Abstract
Adoption of the pervasive and ubiquitous computing paradigm is increasing. One application of this paradigm is Ambient Assistive Living where ICT-based assistive services are deployed in an environment. In this study, a Smart Home in a Box (SHIB) has been devised as an AAL solution. This SHIB relies upon Internet of Things (IoT) devices, such as thermal vision sensors, within an environment to function. Each SHIB deployment consists of IoT devices taken from a common pool of devices. The exact device manifest of each SHIB deployment will change as dictated by end-user requirements. Additionally, this pool will grow and expand when devices are removed or added from previous SHIB deployments. To efficiently manage this pool of devices, and SHIB deployments, a remote management solution is required. Current remote management solutions have a range of deficiencies that render them unsuitable for use with the current SHIB platform. To address these deficiencies, a secure mechanism to manage the IoT devices has been devised. This paper presents this mechanism and evaluates its applicability to SHIB deployments. The evaluation focused on assessing the security of the mechanism and the viability of its Low-Power Wireless Wide-Area Network-based communications. This evaluation showed that the proposed solution was reliable and suitable for the intended deployment scenario. An extended evaluation and system improvements have been identified and proposed within future work.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Weiser, M.: The computer for the 21st century. Sci. Am. 265, 94–104 (1991)
Satyanarayanan, M.: Pervasive computing: vision and challenges. IEEE Pers. Commun. 8, 10–17 (2001)
Lee, I.: An exploratory study of the impact of the internet of things (IoT) on business model innovation: building smart enterprises at fortune 500 companies. Int. J. Inf. Syst. Soc. Change 7, 1–15 (2016)
Riggins, F.J., Wamba, S.F.: Research directions on the adoption, usage, and impact of the internet of things through the use of big data analytics. In: 2015 48th Hawaii International Conference on System Sciences (HICSS), pp. 1531–1540 (2015)
Bradley, J., Reberger, C., Dixit, A., Gupta, V.: Internet of everything: a $4.6 trillion public-sector opportunity. Cisco White Paper (2013)
Rafferty, J., Nugent, C.D., Liu, J.: From Activity Recognition to Intention Recognition for Assisted Living Within Smart Homes, pp. 1–12 (2017)
Roy, N., Misra, A., Cook, D.: Ambient and smartphone sensor assisted ADL recognition in multi-inhabitant smart environments. J. Ambient Intell. Humanized Comput. 7(1), 1–19 (2015)
European Commission: The Ambient Assisted Living (AAL) Joint Programme. http://ec.europa.eu/information_society/activities/einclusion/docs/ageing/aal_overview.pdf
Tozlu, S., Senel, M., Mao, W., Keshavarzian, A.: Wi-Fi enabled sensors for internet of things: a practical approach. IEEE Commun. Mag. 50, 134–143 (2012)
Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of things: a survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 17, 2347–2376 (2015)
Bertino, E., Islam, N.: Botnets and internet of things security. Computer 50, 76–79 (2017)
Shah, M., Soni, V., Shah, H., Desai, M.: TCP/IP network protocols—security threats, flaws and defense methods. In: 2016 3rd International Conference On Computing for Sustainable Global Development, pp. 2693–2699 (2016)
Bruno, L., Graziano, M., Balzarotti, D., Francillon, A.: Through the looking-glass, and what eve found there. In: WOOT (2014)
CVE-2017-5689. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5689
Conti, M., Dragoni, N., Lesyk, V.: A survey of man in the middle attacks. IEEE Commun. Surv. Tutor. 18, 2027–2051 (2016)
CVE-2017-7925. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7925
Zhang, Z.-K., Cho, M.C.Y., Shieh, S.: Emerging security threats and countermeasures in IoT. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security - ASIA CCS 2015, pp. 1–6. ACM Press, New York, USA (2015)
Smart, N.P.: Certificates, key transport and key agreement. Cryptography Made Simple. ISC, pp. 369–399. Springer, Cham (2016). doi:10.1007/978-3-319-21936-3_18
Dubeuf, J., Hely, D., Beroulle, V.: ECDSA passive attacks, leakage sources, and common design mistakes. ACM Trans. Des. Autom. Electron. Syst. 21, 1–24 (2016)
Schneier, B., Fredrikson, M., Kohno, T., Ristenpart, T.: Surreptitiously weakening cryptographic systems. IACR Cryptol. ePrint Arch. (2015)
Centenaro, M., Vangelista, L., Zanella, A., Zorzi, M.: Long-range communications in unlicensed bands: the rising stars in the IoT and smart city scenarios. IEEE Wirel. Commun. 23, 60–67 (2016)
Andreev, S., Galinina, O., Pyattaev, A., Gerasimenko, M., Tirronen, T., Torsner, J., Sachs, J., Dohler, M., Koucheryavy, Y.: Understanding the IoT connectivity landscape: a contemporary M2 M radio technology roadmap. IEEE Commun. Mag. 53, 32–40 (2015)
Khan, Z., Lehtomaki, J.J., Iellamo, S.I., Vuohtoniemi, R., Hossain, E., Han, Z.: IoT Connectivity in radar bands: a shared access model based on spectrum measurements. IEEE Commun. Mag. 55, 88–96 (2017)
Ijaz, A., Zhang, L., Grau, M., Mohamed, A., Vural, S., Quddus, A.U., Imran, M.A., Foh, C.H., Tafazolli, R.: Enabling massive IoT in 5G and beyond systems: PHY radio frame design considerations. IEEE Access 4, 3322–3339 (2016)
Welch, B.: Exploiting the weaknesses of SS7. Netw. Secur. 2017, 17–19 (2017)
SS7 routing protocol vulnerability let thieves drain 2FA-protected bank accounts|Ars Technica UK, https://arstechnica.co.uk/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/
Regulation of Investigatory Powers Act, UK (2000)
Alliance, L.: A technical overview of LoRa and LoRaWAN. White Paper, November (2015)
Pervasive Nation. https://connectcentre.ie/pervasive-nation/
Daemen, J., Rijmen, V.: The Rijndael Block Cipher: AES Proposal (2003)
Kumar, P., Rawat, S., Choudhury, T., Pradhan, S.: A performance based comparison of various symmetric cryptographic algorithms in run-time scenario. In: International Conference on System Modeling & Advancement in Research Trends (SMART), pp. 37–41 (2016)
Ã…gren, M.: On some symmetric lightweight cryptographic designs (2012)
Bajaj, R.D., Gokhale, M., Tech Vlsi, M.: Design and simulation of AES algorithm for cryptography. Int. J. Eng. Sci. Comput. (2016)
Ertaul, L., Sravya, K.L., Sanka, N.: Implementation of authenticated encryption algorithm offset code book (OCB). In: Proceedings of the International Conference on Wireless Networks (ICWN), p. 78 (2016)
Vaidehi, M., Rabi, B.J.: Design and analysis of AES-CBC mode for high security applications. In: 2014 2nd International Conference on Current Trends in Engineering and Technology (ICCTET), pp. 499–502 (2014)
Paterson, K., Foley, J., McGrew, D.: Authenticated Encryption with AES-CBC and HMAC-SHA (2014)
System, method, and computer program product for optimizing data encryption and decryption by implementing asymmetric AES-CBC channels (2013)
Feldhofer, M., Wolkerstorfer, J., Rijmen, V.: AES implementation on a grain of sand. IEE Proc. Inf. Secur. 152, 13 (2005)
Saito, T., Yasuda, K., Ishikawa, T., Hosoi, R., Takahashi, K., Chen, Y., Zalasinski, M.: Estimating CPU features by browser fingerprinting. In: 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 587–592. IEEE (2016)
Bellare, M.: New proofs for NMAC and HMAC: security without collision resistance. J. Cryptol. 28, 844–878 (2015)
Krawczyk, H., Canetti, R., Bellare, M.: HMAC: Keyed-hashing for message authentication.
Bharati, P.V., Mahalakshmi, T.S.: A Combinational Approach for securing the data in cloud storage using HMAC-SHA512 and Information Secured Algorithm (ISA). Int. J. Appl. Eng. Res. 11, 973–4562 (2016)
Acknowledgments
Invest Northern Ireland is acknowledged for supporting this project under the Competence Centre Programs Grant RD0513853 – Connected Health Innovation Centre. Pervasive Nation is acknowledged for providing access to their LoRaWAN infrastructure and offering support during this project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Rafferty, J., Synnott, J., Ennis, A., Cleland, I., Nugent, C., Little, M. (2017). A Secure, Out-of-Band, Mechanism to Manage Internet of Things Devices. In: Ochoa, S., Singh, P., Bravo, J. (eds) Ubiquitous Computing and Ambient Intelligence. UCAmI 2017. Lecture Notes in Computer Science(), vol 10586. Springer, Cham. https://doi.org/10.1007/978-3-319-67585-5_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-67585-5_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67584-8
Online ISBN: 978-3-319-67585-5
eBook Packages: Computer ScienceComputer Science (R0)