Skip to main content
SpringerLink
Log in

A Secure, Out-of-Band, Mechanism to Manage Internet of Things Devices

  • Conference paper
  • First Online:
Ubiquitous Computing and Ambient Intelligence (UCAmI 2017)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10586))

  • 2384 Accesses

Abstract

Adoption of the pervasive and ubiquitous computing paradigm is increasing. One application of this paradigm is Ambient Assistive Living where ICT-based assistive services are deployed in an environment. In this study, a Smart Home in a Box (SHIB) has been devised as an AAL solution. This SHIB relies upon Internet of Things (IoT) devices, such as thermal vision sensors, within an environment to function. Each SHIB deployment consists of IoT devices taken from a common pool of devices. The exact device manifest of each SHIB deployment will change as dictated by end-user requirements. Additionally, this pool will grow and expand when devices are removed or added from previous SHIB deployments. To efficiently manage this pool of devices, and SHIB deployments, a remote management solution is required. Current remote management solutions have a range of deficiencies that render them unsuitable for use with the current SHIB platform. To address these deficiencies, a secure mechanism to manage the IoT devices has been devised. This paper presents this mechanism and evaluates its applicability to SHIB deployments. The evaluation focused on assessing the security of the mechanism and the viability of its Low-Power Wireless Wide-Area Network-based communications. This evaluation showed that the proposed solution was reliable and suitable for the intended deployment scenario. An extended evaluation and system improvements have been identified and proposed within future work.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Weiser, M.: The computer for the 21st century. Sci. Am. 265, 94–104 (1991)

    Article  Google Scholar 

  2. Satyanarayanan, M.: Pervasive computing: vision and challenges. IEEE Pers. Commun. 8, 10–17 (2001)

    Article  Google Scholar 

  3. Lee, I.: An exploratory study of the impact of the internet of things (IoT) on business model innovation: building smart enterprises at fortune 500 companies. Int. J. Inf. Syst. Soc. Change 7, 1–15 (2016)

    Article  Google Scholar 

  4. Riggins, F.J., Wamba, S.F.: Research directions on the adoption, usage, and impact of the internet of things through the use of big data analytics. In: 2015 48th Hawaii International Conference on System Sciences (HICSS), pp. 1531–1540 (2015)

    Google Scholar 

  5. Bradley, J., Reberger, C., Dixit, A., Gupta, V.: Internet of everything: a $4.6 trillion public-sector opportunity. Cisco White Paper (2013)

    Google Scholar 

  6. Rafferty, J., Nugent, C.D., Liu, J.: From Activity Recognition to Intention Recognition for Assisted Living Within Smart Homes, pp. 1–12 (2017)

    Google Scholar 

  7. Roy, N., Misra, A., Cook, D.: Ambient and smartphone sensor assisted ADL recognition in multi-inhabitant smart environments. J. Ambient Intell. Humanized Comput. 7(1), 1–19 (2015)

    Article  Google Scholar 

  8. European Commission: The Ambient Assisted Living (AAL) Joint Programme. http://ec.europa.eu/information_society/activities/einclusion/docs/ageing/aal_overview.pdf

  9. Tozlu, S., Senel, M., Mao, W., Keshavarzian, A.: Wi-Fi enabled sensors for internet of things: a practical approach. IEEE Commun. Mag. 50, 134–143 (2012)

    Article  Google Scholar 

  10. Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of things: a survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 17, 2347–2376 (2015)

    Article  Google Scholar 

  11. Bertino, E., Islam, N.: Botnets and internet of things security. Computer 50, 76–79 (2017)

    Article  Google Scholar 

  12. Shah, M., Soni, V., Shah, H., Desai, M.: TCP/IP network protocols—security threats, flaws and defense methods. In: 2016 3rd International Conference On Computing for Sustainable Global Development, pp. 2693–2699 (2016)

    Google Scholar 

  13. Bruno, L., Graziano, M., Balzarotti, D., Francillon, A.: Through the looking-glass, and what eve found there. In: WOOT (2014)

    Google Scholar 

  14. CVE-2017-5689. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5689

  15. Conti, M., Dragoni, N., Lesyk, V.: A survey of man in the middle attacks. IEEE Commun. Surv. Tutor. 18, 2027–2051 (2016)

    Article  Google Scholar 

  16. CVE-2017-7925. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7925

  17. Zhang, Z.-K., Cho, M.C.Y., Shieh, S.: Emerging security threats and countermeasures in IoT. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security - ASIA CCS 2015, pp. 1–6. ACM Press, New York, USA (2015)

    Google Scholar 

  18. Smart, N.P.: Certificates, key transport and key agreement. Cryptography Made Simple. ISC, pp. 369–399. Springer, Cham (2016). doi:10.1007/978-3-319-21936-3_18

    Chapter  Google Scholar 

  19. Dubeuf, J., Hely, D., Beroulle, V.: ECDSA passive attacks, leakage sources, and common design mistakes. ACM Trans. Des. Autom. Electron. Syst. 21, 1–24 (2016)

    Article  Google Scholar 

  20. Schneier, B., Fredrikson, M., Kohno, T., Ristenpart, T.: Surreptitiously weakening cryptographic systems. IACR Cryptol. ePrint Arch. (2015)

    Google Scholar 

  21. Centenaro, M., Vangelista, L., Zanella, A., Zorzi, M.: Long-range communications in unlicensed bands: the rising stars in the IoT and smart city scenarios. IEEE Wirel. Commun. 23, 60–67 (2016)

    Article  Google Scholar 

  22. Andreev, S., Galinina, O., Pyattaev, A., Gerasimenko, M., Tirronen, T., Torsner, J., Sachs, J., Dohler, M., Koucheryavy, Y.: Understanding the IoT connectivity landscape: a contemporary M2 M radio technology roadmap. IEEE Commun. Mag. 53, 32–40 (2015)

    Article  Google Scholar 

  23. Khan, Z., Lehtomaki, J.J., Iellamo, S.I., Vuohtoniemi, R., Hossain, E., Han, Z.: IoT Connectivity in radar bands: a shared access model based on spectrum measurements. IEEE Commun. Mag. 55, 88–96 (2017)

    Article  Google Scholar 

  24. Ijaz, A., Zhang, L., Grau, M., Mohamed, A., Vural, S., Quddus, A.U., Imran, M.A., Foh, C.H., Tafazolli, R.: Enabling massive IoT in 5G and beyond systems: PHY radio frame design considerations. IEEE Access 4, 3322–3339 (2016)

    Article  Google Scholar 

  25. Welch, B.: Exploiting the weaknesses of SS7. Netw. Secur. 2017, 17–19 (2017)

    Article  Google Scholar 

  26. SS7 routing protocol vulnerability let thieves drain 2FA-protected bank accounts|Ars Technica UK, https://arstechnica.co.uk/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/

  27. Regulation of Investigatory Powers Act, UK (2000)

    Google Scholar 

  28. Alliance, L.: A technical overview of LoRa and LoRaWAN. White Paper, November (2015)

    Google Scholar 

  29. Pervasive Nation. https://connectcentre.ie/pervasive-nation/

  30. Daemen, J., Rijmen, V.: The Rijndael Block Cipher: AES Proposal (2003)

    Google Scholar 

  31. Kumar, P., Rawat, S., Choudhury, T., Pradhan, S.: A performance based comparison of various symmetric cryptographic algorithms in run-time scenario. In: International Conference on System Modeling & Advancement in Research Trends (SMART), pp. 37–41 (2016)

    Google Scholar 

  32. Ã…gren, M.: On some symmetric lightweight cryptographic designs (2012)

    Google Scholar 

  33. Bajaj, R.D., Gokhale, M., Tech Vlsi, M.: Design and simulation of AES algorithm for cryptography. Int. J. Eng. Sci. Comput. (2016)

    Google Scholar 

  34. Ertaul, L., Sravya, K.L., Sanka, N.: Implementation of authenticated encryption algorithm offset code book (OCB). In: Proceedings of the International Conference on Wireless Networks (ICWN), p. 78 (2016)

    Google Scholar 

  35. Vaidehi, M., Rabi, B.J.: Design and analysis of AES-CBC mode for high security applications. In: 2014 2nd International Conference on Current Trends in Engineering and Technology (ICCTET), pp. 499–502 (2014)

    Google Scholar 

  36. Paterson, K., Foley, J., McGrew, D.: Authenticated Encryption with AES-CBC and HMAC-SHA (2014)

    Google Scholar 

  37. System, method, and computer program product for optimizing data encryption and decryption by implementing asymmetric AES-CBC channels (2013)

    Google Scholar 

  38. Feldhofer, M., Wolkerstorfer, J., Rijmen, V.: AES implementation on a grain of sand. IEE Proc. Inf. Secur. 152, 13 (2005)

    Article  Google Scholar 

  39. Saito, T., Yasuda, K., Ishikawa, T., Hosoi, R., Takahashi, K., Chen, Y., Zalasinski, M.: Estimating CPU features by browser fingerprinting. In: 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 587–592. IEEE (2016)

    Google Scholar 

  40. Bellare, M.: New proofs for NMAC and HMAC: security without collision resistance. J. Cryptol. 28, 844–878 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  41. Krawczyk, H., Canetti, R., Bellare, M.: HMAC: Keyed-hashing for message authentication.

    Google Scholar 

  42. Bharati, P.V., Mahalakshmi, T.S.: A Combinational Approach for securing the data in cloud storage using HMAC-SHA512 and Information Secured Algorithm (ISA). Int. J. Appl. Eng. Res. 11, 973–4562 (2016)

    Google Scholar 

Download references

Acknowledgments

Invest Northern Ireland is acknowledged for supporting this project under the Competence Centre Programs Grant RD0513853 – Connected Health Innovation Centre. Pervasive Nation is acknowledged for providing access to their LoRaWAN infrastructure and offering support during this project.

Author information

Authors and Affiliations

  1. School of Computing and Mathematics, Ulster University, Coleraine, Northern Ireland, UK

    Joseph Rafferty, Jonathan Synnott, Andrew Ennis, Ian Cleland & Chris Nugent

  2. RF Proximity LTD, The Innovation Center, Northern Ireland Science Park, Belfast, UK

    Michael Little

Authors
  1. Joseph Rafferty
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jonathan Synnott
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrew Ennis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ian Cleland
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Chris Nugent
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Michael Little
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Joseph Rafferty .

Editor information

Editors and Affiliations

  1. University of Santiago Chile, Santiago, Chile

    Sergio F. Ochoa

  2. Villanova University, Villanova, Pennsylvania, USA

    Pritpal Singh

  3. University of Castilla La Mancha, Ciudad Real, Spain

    José Bravo

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Rafferty, J., Synnott, J., Ennis, A., Cleland, I., Nugent, C., Little, M. (2017). A Secure, Out-of-Band, Mechanism to Manage Internet of Things Devices. In: Ochoa, S., Singh, P., Bravo, J. (eds) Ubiquitous Computing and Ambient Intelligence. UCAmI 2017. Lecture Notes in Computer Science(), vol 10586. Springer, Cham. https://doi.org/10.1007/978-3-319-67585-5_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-67585-5_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-67584-8

  • Online ISBN: 978-3-319-67585-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation