EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control
RISE - Research Institutes of Sweden, ICT, SICS. Technische Universität Darmstadt, Germany.
RISE - Research Institutes of Sweden, ICT, SICS. (Security Lab)ORCID iD: 0000-0001-8842-9810
Technische Universität Darmstadt, Germany.
Technische Universität Darmstadt, Germany.
Show others and affiliations
2018 (English)Conference paper, Published paper (Refereed)
Abstract [en]

The Authentication and Authorization for ConstrainedEnvironments (ACE) framework provides fine-grainedaccess control in the Internet of Things, where devices areresource-constrained and with limited connectivity. The ACEframework defines separate profiles to specify how exactlyentities interact and what security and communication protocolsto use. This paper presents the novel ACE IPsec profile, whichspecifies how a client establishes a secure IPsec channel witha resource server, contextually using the ACE framework toenforce authorized access to remote resources. The profilemakes it possible to establish IPsec Security Associations, eitherthrough their direct provisioning or through the standardIKEv2 protocol. We provide the first Open Source implementationof the ACE IPsec profile for the Contiki OS and testit on the resource-constrained Zolertia Firefly platform. Ourexperimental performance evaluation confirms that the IPsecprofile and its operating modes are affordable and deployablealso on constrained IoT platforms.
Place, publisher, year, edition, pages
2018. article id 8433209
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:ri:diva-35112DOI: 10.1109/CNS.2018.8433209Scopus ID: 2-s2.0-85052561250ISBN: 9781538645864 (print)OAI: oai:DiVA.org:ri-35112DiVA, id: diva2:1244962
Conference
6th IEEE Conference on Communications and Network Security, CNS 2018; Beijing; China; 30 May 2018 through 1 June 2018
Available from: 2018-09-03 Created: 2018-09-03 Last updated: 2025-09-23Bibliographically approved

Open Access in DiVA

fulltext(595 kB)269 downloads
File information
File name FULLTEXT01.pdfFile size 595 kBChecksum SHA-512
62fd6919ff0bdc4f14c6a0e36ca99705d43d8eff9cbdfde6da2e0bab9cf14d50c45fe9c1b905414f1647b2e914e46fe366948744bd839343f763314970a89aac
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Tiloca, MarcoRaza, Shahid

Search in DiVA

By author/editor
Tiloca, MarcoRaza, Shahid
By organisation
SICS
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 269 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 390 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG