Skip to main content

Advertisement

Springer Nature Link
Log in

Establishing and validating secured keys for IoT devices: using P3 connection model on a cloud-based architecture

  • regular contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

IoT devices are slowly turning out to be an essential part of our everyday lives. These devices perform one operation, and they specialize in doing so. When communicating with these devices, we need to set up a secured key preventing unauthorized communications. We have been using the plug-and-play model for electronic devices for decades. These IoT devices fall into the same realm. The plug–pair–play connection model follows the same principle so that the user does not feel the added pressure of remembering a complex password or rely on a default credential. It helps to generate a secret that is only known to the device and its user. We used elliptic curve cryptography to circumvent the resource limitations on the device. The model establishes a zero-trust pattern where all requests and responses are validated and verified before being processed. This paper provides a unique way to set up a secret key for each user and device pair without much user interaction. The model sets the path to end-to-end secured communication.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Adame, T., Bel, A., Bellalta, B.: Increasing lpwan scalability by means of concurrent multiband iot technologies: an industry 4.0 use case. IEEE. Access 7, 46990–47010 (2019)

    Article  Google Scholar 

  2. Atwady, Y., Hammoudeh, M.: A survey on authentication techniques for the internet of things. In: Proceedings of the International Conference on Future Networks and Distributed Systems, ICFNDS ’17, New York, NY, USA. Association for Computing Machinery (2017)

  3. Bertino, E., Islam, N.: Botnets and internet of things security. IEEE Computer 50(2), 76–79 (2017)

    Article  Google Scholar 

  4. S. Bhattarai and Y. Wang. End-to-end trust and security for internet of things applications. Computer, 51(4), 20–27, 2018

    Article  Google Scholar 

  5. Columbus, L.: 2018 roundup of internet of things forecasts and market estimates. shorturl.at/qMPTU, 2019. Accessed 21 Jan 2020

  6. Fomichev, M., Maass, M., Almon, L., Molina, A., Hollick, M.: Perils of zero-interaction security in the internet of things. In: Proceedings of ACM Interactive Mobile Wearable Ubiquitous Technology, vol. 3(1) (2019)

  7. Gao, M., Wang, Q., Arafin, M.T., Lyu, Y., Qu, G.: Approximate computing for low power and security in the internet of things. IEEE Computer 50(6), 27–34 (2017)

    Article  Google Scholar 

  8. Goasduff, L.: Gartner says 5.8 billion enterprise and automotive IoT endpoints will be in use in 2020. shorturl.at/jlosS, 2019. Accessed 21 January 2020

  9. Hilton, S.: Dyn analysis summary of Friday October 21 attack. https://bit.ly/39mqJl6, 2016. Accessed 28 January (2020)

  10. Huth, C., Zibuschka, J., Duplys, P., Guneysu, T.: Securing systems on the internet of things via physical properties of devices and communications. In: 2015 Annual IEEE Systems Conference (SysCon) Proceedings, pp. 8–13 (2015)

  11. Neshenko, N., Bou-Harb, E., Crichigno, J., Kaddoum, G., Ghani, N.: Demystifying IoT security: An exhaustive survey on iot vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Communications Surveys Tutorials 21(3), 2702–2733 (2019)

    Article  Google Scholar 

  12. Nieminen, J., Gomez, C., Isomaki, M., Savolainen, T., Patil, B., Shelby, Z., Xi, M., Oller, J.: Networking solutions for connecting Bluetooth low energy enabled machines to the internet of things. IEEE Networks 28(6), 83–90 (Nov 2014)

    Article  Google Scholar 

  13. Pazos, N., Muller, M., Aeberli, M., Ouerhani, N.: Connectopen: automatic integration of IoT devices. In: 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT), pp. 640–644 (2015)

  14. Puliafito, C., Mingozzi, E., Longo, F., Puliafito, A., Rana, O.: Fog computing for the internet of things: A survey. ACM Transactions on Internet Technology 19(2), 1-41 (2019)

    Article  Google Scholar 

  15. Ronen, E., Shamir, A.: Extended functionality attacks on IoT devices: the case of smart lights. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 3–12 (2016)

  16. Sharma, S.K., Wang, X.: Toward massive machine type communications in ultra-dense cellular iot networks: Current issues and machine learning-assisted solutions. IEEE Communications Surveys Tutorials 22(1), 426–471 (2020)

    Article  Google Scholar 

  17. Trappe, W., Howard, R., Moore, R.S.: Low-energy security: Limits and opportunities in the internet of things. IEEE Security & Privacy 13(1), 14–21 (Jan 2015)

    Article  Google Scholar 

  18. Uslaner, E.M.: Trust online, trust offline. Communications of the ACM 47(4), 28–29 (April 2004)

    Article  Google Scholar 

  19. van Oorschot, P.C., Smith, S.W.: The internet of things: Security challenges. IEEE Security & Privacy 17(5), 7–9 (2019)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Electrical Engineering and Computer Science, The University of Kansas, Lawrence, KS, 66045, USA

    Sairath Bhattacharjya & Hossein Saiedian

  2. Information and Telecommunication Technology Center (ITTC), The University of Kansas, Lawrence, KS, 66045, USA

    Hossein Saiedian

Authors
  1. Sairath Bhattacharjya
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Hossein Saiedian
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Hossein Saiedian.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Animals performed

This research does not contain any studies with human participants or animals performed by any of the authors.

Informed consent

Informed consent was obtained from all individual participants included in the study. (The authors were the only individuals who participated in the study.)

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bhattacharjya, S., Saiedian, H. Establishing and validating secured keys for IoT devices: using P3 connection model on a cloud-based architecture. Int. J. Inf. Secur. 21, 427–436 (2022). https://doi.org/10.1007/s10207-021-00562-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-021-00562-7

Keywords