M2M Security: Challenges and Solutions

Barki, Amira; Bouabdallah, Abdelmadjid; Gharout, Saïd; Traoré, Jacques

doi:10.1109/comst.2016.2515516

Cited by 113 publications

(48 citation statements)

References 50 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…It provides the best latency and scalability for large-scale connected IoT devices. Regarding M2M communications, Barki et al [ 52 ] provided a survey that addresses the security challenges and threats that arise when dealing with a fusion of heterogeneous networks.…”

Section: Related Workmentioning

confidence: 99%

A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications

Suárez-Albela

Fernández‐Caramés

Fraga‐Lamas

et al. 2017

Sensors

105

View full text Add to dashboard Cite

Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up to 50% and a data throughput that doubles RSA in most scenarios. These conclusions are then corroborated by a frame temporal analysis of Ethernet packets. In addition, current data compression algorithms are evaluated, concluding that, when dealing with the small payloads related to IoT applications, they do not pay off in terms of real data throughput and power consumption.

show abstract

Section: Related Workmentioning

confidence: 99%

A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications

Suárez-Albela

Fernández‐Caramés

Fraga‐Lamas

et al. 2017

Sensors

105

View full text Add to dashboard Cite

show abstract

“…The multiple served and idle users coexisting network is depicted in Figure . The depiction in Figure may be an abstraction from the vehicle‐to‐vehicle, vehicle‐to‐infrastructure, machine‐to‐machine, device‐to‐device, mobile social network, cloud radio access network, or homogeneous/heterogeneous network, and the node that provides services may represent a macro/micro base station, a relay, a terminal, or a centralized cloud service center . Moreover, each authorized user has two access statuses, that is, being served and idle, and each status may be switched into another one in each transmission time interval (TTI).…”

Section: System Modelmentioning

confidence: 99%

“…Therefore, the threats of information security should be relieved. We can find that two types of treats mainly exist, namely, active attacking (containing interference attack, pilot attack, denial‐of‐service attack, replay attack, data injection attack, information‐centric networking attack, and so on) and passive eavesdropping . At here, we investigate the latter one and emphasize the wiretap among multiple users (i.e., multi‐user confidential problem) caused by the users' mutual distrust.…”

Section: Introductionmentioning

confidence: 98%

“…As we already know, with the ever‐increasing types of users and users' demands, diverse networks should appear in the next‐generation systems, such as LTE‐A and 5G . These networks may include the vehicle‐to‐vehicle network, vehicle‐to‐infrastructure network, machine‐to‐machine network, device‐to‐device network, mobile social network, self‐organization (e.g., ad hoc) network, sensor network, cloud radio access network, and macro/micro homogeneous or heterogeneous network . Further, there may be multiple users being served (through base station, relay, terminal, etc.)…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Active jamming for multi-user information security improvement with the access statuses of users

Ren

et al. 2016

Security Comm. Networks

View full text Add to dashboard Cite

We propose a novel physical layer scheme for improving multiple users' information security (e.g., vehicle devises and mobile terminals) in the next‐generation communication systems. Owing to the limitation of service node's antennas, not all users can be concurrently served. Therefore, the node only provides services for some chosen users in a certain time. On the basis of this premise, in our scheme, the access status of each user is involved. With the information of access status, the node devises transmitters to increase the served users' transmission rates and decrease the possibility of each idle user's signal interception. Furthermore, the node executes active jamming according to the realistic situation of this multi‐user network for confusing the idle users/potential eavesdroppers. In addition, with the gradually mature applications of full‐duplex techniques for the terminals, each user can also implement active jamming in the full‐duplex mode to interfere with the potential eavesdroppers. It is seen that our scheme is linear without iteration, and performance analysis and simulation results illustrate that it is feasible for multi‐user security enhancement. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

“…• Ensure packet origin authentication: In [119], the authors have stated that packets origin authentication can be used to prevent the injection of malicious packets by an attacker to an IoT system. Therefore, this guideline suggests that data origin authentication must be integrated into IoT protocols.…”

mentioning

confidence: 99%

A Comprehensive Study of Security and Privacy Guidelines, Threats, and Countermeasures: An IoT Perspective

Abdulghani

Konstantas

2019

JSAN

View full text Add to dashboard Cite

As Internet of Things (IoT) involvement increases in our daily lives, several security and privacy concerns like linkability, unauthorized conversations, and side-channel attacks are raised. If they are left untouched, such issues may threaten the existence of IoT. They derive from two main reasons. One is that IoT objects are equipped with limited capabilities in terms of computation power, memory, and bandwidth which hamper the direct implementation of traditional Internet security techniques. The other reason is the absence of widely-accepted IoT security and privacy guidelines and their appropriate implementation techniques. Such guidelines and techniques would greatly assist IoT stakeholders like developers and manufacturers, paving the road for building secure IoT systems from the start and, thus, reinforcing IoT security and privacy by design. In order to contribute to such objective, we first briefly discuss the primary IoT security goals and recognize IoT stakeholders. Second, we propose a comprehensive list of IoT security and privacy guidelines for the edge nodes and communication levels of IoT reference architecture. Furthermore, we point out the IoT stakeholders such as customers and manufacturers who will benefit most from these guidelines. Moreover, we identify a set of implementation techniques by which such guidelines can be accomplished, and possible attacks against previously-mentioned levels can be alleviated. Third, we discuss the challenges of IoT security and privacy guidelines, and we briefly discuss digital rights management in IoT. Finally, through this survey, we suggest several open issues that require further investigation in the future. To the best of the authors’ knowledge, this work is the first survey that covers the above-mentioned objectives.

show abstract

M2M Security: Challenges and Solutions

Cited by 113 publications

References 50 publications

A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications

A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications

Active jamming for multi-user information security improvement with the access statuses of users

A Comprehensive Study of Security and Privacy Guidelines, Threats, and Countermeasures: An IoT Perspective

Contact Info

Product

Resources

About