Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Rüst, Andreas | - |
dc.date.accessioned | 2019-07-25T14:42:04Z | - |
dc.date.available | 2019-07-25T14:42:04Z | - |
dc.date.issued | 2018-12-04 | - |
dc.identifier.uri | https://youtu.be/34OEDYTkdGI | de_CH |
dc.identifier.uri | https://digitalcollection.zhaw.ch/handle/11475/17784 | - |
dc.description | For the paper, please follow this link: https://doi.org/10.21256/zhaw-2750 | de_CH |
dc.description.abstract | Recent technologies and standards allow connecting constrained wireless nodes to the Internet by natively using the prevailing Internet Protocol (IP). Such standards include the protocol stack as defined by the Thread Group, based on CoAP, UDP, IPv6, 6LoWPAN and IEEE 802.15.4. As a result, the sensor and actuator networks on the field level will coalesced with the existing IT networks. Specifically, replacing gateways with routers significantly simplifies a building automation system and enables new applications. Employing IP communication, a central automation station can directly and uniformly access sensor and actuator services on field nodes. Consequently, to become a full-fledged member of an IT domain, a constrained node on the field level has to fulfill specific security requirements. However, implementing such requirements is especially challenging on constrained low power and low-cost nodes. Such nodes typically have decidedly lower resources with regard to compute performance, memory and network connectivity. Nevertheless, such nodes require a mutual authentication during the provisioning into an individual IT domain. Specifically, several trust relationships need to be established. Before granting access to the node, the IT domain administrator requires proof that the node is not compromised, e.g. by loading malicious firmware. This proof includes not only the proof that the trusted supplier has manufactured the node but also a complete and unforgeable list of previous installations and owners. As building automation systems typically are an integral part of a building, they represent capital assets and change ownership during their lifetime. On the other hand, before legitimately joining a new domain, the individual node needs to know: Is the deployment into this specific building legit? The scale of building automation systems in large buildings with hundreds of nodes mandates a highly automated authentication process. A simple provisioning of the nodes is essential. The paper presents results from a two-year long, federally funded (Innosuisse) project. As a proof-of-concept, the project implements a demonstrator based on the emerging recommendations of the Fairhair Alliance. Low power nodes in a Thread network shall be provided with a secure bootstrapping process to be easily provisioned into an existing IT domain. The use of smartphones supports and simplifies this provisioning process. The public-key-based mutual authentication takes place between the low power nodes on one side and a certificate authority (CA) operated by the node manufacturer and a CA operated by the building operator on the other side. As a result, the node receives an operational certificate and can legitimately join the IT domain. The paper illustrates the challenges encountered and proposes appropriate approaches. | de_CH |
dc.language.iso | en | de_CH |
dc.rights | Licence according to publishing contract | de_CH |
dc.subject | IoT Security | de_CH |
dc.subject | Authentication | de_CH |
dc.subject | Bootstrapping | de_CH |
dc.subject.ddc | 004: Informatik | de_CH |
dc.title | Authenticating wireless nodes in building automation : challenges and approaches | de_CH |
dc.type | Konferenz: Sonstiges | de_CH |
dcterms.type | Bewegte Bilder | de_CH |
zhaw.departement | School of Engineering | de_CH |
zhaw.organisationalunit | Institute of Embedded Systems (InES) | de_CH |
zhaw.conference.details | 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018 | de_CH |
zhaw.funding.eu | No | de_CH |
zhaw.originated.zhaw | Yes | de_CH |
zhaw.publication.status | publishedVersion | de_CH |
zhaw.publication.review | Peer review (Abstract) | de_CH |
zhaw.author.additional | No | de_CH |
Appears in collections: | Publikationen School of Engineering |
Files in This Item:
There are no files associated with this item.
Show simple item record
Rüst, A. (2018, December 4). Authenticating wireless nodes in building automation : challenges and approaches. 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018. https://youtu.be/34OEDYTkdGI
Rüst, A. (2018) ‘Authenticating wireless nodes in building automation : challenges and approaches’, in 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018. Available at: https://youtu.be/34OEDYTkdGI.
A. Rüst, “Authenticating wireless nodes in building automation : challenges and approaches,” in 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018, Dec. 2018. [Online]. Available: https://youtu.be/34OEDYTkdGI
RÜST, Andreas, 2018. Authenticating wireless nodes in building automation : challenges and approaches. In: 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018 [online]. Conference presentation. 4 Dezember 2018. Verfügbar unter: https://youtu.be/34OEDYTkdGI
Rüst, Andreas. 2018. “Authenticating Wireless Nodes in Building Automation : Challenges and Approaches.” Conference presentation. In 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018. https://youtu.be/34OEDYTkdGI.
Rüst, Andreas. “Authenticating Wireless Nodes in Building Automation : Challenges and Approaches.” 4th Annual IoT Security Foundation Conference 2018, London, United Kingdom, 4 December 2018, 2018, https://youtu.be/34OEDYTkdGI.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.