Gerência de Autenticação de Dispositivos IoT Adaptativa Aos Ambientes Urbanos Apoiada em Políticas e Confiança Social
Resumo
A autenticação de dispositivos é um dos requisitos-chave à segurança dos ambientes IoT. Entretanto, os atuais Sistemas de Autenticação Adaptativa (SAAs) empregam fatores de adaptação de forma isolada e ignoram a correlação entre os fatores, bem como as relações constituídas pelos dispositivos nos ambientes onde eles estão inseridos. Assim, esses SAAs mostram-se ainda rígidos quanto aos mecanismos mais compatíveis num dado ambiente, e não provendo uma adaptação multi-fatorial. Este trabalho propõe o sistema GALENA para o gerenciamento adaptativo da autenticação de dispositivos nas redes IoT, apoiado em estratégias de confiança social, no ambiente de inserção e uso de políticas. Uma avaliação por simulação do GALENA no NS3 mostrou a sua eficiência na adaptação e seleção do mecanismo de autenticação adequado a cada interação, tendo uma taxa de compatibilidade de cerca de 97% com 200 dispositivos e de 98% com 400 dispositivos, em todos os cenários analisados, com acurácia máxima da confiança de 0,45 e 0,38, respectivamente.Referências
Aman, W. and Snekkenes, E. (2015). EDAS: An evaluation prototype for autonomic event-driven adaptive security in the internet of things. Future Internet, 7(4):225–256.
Arias-Cabarcos, P., Krupitzer, C., and Becker, C. (2019). A survey on adaptive authentication. ACM Computing Surveys, 52(4):1–30.
Assis, M. V. O. D., Hamamoto, A. H., Abrao, T., and Proenca, M. L. (2017). A game theoretical based system using holt-winters and genetic algorithm with fuzzy logic for DoS/DDoS mitigation on SDN networks. IEEE Access, 5:9485–9496.
Chen, I.-R., Guo, J., Wang, D.-C., Tsai, J. J., Al-Hamadi, H., and You, I. (2018). Trust as a Service for IoT Service Management in Smart Cities. In 2018 IEEE 20th International Conference on High Performance Computing and Communications., pages 1358–1365. IEEE.
de Oliveira, G. H., de Souza Batista, A., Nogueira, M., and dos Santos, A. L. (2022). An access control for iot based on network community perception and social trust against sybil attacks. International Journal of Network Management, 32(1):e2181.
El-hajj, M., Fadlallah, A., Chamoun, M., and Serhrouchni, A. (2019). A survey of internet of things (IoT) authentication schemes. Sensors, 19(5):1141.
Gebrie, M. T. and Abie, H. (2017). Risk-based adaptive authentication for internet of things in smart home ehealth. In Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings, pages 102–108.
Gwak, B., Cho, J. H., Lee, D., and Son, H. (2018). TARAS: Trust-Aware Role-Based Access Control System in Public Internet-of-Things. 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pages 74–85.
Hamdi, M. and Abie, H. (2014). Game-based adaptive security in the internet of things for eHealth. In 2014 IEEE International Conference on Communications (ICC). IEEE.
Hayashi, E., Das, S., Amini, S., Hong, J., and Oakley, I. (2013). Casa: context-aware scalable authentication. In Proc. of the Ninth Symposium on Usable Privacy and Security, pages 1–10.
Huertas Celdrán, A., Gil Pérez, M., García Clemente, F. J., and Martínez Pérez, G. (2019). Towards the autonomous provision of self-protection capabilities in 5G networks. Journal of Ambient Intelligence and Humanized Computing, 10(12):4707–4720.
Jafarian, B., Yazdani, N., and Haghighi, M. S. (2020). Discrimination-aware trust management for social internet of things. Computer Networks, 178:107254.
Marche, C., Atzori, L., and Nitti, M. (2018). A dataset for performance analysis of the social internet of things. In 2018 IEEE 29th Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), pages 1–5. IEEE.
Morabito, R. and Jimenez, J. (2020). IETF protocol suite for the internet of things: Overview and recent advancements. IEEE Communications Standards Magazine, 4(2):41–49.
Patwary, A. A.-N., Fu, A., Naha, R. K., Battula, S. K., Garg, S., Patwary, M. A. K., and Aghasian, E. (2020). Authentication, access control, privacy, threats and trust management towards securing fog computing environments: A review. arXiv preprint arXiv:2003.00395.
Qin, W., Chen, S., and Peng, M. (2020). Recent advances in industrial internet: insights and challenges. Digital Communications and Networks, 6(1):1–13.
Sylla, T., Chalouf, M. A., Krief, F., and Samaké, K. (2020). Towards a context-aware security and privacy as a service in the internet of things. In IFIP Info Security Theory and Practice.
Tan, S., Liu, Y., Li, X., and Dong, Q. (2016). A similarity-based indirect trust model with antispoofing capability. Security and Communication Networks, 9(18):5868–5881.
Arias-Cabarcos, P., Krupitzer, C., and Becker, C. (2019). A survey on adaptive authentication. ACM Computing Surveys, 52(4):1–30.
Assis, M. V. O. D., Hamamoto, A. H., Abrao, T., and Proenca, M. L. (2017). A game theoretical based system using holt-winters and genetic algorithm with fuzzy logic for DoS/DDoS mitigation on SDN networks. IEEE Access, 5:9485–9496.
Chen, I.-R., Guo, J., Wang, D.-C., Tsai, J. J., Al-Hamadi, H., and You, I. (2018). Trust as a Service for IoT Service Management in Smart Cities. In 2018 IEEE 20th International Conference on High Performance Computing and Communications., pages 1358–1365. IEEE.
de Oliveira, G. H., de Souza Batista, A., Nogueira, M., and dos Santos, A. L. (2022). An access control for iot based on network community perception and social trust against sybil attacks. International Journal of Network Management, 32(1):e2181.
El-hajj, M., Fadlallah, A., Chamoun, M., and Serhrouchni, A. (2019). A survey of internet of things (IoT) authentication schemes. Sensors, 19(5):1141.
Gebrie, M. T. and Abie, H. (2017). Risk-based adaptive authentication for internet of things in smart home ehealth. In Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings, pages 102–108.
Gwak, B., Cho, J. H., Lee, D., and Son, H. (2018). TARAS: Trust-Aware Role-Based Access Control System in Public Internet-of-Things. 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pages 74–85.
Hamdi, M. and Abie, H. (2014). Game-based adaptive security in the internet of things for eHealth. In 2014 IEEE International Conference on Communications (ICC). IEEE.
Hayashi, E., Das, S., Amini, S., Hong, J., and Oakley, I. (2013). Casa: context-aware scalable authentication. In Proc. of the Ninth Symposium on Usable Privacy and Security, pages 1–10.
Huertas Celdrán, A., Gil Pérez, M., García Clemente, F. J., and Martínez Pérez, G. (2019). Towards the autonomous provision of self-protection capabilities in 5G networks. Journal of Ambient Intelligence and Humanized Computing, 10(12):4707–4720.
Jafarian, B., Yazdani, N., and Haghighi, M. S. (2020). Discrimination-aware trust management for social internet of things. Computer Networks, 178:107254.
Marche, C., Atzori, L., and Nitti, M. (2018). A dataset for performance analysis of the social internet of things. In 2018 IEEE 29th Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), pages 1–5. IEEE.
Morabito, R. and Jimenez, J. (2020). IETF protocol suite for the internet of things: Overview and recent advancements. IEEE Communications Standards Magazine, 4(2):41–49.
Patwary, A. A.-N., Fu, A., Naha, R. K., Battula, S. K., Garg, S., Patwary, M. A. K., and Aghasian, E. (2020). Authentication, access control, privacy, threats and trust management towards securing fog computing environments: A review. arXiv preprint arXiv:2003.00395.
Qin, W., Chen, S., and Peng, M. (2020). Recent advances in industrial internet: insights and challenges. Digital Communications and Networks, 6(1):1–13.
Sylla, T., Chalouf, M. A., Krief, F., and Samaké, K. (2020). Towards a context-aware security and privacy as a service in the internet of things. In IFIP Info Security Theory and Practice.
Tan, S., Liu, Y., Li, X., and Dong, Q. (2016). A similarity-based indirect trust model with antispoofing capability. Security and Communication Networks, 9(18):5868–5881.
Publicado
23/05/2022
Como Citar
MORAES, Yan Uehara de; PEDROSO, Carlos; NOGUEIRA, José Marcos; SANTOS, Aldri.
Gerência de Autenticação de Dispositivos IoT Adaptativa Aos Ambientes Urbanos Apoiada em Políticas e Confiança Social. In: SIMPÓSIO BRASILEIRO DE REDES DE COMPUTADORES E SISTEMAS DISTRIBUÍDOS (SBRC), 40. , 2022, Fortaleza.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 84-97.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2022.221966.
