Security for Ubiquitous Internet-Connected Smart Objects
Loading...
URL
Journal Title
Journal ISSN
Volume Title
School of Science |
Doctoral thesis (article-based)
| Defence date: 2017-01-20
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
Authors
Date
2016
Major/Subject
Mcode
Degree programme
Language
en
Pages
113 + app. 69
Series
Aalto University publication series DOCTORAL DISSERTATIONS, 278/2016
Abstract
Ubiquitous computing, also called the Internet of Things (IoT), is rapidly transforming our lives and our society. The vision of an interconnected world where physical devices are seamlessly integrated into the Internet is becoming a reality. The emergence of low-cost microcontrollers, energy-efficient wireless communications, and embedded sensors and actuators has transformed everyday devices into connected smart objects that can understand and react to their environment. These devices include both resource-constrained battery-operated devices, such as body sensors, and more powerful Internet-connected appliances, such as televisions and cameras. However, the security mechanisms for smart objects are still not ready for wide-scale deployment. There is additionally a concern that the existing solutions are not sufficiently usable for adoption in everyday devices, which often have very limited user interfaces. In this dissertation, we develop new secure deployment and communication methods for connected smart objects that are simple, user-friendly, and also energy efficient. We take into account the entire lifecycle of a smart object. We first build a secure and energy-efficient communication model that uses a proxy to serve data on behalf of sleeping resource-constrained smart objects, thereby allowing them to appear as always-online web servers. Next, we demonstrate how these smart objects can leverage the existing mobile network infrastructure to securely authenticate and communicate with Internet services. Thereafter, we study the deployment challenges of electronic displays. We found that deploying large numbers of ubiquitous displays is cumbersome as they need to be correctly configured to access both the Internet and online servers, despite their minimal input capabilities. In our secure bootstrapping solution, the displays show a bar code which, when scanned by the user, enables automatic configuration of the wireless network along with the online management service and content to be shown. For effortless deployment, we build our solution on standard protocols without requiring changes to the network infrastructure. Finally, we develop a solution for securely pairing mobile devices. Instead of relying on inconvenient user-entered codes, our solution uses an out-of-band (OOB) channel which is secret from anyone that is not physically present. The protocol development was motivated by the invention of a new human source for fuzzy secrets: synchronized drawing with two fingers of the same hand on two touch screens or surfaces. We show the feasibility of each of our proposed solutions with prototype implementation. Where relevant, we also provide experimental results confirming that our solutions incur minimal memory and computational overhead, while also being energy efficient and easy to use. Lastly, we actively contribute the research results to relevant standards bodies.Description
Supervising professor
Aura, Tuomas, Prof., Aalto University, Department of Computer Science, FinlandKeywords
IoT, ubiquitous computing, security, standards, bootstrapping
Other note
Parts
-
[Publication 1]: Mohit Sethi, Ari Keränen and Jari Arkko. End-to-end Security for Sleepy Smart Object Networks. In Proceedings of the 37th IEEE Conference on Local Computer Networks Workshops (LCN Work- shops), Clearwater, FL, pp. 964-972, ISBN 978-1-4673-2130-3, October 2012.
DOI: 10.1109/LCNW.2012.6424089 View at publisher
-
[Publication 2]: Mohit Sethi, Pranvera Kortoçi, Mario Di Francesco and Tuomas Aura. Secure and Low-Power Authentication for Resource- Constrained Devices. In Proceedings of the 5th International Conference on the Internet of Things (IoT 2015), Seoul, pp. 30-36, ISBN 978-1-4673-8058-4, October 2015.
DOI: 10.1109/IOT.2015.7356545 View at publisher
-
[Publication 3]: Mohit Sethi, Elena Oat, Mario Di Francesco and Tuomas Aura. Secure Bootstrapping of Cloud-Managed Ubiquitous Displays. Proceedings of the ACM International Joint Conference on Pervasive and Ubiquitous Computing (Ubicomp ’14), Seattle, WA, pp. 739-750, ISBN 978-1-4503-2968-2, September 2014.
DOI: 10.1145/2632048.2632049 View at publisher
-
[Publication 4]: Mohit Sethi, Maria Lijding, Mario Di Francesco and Tuomas Aura. Flexible Management of Cloud-Connected Digital Signage. In Proceedings of the 12th IEEE International Conference on Ubiquitous Intelligence and Computing (UIC), Beijing, pp. 205-212, ISBN 978- 1-4673-7211-4, August 2015.
DOI: 10.1109/UIC-ATC-ScalCom-CBDCom-IoP.2015.52 View at publisher
-
[Publication 5]: Mohit Sethi, Markku Antikainen and Tuomas Aura. Commitment-based device pairing with synchronized drawing. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications (PerCom), Budapest, pp. 181-189, ISBN 978-1- 4799-3445-4, March 2014.
DOI: 10.1109/PerCom.2014.6813959 View at publisher
-
[Publication 6]: Markku Antikainen, Mohit Sethi, Sinisa Matetic and Tuomas Aura. Commitment-based device-pairing protocol with synchronized drawings and comparison metrics. Pervasive and Mobile Computing (PMC), Volume 16, Part B, pp. 205–219, ISSN 1574-1192, January 2015.
DOI: 10.1016/j.pmcj.2014.10.006 View at publisher