| Publikationstyp: | Konferenz: Sonstiges |
| Art der Begutachtung: | Peer review (Abstract) |
| Titel: | Authenticating wireless nodes in building automation : challenges and approaches |
| Autor/-in: | Rüst, Andreas |
| et. al: | No |
| Angaben zur Konferenz: | 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018 |
| Erscheinungsdatum: | 4-Dez-2018 |
| Sprache: | Englisch |
| Schlagwörter: | IoT Security; Authentication; Bootstrapping |
| Fachgebiet (DDC): | 004: Informatik |
| Zusammenfassung: | Recent technologies and standards allow connecting constrained wireless nodes to the Internet by natively using the prevailing Internet Protocol (IP). Such standards include the protocol stack as defined by the Thread Group, based on CoAP, UDP, IPv6, 6LoWPAN and IEEE 802.15.4. As a result, the sensor and actuator networks on the field level will coalesced with the existing IT networks. Specifically, replacing gateways with routers significantly simplifies a building automation system and enables new applications. Employing IP communication, a central automation station can directly and uniformly access sensor and actuator services on field nodes. Consequently, to become a full-fledged member of an IT domain, a constrained node on the field level has to fulfill specific security requirements. However, implementing such requirements is especially challenging on constrained low power and low-cost nodes. Such nodes typically have decidedly lower resources with regard to compute performance, memory and network connectivity. Nevertheless, such nodes require a mutual authentication during the provisioning into an individual IT domain. Specifically, several trust relationships need to be established. Before granting access to the node, the IT domain administrator requires proof that the node is not compromised, e.g. by loading malicious firmware. This proof includes not only the proof that the trusted supplier has manufactured the node but also a complete and unforgeable list of previous installations and owners. As building automation systems typically are an integral part of a building, they represent capital assets and change ownership during their lifetime. On the other hand, before legitimately joining a new domain, the individual node needs to know: Is the deployment into this specific building legit? The scale of building automation systems in large buildings with hundreds of nodes mandates a highly automated authentication process. A simple provisioning of the nodes is essential. The paper presents results from a two-year long, federally funded (Innosuisse) project. As a proof-of-concept, the project implements a demonstrator based on the emerging recommendations of the Fairhair Alliance. Low power nodes in a Thread network shall be provided with a secure bootstrapping process to be easily provisioned into an existing IT domain. The use of smartphones supports and simplifies this provisioning process. The public-key-based mutual authentication takes place between the low power nodes on one side and a certificate authority (CA) operated by the node manufacturer and a CA operated by the building operator on the other side. As a result, the node receives an operational certificate and can legitimately join the IT domain. The paper illustrates the challenges encountered and proposes appropriate approaches. |
| Weitere Angaben: | For the paper, please follow this link: https://doi.org/10.21256/zhaw-2750 |
| URI: | https://youtu.be/34OEDYTkdGI https://digitalcollection.zhaw.ch/handle/11475/17784 |
| Volltext Version: | Publizierte Version |
| Lizenz (gemäss Verlagsvertrag): | Lizenz gemäss Verlagsvertrag |
| Departement: | School of Engineering |
| Organisationseinheit: | Institute of Embedded Systems (InES) |
| Enthalten in den Sammlungen: | Publikationen School of Engineering |
Dateien zu dieser Ressource:
Es gibt keine Dateien zu dieser Ressource.
Zur Langanzeige
Rüst, A. (2018, December 4). Authenticating wireless nodes in building automation : challenges and approaches. 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018. https://youtu.be/34OEDYTkdGI
Rüst, A. (2018) ‘Authenticating wireless nodes in building automation : challenges and approaches’, in 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018. Available at: https://youtu.be/34OEDYTkdGI.
A. Rüst, “Authenticating wireless nodes in building automation : challenges and approaches,” in 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018, Dec. 2018. [Online]. Available: https://youtu.be/34OEDYTkdGI
RÜST, Andreas, 2018. Authenticating wireless nodes in building automation : challenges and approaches. In: 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018 [online]. Conference presentation. 4 Dezember 2018. Verfügbar unter: https://youtu.be/34OEDYTkdGI
Rüst, Andreas. 2018. “Authenticating Wireless Nodes in Building Automation : Challenges and Approaches.” Conference presentation. In 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018. https://youtu.be/34OEDYTkdGI.
Rüst, Andreas. “Authenticating Wireless Nodes in Building Automation : Challenges and Approaches.” 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018, 2018, https://youtu.be/34OEDYTkdGI.
Alle Ressourcen in diesem Repository sind urheberrechtlich geschützt, soweit nicht anderweitig angezeigt.