Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Delegation-based Authentication and Authorization for the IP-based Internet of Things
RWTH Aachen University, Germany.
RISE, Swedish ICT, SICS.
RISE, Swedish ICT, SICS, Security Lab.ORCID iD: 0000-0001-8192-0893
RISE, Swedish ICT, SICS, Computer Systems Laboratory.ORCID iD: 0000-0002-2586-8573
Show others and affiliations
2014 (English)Conference paper, Published paper (Refereed)
Abstract [en]

IP technology for resource-constrained devices enables transparent end-to-end connections between a vast variety of devices and services in the Internet of Things (IoT). To protect these connections, several variants of traditional IP security protocols have recently been proposed for standardization, most notably the DTLS protocol. In this paper, we identify significant resource requirements for the DTLS handshake when employing public-key cryptography for peer authentication and key agreement purposes. These overheads particularly hamper secure communication for memory-constrained devices. To alleviate these limitations, we propose a delegation architecture that offloads the expensive DTLS connection establishment to a delegation server. By handing over the established security context to the constrained device, our delegation architecture significantly reduces the resource requirements of DTLS-protected communication for constrained devices. Additionally, our delegation architecture naturally provides authorization functionality when leveraging the central role of the delegation server in the initial connection establishment. Hence, in this paper, we present a comprehensive, yet compact solution for authentication, authorization, and secure data transmission in the IP-based IoT. The evaluation results show that compared to a public-key-based DTLS handshake our delegation architecture reduces the memory overhead by 64 %, computations by 97 %, network transmissions by 68 %.

Place, publisher, year, edition, pages
2014, 9. p. 284-292
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:ri:diva-24312DOI: 10.1109/SAHCN.2014.6990364Scopus ID: 2-s2.0-84921046600OAI: oai:DiVA.org:ri-24312DiVA, id: diva2:1043392
Conference
11th IEEE International Conference on Sensing, Communication, and Networking (SECON'14)
Projects
PromosAvailable from: 2016-10-31 Created: 2016-10-31 Last updated: 2019-08-09Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Raza, ShahidVoigt, Thiemo

Search in DiVA

By author/editor
Raza, ShahidVoigt, Thiemo
By organisation
SICSSecurity LabComputer Systems Laboratory
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 6 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.7