWE on 8-bit AVR Embedded Processor
Previous Article in Journal
PEDOT:PSS-Based Conductive Textiles and Their Applications
Previous Article in Special Issue
CAPTCHA Image Generation: Two-Step Style-Transfer Learning in Deep Neural Networks
 
Search for Articles:
Title / Keyword
Author / Affiliation
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
Journals
Sensors
Volume 20
Issue 7
10.3390/s20071882
sensors-logo
Submit to this Journal Review for this Journal Edit a Special Issue
Article Menu

Article Menu

share announcement question_answer thumb_up
...
textsms
...
Article

Security Architecture for Defining and Enforcing Security Profiles in DLT/SDN-Based IoT Systems

by
Sara N. Matheu
1,*,
Alberto Robles Enciso
1,
Alejandro Molina Zarca
1,
Dan Garcia-Carrillo
2,
José Luis Hernández-Ramos
3,
Jorge Bernal Bernabe
1 and
Antonio F. Skarmeta
1
1
Department of Information and Communications Engineering, University of Murcia, 30100 Murcia, Spain
2
Odin Solutions, Department of Research and Innovation, Alcantarilla, 30820 Murcia, Spain
3
European Commission, Joint Research Centre, 21027 Ispra, Italy
*
Author to whom correspondence should be addressed.
Sensors 2020, 20(7), 1882; https://doi.org/10.3390/s20071882
Received: 26 February 2020 / Revised: 18 March 2020 / Accepted: 25 March 2020 / Published: 28 March 2020
(This article belongs to the Special Issue Selected papers from WISA 2019)
View Full-Text Download PDF
Browse Figures

Abstract

Despite the advantages that the Internet of Things (IoT) will bring to our daily life, the increasing interconnectivity, as well as the amount and sensitivity of data, make IoT devices an attractive target for attackers. To address this issue, the recent Manufacturer Usage Description (MUD) standard has been proposed to describe network access control policies in the manufacturing phase to protect the device during its operation by restricting its communications. In this paper, we define an architecture and process to obtain and enforce the MUD restrictions during the bootstrapping of a device. Furthermore, we extend the MUD model with a flexible policy language to express additional aspects, such as data privacy, channel protection, and resource authorization. For the enforcement of such enriched behavioral profiles, we make use of Software Defined Networking (SDN) techniques, as well as an attribute-based access control approach by using authorization credentials and encryption techniques. These techniques are used to protect devices’ data, which are shared through a blockchain platform. The resulting approach was implemented and evaluated in a real scenario, and is intended to reduce the attack surface of IoT deployments by restricting devices’ communication before they join a certain network. View Full-Text
Keywords: internet of things; security; SDN; MUD; blockchain; security policies internet of things; security; SDN; MUD; blockchain; security policies
Show Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited
SciFeed

Share and Cite

MDPI and ACS Style

Matheu, S.N.; Robles Enciso, A.; Molina Zarca, A.; Garcia-Carrillo, D.; Hernández-Ramos, J.L.; Bernal Bernabe, J.; Skarmeta, A.F. Security Architecture for Defining and Enforcing Security Profiles in DLT/SDN-Based IoT Systems. Sensors 2020, 20, 1882. https://doi.org/10.3390/s20071882

AMA Style

Matheu SN, Robles Enciso A, Molina Zarca A, Garcia-Carrillo D, Hernández-Ramos JL, Bernal Bernabe J, Skarmeta AF. Security Architecture for Defining and Enforcing Security Profiles in DLT/SDN-Based IoT Systems. Sensors. 2020; 20(7):1882. https://doi.org/10.3390/s20071882

Chicago/Turabian Style

Matheu, Sara N., Alberto Robles Enciso, Alejandro Molina Zarca, Dan Garcia-Carrillo, José L. Hernández-Ramos, Jorge Bernal Bernabe, and Antonio F. Skarmeta. 2020. "Security Architecture for Defining and Enforcing Security Profiles in DLT/SDN-Based IoT Systems" Sensors 20, no. 7: 1882. https://doi.org/10.3390/s20071882

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Metrics

Article Access Map by Country/Region

1
Back to TopTop