*banner
 

An Architectural Mechanism for Resilient IoT Services
Hokeun Kim, Eunsuk Kang, David Broman, Edward A. Lee

Citation
Hokeun Kim, Eunsuk Kang, David Broman, Edward A. Lee. "An Architectural Mechanism for Resilient IoT Services". 1st ACM Workshop on Internet of Safe Things (SafeThings 2017), 5, November, 2017.

Abstract
Availability of authentication and authorization services is critical for the safety of the Internet of Things (IoT). By leveraging an emerging network architecture based on edge computers, IoT's availability can be protected even under situations such as network failures or denial-of-service (DoS) attacks. However, little has been explored for the issue of sustaining availability even when edge computers fail. In this paper, we propose an architectural mechanism for enhancing the availability of the authorization infrastructure for the IoT. The proposed approach leverages a technique called \textit{secure migration}, which allows IoT devices to migrate to other local authorization entities served in trusted edge computers when their authorization entity becomes unavailable. Specifically, we point out necessary considerations for planning secure migration and present automated migration policy construction and protocols for preparing and executing the migration. The effectiveness of our approach is illustrated using a concrete application of smart buildings and network simulation, where our proposed solution achieves significantly higher availability in case of failures in some of the authorization entities.

Electronic downloads

Citation formats  
  • HTML
    Hokeun Kim, Eunsuk Kang, David Broman, Edward A. Lee. <a
    href="http://chess.eecs.berkeley.edu/pubs/1197.html"
    >An Architectural Mechanism for Resilient IoT
    Services</a>, 1st ACM Workshop on Internet of Safe
    Things (SafeThings 2017), 5, November, 2017.
  • Plain text
    Hokeun Kim, Eunsuk Kang, David Broman, Edward A. Lee.
    "An Architectural Mechanism for Resilient IoT
    Services". 1st ACM Workshop on Internet of Safe Things
    (SafeThings 2017), 5, November, 2017.
  • BibTeX
    @inproceedings{KimKangBromanLee17_ArchitecturalMechanismForResilientIoTServices,
        author = {Hokeun Kim and Eunsuk Kang and David Broman and
                  Edward A. Lee},
        title = {An Architectural Mechanism for Resilient IoT
                  Services},
        booktitle = {1st ACM Workshop on Internet of Safe Things
                  (SafeThings 2017)},
        day = {5},
        month = {November},
        year = {2017},
        abstract = {Availability of authentication and authorization
                  services is critical for the safety of the
                  Internet of Things (IoT). By leveraging an
                  emerging network architecture based on edge
                  computers, IoT's availability can be protected
                  even under situations such as network failures or
                  denial-of-service (DoS) attacks. However, little
                  has been explored for the issue of sustaining
                  availability even when edge computers fail. In
                  this paper, we propose an architectural mechanism
                  for enhancing the availability of the
                  authorization infrastructure for the IoT. The
                  proposed approach leverages a technique called
                  \textit{secure migration}, which allows IoT
                  devices to migrate to other local authorization
                  entities served in trusted edge computers when
                  their authorization entity becomes unavailable.
                  Specifically, we point out necessary
                  considerations for planning secure migration and
                  present automated migration policy construction
                  and protocols for preparing and executing the
                  migration. The effectiveness of our approach is
                  illustrated using a concrete application of smart
                  buildings and network simulation, where our
                  proposed solution achieves significantly higher
                  availability in case of failures in some of the
                  authorization entities.},
        URL = {http://chess.eecs.berkeley.edu/pubs/1197.html}
    }
    

Posted by Hokeun Kim on 15 Oct 2017.
Groups: chess
For additional information, see the Publications FAQ or contact webmaster at chess eecs berkeley edu.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.

You are not logged in 
©2002-2018 Chess