Publications - Pervasive Computing Laboratory

 Access control anotacionsemantica authentication Cloud computing coap compromise cryptography cynamon emadrid emrisco home network I-Shaper identity management inrisco inteligenciafuentesabiertas Internet of Things IoT magos Pervasive computing privacy Protocols Qursa raudo2 Security servicioseguridad Smart Card Trust management Ubisec VANETs 
Show all
2020
 Seoane-Merida, Victor;  Almenares-Mendoza, Florina;  Campo-Vázquez, Celeste;  García-Rubio, Carlos
Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments Conference 
PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, ASSOCIATION FOR COMPUTING MACHINERY, INC , 2020, ISBN: 978-1-4503-8118-5.
Abstract | Links | BibTeX | Tags: coap, cynamon, DTLS, IoT, magos, Performance evaluation
@conference{campo016b,

title = {Performance Evaluation of the CoAP Protocol with Security Support for IoT Environments},

author = {Victor Seoane-Merida and Florina Almenares-Mendoza and Celeste Campo-Vázquez and Carlos García-Rubio},

doi = {https://doi.org/10.1145/3416011.3424754},

isbn = {978-1-4503-8118-5},

year  = {2020},

date = {2020-11-09},

urldate = {2020-11-09},

booktitle = {PE-WASUN '20: Proceedings of the 17th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks},

pages = {41-48},

publisher = {ASSOCIATION FOR COMPUTING MACHINERY, INC },

abstract = {Internet of Things (IoT) can be defined as the interconnection through Internet of an unprecedented number of devices with the purpose of exchanging data. It stands as one of the most popular technologies for the following years and it is requiring substantial changes in the Internet protocols to meet its requirements. As the application layer is decisive for the quality of the connection, this paper analyzes the performance offered by one of the most popular protocols for the application layer in IoT: the Constrained Application Protocol (CoAP). This analysis aims to examine the features and capabilities of this protocol and to determine its feasibility to operate under constrained devices using security support. For this, a realistic network scenario is deployed to run the simulations and to measure bandwidth, consumption of resources (i.e., CPU cycles and bandwidth usage) and communication latency. Additionally, the trade-off between security and performance is discussed measuring the bandwidth overhead and the consumption increase associated to secure the communications. Different ciphering and authentication algorithms are tested, following the recommendations made by the Internet Engineering Task Force (IETF).},

keywords = {coap, cynamon, DTLS, IoT, magos, Performance evaluation},

pubstate = {published},

tppubtype = {conference}

}

Close
Internet of Things (IoT) can be defined as the interconnection through Internet of an unprecedented number of devices with the purpose of exchanging data. It stands as one of the most popular technologies for the following years and it is requiring substantial changes in the Internet protocols to meet its requirements. As the application layer is decisive for the quality of the connection, this paper analyzes the performance offered by one of the most popular protocols for the application layer in IoT: the Constrained Application Protocol (CoAP). This analysis aims to examine the features and capabilities of this protocol and to determine its feasibility to operate under constrained devices using security support. For this, a realistic network scenario is deployed to run the simulations and to measure bandwidth, consumption of resources (i.e., CPU cycles and bandwidth usage) and communication latency. Additionally, the trade-off between security and performance is discussed measuring the bandwidth overhead and the consumption increase associated to secure the communications. Different ciphering and authentication algorithms are tested, following the recommendations made by the Internet Engineering Task Force (IETF).
Close
doi:https://doi.org/10.1145/3416011.3424754
Close
2019
 Díaz-Sánchez, Daniel;  Marín-López, Andrés;  Almenárez-Mendoza, Florina;  Arias-Cabarcos, Patricia;  Simon-Sherratt, R.
TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications Journal Article 
In: IEEE Communications Surveys and Tutorials, vol. 21, iss. 4, pp. 3502-3531, 2019, ISSN: 1553-877X.
Abstract | Links | BibTeX | Tags: authentication, certificate pinning, cynamon, DTLS, Internet of Things, Machine to Machine, magos, PKI, Protocols, TLS, Trusted Third Party, Tutorials
@article{8704893,

title = {TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications},

author = {Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenárez-Mendoza and Patricia Arias-Cabarcos and R. Simon-Sherratt},

url = {https://doi.org/10.1109/COMST.2019.2914453

https://ieeexplore.ieee.org/document/8704893

https://phpmyadmin.pervasive.it.uc3m.es/download/TLC-PKI-challenges-certificate-pinning.pdf},

doi = {10.1109/COMST.2019.2914453},

issn = {1553-877X},

year  = {2019},

date = {2019-05-02},

urldate = {2019-05-02},

journal = {IEEE Communications Surveys and Tutorials},

volume = {21},

issue = {4},

pages = {3502-3531},

abstract = {Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.},

keywords = {authentication, certificate pinning, cynamon, DTLS, Internet of Things, Machine to Machine, magos, PKI, Protocols, TLS, Trusted Third Party, Tutorials},

pubstate = {published},

tppubtype = {article}

}

Close
Transport layer security (TLS) is becoming the de facto standard to provide end-to-end security in the current Internet. IoT and M2M scenarios are not an exception since TLS is also being adopted there. The ability of TLS for negotiating any security parameter, its flexibility and extensibility are responsible for its wide adoption but also for several attacks. Moreover, as it relies on public key infrastructure (PKI) for authentication, it is also affected by PKI problems. Considering the advent of IoT/M2M scenarios and their particularities, it is necessary to have a closer look at TLS history to evaluate the potential challenges of using TLS and PKI in these scenarios. According to this, this paper provides a deep revision of several security aspects of TLS and PKI, with a particular focus on current certificate pinning solutions in order to illustrate the potential problems that should be addressed.
Close
https://doi.org/10.1109/COMST.2019.2914453
https://ieeexplore.ieee.org/document/8704893
https://phpmyadmin.pervasive.it.uc3m.es/download/TLC-PKI-challenges-certificate-[...]
doi:10.1109/COMST.2019.2914453
Close