Abstract
The Internet of Things (IoT) is a technology paradigm that has trans- formed several domains including manufacturing, agriculture, healthcare, power grids, travel and retail. However, the growth of this interconnected world of IoT devices with their services is not without consequences, including identity-related security challenges. Security threats to identities can be vulnerabilities, miscon- figurations, insecure credential storage, credential theft and social engineering. The range of different techniques that attackers use to get access to users, devices and other resources lead to serious consequences from the loss of an individual’s identity to the sensitive and financial data of institutions. Thus, implementing a robust and secure identity management system (IDMS) is critical in achieving an overall secure IoT environment. Approaches for strong identity management do exist, however, they carry some deficiencies making them inadequate to address the current identity-related security challenges of IoT. These challenges include failure to provide an all-in-one decentralized IDMS inclusive of profiling (reg- istration of entity’s attributes) and identification, authentication, identity-related attack risk analysis, and trust establishment mechanisms. The purpose of this work is to investigate existing IDMS and their limitations and propose a novel architecture featuring decentralization, trust, cross-platform, and identity-related attack risk-aware mechanisms with the help of deep learning, trust, and distributed ledger technologies. The proposed IDMS architecture is also compared with exist- ing solutions using qualitative features like availability, trust establishment, attack risk-aware capability, robustness, and cross-platform functionality.
| Original language | English |
|---|---|
| Title of host publication | Advanced Information Networking and Applications |
| Subtitle of host publication | Proceedings of the 38th International Conference on Advanced Information Networking and Applications (AINA-2024) |
| Editors | Leonard Barolli |
| Place of Publication | Switzerland |
| Chapter | Advanced Information Networking and Applications |
| Pages | 122-135 |
| Number of pages | 14 |
| Volume | 2 |
| Edition | 200 |
| ISBN (Electronic) | 978-3-031-57853-3 |
| DOIs | |
| Publication status | Published (in print/issue) - 10 Apr 2024 |
Publication series
| Name | Lecture Notes on Data Engineering and Communications Technologies |
|---|---|
| Publisher | Springer |
| Number | 2 |
| Volume | 200 |
| ISSN (Print) | 2367-4512 |
| ISSN (Electronic) | 2367-4520 |
Bibliographical note
Publisher Copyright:© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
Keywords
- IoT, Distributed Ledger Technology, IoT Security, Identity Management System, Trust Management System, Intrusion Detection System, Machine and Deep Learning, Network Traffic Analysis and Monitoring, Dataset
