DCapBAC: embedding authorization logic into smart things through ECC optimizations

In recent years, the increasing development of wireless communication technologies and IPv6 is enabling a seamless integration of smart objects into the Internet infrastructure. This extension of technology to common environments demands greater security restrictions, since any unexpected informatio...

Full description

Saved in:
Bibliographic Details
Published in:International journal of computer mathematics 2016-02, Vol.93 (2), p.345-366
Main Authors: Hernández-Ramos, José L., Jara, Antonio J., Marín, Leandro, Skarmeta Gómez, Antonio F.
Format: Article
Language:English
Subjects:
Access control
Computer information security
Devices
ECC
Internet
Internet of Things
IP (Internet Protocol)
Logic
Mathematical models
Optimization
privacy
security
shifting primes
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In recent years, the increasing development of wireless communication technologies and IPv6 is enabling a seamless integration of smart objects into the Internet infrastructure. This extension of technology to common environments demands greater security restrictions, since any unexpected information leakage or illegitimate access to data could present a high impact in our lives. Additionally, the application of standard security and access control mechanisms to these emerging ecosystems has to face new challenges due to the inherent nature and constraints of devices and networks which make up this novel landscape. While these challenges have been usually addressed by centralized approaches, in this work we present a set of Elliptic Curve Cryptography optimizations for point and field arithmetic which are used in the design and implementation of a security and capability-based access control mechanism (DCapBAC) on smart objects. Our integral solution is based on a lightweight and flexible design that allows this functionality is embedded on resource-constrained devices, providing the advantages of a distributed security approach for Internet of Things (IoT) in terms of scalability, interoperability and end-to-end security. Additionally, our scheme has been successfully validated by using AVISPA tool and implemented on a real scenario over the Jennic/NXP JN5148 chipset based on a 32-bit RISC CPU. The results demonstrate the feasibility of our work and show DCapBAC as a promising approach to be considered as security solution for IoT scenarios.
ISSN:0020-7160
1029-0265
DOI:10.1080/00207160.2014.915316