Securing Complex IoT Platforms with Token Based Access Control and Authenticated Key Establishment

Timothy Claeys 1 Franck Rousseau 1 Bernard Tourancheau 1
1 Drakkar
LIG - Laboratoire d'Informatique de Grenoble
Abstract : In this paper we propose a new authorization and authentication framework for the IoT that combines the security model of OAuth 1.0a with the lightweight building blocks of ACE. By designing self-securing tokens the security of the framework no longer depends on the security of the network stack. We use basic PKI functionalities to bootstrap a chain-of-trust between the devices which simplifies future token exchanges. Finally, we propose an alternate key establishment scheme for use cases where devices cannot directly communicate. We test our proposal by implementing the critical aspects on a STM32L4 microcontroller. The results indicate that our framework guarantees a strong level of security for IoT devices with basic asymmetric cryptography capabilities.
Keywords : Authorization Access tokens Key establishment Authentication
Type de document :
Communication dans un congrès
International Workshop on Secure Internet of Things (SIOT), Sep 2017, Oslo, Norway. 2017, 〈http://siot-workshop.org〉
Liste complète des métadonnées

Littérature citée [17 références]  Voir  Masquer  Télécharger
https://hal.archives-ouvertes.fr/hal-01596135
Contributeur : Franck Rousseau <>
Soumis le : vendredi 9 février 2018 - 13:38:19
Dernière modification le : mercredi 18 avril 2018 - 01:14:59

Fichier

siot_auth.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01596135, version 1

Collections

LIG_SRCPR | LIG_SRCPR_DRAKKAR | LIG | UGA | PERSYVAL-LAB

Citation

Timothy Claeys, Franck Rousseau, Bernard Tourancheau. Securing Complex IoT Platforms with Token Based Access Control and Authenticated Key Establishment. International Workshop on Secure Internet of Things (SIOT), Sep 2017, Oslo, Norway. 2017, 〈http://siot-workshop.org〉. 〈hal-01596135〉

Exporter

BibTeX TEI DC DCterms EndNote

Partager

Métriques

Consultations de la notice

126

Téléchargements de fichiers

75

Contact

support.ccsd.cnrs.fr
hal.support@ccsd.cnrs.fr
Logo CCSD