Paper Info
Title
ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control
Abstract
The Authentication and Authorization for Constrained Environments (ACE) framework provides fine-grained access control in the Internet of Things, where devices are resource-constrained and with limited connectivity. The ACE framework defines separate profiles to specify how exactly entities interact and what security and communication protocols to use. This paper presents the novel ACE IPsec profile, which specifies how a client establishes a secure IPsec channel with a resource server, contextually using the ACE framework to enforce authorized access to remote resources. The profile makes it possible to establish IPsec Security Associations, either through their direct provisioning or through the standard IKEv2 protocol. We provide the first Open Source implementation of the ACE IPsec profile for the Contiki OS and test it on the resource-constrained Zolertia Firefly platform. Our experimental performance evaluation confirms that the IPsec profile and its operating modes are affordable and deployable also on constrained IoT platforms.
Year
DOI
Venue
2018
10.1109/CNS.2018.8433209
2018 IEEE Conference on Communications and Network Security (CNS)
Keywords
DocType
Volume
IoT security game,flexible IPsec security profile,fine-grained access control,Internet of Things,ACE framework defines separate profiles,communication protocols,secure IPsec channel,resource server,remote resources,standard IKEv2 protocol,constrained IoT platforms,ACE IPsec profile,IPsec security associations,resource-constrained Zolertia firefly platform,authentication and authorization for constrained environments framework
Journal
abs/1808.04581
ISSN
ISBN
Citations 
2474-025X
978-1-5386-4587-1
0
PageRank 
References 
Authors
0.34
1
5
Name
Order
Citations
PageRank
Santiago Aragon100.34
Marco Tiloca27911.27
Max Maass385.16
Matthias Hollick475097.29
Shahid Raza549336.66