Next Article in Journal
Inaudibility of k-D’Atri Properties
Next Article in Special Issue
A Lightweight and Provable Secured Certificateless Signcryption Approach for Crowdsourced IIoT Applications
Previous Article in Journal
A Hybrid Data Hiding Method for Strict AMBTC Format Images with High-Fidelity
Previous Article in Special Issue
A Novel Lattice-Based CP-ABPRE Scheme for Cloud Sharing
Open AccessArticle

Security-Oriented Architecture for Managing IoT Deployments

1
DETI/IEETA, University of Aveiro, 3810-193 Aveiro, Portugal
2
ESTGA/IEETA, University of Aveiro, 3810-193 Aveiro, Portugal
3
IEETA, University of Aveiro, 3810-193 Aveiro, Portugal
*
Author to whom correspondence should be addressed.
Symmetry 2019, 11(10), 1315; https://doi.org/10.3390/sym11101315
Received: 16 September 2019 / Revised: 8 October 2019 / Accepted: 15 October 2019 / Published: 19 October 2019
Assuring security and privacy is one of the key issues affecting the Internet of Things (IoT), mostly due to its distributed nature. Therefore, for the IoT to thrive, this problem needs to be tackled and solved. This paper describes a security-oriented architecture for managing IoT deployments. Our main goal was to deal with a fine-grained control in the access to IoT data and devices, to prevent devices from being manipulated by attackers and to avoid information leaking from IoT devices to unauthorized recipients. The access control is split: the management of authentication and access control policies is centered on special components (Authentication, Authorization, and Accounting Controllers), which can be distributed or centralized, and the actual enforcement of access control decisions happens on the entities that stay in the path to the IoT devices (Gateways and Device Drivers). The authentication in the entire system uses asymmetric cryptography and pre-distributed unique identifiers derived from public keys; no Public Key Infrastructure (PKI) is used. A Kerberos-like ticket-based approach is used to establish secure sessions. View Full-Text
Keywords: Internet of Things; authentication; authorization; access control; secure communication; privacy; pseudonymity Internet of Things; authentication; authorization; access control; secure communication; privacy; pseudonymity
Show Figures

Figure 1

MDPI and ACS Style

Zúquete, A.; Gomes, H.; Amaral, J.; Oliveira, C. Security-Oriented Architecture for Managing IoT Deployments. Symmetry 2019, 11, 1315.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop