'Internet of Things: A contribution to the improvement of IoT for interoperability and enhanced security'

Placide Shabisha

Research output: ThesisPhD Thesis


The Internet of Things (IoT) and its applications have literally invaded our
environment, home, cars, cities, etc. and there could be more than 40 billion
IoT devices generating around 80 zettabytes of data in 2025. Most of the
generated IoT data are stored on the cloud from where they can be securely
downloaded by users. For real-time IoT applications which require highly
efficient mechanisms, fog computing offers better performance than cloud
computing. For both cloud data storage and IoT applications relying on fog
computing, we need to provide end-to-end security. Security includes, besides
confidentiality of the data between sender and legitimate receiver, also integrity of the data and authentication of the entities participating in the process. In addition, anonymity and unlinkability of the sender are included as important requirements to ensure privacy. We have studied dedicated security
mechanisms with a focus on efficiency since the IoT devices are assumed to be
constrained devices and require a highly scalable approach due to their large
amount. Fog-based architectures are nowadays popular as they are efficient in terms of location awareness, hardware size, easy deployment, decentralized and simplified operations, time criticalness, internet connectivity and bandwidth usage, etc. To address security issues in fog computing, we proposed two solutions. In the first scheme, a new key agreement protocol is designed for an architecture model with one sensor device, a fog node, and the cloud server. The scheme relies on lightweight cryptographic operation to construct a symmetric key. In the second solution, the proposed protocol is suitable for a group of devices, a fog and a server providing authentication alongside
anonymity to the participants and use Elliptic Curve Cryptography to construct a group key.
We also focused on security primitives enabling secure data transmission from
the cloud service provider to the end-users. The cloud service provider is
considered as an honest-but-curious entity, who executes the required steps
but could be interested in retrieving the data for its own purpose. The
confidentiality of the data should therefore be protected towards the cloud.
Hence, a symmetric key based mechanism was proposed to enable proxy re-
encryption. In proxy re-encryption schemes, a second encryption is performed
by the cloud before the re-encrypted data are forwarded to the end-user. We
avoided computationally intensive operations and used lightweight
cryptographic operations such as bitwise XOR, concatenation and hash instead.
This approach is highly efficient in terms of computation cost.
The developed schemes were verified using formal verification methods and
informal analysis. This PhD thesis contributes to the development of efficient
security primitives providing end-to-end security solutions between IoT devices and different legitimate receivers.
Original languageEnglish
QualificationDoctor of Engineering Sciences
Awarding Institution
  • Vrije Universiteit Brussel
  • Steenhaut, Kris, Supervisor
  • Braeken, An, Supervisor
Award date21 Sep 2021
Place of PublicationBrussels
Publication statusPublished - 2021


Dive into the research topics of ''Internet of Things: A contribution to the improvement of IoT for interoperability and enhanced security''. Together they form a unique fingerprint.

Cite this