Parikshit N. Mahalle

Proposed Security Model and Threat Taxonomy for the Internet of Things (IoT)

IoT is an intelligent collaboration of tiny sensors and devices giving new challenges to security and privacy in end to end communication of things. Protection of data and privacy of things is one of the key challenges in the IoT. Lack of security measures will result in decreased adoption among users and therefore is one of the driving factors in the success of the IoT. This paper gives an overview, analysis and taxonomy of security and privacy challenges in IoT. Finally, Security Model for IoT has been proposed.

A fuzzy approach to trust based access control in internet of things

In the Internet of thing (IoT), the activities of daily life are supported by a multitude of heterogeneous, loosely coupled ubiquitous devices. Traditional access control model are not suitable to the nomadic, decentralized and dynamic scenarios in the IoT where identities are not known in advance. This makes the trust management in IoT more promising to address the access control issues .This paper present a Fuzzy approach to the Trust Based Access Control (FBAC) with the notion of trust levels for identity management. The presented fuzzy approach for trust calculations deals with the linguistic information of devices to address access control in the IoT. The simulation result shows that the fuzzy approach for trust based access control guarantees scalability ad it is energy efficient. This paper also proposes FTBAC framework or trust based dynamic access control in distributed IoT. FTBAC framework i a flexible and scalable a increasing number o devices do not affect the functioning and performance.

Identity Management Framework towards Internet of Things (IoT): Roadmap and Key Challenges

One of the most profound changes today is the increase in mobility of portable yet powerful wireless devices capable of communicating via several different kinds of wireless radio networks of varying link-level characteristics. Requirement for identity is not adequately met in networks, especially given the emergence of ubiquitous computing devices that are mobile and use wireless communications. Addressing identity problem requires changes to the architecture for naming, addressing, and discovery. Challenges include resource discovery; ways to expose relevant privacy distinctions to users, naming and addressing that restricts precise knowledge of identity to authorized parties. This paper presents the identity management (IdM) framework for internet of things (IoT) with the study of existing systems, and addresses the key challenges.

Threshold Cryptography-based Group Authentication (TCGA) scheme for the Internet of Things (IoT)

Internet of things (IoT) is an emerging paradigm where the devices around us (persistent and non-persistent) are connected to each other to provide seamless communication, and contextual services. In the IoT, each device cannot be authenticated in the short time due to unbounded number of devices. Equally, it is difficult to get receipt of their authentication request at the same time. Therefore, secure, and efficient group authentication scheme is required that authenticates a group of devices at once in the context of resource constrained IoT. This paper presents novel Threshold Cryptography-based Group Authentication (TCGA) scheme for the IoT which verifies authenticity of all the devices taking part in the group communication. The proposed TCGA scheme is implemented for WIFI environment, and the result shows that TCGA scheme is lightweight, and alleviates the effect of battery exhaustion attack. This paper also presents time analysis, and formal security analysis of TCGA scheme which shows that the proposed TCGA scheme is safe from the replay, man-in-the-middle attack, and is scalable in nature.

Trust Management Model based on Fuzzy Approach for Ubiquitous Computing

The current state of ubiquitous computing has been greatly influenced by emerging networking developments like Internet of Things (IoT), Future Internet etc. Adequate trust management is crucial to provide security. The entities involved in communication must be trusted for specific purposes depending on their role. Using trust model, devices can run trust computations and guide their behaviors. To this effect, a method is needed to evaluate the level of trust between devices. Trust models investigated so far discusses that devices face problems when communicating as transforming trust relationships from real to virtual world requires the negotiation of trust based on the security properties of devices. However, these models are developed in limited devices. This paper proposes a distributed trust model for device-to-device communication in ubiquitous computing. Mathematical model based on fuzzy rules to establish trust is presented. Fuzzy simulation of the model is presented to validate the findings. Simulation results show that proposed model calculates fuzzy trust values reliably.

Lightweight Key Management for Adaptive Addressing in Next Generation Internet

The continuous evolution of Next Generation Internet NGI amplifies the demand for efficient and secure communication capable of responding effectively to the challenges posed by the emerging applications. For secure communication between two sensor nodes, a secret key is needed. Cryptographic key management is a challenging task in sensor networks as the hostile environment of sensor networks makes it more prone to attacks. Apart from resource constraints of the devices, unknown topology of the network, the higher risk of node capture and lack of a fixed infrastructure makes the key management more challenging in Wireless Sensor Network WSN. Paper surveys different key Management schemes for WSN. The paper presents the efficiency versus security requirements tradeoffs in key management for WSN. Paper also proposes a novel key management protocol which provides strong resistance against replay attacks. The results obtained from the mathematical model based on conditional probability of the scheme suggest that the proposed key management in NGI is efficient and attack resistant.

Object Classification based Context Management for Identity Management in Internet of Things

As computing technology is becoming more tightly coupled into dynamic and mobile world of the Internet of Things (IoT), security mechanism is more stringent, flexible and less intrusive. Scalability issue in IoT makes identity management (IdM) of ubiquitous objects more challenging, and there is a need of context-aware access control solution for IdM. Confronting uncertainty of different types of objects in IoT is not easy. This paper presents the logical framework for object classification in context aware IoT, as richer contextual information creates an impact on the access control. This paper proposes decision theory based object classification to provide contextual information and context management. Simulation results show that the proposed object classification is useful to improve network lifetime. Results also give motivation of object classification in terms of energy consumption. This paper also presents proof of concept and time analysis of the proposed decision theory based object classification. General Terms Identity Management, Internet of Things

Identity driven capability based access control (ICAC) scheme for the Internet of Things

Internet of Things (IoT) is becoming integral and mandatory part of everyday life. Scalability and manageability is intimidating due to unbounded number of devices and services. Access control and authorization in IoT with least privilege is important to establish secure communication between multiple devices and services. In this paper, the concept of capability for access control is introduced where the identities of the involved devices are entrenched in the access capabilities. Identity driven capability based access control (ICAC) scheme presented in this paper helps to alleviate issues related to the complexity and dynamics of device identities. ICAC is implemented for Wi-Fi and results shows that ICAC is scalable and performs better compared to other access control schemes. The ICAC evaluation by using security protocol verification tool shows that ICAC is secure against man-in-the-middle attack, especially eavesdropping and replay attacks.

Extraction of key phrases from document using statistical and linguistic analysis

The algorithm is being developed with a view to reduce the time of going through entire document. The tool will be able to summarize textual documents automatically using statistical as well as linguistic techniques. It will provide the much needed method for creating concise and yet precise documents.

Group authentication using paillier threshold cryptography

In recent years, the exponentially increasing number of portable wireless devices has made it infeasible to authenticate each individual device of a group separately. With the current trend, the proliferation of devices in the future is said to accelerate further. Therefore, there is an urgent need for a reliable and secure authentication scheme that authenticates a group of devices at once. This paper introduces a concept of group authentication which circumvents the need for individual authentication between a group of devices. Specifically, all the devices which are a member of the group are authenticated at once. Furthermore, the paper proposes a group authentication scheme using Paillier threshold cryptography which is a public key variant of the (t, n) threshold scheme. The proposed scheme is used to verify the authenticity of all the members taking part in a group oriented application. The scheme also helps in establishing a shared secret key between the members of the group which can be used for further communication in any group oriented applications.