Happy to announce that our new journal paper on IoT Security was just published in Elsevier, see below for more info:
Authors: Mohammad Heydari, Alexios Mylonas, Vahid Heydari Fami Tafreshi, Elhadj Benkhelifa, Surjit Singh,
Title: Known unknowns: Indeterminacy in authentication in IoT,
Journal: Future Generation Computer Systems, Volume 111, 2020, Pages 278-287, ISSN 0167-739X, https://doi.org/10.1016/j.future.2020.03.005.
Abstract: The Internet of Things (IoT), comprising a plethora of heterogeneous devices, is an enabling technology that can improve the quality of our daily lives, for instance by measuring parameters from the environment (e.g., humidity, temperature, weather, energy consumption, traffic, and others) or our bodies (e.g., health data). However, as with any technology, IoT has introduced a number of security and privacy challenges. Indeed, IoT devices create, process, transfer and store data, which are often sensitive, and which must be protected from unauthorized access. Similarly, the infrastructure that links with IoT, as well as the IoT devices themselves, is an asset that needs to be protected. The focus of this work is examining authentication in IoT. In particular, in this work we conducted a state-of-the-art review of the access control models that have been proposed, including both traditional access control models and emerging models that have recently been proposed and are tailored for IoT. We identified that the existing models cannot cope with indeterminacy, an inherent characteristic of IoT, which hinders authentication decisions. In this context, we studied the two known components of indeterminacy, i.e., uncertainty and ambiguity, and proposed a new model that handles indeterminacy in authentication in IoT environments.
Keywords: Internet of Things; Authentication; Uncertainty; Ambiguity; Access control