Aragon, Santiago ; Tiloca, Marco ; Maass, Max ; Hollick, Matthias ; Raza, Shahid (2018)
ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control.
6th IEEE Conference on Communications and Network Security (CNS 2018). Beijing, China (30.05.-01.06.2018)
doi: 10.1109/CNS.2018.8433209
Conference or Workshop Item, Bibliographie
This is the latest version of this item.
Abstract
The Authentication and Authorization for Constrained Environments (ACE) framework provides fine-grained access control in the Internet of Things, where devices are resource-constrained and with limited connectivity. The ACE framework defines separate profiles to specify how exactly entities interact and what security and communication protocols to use. This paper presents the novel ACE IPsec profile, which specifies how a client establishes a secure IPsec channel with a resource server, contextually using the ACE framework to enforce authorized access to remote resources. The profile makes it possible to establish IPsec Security Associations, either through their direct provisioning or through the standard IKEv2 protocol. We provide the first Open Source implementation of the ACE IPsec profile for the Contiki OS and test it on the resource-constrained Zolertia Firefly platform. Our experimental performance evaluation confirms that the IPsec profile and its operating modes are affordable and deployable also on constrained IoT platforms.
Item Type: | Conference or Workshop Item |
---|---|
Erschienen: | 2018 |
Creators: | Aragon, Santiago ; Tiloca, Marco ; Maass, Max ; Hollick, Matthias ; Raza, Shahid |
Type of entry: | Bibliographie |
Title: | ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control |
Language: | English |
Date: | 2018 |
Publisher: | IEEE |
Book Title: | IEEE Conference on Communications and Network Security |
Event Title: | 6th IEEE Conference on Communications and Network Security (CNS 2018) |
Event Location: | Beijing, China |
Event Dates: | 30.05.-01.06.2018 |
DOI: | 10.1109/CNS.2018.8433209 |
Corresponding Links: | |
Abstract: | The Authentication and Authorization for Constrained Environments (ACE) framework provides fine-grained access control in the Internet of Things, where devices are resource-constrained and with limited connectivity. The ACE framework defines separate profiles to specify how exactly entities interact and what security and communication protocols to use. This paper presents the novel ACE IPsec profile, which specifies how a client establishes a secure IPsec channel with a resource server, contextually using the ACE framework to enforce authorized access to remote resources. The profile makes it possible to establish IPsec Security Associations, either through their direct provisioning or through the standard IKEv2 protocol. We provide the first Open Source implementation of the ACE IPsec profile for the Contiki OS and test it on the resource-constrained Zolertia Firefly platform. Our experimental performance evaluation confirms that the IPsec profile and its operating modes are affordable and deployable also on constrained IoT platforms. |
Classification DDC: | 000 Generalities, computers, information > 004 Computer science |
Divisions: | 20 Department of Computer Science 20 Department of Computer Science > Sichere Mobile Netze DFG-Graduiertenkollegs DFG-Graduiertenkollegs > Research Training Group 2050 Privacy and Trust for Mobile Users |
Date Deposited: | 02 Aug 2024 12:33 |
Last Modified: | 02 Aug 2024 12:33 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Available Versions of this Item
-
ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control. (deposited 26 Aug 2018 19:55)
- ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control. (deposited 02 Aug 2024 12:33) [Currently Displayed]
Send an inquiry |
Options (only for editors)
Show editorial Details |