PORTO @ Archivio Istituzionale della Ricerca

IoT devices are becoming increasingly popular. However, they are vulnerable to several security attacks because of their resource-constrained nature, making it challenging to protect them with traditional security countermeasures. To cope with the resource limitations of these devices, researchers have proposed ad-hoc versions of classical security controls, such as cryptography and hardware root-of-trust. Lightweight cryptography focuses on developing efficient cryptographic algorithms regarding required memory and processing power. CBOR X.509 certificates are a lightweight and secure way to represent X.509 certificates. They are significantly smaller than traditional DER-encoded certificates and can be encoded and decoded more efficiently. This makes them well-suited for use in IoT devices, where resources are often limited. Remote Attestation (RA) is a security mechanism that permits a trusted party to verify that a platform behaves as expected. RA techniques are generally not suitable for constrained devices, as they require additional hardware components or extensions. Recently, several proposals have been proposed to provide similar security capabilities to devices with very low computational resources. This can be used to detect and prevent malicious devices from accessing IoT networks. This paper analyses some of these new proposals, technologies, and possible integrations to create secure and efficient IoT systems.

Securing IoT Devices: an Overview / Bravi, Enrico; Lioy, Antonio. - ELETTRONICO. - (In corso di stampa). (Intervento presentato al convegno 2025 IEEE Symposium on Computers and Communications (ISCC) tenutosi a Bologna (Italy) nel 2-5 July 2025).

Securing IoT Devices: an Overview

Bravi, Enrico;Lioy, Antonio
In corso di stampa

Abstract

IoT devices are becoming increasingly popular. However, they are vulnerable to several security attacks because of their resource-constrained nature, making it challenging to protect them with traditional security countermeasures. To cope with the resource limitations of these devices, researchers have proposed ad-hoc versions of classical security controls, such as cryptography and hardware root-of-trust. Lightweight cryptography focuses on developing efficient cryptographic algorithms regarding required memory and processing power. CBOR X.509 certificates are a lightweight and secure way to represent X.509 certificates. They are significantly smaller than traditional DER-encoded certificates and can be encoded and decoded more efficiently. This makes them well-suited for use in IoT devices, where resources are often limited. Remote Attestation (RA) is a security mechanism that permits a trusted party to verify that a platform behaves as expected. RA techniques are generally not suitable for constrained devices, as they require additional hardware components or extensions. Recently, several proposals have been proposed to provide similar security capabilities to devices with very low computational resources. This can be used to detect and prevent malicious devices from accessing IoT networks. This paper analyses some of these new proposals, technologies, and possible integrations to create secure and efficient IoT systems.
In corso di stampa
4.1 Contributo in Atti di convegno
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/3000310