Reducing the IoT security gap with a microservice architecture based on TLS and OAuth2
Main Article Content
Abstract
Keywords
IoT, microservicios, arquitectura de software, seguridad de sistemas, TLS, OAuth IoT, microservices, software architecture, systems security, TLS, OAuth
References
[2] A. Riahi Sfar, E. Natalizio, Y. Challal, and Z. Chtourou, “A roadmap for security challenges in the internet of things,” Digital Communications and Networks, vol. 4, no. 2, pp. 118–137, 2018. [Online]. Available: https://doi.org/10.1016/j.dcan.2017.04.003
[3] P. Lea, Internet of Things for Architects: Architecting IoT solutions by implementing sensors, communication infrastructure, edge computing, analytics, and security. Packt Publishing Ltd, 2018. [Online]. Available: https://bit.ly/3oJ1XRl
[4] P. Jamshidi, C. Pahl, N. C. Mendonça, J. Lewis, and S. Tilkov, “Microservices: The journey so far and challenges ahead,” IEEE Software, vol. 35, no. 3, pp. 24–35, 2018. [Online]. Available: https://doi.org/10.1109/MS.2018.2141039
[5] J. Khan, J. p. Li, I. Ali, S. Parveen, G. a. Khan, M. Khalil, A. Khan, A. U. Haq, and M. Shahid, “An authentication technique based on oauth 2.0 protocol for internet of things (IoT) network,” in 2018 15th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP), 2018, pp. 160–165. [Online]. Available: https://doi.org/10.1109/ICCWAMTIP.2018.8632587
[6] C. Chan, R. Fontugne, K. Cho, and S. Goto, “Monitoring tls adoption using backbone and edge traffic,” in IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 2018, pp. 208–213. [Online]. Available: https://doi.org/10.1109/INFCOMW.2018.8406957
[7] F. Izquierdo, M. Ciurana, F. Barcelo, J. Paradells, and E. Zola, “Performance evaluation of a TOA-based trilateration method to locate terminals in WLAN,” in 2006 1st International Symposium on Wireless Pervasive Computing, 2006, pp. 1–6. [Online]. Available: https://doi.org/10.1109/ISWPC.2006.1613598
[8] M. A. Khan and K. Salah, “IoT security: Review, blockchain solutions, and open challenges,” Future Generation Computer Systems, vol. 82, pp. 395–411, 2018. [Online]. Available: https://doi.org/10.1016/j.future.2017.11.022
[9] J. P. Rojas, J. C. Bustos, and D. Ordóñez Camacho, “Smart public transportation at your fingertips,” Enfoque UTE, vol. 8, no. 1, pp. 122–134, Feb. 2017. [Online]. Available: https://doi.org/10.29019/enfoqueute.v8n1.143
[10] J. P. Rojas, J. C. Bustos, and D. Ordóñez- Camacho, “Qbus: Movilidad inteligente para el usuario de transporte público,” in Proceedings of the International Conference on Information Systems and Computer Science, INCISCOS 2016, 2016. [Online]. Available: https://bit.ly/3jZlBpE
[11] E. A. Q. Montoya, S. F. J. Colorado, W. Y. C. Muñoz, and G. E. C. Golondrino, “Propuesta de una arquitectura para agricultura de precisión soportada en IoT,” RISTI - Revista Iberica de Sistemas e Tecnologias de Informacao, pp. 39–56, 2017. [Online]. Available: http://dx.doi.org/10.17013/risti.24.39-56
[12] M. Agiwal, N. Saxena, and A. Roy, “Towards connected living: 5g enabled internet of things (IoT),” IETE Technical Review, vol. 36, no. 2, pp. 190–202, 2019. [Online]. Available: https://doi.org/10.1080/02564602.2018.1444516
[13] H. Lin and N. Bergmann, “IoT privacy and security challenges for smart home environments,” Information, vol. 7, no. 3, p. 44, Jul 2016. [Online]. Available: http://dx.doi.org/10.3390/info7030044
[14] H. Kaffel-Ben Ayed, H. Boujezza, and I. Riabi, “An idms approach towards privacy and new requirements in IoT,” in 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC), 2017, pp. 429–434. [Online]. Available: https://doi.org/10.1109/IWCMC.2017.7986324
[15] F. Fernández, A. Alonso, L. Marco, and J. Salvachúa, “A model to enable applicationscoped access control as a service for IoT using OAuth 2.0,” in 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN), 2017, pp. 322–324. [Online]. Available: https://doi.org/10.1109/ICIN.2017.7899433
[16] J. Bugeja, A. Jacobsson, and P. Davidsson, “On privacy and security challenges in smart connected homes,” in 2016 European Intelligence and Security Informatics Conference (EISIC), 2016, pp. 172–175. [Online]. Available: https://doi.org/10.1109/EISIC.2016.044
[17] L. Sun, Y. Li, and R. A. Memon, “An open IoT framework based on microservices architecture,” China Communications, vol. 14, no. 2, pp. 154–162, 2017. [Online]. Available: https://doi.org/10.1109/CC.2017.7868163 [18] T. Vresk and I. Çavrak, “Architecture of an interoperable IoT platform based on microservices,” in 2016 39th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2016, pp. 1196–1201. [Online]. Available: https://doi.org/10.1109/MIPRO.2016.7522321
[19] R. Yu, V. T. Kilari, G. Xue, and D. Yang, “Load balancing for interdependent IoT microservices,” in IEEE INFOCOM 2019 - IEEE Conference on Computer Communications, 2019, pp. 298–306. [Online]. Available: https://doi.org/10.1109/INFOCOM.2019.8737450
[20] D. Díaz-Sánchez, A. Marín-Lopez, F. A. Mendoza, P. A. Cabarcos, and R. S. Sherratt, “TLS/PKI challenges and certificate pinning techniques for IoT and M2M secure communications,” IEEE Communications Surveys Tutorials, vol. 21, no. 4, pp. 3502–3531, 2019. [Online]. Available: https://doi.org/10.1109/COMST.2019.2914453
[21] P. Urien, “Securing the IoT with TLS/DTLS server stacks embedded in secure elements: An ePlug usecase,” in 2017 14th IEEE Annual Consumer Communications Networking Conference (CCNC), 2017, pp. 569–570. [Online]. Available: https://doi.org/10.1109/CCNC.2017.7983170
[22] J. D. Hoz, J. Saldana, J. Fernández- Navajas, J. Ruiz-Mas, R. G. Rodríguez, and F. d. J. M. Luna, “SSH as an alternative to TLS in IoT environments using HTTP,” in 2018 Global Internet of Things Summit (GIoTS), 2018, pp. 1–6. [Online]. Available: https://doi.org/10.1109/GIOTS.2018.8534545
[23] M. Khan, M. W. Anwar, F. Azam, F. Samea, and M. F. Shinwari, A Model-Driven Approach for Access Control in Internet of Things (IoT) Applications – An Introduction to UMLOA. Communications in Computer and Information Science, Springer, 2018, vol. 920. [Online]. Available: https://doi.org/10.1007/978-3-319-99972-2_16
[24] H. Kim, A. Wasicek, B. Mehne, and E. A. Lee, “A secure network architecture for the internet of things based on local authorization entities,” in 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), 2016, pp. 114–122. [Online]. Available: https://doi.org/10.1109/FiCloud.2016.24
[25] M. Pahl and L. Donini, “Securing IoT microservices with certificates,” in NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium, 2018, pp. 1–5. [Online]. Available: https://doi.org/10.1109/NOMS.2018.8406189
[26] S. Sciancalepore, G. Piro, D. Caldarola, G. Boggia, and G. Bianchi, “Oauth-iot: An access control framework for the internet of things based on open standards,” in 2017 IEEE Symposium on Computers and Communications (ISCC), 2017, pp. 676–681. [Online]. Available: https://doi.org/10.1109/ISCC.2017.8024606
[27] S. Shapsough, F. Aloul, and I. A. Zualkernan, “Securing low-resource edge devices for IoT systems,” in 2018 International Symposium in Sensing and Instrumentation in IoT Era (ISSI), 2018, pp. 1–4. [Online]. Available: https://doi.org/10.1109/ISSI.2018.8538135
[28] M. Singh, M. A. Rajan, V. L. Shivraj, and P. Balamuralidhar, “Secure mqtt for internet of things (IoT),” in 2015 Fifth International Conference on Communication Systems and Network Technologies, 2015, pp. 746–751. [Online]. Available: https://doi.org/10.1109/CSNT.2015.16
[29] C. Singh and M. Kumar, Mastering Hadoop 3: Big data processing at scale to unlock unique business insights. Packt Publishing, 2019. [Online]. Available: https://bit.ly/37Qi2O9
[30] J. Turnbull, The Docker Book: Containerization is the new virtualization, 2014. [Online]. Available: https://bit.ly/3m7nqRY
[31] A. Selva. (2014) Java MQTT lightweight broker. moquette. [Online]. Available: https://bit.ly/3gB82Mw
[32] M. Bhushan, Big Data and Hadoop: Learn by Example. BPB Publications, 2018. [Online]. Available: https://bit.ly/2W0AmP1
[33] T. Dunning and E. Friedman, Time Series Databases: New Ways to Store and Access Data, Edition: 1. Sebastopol. O’Reilly Media, Inc, 2014. [Online]. Available: https://bit.ly/2W1VnsU
[34] B. Brazil, Prometheus: Up & Running: Infrastructure and Application Performance Monitoring. O’Reilly Media, 2018. [Online]. Available: https://bit.ly/39V80xX
[35] A. Kurniawan, Arduino MKR WIFI 1010 Development Workshop. PE Press, 2018. [Online]. Available: https://bit.ly/37OEnvD
[36] I. Dogan and I. Ahmet, The Official ESP32 Book. Elektor International Media, 2017. [Online]. Available: https://bit.ly/2IzEW3G
[37] G. C. Hillar, Hands-On MQTT Programming with Python: Work with the lightweight IoT protocol in Python. Packt Publishing, 2018. [Online]. Available: https://bit.ly/33YpdTg
[38] B. Charles, Beginning Sensor Networks with Arduino and Raspberry Pi. Apress, 2013. [Online]. Available: https://bit.ly/3m5syGj