TU Darmstadt / ULB / TUbiblio

ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control

Aragon, Santiago ; Tiloca, Marco ; Maass, Max ; Hollick, Matthias ; Raza, Shahid (2018)
ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control.
6th IEEE Conference on Communications and Network Security (CNS 2018). Beijing, China (30.05.2018-01.06.2018)
doi: 10.1109/CNS.2018.8433209
Konferenzveröffentlichung, Zweitveröffentlichung

WarnungEs ist eine neuere Version dieses Eintrags verfügbar.

Kurzbeschreibung (Abstract)

The Authentication and Authorization for Constrained Environments (ACE) framework provides fine-grained access control in the Internet of Things, where devices are resource-constrained and with limited connectivity. The ACE framework defines separate profiles to specify how exactly entities interact and what security and communication protocols to use. This paper presents the novel ACE IPsec profile, which specifies how a client establishes a secure IPsec channel with a resource server, contextually using the ACE framework to enforce authorized access to remote resources. The profile makes it possible to establish IPsec Security Associations, either through their direct provisioning or through the standard IKEv2 protocol. We provide the first Open Source implementation of the ACE IPsec profile for the Contiki OS and test it on the resource-constrained Zolertia Firefly platform. Our experimental performance evaluation confirms that the IPsec profile and its operating modes are affordable and deployable also on constrained IoT platforms.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2018
Autor(en): Aragon, Santiago ; Tiloca, Marco ; Maass, Max ; Hollick, Matthias ; Raza, Shahid
Art des Eintrags: Zweitveröffentlichung
Titel: ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control
Sprache: Englisch
Publikationsjahr: 13 August 2018
Publikationsdatum der Erstveröffentlichung: 2018
Verlag: IEEE
Buchtitel: IEEE Conference on Communications and Network Security
Veranstaltungstitel: 6th IEEE Conference on Communications and Network Security (CNS 2018)
Veranstaltungsort: Beijing, China
Veranstaltungsdatum: 30.05.2018-01.06.2018
DOI: 10.1109/CNS.2018.8433209
URL / URN: https://tuprints.ulb.tu-darmstadt.de/7696
Zugehörige Links:
Herkunft: Zweitveröffentlichungsservice
Kurzbeschreibung (Abstract):

The Authentication and Authorization for Constrained Environments (ACE) framework provides fine-grained access control in the Internet of Things, where devices are resource-constrained and with limited connectivity. The ACE framework defines separate profiles to specify how exactly entities interact and what security and communication protocols to use. This paper presents the novel ACE IPsec profile, which specifies how a client establishes a secure IPsec channel with a resource server, contextually using the ACE framework to enforce authorized access to remote resources. The profile makes it possible to establish IPsec Security Associations, either through their direct provisioning or through the standard IKEv2 protocol. We provide the first Open Source implementation of the ACE IPsec profile for the Contiki OS and test it on the resource-constrained Zolertia Firefly platform. Our experimental performance evaluation confirms that the IPsec profile and its operating modes are affordable and deployable also on constrained IoT platforms.

URN: urn:nbn:de:tuda-tuprints-76966
Sachgruppe der Dewey Dezimalklassifikatin (DDC): 000 Allgemeines, Informatik, Informationswissenschaft > 004 Informatik
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Sichere Mobile Netze
DFG-Graduiertenkollegs
DFG-Graduiertenkollegs > Graduiertenkolleg 2050 Privacy and Trust for Mobile Users
Hinterlegungsdatum: 26 Aug 2018 19:55
Letzte Änderung: 28 Jun 2021 08:48
PPN:
Export:
Suche nach Titel in: TUfind oder in Google

Verfügbare Versionen dieses Eintrags

Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen