Mohamed Elhoucine Elhdhili

Enhancing the security of the IoT LoraWAN architecture

The Internet of things (IoT) is invading our lives by connecting surrounding human things to the Internet. This allows a smarter and comfortable human living space. However, it exposes private and sensitive data as well as human appliances to attackers. Security solutions based on cryptography might solve these problems. However, these solutions need the use of encryption keys that must be managed securely and properly. We investigate, in this paper, existing key management protocols proposed for the Internet of things. Then, we propose a solution to enhance the security of the IoT loraWAN architecture. Our solution is inspired from an existing key management solution that uses proxy nodes to alleviate the computation in the constrained node side. We propose the use of a reputation system for proxy nodes selection which permits a reliable and attacks free security solution.

Towards a Secure Access to Content in Named Data Networking

Named Data Networking (NDN) is one of the most promising candidates for the next-generation Internet architecture. It adopts the Information Centric Networking (ICN) approach which considers the named data as the central element. For a more effective content delivery in this approach, content can be recovered from any node implementing caching capabilities. However, with this caching property, access control can no longer be ensured by traditional mechanisms. It must be built into the content itself regardless its location. In this paper, we propose an access control solution based on content encryption and valid both in closed and open environments. In this solution, sensitive content are encrypted and only authorized entities can retrieve the necessary keys for encryption and decryption. We demonstrate the effectiveness of the proposed solution by implementing it in the prototype of NDN, named CCNx, and by evaluating its performances. This evaluation proves that our solution introduces an acceptable overhead, lower than that of the access control solution currently adopted in CCNx.

Lightweight Enhanced Collaborative Key Management Scheme for Smart Home Application

Key management is required to secure the smart home application in the context of Internet of Things (IoT). But, these applications might be unable to use existing Internet key management protocols because of the presence of resource limited nodes. In this paper, we propose a lightweight and secure key management scheme for smart homes. This solution is based on an existing collaborative scheme used to secure communication between a limited node and the network central device by offloading highly consuming cryptographic primitives to proxy nodes. To improve the security of this scheme, we propose to limit the participation in key derivation to the trustful proxies by integrating a trust management system. To assess our proposed solution, we introduce a security evaluation using Scyther tool and a formal validation concerning security properties. Then, we evaluate the computational costs to highlight energy savings.

QoS enabled privacy preserving solution for eHealth systems

The privacy in eHealth is a serious issue that requires special considerations due to the sensitivity and importance of the shared patients information. In the literature, several privacy-preserving approaches have been proposed, most of them have focused only in content-oriented privacy, omitting the contextual privacy aspects. To cope with this deficiency, we propose a privacy-preserving scheme adapted to eHealth systems considering a normal and an emergency health scenarios. Our proposed scheme satisfies both content and contextual privacy requirements, as well as secure communications and quality of service (QoS). To do, we used an identity-based encryption scheme, a set of privacy mechanisms, and a prioritized queuing model. Moreover, we established a performance evaluation to study the queuing behavior of the proposed system. Extensive security analysis shows the robustness of our scheme. To the best of our knowledge, our proposed solution provides the first solution ensuring security as well as perfect privacy without neglecting any requirement.

Hierarchical Identity Based Cryptography for Security and Trust in Named Data Networking

Named Data Networking (NDN) represents an emergent Information-Centric Networking architecture. It treats data as the central element and it leverages in-network caching. With the latter feature, traditional security mechanisms, tied to data location, can no longer be used. Thats why a data-centric security model is adopted. This model relies mainly on the addition of a signature to each of the recovered data. However, the signature verification requires the appropriate public key. To trust this key, NDN provides an interesting platform, supporting multiple models. In this paper, we analyze the security and the trust in NDN. We determine the limits of the already proposed solutions. We propose then a security extension that relies on Hierarchical Identity-Based Cryptography (HIBC). This extension better meets the security requirements and it builds trust in the keys used in signature verification. To validate our proposal, it is integrated into the current prototype of NDN and its performance evaluation is provided. This evaluation proves that by adopting our extension, performance is comparable, even better in some cases than plain NDN.

Security analysis of existing IoT key management protocols

The Internet of things (IoT) interconnects every object of our living space to the Internet. Its adoption relies on the settling down of robust security solutions, especially key management ones. In this paper, we address key management protocols in the Internet of things (IoT). Since the IoT interconnects heterogeneous nodes, key management protocols used in the Internet might not be adapted for this type of networks and lightweight protocols are needed for constrained nodes. Thus, it is prime to design a key management solution that takes into account resources constrained nodes and exploits the heterogeneity of objects to help in key computation. We investigate a variety of key management protocols proposed for the IoT. We analyse the advantages and disadvantages of each protocol and give a performance comparison in terms of key management requirements.

A survey on privacy: Terminology, mechanisms and attacks

Privacy is considered as one of the hottest issues in nowadays communication research areas. It focuses on protecting the content of the transmitted data and on preserving the contextual information such as the identity of the communicating entities. This paper presents an overview of research done in this area in order to build a foundation that helps the research community to understand more the privacy concept and issues. We start by defining the privacy and classifying its requirements in two categories: content-oriented privacy and contextual privacy. We concentrate particularly on contextual privacy by identifying its properties. We also expose a taxonomy according to the type of transferred messages. An analysis of privacy protocols and systems described in the literature is then performed, followed by a description of privacy attacks. Based on the compromised privacy requirements, we propose a new expressive and precise classification of attacks. It is more adapted to privacy context and helps to identify areas of remaining weaknesses that require additional work. Moreover, we describe various attacks against privacy. Finally, we highlight the future research directions in this area.