Authentication of smart objects is a major challenge for the Internet of Things (IoT), and has been left open in DTLS. Leveraging locally managed IPv6 addresses with identitybased cryptography (IBC), we propose an efficient end-to-end authentication that (a) assigns a robust and deploymentfriendly federation scheme to gateways of IoT subnetworks, and (b) has been evaluated with a modern twisted Edwards elliptic curve cryptography (ECC). Our early results demonstrate feasibility and promise efficiency after ongoing optimisations.
Authentication of smart objects is a major challenge for the Internet of Things (IoT), and has been left open in DTLS. Leveraging locally managed IPv6 addresses with identitybased cryptography (IBC), we propose an efficient end-to-end authentication that (a) assigns a robust and deploymentfriendly federation scheme to gateways of IoT subnetworks, and (b) has been evaluated with a modern twisted Edwards elliptic curve cryptography (ECC). Our early results demonstrate feasibility and promise efficiency after ongoing optimisations.
Recently we presented QuantDroid [7], a quantitative approach towards mitigating privilege escalation attacks on Android. By monitoring all synchronous IPC via overt channels on-the-fly, a so called flow-graph service detects an abnormal amount of traffic exchanged between DVMs running different Apps to indicate a potential horizontal privilege escalation attack. However, although certainly a valuable first step, our initial QuantDroid approach fails when dealing with asynchronous IPC via persistent storage containers on the Android system. To also address this issue, in this work we extend QuantDroid to QuantDroid ++ by providing i) a central storage of taints when operating on system-internal databases of Android, ii) an extension of the SQL cursor object to preserve taints and link requested data with such taints, and, finally iii) an inspection of the information flow with such newly available taints for all relevant database operations.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.