国产bbaaaaa片,成年美女黄网站色视频免费,成年黄大片,а天堂中文最新一区二区三区,成人精品视频一区二区三区尤物

首頁(yè)> 外文學(xué)位 >Securing the Internet of Things via Locally Centralized, Globally Distributed Authentication and Authorization
【24h】

Securing the Internet of Things via Locally Centralized, Globally Distributed Authentication and Authorization

機(jī)譯:通過(guò)本地集中的,全球分布式的身份驗(yàn)證和授權(quán)來(lái)保護(hù)物聯(lián)網(wǎng)

獲取原文
獲取原文并翻譯 | 示例
  • 摘要
  • 著錄項(xiàng)
  • 相似文獻(xiàn)
  • 相關(guān)主題

摘要

The Internet of Things (IoT) brings about benefits through interaction with humans and the physical world using a variety of technologies including sensors, actuators, controls, mobile devices and cloud computing. However, these benefits can be hampered by malicious interventions of attackers when the IoT is not protected properly. Hence, authentication and authorization comprise critical parts of basic security processes and are sorely needed in the IoT. Characteristics of the IoT render existing security measures such as SSL/TLS (Secure Socket Layer/Transport Layer Security) and network architectures ineffective against emerging networks and devices. Heterogeneity, scalability, and operation in open environments are serious challenges that need to be addressed to make the IoT secure. Moreover, many existing cloud-based solutions for the security of the IoT rely too much on remote servers over possibly vulnerable Internet connections.;This dissertation presents locally centralized, globally distributed authentication and authorization to address the IoT security challenges. Centralized security solutions make system management simpler and enable agile responses to failures or threats, while having a single point of failure and making it challenging to scale. Solutions based on distributed trust are more resilient and scalable, but they increase each entity's overhead and are more difficult to manage. The proposed approach leverages an emerging network architecture based on edge computers by using them as locally centralized points for authentication and authorization of the IoT. This allows heterogeneity and an agile access control to be handled locally, without having to depend on remote servers. Meanwhile, the proposed approach has a globally distributed architecture throughout the Internet for robustness and scalability.;The proposed approach is realized as SST (Secure Swarm Toolkit), an open-source toolkit for construction and deployment of an authentication and authorization service infrastructure for the IoT, for validation of locally centralized, globally distributed trust management. SST includes a local authorization entity called Auth to be deployed on edge computers which are used as a gateway for authorization as well as for the Internet. Software building blocks provided by SST, called accessors, enable IoT developers to readily integrate their IoT applications with the SST infrastructure, by encapsulating cryptographic operations and key management. In addition to protection against network-based intruders, SST supports a secure migration mechanism for enhancing availability in the case of failures or threats of denial-of-service attacks, based on globally distributed and trusted Auths.;For evaluation, I provide a formal security analysis using an automated verification tool to rigorously show that SST provides necessary security guarantees. I also demonstrate the scalability of the proposed approach with a mathematical analysis, as well as experiments to evaluate security overhead of network entities under different security profiles supported by SST. The effectiveness of the secure migration technique is shown through a case study and simulation based on a concrete IoT application.
機(jī)譯:物聯(lián)網(wǎng)(IoT)通過(guò)使用包括傳感器,執(zhí)行器,控件,移動(dòng)設(shè)備和云計(jì)算在內(nèi)的多種技術(shù)與人類和物理世界進(jìn)行交互,帶來(lái)了好處。但是,如果物聯(lián)網(wǎng)沒(méi)有得到適當(dāng)?shù)谋Wo(hù),攻擊者的惡意干預(yù)可能會(huì)阻止這些好處。因此,身份驗(yàn)證和授權(quán)是基本安全流程的關(guān)鍵部分,在物聯(lián)網(wǎng)中非常需要。物聯(lián)網(wǎng)的特性使現(xiàn)有的安全措施(例如SSL / TLS(安全套接字層/傳輸層安全性)和網(wǎng)絡(luò)體系結(jié)構(gòu))對(duì)新興的網(wǎng)絡(luò)和設(shè)備無(wú)效。異構(gòu)性,可擴(kuò)展性和開(kāi)放環(huán)境中的操作是嚴(yán)重的挑戰(zhàn),需要確保物聯(lián)網(wǎng)安全。此外,許多現(xiàn)有的基于云的物聯(lián)網(wǎng)安全解決方案都過(guò)于依賴可能通過(guò)易受攻擊的Internet連接的遠(yuǎn)程服務(wù)器。本文提出了本地集中,全球分布的身份驗(yàn)證和授權(quán)來(lái)應(yīng)對(duì)物聯(lián)網(wǎng)安全挑戰(zhàn)。集中式安全解決方案使系統(tǒng)管理更簡(jiǎn)單,并能夠?qū)收匣蛲{做出敏捷響應(yīng),同時(shí)具有單點(diǎn)故障并使其難以擴(kuò)展?;诜植际叫湃蔚慕鉀Q方案更具彈性和可擴(kuò)展性,但它們?cè)黾恿嗣總€(gè)實(shí)體的開(kāi)銷,并且更難管理。所提出的方法通過(guò)將邊緣計(jì)算機(jī)用作物聯(lián)網(wǎng)的身份驗(yàn)證和授權(quán)的本地集中點(diǎn),來(lái)利用基于邊緣計(jì)算機(jī)的新興網(wǎng)絡(luò)體系結(jié)構(gòu)。這樣就可以在本地處理異構(gòu)性和敏捷的訪問(wèn)控制,而不必依賴遠(yuǎn)程服務(wù)器。同時(shí),該提議的方法具有遍及Internet的全局分布式體系結(jié)構(gòu),以實(shí)現(xiàn)魯棒性和可擴(kuò)展性。該提議的方法實(shí)現(xiàn)為SST(安全群工具包),這是一種用于構(gòu)建和部署用于身份驗(yàn)證和授權(quán)服務(wù)基礎(chǔ)結(jié)構(gòu)的開(kāi)源工具包。物聯(lián)網(wǎng),用于驗(yàn)證本地集中的,全球分布的信任管理。 SST包含一個(gè)稱為Auth的本地授權(quán)實(shí)體,該實(shí)體將部署在邊緣計(jì)算機(jī)上,這些計(jì)算機(jī)將用作授權(quán)網(wǎng)關(guān)以及Internet。 SST提供的稱為訪問(wèn)器的軟件構(gòu)建塊,通過(guò)封裝加密操作和密鑰管理,使IoT開(kāi)發(fā)人員可以輕松地將其IoT應(yīng)用程序與SST基礎(chǔ)架構(gòu)集成。除了防范基于網(wǎng)絡(luò)的入侵者,SST還基于全球分布和受信任的Auth支持安全的遷移機(jī)制,以在出現(xiàn)故障或拒絕服務(wù)攻擊威脅時(shí)增強(qiáng)可用性。使用自動(dòng)驗(yàn)證工具進(jìn)行的安全分析嚴(yán)格顯示SST提供了必要的安全保證。我還將通過(guò)數(shù)學(xué)分析論證所提出方法的可擴(kuò)展性,以及通過(guò)實(shí)驗(yàn)來(lái)評(píng)估SST支持的不同安全配置文件下網(wǎng)絡(luò)實(shí)體的安全開(kāi)銷。通過(guò)基于具體物聯(lián)網(wǎng)應(yīng)用的案例研究和仿真,可以證明安全遷移技術(shù)的有效性。

著錄項(xiàng)

  • 作者

    Kim, Hokeun.;

  • 作者單位

    University of California, Berkeley.;

  • 授予單位 University of California, Berkeley.;
  • 學(xué)科 Computer science.;Computer engineering.;Electrical engineering.
  • 學(xué)位 Ph.D.
  • 年度 2017
  • 頁(yè)碼 117 p.
  • 總頁(yè)數(shù) 117
  • 原文格式 PDF
  • 正文語(yǔ)種 eng
  • 中圖分類
  • 關(guān)鍵詞

相似文獻(xiàn)

  • 外文文獻(xiàn)
  • 中文文獻(xiàn)
  • 專利
獲取原文

客服郵箱:kefu@zhangqiaokeyan.com

京公網(wǎng)安備:11010802029741號(hào) ICP備案號(hào):京ICP備15016152號(hào)-6 六維聯(lián)合信息科技 (北京) 有限公司?版權(quán)所有

  • 客服微信

  • 服務(wù)號(hào)