% % This file was created by the TYPO3 extension % bib % --- Timezone: CEST % Creation date: 2024-05-07 % Creation time: 16-02-24 % --- Number of references % 18 % @Techreport { 2013-draft-garcia-core-security-06, title = {Security Considerations in the IP-based Internet of Things}, year = {2013}, month = {9}, day = {11}, number = {draft-garcia-core-security-06}, abstract = {A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-garcia-core-security-06}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Garcia-Morchon, Oscar and Keoh, Sye Loong and Kumar, Sandeep S. and Hummen, Ren{\'e} and Struik, Ren{\'e}} } @Article { 2013-scn-ziegeldorf-iot-privacy, title = {Privacy in the Internet of Things: Threats and Challenges}, journal = {Security and Communication Networks - Special Issue on 'Security in a Completely Interconnected World'}, year = {2013}, month = {6}, day = {10}, url = {http://www.comsys.rwth-aachen.de/fileadmin/papers/2013/2013-ziegeldorf-scn-privacy-in-the-iot.pdf}, misc2 = {Online}, publisher = {Wiley}, language = {en}, DOI = {10.1002/sec.795}, reviewed = {1}, author = {Ziegeldorf, Jan Henrik and Garcia-Morchon, Oscar and Wehrle, Klaus} } @Inproceedings { 2013-wisec-garcia-securing, title = {Securing the IP-based Internet of Things with HIP and DTLS}, year = {2013}, month = {4}, pages = {119--124}, publisher = {ACM}, booktitle = {Proceedings of the 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '13) (short paper)}, ISBN = {978-1-4503-1998-0}, DOI = {10.1145/2462096.2462117}, reviewed = {1}, author = {Garcia-Morchon, Oscar and Keoh, Sye Loong and Kumar, Sandeep S. and Moreno-Sanchez, Pedro and Vidal-Meca, Francisco and Ziegeldorf, Jan Henrik} } @Inproceedings { 2013-pitsac-vidalmeca-hip, title = {HIP security architecture for the IP-based Internet of Things}, year = {2013}, month = {3}, day = {25}, pages = {1331 - 1336}, abstract = {The IP-based Internet of Things refers to the pervasive interactions of smart objects and people enabling new applications by means of IP protocols. An application scenario is a Smart City in which the city infrastructure, cars, and people exchange information to enable new services. IP protocols, such as IPv6, TCP and HTTP will be further complemented by IPv6 over Low powerWireless Personal Area Networks and Constrained Application Protocol currently in development in IETF. Security and privacy are a must for the IP-based IoTs in order to ensure its acceptance. However, mobility, limited bandwidth, and resource-constrained devices pose new challenges and require for a sound and efficient security architecture. In particular, dynamic association of mobile smart objects and the management of keys in large-scale networks remain an open challenge. In this context, we propose a flexible security architecture based on the Host Identity Protocol and Multimedia Internet KEYing protocols allowing for secure network association and key management. HIP - based on asymmetric-key cryptography - ensures unambiguous thing identification, mobility support, as well as a lightweight and secure method for network association. In our solution, HIP is extended with MIKEY capabilities to provide enhanced key management using polynomials, which allow to generate pairwise keys with any node based on its identity. This combination of protocols and crypto-algorithms ensures both strong security and very good performance as shown by our implementation and presents clear advantages compared with other alternatives.}, keywords = {Internet of Things; Security; Network Access; Key Management}, misc2 = {Online}, publisher = {IEEE}, booktitle = {Proceedings of the 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2013}, event_place = {Barcelona, Spain}, event_date = {25.-28.03.2013}, language = {en}, DOI = {10.1109/WAINA.2013.158}, reviewed = {1}, author = {Vidal Meca, Francisco and Ziegeldorf, Jan Henrik and Garcia-Morchon, Oscar and Kumar, Sandeep S. and Keoh, Sye Loong and Moreno-Sanchez, Pedro} } @Techreport { 2013-draft-garcia-core-security-05, title = {Security Considerations in the IP-based Internet of Things}, year = {2013}, month = {3}, day = {11}, number = {draft-garcia-core-security-05}, abstract = {A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-garcia-core-security-05}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Garcia-Morchon, Oscar and Keoh, Sye Loong and Kumar, Sandeep S. and Hummen, Ren{\'e} and Struik, Ren{\'e}} } @Techreport { 2012-draft-garcia-core-security, title = {Security Considerations in the IP-based Internet of Things}, year = {2012}, month = {3}, day = {26}, number = {draft-garcia-core-security-04}, abstract = {A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-garcia-core-security-04}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Garcia-Morchon, Oscar and Keoh, Sye Loong and Kumar, Sandeep S. and Hummen, Ren{\'e} and Struik, Ren{\'e}} } @Techreport { 2011-draft-garcia-core-security-03, title = {Security Considerations in the IP-based Internet of Things}, year = {2011}, month = {10}, day = {31}, number = {draft-garcia-core-security-03}, abstract = {A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-garcia-core-security-03}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Garcia-Morchon, Oscar and Keoh, Sye Loong and Kumar, Sandeep S. and Hummen, Ren{\'e} and Struik, Ren{\'e}} } @Article { 2011-heer-iot-journal, title = {Security Challenges in the IP-based Internet of Things}, journal = {Springer Wireless Personal Communications Journal}, year = {2011}, month = {10}, volume = {61}, number = {3}, pages = {527-542}, abstract = {A direct interpretation of the term Internet of Things refers to the use of standard Internet protocols for the human-to-thing or thing-to-thing communication in embedded networks. Although the security needs are well-recognized in this domain, it is still not fully understood how existing IP security protocols and architectures can be deployed. In this paper, we discuss the applicability and limitations of existing Internet protocols and security architectures in the context of the Internet of Things. First, we give an overview of the deployment model and general security needs. We then present challenges and requirements for IP-based security solutions and highlight specific technical limitations of standard IP security protocols.}, tags = {iotsec}, url = {fileadmin/papers/2011/2011-heer-iot-challenges.pdf}, misc2 = {Online}, publisher = {Springer}, address = {Netherlands}, language = {en}, ISSN = {0929-6212}, DOI = {10.1007/s11277-011-0385-5}, reviewed = {1}, author = {Heer, Tobias and Garcia-Morchon, Oscar and Hummen, Ren{\'e} and Keoh, Sye Loong and Kumar, Sandeep S. and Wehrle, Klaus} } @Techreport { 2011-draft-garcia-core-security-02, title = {Security Considerations in the IP-based Internet of Things}, year = {2011}, month = {7}, day = {11}, number = {draft-garcia-core-security-02}, abstract = {A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-garcia-core-security-02}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Garcia-Morchon, Oscar and Keoh, Sye Loong and Kumar, Sandeep S. and Hummen, Ren{\'e} and Struik, Ren{\'e}} } @Techreport { 2011-draft-garcia-core-security-01, title = {Security Considerations in the IP-based Internet of Things}, year = {2011}, month = {3}, day = {14}, number = {draft-garcia-core-security-01}, abstract = {A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-garcia-core-security-01}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Garcia-Morchon, Oscar and Keoh, Sye Loong and Kumar, Sandeep S. and Hummen, Ren{\'e} and Struik, Ren{\'e}} } @Techreport { 2011-draft-garcia-core-security-00, title = {Security Considerations in the IP-based Internet of Things}, year = {2011}, month = {3}, day = {7}, number = {draft-garcia-core-security-00}, abstract = {A direct interpretation of the Internet of Things concept refers to the usage of standard Internet protocols to allow for human-to-thing or thing-to-thing communication. Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting. This Internet-Draft first provides an overview of security architecture, its deployment model and general security needs in the context of the lifecycle of a thing. Then, it presents challenges and requirements for the successful roll-out of new applications and usage of standard IP-based security protocols when applied to get a functional Internet of Things.}, note = {Work in progress}, tags = {iotsec; ietf}, url = {http://tools.ietf.org/html/draft-garcia-core-security-00}, misc2 = {Online}, institution = {Internet Engineering Task Force}, type = {Internet-Draft}, language = {en}, author = {Garcia-Morchon, Oscar and Keoh, Sye Loong and Kumar, Sandeep S. and Hummen, Ren{\'e} and Struik, Ren{\'e}} } @Inproceedings { 201003GarciaEffContAwareAccControlPMS, title = {Efficient and Context-Aware Access Control for Pervasive Medical Sensor Networks}, year = {2010}, booktitle = {Proceedings of the First IEEE PerCom Workshop on Pervasive Healthcare}, author = {Garcia-Morchon, Oscar and Wehrle, Klaus} } @Inproceedings { 201006GarciaIFIPTM, title = {On Applications of Cooperative Security in Distributed Networks}, year = {2010}, abstract = {ManyapplicationsrunningontheInternetoperateinfullyor semi-distributed fashion including P2P networks or social networks. Dis- tributed applications exhibit many advantages over classical client-server models regarding scalability, fault tolerance, and cost. Unfortunately, the distributed system operation also brings many security threats along that challenge their performance and reliability. In particular, faulty or mis- behaving nodes cannot collude to subvert the system operation. This paper addresses the above threats by applying cooperative security techniques to relevant distributed systems in the Internet. Our goal is to present methods that allow the peers to bootstrap basic trust relation- ships at the time of joining a distributed network and remove the peers if trust is lost. We consider the specific security caveats of the analyzed sys- tems, investigate the applicability of existing cooperative security-based protocols, and propose general design guidelines for cooperative-security protocol in described distributed systems.}, misc2 = {Print}, publisher = {Springer}, address = {Berlin}, booktitle = {Proceedings of IFIPTM 2010 - 4th International Conference on Trust Management}, event_place = {Morioka, Japan}, event_name = {4th International Conference on Trust Management}, language = {en}, ISBN = {978-3-642-13445-6}, reviewed = {1}, author = {Kuptsov, Dmitriy and Garcia-Morchon, Oscar and Wehrle, Klaus and Gurtov, Andrei} } @Inproceedings { 201006GarciaSacmat, title = {Modular Context-Aware Access Control for Medical Sensor Network}, year = {2010}, abstract = {Medical sensor networks allow for pervasive health monitoring of users in hospitals, at home, or on the way. The privacy and confidentiality of medical data need to be guaranteed at any moment to make sure that unauthorized parties cannot retrieve confidential information. This is a great challenge due to two main reasons. First, wireless sensors are resource-constrained devices that limit the applicability of traditional solutions. Second, the access control system must be context-aware and adapt its security settings to ensure the users' safety during, e.g., medical emergencies. To solve these issues, this paper presents a modular context-aware access control system tailored to pervasive medical sensor networks in which the access control decisions and the response delay depend upon the health acuteness of a user. Our system extends traditional role-based access control systems by allowing for context-awareness in critical, emergency, and normal access control situations. We further present a lightweight encoding for our modular access control policies as well as an access control engine efficiently running on resource-constrained sensor nodes. Finally, we analyze how the proposed access control system suits existing security architectures for medical sensor networks.}, address = {Pittsburgh, USA}, booktitle = {Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT'10)}, organization = {ACM}, ISBN = {978-1-4503-0049-0}, DOI = {10.1145/1809842.1809864}, reviewed = {1}, author = {Garcia-Morchon, Oscar and Wehrle, Klaus} } @Inproceedings { securityforpervasivemedicalsensornetworks, title = {Security for Pervasive Medical Sensor Networks}, year = {2009}, month = {7}, day = {13}, volume = {1}, url = {http://www.comsys.rwth-aachen.de/fileadmin/papers/2009/2009-garcia-mobiq.pdf}, misc2 = {Print}, publisher = {IEEE Press}, address = {Washington, DC, USA}, booktitle = {6th Annual International Conference on Mobile and Ubiquitous Systems (MobiQuitous 2009), Toronto}, organization = {ICST/IEEE}, event_place = {Toronto, CAN}, event_name = {6th Annual International Conference on Mobile and Ubiquitous Systems (MobiQuitous 2009)}, language = {en}, ISBN = {978-963-9799-59-2}, DOI = {10.4108/ICST.MOBIQUITOUS2009.6832}, reviewed = {1}, author = {Garcia-Morchon, Oscar and Falck, Thomas and Heer, Tobias and Wehrle, Klaus} } @Inproceedings { 2009morchonpodckeyagreementwsn, title = {Lightweight Key Agreement and Digital Certificates for Wireles Sensor Networks}, year = {2009}, volume = {1}, pages = {326-327}, note = {Brief Announcement}, misc2 = {Print}, publisher = {ACM}, address = {New York, NY, USA}, booktitle = {Proceedings of the 28th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (PODC 2009), Calgary}, event_place = {Calgary, CN}, event_name = {28th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (PODC 2009)}, language = {en}, ISBN = {978-963-9799-59-2}, DOI = {10.1145/1582716.1582791}, reviewed = {1}, author = {Garcia-Morchon, Oscar and Heer, Tobias and Tolhuizen, Ludo and Wehrle, Klaus} } @Inproceedings { heer-2008-conext-alpha, title = {ALPHA: an adaptive and lightweight protocol for hop-by-hop authentication}, year = {2008}, month = {12}, volume = {1}, pages = {23:1--23:12}, url = {http://www.comsys.rwth-aachen.de/fileadmin/papers/2008/2008-heer-conext-alpha.pdf}, misc2 = {Print}, publisher = {ACM}, address = {New York, NY, USA}, series = {CoNEXT '08}, booktitle = {Proceedings of the 2008 ACM CoNEXT Conference, Madrid, Spain}, event_place = {Madrid, Spain}, event_name = {ACM Conext 2008}, event_date = {December 2008}, language = {en}, ISBN = {978-1-60558-210-8}, DOI = {10.1145/1544012.1544035}, reviewed = {1}, author = {Heer, Tobias and G{\"o}tz, Stefan and Garcia-Morchon, Oscar and Wehrle, Klaus} } @Inproceedings { GarciaMorchonEtAl2007, title = {Cooperative Security in Distributed Sensor Networks}, year = {2007}, volume = {1}, misc2 = {Print}, publisher = {IEEE}, address = {Washington, DC, USA}, series = {1}, booktitle = {Proceedings of the third International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2007}, organization = {IEEE}, event_name = {CollaborateCom}, language = {en}, ISBN = {978-1-4244-1318-8}, reviewed = {1}, author = {Garcia-Morchon, Oscar and Baldus, Heribert and Heer, Tobias and Wehrle, Klaus} }