Resilient Authentication and Authorization for the Internet of Things (Iot) Using Edge Computing
Author(s): Hokeun Kim, Eunsuk Kang, David Broman, and Edward A. Lee
Citation
Hokeun Kim, Eunsuk Kang, David Broman, and Edward A. Lee. "Resilient Authentication and Authorization for the Internet of Things (Iot) Using Edge Computing". ACM Transactions on Internet of Things, 1(1):4, February 2020.
Abstract
An emerging type of network architecture called edge computing has the potential to improve the availability and resilience of IoT services under anomalous situations such as network failures or denial-of-service (DoS) attacks. However, relatively little has been explored on the problem of ensuring availability even when edge computers that provide key security services (e.g., authentication and authorization) become unavailable themselves. This article proposes a resilient authentication and authorization framework to enhance the availability of IoT services under DoS attacks or failures. The proposed approach leverages a technique called secure migration, which allows an IoT device to migrate to another trusted edge computer when its own local authorization service becomes unavailable. Specifically, we describe the design of a secure migration framework and its supporting mechanisms, including (1) automated migration policy construction and (2) protocols for preparing and executing the secure migration. We formalize secure migration policy construction as an integer linear programming (ILP) problem and show its effectiveness using a case study on smart buildings, where the proposed solution achieves significantly higher availability under simulated attacks on authorization services.
Citation Formats
-
HTML
Hokeun Kim, Eunsuk Kang, David Broman, and Edward A. Lee. "<a href="https://www.icyphy.org/publications/2020_KimEtAl/">Resilient Authentication and Authorization for the Internet of Things (Iot) Using Edge Computing</a>". <i>ACM Transactions on Internet of Things</i>, 1(1):4, February 2020. -
Plain Text
Hokeun Kim, Eunsuk Kang, David Broman, and Edward A. Lee. "Resilient Authentication and Authorization for the Internet of Things (Iot) Using Edge Computing". ACM Transactions on Internet of Things, 1(1):4, February 2020. -
BibTeX
@article{KimEtAl:20:Authentication, author = {Hokeun Kim, Eunsuk Kang, David Broman, and Edward A. Lee}, title = {Resilient Authentication and Authorization for the Internet of Things (Iot) Using Edge Computing},
journal = {ACM Transactions on Internet of Things},
volume = {1},
number = {1},
pages = {4},
month = {February},
year = {2020},
abstract = {An emerging type of network architecture called edge computing has the potential to improve the availability and resilience of IoT services under anomalous situations such as network failures or denial-of-service (DoS) attacks. However, relatively little has been explored on the problem of ensuring availability even when edge computers that provide key security services (e.g., authentication and authorization) become unavailable themselves. This article proposes a resilient authentication and authorization framework to enhance the availability of IoT services under DoS attacks or failures. The proposed approach leverages a technique called secure migration, which allows an IoT device to migrate to another trusted edge computer when its own local authorization service becomes unavailable. Specifically, we describe the design of a secure migration framework and its supporting mechanisms, including (1) automated migration policy construction and (2) protocols for preparing and executing the secure migration. We formalize secure migration policy construction as an integer linear programming (ILP) problem and show its effectiveness using a case study on smart buildings, where the proposed solution achieves significantly higher availability under simulated attacks on authorization services.}, URL = {https://www.icyphy.org/publications/2020_KimEtAl/} }