Presentation Type
Oral Presentation
Start Date
5-8-2024 1:00 PM
End Date
5-8-2024 3:00 PM
Subjects
Internet of things, Information security and cryptography
Advisor
Primal Pappachan
Student Level
Doctoral
Abstract
The world of the connected “Internet of Things” (IoT), including the "Industrial Internet of Things" (IIoT) is expanding to include more devices which observe and influence our daily lives, routines, locations, and even our state of health. But have the underlying protocols by which they communicate this data kept pace with the need to protect our privacy and security?
My talk will introduce my research into an approach to better secure this information flow using appropriate access controls without sacrificing performance. I will assess the historical challenges and simple access controls applied to IoT networking protocols and how they can and must evolve to better protect the sensitive information they are now carrying, to protect the safety, privacy, and security of current-day societies. I also address issues of design complexity and efficiency so that my proposed security controls don't preclude real-world needs for IoT and IIoT systems to handle large sustained data flows without causing undue barriers to their operation.
While my work focuses on the Message Queue Telemetry Transport (MQTT) protocol specifically, which is nearly ubiquitous in the IoT world, the general concepts and attribute-based access controls (ABAC) I propose implementing may be applied in other protocols and use cases as well.
Creative Commons License or Rights Statement
This work is licensed under a Creative Commons Attribution 4.0 License.
Presentation Slides: Securing the Internet of Things at Scale
Included in
Securing the Internet of Things at Scale
The world of the connected “Internet of Things” (IoT), including the "Industrial Internet of Things" (IIoT) is expanding to include more devices which observe and influence our daily lives, routines, locations, and even our state of health. But have the underlying protocols by which they communicate this data kept pace with the need to protect our privacy and security?
My talk will introduce my research into an approach to better secure this information flow using appropriate access controls without sacrificing performance. I will assess the historical challenges and simple access controls applied to IoT networking protocols and how they can and must evolve to better protect the sensitive information they are now carrying, to protect the safety, privacy, and security of current-day societies. I also address issues of design complexity and efficiency so that my proposed security controls don't preclude real-world needs for IoT and IIoT systems to handle large sustained data flows without causing undue barriers to their operation.
While my work focuses on the Message Queue Telemetry Transport (MQTT) protocol specifically, which is nearly ubiquitous in the IoT world, the general concepts and attribute-based access controls (ABAC) I propose implementing may be applied in other protocols and use cases as well.