On September 21 2021 at 15.00 Placide Shabisha will defend his PhD entitled “EFFICIENT SECURITY SCHEMES FOR THE INTERNET OF THINGS AND DATA STORAGE ON THE CLOUD”.
Everybody is invited to attend the online presentation via this teams link.
The Internet of Things (IoT) and its applications have literally invaded our environment, home, cities, cars, etc. and there could be more than 40 billion IoT devices generating around 80 zettabytes of data in 2025. Most of the generated IoT data are stored on the cloud from where they can be downloaded by users.
End-to-end security in this process is of ultimate importance in order to obtain trust of the users. The process consists of two main phases, data transmission from the IoT devices to a cloud service provider, and data transmission from the cloud service provider to a legitimate receiver. The cloud service provider is in our set-up considered as a so-called honest but curious entity, who executes the required steps but is interested in retrieving the data for own purposes. Security includes besides confidentiality of the data between sender and legitimate receiver, also integrity of the data and authentication of the entities participating in the process. In addition, anonymity and non-traceability of the sender are also often included as important requirements in order to increase the privacy. In this thesis, we have studied dedicated security mechanisms for both phases with a focus on efficiency since the IoT devices are assumed to be constrained devices and require a highly scalable approach due to their large amount.
In the first part of the thesis, we focused on security primitives enabling the secure data transmission from cloud service provider to receiver. On the one hand we proposed public key-based mechanisms to enable proxy re-signcryption, on the other hand symmetric key based mechanisms were proposed to enable proxy re-encryption. Public key-based schemes offer data integrity using signatures and are interesting for powerful devices. The symmetric key based approach is more efficient in terms of communication and computation cost. However, it requires the presence of a completely trusted third party, which is in possession of all keys and thus is vulnerable for key escrow.
In the second part of the thesis, we elaborate on the proposed mechanisms for secure data transmission between IoT devices and cloud service provider in which we consider a fog-based architecture. This fog type of architecture is nowadays very popular as they are efficient in terms of location awareness, hardware size, easy deployment, decentralized and simplified operations, time criticalness, internet connectivity and bandwidth usage, etc. We proposed two fog-based solutions. In the first scheme, a
new key agreement is designed for an architecture model with one device, a fog and a server. In the second solution, the proposed key agreement protocol is suitable for a group of devices, a fog and a server.
To conclude, this thesis contributes to the development and analysis of highly efficient security primitives required for an end-to-end security solution between IoT devices and different legitimate receivers.