skip to main content
10.1145/3374664.3375739acmconferencesArticle/Chapter ViewAbstractPublication PagescodaspyConference Proceedingsconference-collections
research-article

SeCaS: Secure Capability Sharing Framework for IoT Devices in a Structured P2P Network

Published: 16 March 2020 Publication History

Abstract

The emergence of the internet of Things (IoT) has resulted in the possession of a continuously increasing number of highly heterogeneous connected devices by the same owner. To make full use of the potential of a personal IoT network, there must be secure and effective cooperation between them. While application platforms (e.g., Samsung SmartThings) and interoperable protocols (e.g., MQTT) exist already, the reliance on a central hub to coordinate communication introduces a single-point of failure, provokes bottleneck problems and raises privacy concerns. In this paper we propose SeCaS, a Secure Capability Sharing framework, built on top of a peer-to-peer (P2P) architecture. SeCaS addresses the problems of fault tolerance, scalability and security in resource discovery and sharing for IoT infrastructures using a structured P2P network, in order to take advantage of the self-organised and decentralised communication it provides. SeCaS brings three main contributions: (i) a capability representation that allows each device to specify what services they offer, and can be used as a common language to search for, and exchange, capabilities, resulting in flexible service discovery that can leverage the properties on a distributed hash table (DHT); (ii) a set of four protocols that provides identification of the different devices that exist in the network and authenticity of the messages that are exchanged among them; and (iii) a thorough security and complexity analysis of the proposed scheme that shows SeCaS to be both secure and scalable.

References

[1]
Omar Alrawi, Chaz Lever, Manos Antonakakis, and Fabian Monrose. 2019. Sok: Security evaluation of home-based iot deployments. In IEEE S&P. 208--226.
[2]
Joao Alveirinho, Joao Paiva, Joao Leitao, and Luis Rodrigues. 2010. Flexible and efficient resource location in large-scale systems. In Proceedings of the 4th International Workshop on Large Scale Distributed Systems and Middleware. ACM, 55--60.
[3]
João Pedro Fernandes Alveirinho. 2010. Resource Location in P2P Systems. Master's thesis. Instituto Superior Técnico.
[4]
Mahmoud Ammar, Giovanni Russello, and Bruno Crispo. 2018. Internet of Things: A survey on the security of IoT frameworks. Journal of Information Security and Applications 38 (2018), 8--27.
[5]
David P Anderson, Jeff Cobb, Eric Korpela, Matt Lebofsky, and Dan Werthimer. 2002. SETI@ home: an experiment in public-resource computing. Commun. ACM 45, 11 (2002), 56--61.
[6]
Apple. 2018. HomeKit. https://developer.apple.com/documentation/homekit
[7]
Garvita Bajaj, Rachit Agarwal, Pushpendra Singh, Nikolaos Georgantas, and Valérie Issarny. 2017. 4W1H in IoT semantics. IEEE Access (2017).
[8]
Andrew Banks and Rahul Gupta. 2014. MQTT Version 3.1. 1. OASIS standard 29 (2014). http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.pdf
[9]
John F Buford and Heather Yu. 2010. Peer-to-peer networking and applications: synopsis and research directions. In Handbook of Peer-to-Peer Networking. Springer, 3--45.
[10]
Farida Chowdhury and Md. Sadek Ferdous. 2017. Performance analysis of R/Kademlia, Pastry and Bamboo using recursive routing in mobile networks. International Journal of Computer Networks & Communications (IJCNC) 9, 5 (2017).
[11]
Farida Chowdhury, Jamie Furness, and Mario Kolberg. 2017. Performance analysis of structured peer-to-peer overlays for mobile networks. International Journal of Parallel, Emergent and Distributed Systems 32, 5 (2017), 522--548. https://doi.org/10. 1080/17445760.2016.1203917 arXiv:https://doi.org/10.1080/17445760.2016.1203917
[12]
Simone Cirani, Luca Davoli, Gianluigi Ferrari, Rémy Léone, Paolo Medagliani, Marco Picone, and Luca Veltri. 2014. A scalable and self-configuring architecture for service discovery in the internet of things. IEEE Internet of Things Journal 1, 5 (2014), 508--521.
[13]
Bram Cohen. 2008. The BitTorrent protocol specification.
[14]
Frank Dabek, Ben Zhao, Peter Druschel, John Kubiatowicz, and Ion Stoica. 2003. Towards a common API for structured peer-to-peer overlays. In Peer-to-Peer Systems II -- International Workshop on Peer-to-Peer Systems (IPTPS). Springer, 33--44.
[15]
Soumya Kanti Datta, Rui Pedro Ferreira Da Costa, and Christian Bonnet. 2015. Resource discovery in Internet of Things: Current trends and future standardization aspects. In World Forum on Internet of Things (WF-IoT). IEEE, 542--547.
[16]
Danny Dolev and Andrew Yao. 1983. On the security of public key protocols. IEEE Transactions on information theory 29, 2 (1983), 198--208.
[17]
Earlence Fernandes, Jaeyeon Jung, and Atul Prakash. 2016. Security analysis of emerging smart home applications. In 2016 IEEE Symposium on Security and Privacy (SP). IEEE, 636--654.
[18]
Google. 2018. Weave. https://nest.com/weave/
[19]
Juan A Holgado-Terriza and Sandra Rodríguez-Valenzuela. 2011. Services composition model for home-automation peer-to-peer pervasive computing. In Federated Conference on Computer Science and Information Systems (FedCSIS). IEEE, 529--536.
[20]
Dimitris N Kalofonos, Zoe Antoniou, Franklin D Reynolds, Max Van-Kleek, Jacob Strauss, and Paul Wisner. 2008. Mynet: A platform for secure p2p personal and social networking services. In International Conference on Pervasive Computing and Communications (PerCom). IEEE, 135--146.
[21]
Brad Karp, Sylvia Ratnasamy, Sean Rhea, and Scott Shenker. 2004. Spurring adoption of DHTs with OpenHash, a public DHT service. In International Workshop on Peer-to-Peer Systems. Springer, 195--205.
[22]
John Kubiatowicz, David Bindel, Yan Chen, Steven Czerwinski, Patrick Eaton, Dennis Geels, Ramakrishna Gummadi, Sean Rhea, HakimWeatherspoon,Westley Weimer, et al. 2000. Oceanstore: An architecture for global-scale persistent storage. In ACM SIGARCH Computer Architecture News, Vol. 28. ACM, 190--201.
[23]
Chaohao Li, Xiaoyu Ji, Xinyan Zhou, Juchuan Zhang, Jing Tian, Yanmiao Zhang, and Wenyuan Xu. 2018. HlcAuth: Key-free and Secure Communications via Home-Limited Channel. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security. ACM, 29--35.
[24]
Eng Keong Lua, Jon Crowcroft, Marcelo Pias, Ravi Sharma, and Steven Lim. 2005. A survey and comparison of peer-to-peer overlay network schemes. IEEE Communications Surveys & Tutorials 7, 2 (2005), 72--93.
[25]
Petar Maymounkov and David Mazieres. 2002. Kademlia: A peer-to-peer information system based on the xor metric. In International Workshop on Peer-to-Peer Systems. Springer, 53--65.
[26]
Daniel D McCracken and Edwin D Reilly. 2003. Backus-naur form (bnf). Encyclopedia of Computer Science (2003), 129--131.
[27]
Federica Paganelli and David Parlanti. 2012. A DHT-based discovery service for the Internet of Things. Journal of Computer Networks & Communications (2012).
[28]
Sylvia Ratnasamy, Paul Francis, Mark Handley, Richard Karp, and Scott Shenker. 2001. A scalable content-addressable network. Vol. 31. ACM.
[29]
Antony Rowstron. 2001. Pastry: Scalable, distributed object location and routing for large-scale, persistent peer-to-peer storage utility. In IFIP/ACM International Conference on Distributed Plarforms.
[30]
Samsung. 2018. SmartThings. https://smartthings.developer.samsung.com/ develop/api-ref/capabilities.html
[31]
Ion Stoica, Robert Morris, David Karger, M Frans Kaashoek, and Hari Balakrishnan. 2001. Chord: A scalable peer-to-peer lookup service for internet applications. ACM SIGCOMM Computer Communication Review 31, 4 (2001), 149--160.
[32]
Jack Sturgess, Jason R C Nurse, and Jun Zhao. 2018. A capability-oriented approach to assessing privacy risk in smart home ecosystems. In Living in the Internet of Things: Cybersecurity of the IoT Conference. IET.
[33]
Yuan Tian, Nan Zhang, Yueh-Hsun Lin, XiaoFeng Wang, Blase Ur, XianZheng Guo, and Patrick Tague. 2017. SmartAuth: User-Centered Authorization for the Internet of Things. In USENIX Security Symposium. USENIX Association, 361--378.
[34]
Matú Tomlein and Kaj Grønbæk. 2016. Semantic Model of Variability and Capabilities of IoT Applications for Embedded Software Ecosystems. In Working IEEE/IFIP Conference on Software Architecture (WICSA). IEEE, 247--252.
[35]
Guido Urdaneta, Guillaume Pierre, and Maarten Van Steen. 2011. A survey of DHT security techniques. ACM Computing Surveys (CSUR) 43, 2 (2011), 8.
[36]
Dan S Wallach. 2003. A survey of peer-to-peer security issues. In Software Security-Theories and Systems. Springer, 42--57.
[37]
Wei Wang, Suparna De, Ralf Toenjes, Eike Reetz, and Klaus Moessner. 2012. A comprehensive ontology for knowledge representation in the internet of things. In International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, 1793--1798.
[38]
Yong Wang and Jason Nikolai. 2017. Key Management in CPSs. Security and Privacy in Cyber-Physical Systems: Foundations, Principles and Applications (2017), 117--136.
[39]
Wikipedia contributors. 2018. Key size - Wikipedia, The Free Encyclopedia. https://en.wikipedia.org/w/index.php?title=Key_size&oldid=834490386. [Online; accessed 27-July-2018].
[40]
Wikipedia contributors. 2019. Facebook-Cambridge Analytica data scandal - Wikipedia, The Free Encyclopedia. https://en.wikipedia.org/w/index.php?title= Facebook\T1\textendashCambridge_Analytica_data_scandal&oldid=892459300. [Online; accessed 16-April-2019].
[41]
David JWu, Ankur Taly, Asim Shankar, and Dan Boneh. 2016. Privacy, discovery, and authentication for the internet of things. In European Symposium on Research in Computer Security. Springer, 301--319.
[42]
Jun Xu, A. Kumar, and Xingxing Yu. 2004. On the fundamental tradeoffs between routing table size and network diameter in peer-to-peer networks. IEEE Journal on Selected Areas in Communications 22, 1 (Jan 2004), 151--163. https://doi.org/ 10.1109/JSAC.2003.818805
[43]
Fen Zhu, Matt W Mutka, and Lionel M Ni. 2005. Service discovery in pervasive computing environments. IEEE Pervasive computing 4 (2005), 81--90.

Cited By

View all
  • (2022)Themis: A Secure Decentralized Framework for Microservice Interaction in Serverless ComputingProceedings of the 17th International Conference on Availability, Reliability and Security10.1145/3538969.3538983(1-11)Online publication date: 23-Aug-2022

Index Terms

  1. SeCaS: Secure Capability Sharing Framework for IoT Devices in a Structured P2P Network

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    CODASPY '20: Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy
    March 2020
    392 pages
    ISBN:9781450371070
    DOI:10.1145/3374664
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 16 March 2020

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. dht
    2. fault-tolerance
    3. iot
    4. privacy
    5. resource sharing
    6. scalability

    Qualifiers

    • Research-article

    Funding Sources

    • British Telecom
    • UK EPSRC
    • CONCORDIA project

    Conference

    CODASPY '20
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 149 of 789 submissions, 19%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)16
    • Downloads (Last 6 weeks)1
    Reflects downloads up to 14 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2022)Themis: A Secure Decentralized Framework for Microservice Interaction in Serverless ComputingProceedings of the 17th International Conference on Availability, Reliability and Security10.1145/3538969.3538983(1-11)Online publication date: 23-Aug-2022

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media