Enabling the secure use of dynamic identity for the Internet of Things - using the Secure Remote Update Protocol (SRUP)

Andrew John Poulter; Steven James Ossont; Simon J Cox

doi:10.3390/fi12080138

Enabling the secure use of dynamic identity for the Internet of Things - using the Secure Remote Update Protocol (SRUP)

Andrew John Poulter^*, Steven James Ossont, Simon J Cox

^*Corresponding author for this work

School of Computing

Research output: Contribution to journal › Article › peer-review

83 Downloads (Pure)

Abstract

This paper examines dynamic identity, as it pertains to the Internet of Things (IoT), and explores the practical implementation of a mitigation technique for some of the key weaknesses of a conventional dynamic identity model. This paper explores human-centric and machine-based observer approaches for confirming device identity, permitting automated identity confirmation for deployed systems. It also assesses the advantages of dynamic identity in the context of identity revocation permitting secure change of ownership for IoT devices. The paper explores use-cases for human and machine-based observation for authentication of device identity when devices join a Command and Control(C2) network, and considers the relative merits for these two approaches for different types of system,

Original language	English
Article number	138
Number of pages	15
Journal	Future Internet
Volume	12
Issue number	8
DOIs	https://doi.org/10.3390/fi12080138
Publication status	Published - 18 Aug 2020

Access to Document

10.3390/fi12080138

Enabling the Secure Use of Dynamic IdentityFinal published version, 5.91 MBLicence: CC BY

Cite this

@article{5902ede62dd34d24a7ef5630c020e3c8,

title = "Enabling the secure use of dynamic identity for the Internet of Things - using the Secure Remote Update Protocol (SRUP)",

abstract = "This paper examines dynamic identity, as it pertains to the Internet of Things (IoT), and explores the practical implementation of a mitigation technique for some of the key weaknesses of a conventional dynamic identity model. This paper explores human-centric and machine-based observer approaches for confirming device identity, permitting automated identity confirmation for deployed systems. It also assesses the advantages of dynamic identity in the context of identity revocation permitting secure change of ownership for IoT devices. The paper explores use-cases for human and machine-based observation for authentication of device identity when devices join a Command and Control(C2) network, and considers the relative merits for these two approaches for different types of system,",

author = "Poulter, {Andrew John} and Ossont, {Steven James} and Cox, {Simon J}",

year = "2020",

month = aug,

day = "18",

doi = "10.3390/fi12080138",

language = "English",

volume = "12",

journal = "Future Internet",

issn = "1999-5903",

publisher = "MDPI Multidisciplinary Digital Publishing Institute",

number = "8",

}

TY - JOUR

T1 - Enabling the secure use of dynamic identity for the Internet of Things - using the Secure Remote Update Protocol (SRUP)

AU - Poulter, Andrew John

AU - Ossont, Steven James

AU - Cox, Simon J

PY - 2020/8/18

Y1 - 2020/8/18

N2 - This paper examines dynamic identity, as it pertains to the Internet of Things (IoT), and explores the practical implementation of a mitigation technique for some of the key weaknesses of a conventional dynamic identity model. This paper explores human-centric and machine-based observer approaches for confirming device identity, permitting automated identity confirmation for deployed systems. It also assesses the advantages of dynamic identity in the context of identity revocation permitting secure change of ownership for IoT devices. The paper explores use-cases for human and machine-based observation for authentication of device identity when devices join a Command and Control(C2) network, and considers the relative merits for these two approaches for different types of system,

AB - This paper examines dynamic identity, as it pertains to the Internet of Things (IoT), and explores the practical implementation of a mitigation technique for some of the key weaknesses of a conventional dynamic identity model. This paper explores human-centric and machine-based observer approaches for confirming device identity, permitting automated identity confirmation for deployed systems. It also assesses the advantages of dynamic identity in the context of identity revocation permitting secure change of ownership for IoT devices. The paper explores use-cases for human and machine-based observation for authentication of device identity when devices join a Command and Control(C2) network, and considers the relative merits for these two approaches for different types of system,

U2 - 10.3390/fi12080138

DO - 10.3390/fi12080138

M3 - Article

SN - 1999-5903

VL - 12

JO - Future Internet

JF - Future Internet

IS - 8

M1 - 138

ER -

Enabling the secure use of dynamic identity for the Internet of Things - using the Secure Remote Update Protocol (SRUP)

Abstract

Access to Document

Fingerprint

Cite this