EFFICIENT SECURITY SCHEMES FOR THE INTERNET OF THINGS AND DATA STORAGE ON THE CLOUD

Student thesis: Doctoral Thesis

Abstract

The
Internet of Things IoT and its applications have literally invaded our
environment, home, cars cities etc and there could be more than 40 billion
IoT devices generating around 80 zettabytes of data in 2025 Most of the
generated IoT data are stored on the cloud from where they can be securely
downloaded by users For real time IoT applications which require highly
efficient mechanisms fog computing offers better performance than cloud
computing For both cloud data storage and IoT applications relying on fog
computing, we need to provide end to end security Security includes besides
confidentiality of the data between sender and legitimate receiver, also integrity
of the data and authentication of the entities participating in the process In
addition anonymity and unlinkability of the sender are included as important
requirements to ensure privacy We have studied dedicated security
mechanisms with a focus on efficiency since the IoT devices are assumed to be
constrained devices and require a highly scalable approach due to their large
amount
Fog based architectures are nowadays popular as they are efficient in terms of
location awareness, hardware size easy deployment decentralized and
simplified operations, time criticalness internet connectivity and bandwidth
usage etc To address security issues in fog computing, we proposed two
solutions In the first scheme a new key agreement protocol is designed for an
architecture model with one sensor device, a fog node and the cloud server
The scheme relies on lightweight cryptographic operation to construct a
symmetric key In the second solution, the proposed protocol is suitable for a
group of devices a fog and a server providing authentication alongside
anonymity to the participants and use Elliptic Curve Cryptography to construct a
group key
We also focused on security primitives enabling secure data transmission from
the cloud service provider to the end users The cloud service provider is
considered as a n honest but curious entity who executes the required steps
but could be interested in retrieving the data for its own purpose The
confidentiality of the data should therefore be protected towards the cloud
Hence a symmetric key based mechanism was proposed to enable proxy re
encryption In proxy re encryption schemes a second encryption is performed
by the cloud before the re encrypted data are forwarded to the end user We
avoided computationally intensive operations and used lightweight
cryptographic operations such as bitwise XOR, concatenation and hash instead
This approach is highly efficient in terms of computation cost
The developed schemes were verified using formal verification methods and
informal analysis This PhD thesis contributes to the development of efficient
security primitives providing end to end security solutions between IoT devices
and different legitimate receivers.
Date of Award21 Sep 2021
Original languageEnglish
Awarding Institution
  • Vrije Universiteit Brussel
SupervisorKris Steenhaut (Promotor), An Braeken (Promotor), Leo Van Biesen (Jury), Roger Vounckx (Jury), Jacques Tiberghien (Jury), Abdellah Touhafi (Jury), Nele Mentens (Jury) & Jean-Michel Dricot (Jury)

Keywords

  • Internet of Things

Cite this

'