Distributed Configuration, Authorization and Management in the Cloud-based Internet of Things

Abstract

Network-based deployments within the Internet of Things increasingly rely on the cloud-controlled federation of individual networks to configure, authorize, and manage devices across network borders. While this approach allows the convenient and reliable interconnection of networks, it raises severe security and safety concerns. These concerns range from a curious cloud provider accessing confidential data to a malicious cloud provider being able to physically control safety-critical devices. To overcome these concerns, we present D-CAM, which enables secure and distributed configuration, authorization, and management across network borders in the cloud-based Internet of Things. With D-CAM, we constrain the cloud to act as highly available and scalable storage for control messages. Consequently, we achieve reliable network control across network borders and strong security guarantees. Our evaluation confirms that D-CAM adds only a modest overhead and can scale to large networks.

Publication
Proceedings of the 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Sydney, NSW, Australia
BibTeX Citation
@inproceedings{2017-trustcom-henze-dcam,
    author = {Henze, Martin and Wolters, Benedikt and Matzutt, Roman and Zimmermann, Torsten and Wehrle, Klaus},
    title = {{Distributed Configuration, Authorization and Management in the Cloud-based Internet of Things}},
    year = {2017},
    pages = {185-192},
    publisher = {IEEE},
    booktitle = {Proceedings of the 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom), Sydney, NSW, Australia},
    ISBN = {978-1-5090-4905-9},
    ISSN = {2324-9013},
    DOI = {10.1109/Trustcom/BigDataSE/ICESS.2017.236},
}