Hi all.
WRT
- Securing IoT is important now.
I would like to let you know about our recent work [1] on access control
for the IoT. You can find a pdf version of this work here [2] and a
reference RIOT-based implementation here [3]
The basic idea is that a trusted third party helps a Thing and an
*authorized* user to establish an ephemeral (session-specific)
encryption key. It is lightweight (in uses only HMAC and AES) and it
provides Thing authentication.
Best,
Nikos
[1] N. Fotiou, T. Kotsonis, G. F. Marias, G. C. Polyzos, "Access Control
for the Internet of Things", Proc. of the ESORICS International Workshop
on Secure Internet of Things 2016 (SIoT 2016), Heraklion, Greece, 2016
[2] http://pages.cs.aueb.gr/~fotiou/papers/SIoT.pdf
[3] https://github.com/ControlThingsOpenSource/Access-Control
_______________________________________________
devel mailing list
devel@riot-os.org
https://lists.riot-os.org/mailman/listinfo/devel
