The challenges posed by the Internet of Things (IoT) render existing security measures ineffective against emerging networks and devices. These challenges include heterogeneity, operation in open environments, and scalability. In this paper, we propose SST (Secure Swarm Toolkit), an open-source toolkit for construction and deployment of an authorization service infrastructure for the IoT. The infrastructure uses distributed local authorization entities, which provide authorization services that can address heterogeneous security requirements and resource constraints in the IoT. The authorization services can be accessed by network entities through software interfaces provided by SST, called accessors. The accessors enable IoT developers to readily integrate their devices with authorization services without needing to manage cryptographic keys and operations. To rigorously show that SST provides necessary security guarantees, we have performed a formal security analysis using an automated verification tool. In addition, we demonstrate the scalability of our approach with a mathematical analysis, as well as experiments to evaluate security overhead of network entities under different security profiles supported by SST.
Friday, April 21, 2017
Professor Edward A. Lee, along with co-authors Hokeun Kim and David Broman, won the BEST PAPER AWARD for their paper A Toolkit for Construction of Authorization Service Infrastructure for the Internet of Things yesterday at the 2nd ACM/IEEE International Conference on Internet-of-Things Design and Implementation (IoTDI), held in conjunction with CPS Week in Pittsburgh April 18-21.