Presentation Type

Oral Presentation

Start Date

5-8-2024 1:00 PM

End Date

5-8-2024 3:00 PM

Subjects

Internet of things, Information security and cryptography

Advisor

Primal Pappachan

Student Level

Doctoral

Abstract

The world of the connected “Internet of Things” (IoT), including the "Industrial Internet of Things" (IIoT) is expanding to include more devices which observe and influence our daily lives, routines, locations, and even our state of health. But have the underlying protocols by which they communicate this data kept pace with the need to protect our privacy and security?

My talk will introduce my research into an approach to better secure this information flow using appropriate access controls without sacrificing performance. I will assess the historical challenges and simple access controls applied to IoT networking protocols and how they can and must evolve to better protect the sensitive information they are now carrying, to protect the safety, privacy, and security of current-day societies. I also address issues of design complexity and efficiency so that my proposed security controls don't preclude real-world needs for IoT and IIoT systems to handle large sustained data flows without causing undue barriers to their operation.

While my work focuses on the Message Queue Telemetry Transport (MQTT) protocol specifically, which is nearly ubiquitous in the IoT world, the general concepts and attribute-based access controls (ABAC) I propose implementing may be applied in other protocols and use cases as well.

Creative Commons License or Rights Statement

Creative Commons Attribution 4.0 License
This work is licensed under a Creative Commons Attribution 4.0 License.

Persistent Identifier

https://archives.pdx.edu/ds/psu/41950

securing-mqtt.pdf (664 kB)
Presentation Slides: Securing the Internet of Things at Scale

Share

COinS
 
May 8th, 1:00 PM May 8th, 3:00 PM

Securing the Internet of Things at Scale

The world of the connected “Internet of Things” (IoT), including the "Industrial Internet of Things" (IIoT) is expanding to include more devices which observe and influence our daily lives, routines, locations, and even our state of health. But have the underlying protocols by which they communicate this data kept pace with the need to protect our privacy and security?

My talk will introduce my research into an approach to better secure this information flow using appropriate access controls without sacrificing performance. I will assess the historical challenges and simple access controls applied to IoT networking protocols and how they can and must evolve to better protect the sensitive information they are now carrying, to protect the safety, privacy, and security of current-day societies. I also address issues of design complexity and efficiency so that my proposed security controls don't preclude real-world needs for IoT and IIoT systems to handle large sustained data flows without causing undue barriers to their operation.

While my work focuses on the Message Queue Telemetry Transport (MQTT) protocol specifically, which is nearly ubiquitous in the IoT world, the general concepts and attribute-based access controls (ABAC) I propose implementing may be applied in other protocols and use cases as well.