@inproceedings{10.1145/3374664.3375739,
author = {Aktypi, Angeliki and Kalkan, Kubra and Rasmussen, Kasper B.},
title = {SeCaS: Secure Capability Sharing Framework for IoT Devices in a Structured P2P Network},
year = {2020},
isbn = {9781450371070},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3374664.3375739},
doi = {10.1145/3374664.3375739},
abstract = {The emergence of the internet of Things (IoT) has resulted in the possession of a continuously increasing number of highly heterogeneous connected devices by the same owner. To make full use of the potential of a personal IoT network, there must be secure and effective cooperation between them. While application platforms (e.g., Samsung SmartThings) and interoperable protocols (e.g., MQTT) exist already, the reliance on a central hub to coordinate communication introduces a single-point of failure, provokes bottleneck problems and raises privacy concerns. In this paper we propose SeCaS, a Secure Capability Sharing framework, built on top of a peer-to-peer (P2P) architecture. SeCaS addresses the problems of fault tolerance, scalability and security in resource discovery and sharing for IoT infrastructures using a structured P2P network, in order to take advantage of the self-organised and decentralised communication it provides. SeCaS brings three main contributions: (i) a capability representation that allows each device to specify what services they offer, and can be used as a common language to search for, and exchange, capabilities, resulting in flexible service discovery that can leverage the properties on a distributed hash table (DHT); (ii) a set of four protocols that provides identification of the different devices that exist in the network and authenticity of the messages that are exchanged among them; and (iii) a thorough security and complexity analysis of the proposed scheme that shows SeCaS to be both secure and scalable.},
booktitle = {Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy},
pages = {271–282},
numpages = {12},
keywords = {dht, fault-tolerance, iot, privacy, resource sharing, scalability},
location = {New Orleans, LA, USA},
series = {CODASPY '20}
}