The University of Southampton
University of Southampton Institutional Repository
Warning ePrints Soton is experiencing an issue with some file downloads not being available. We are working hard to fix this. Please bear with us.

Enabling the secure use of dynamic identity for the internet of things — using the Secure Remote Update Protocol (SRUP)

Enabling the secure use of dynamic identity for the internet of things — using the Secure Remote Update Protocol (SRUP)
Enabling the secure use of dynamic identity for the internet of things — using the Secure Remote Update Protocol (SRUP)
This paper examines dynamic identity, as it pertains to the Internet of Things (IoT), and explores the practical implementation of a mitigation technique for some of the key weaknesses of a conventional dynamic identity model. This paper explores human-centric and machine-based observer approaches for confirming device identity, permitting automated identity confirmation for deployed systems. It also assesses the advantages of dynamic identity in the context of identity revocation permitting secure change of ownership for IoT devices. The paper explores use-cases for human and machine-based observation for authentication of device identity when devices join a Command and Control(C2) network, and considers the relative merits for these two approaches for different types of system.
C2, Identity, Internet of Things, IoT, MQTT, NFC, QR Code, Security, command and control
1999-5903
1-15
Poulter, Andrew John
8bbad929-4d27-43c7-ba22-8c737127e8c5
Ossont, Steven J
6b903ec2-7bae-4a56-9c21-eea0a70bfa2b
Cox, Simon
0e62aaed-24ad-4a74-b996-f606e40e5c55
Poulter, Andrew John
8bbad929-4d27-43c7-ba22-8c737127e8c5
Ossont, Steven J
6b903ec2-7bae-4a56-9c21-eea0a70bfa2b
Cox, Simon
0e62aaed-24ad-4a74-b996-f606e40e5c55

Poulter, Andrew John, Ossont, Steven J and Cox, Simon (2020) Enabling the secure use of dynamic identity for the internet of things — using the Secure Remote Update Protocol (SRUP). Future Internet, 12 (8), 1-15, [138]. (doi:10.3390/fi12080138).

Record type: Article

Abstract

This paper examines dynamic identity, as it pertains to the Internet of Things (IoT), and explores the practical implementation of a mitigation technique for some of the key weaknesses of a conventional dynamic identity model. This paper explores human-centric and machine-based observer approaches for confirming device identity, permitting automated identity confirmation for deployed systems. It also assesses the advantages of dynamic identity in the context of identity revocation permitting secure change of ownership for IoT devices. The paper explores use-cases for human and machine-based observation for authentication of device identity when devices join a Command and Control(C2) network, and considers the relative merits for these two approaches for different types of system.

Text
futureinternet-12-00138 - Version of Record
Available under License Creative Commons Attribution.
Download (6MB)

More information

Submitted date: 20 July 2020
e-pub ahead of print date: 15 August 2020
Published date: 18 August 2020
Keywords: C2, Identity, Internet of Things, IoT, MQTT, NFC, QR Code, Security, command and control

Identifiers

Local EPrints ID: 443462
URI: http://eprints.soton.ac.uk/id/eprint/443462
ISSN: 1999-5903
PURE UUID: 29b93bde-1461-4390-950b-c69c44bc148d
ORCID for Andrew John Poulter: ORCID iD orcid.org/0000-0002-3438-3981
ORCID for Steven J Ossont: ORCID iD orcid.org/0000-0003-3864-7072

Catalogue record

Date deposited: 26 Aug 2020 16:35
Last modified: 26 Nov 2021 03:08

Export record

Altmetrics

Contributors

Author: Andrew John Poulter ORCID iD
Author: Steven J Ossont ORCID iD
Author: Simon Cox

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×