Secure data access and transmission in IoT systems necessitates strong authentication and authorization techniques because of the broad accessibility of communication channels and the sensitive nature of the data being gathered and sent. Designing such IoT strategies is difficult, though, because the majority of IoT sensors are placed in unsupervised, resource-constrained areas with little storage, connection, or processing capacity. In order to provide anonymous authentication, current systems usually use shared temporary public keys to verify sender certificates or conceal device IDs. We address the significant challenge of securing the computing continuum, which includes cloud, edge, and IoT infrastructures, by using the SPIFFE/SPIRE framework to create a trusted infrastructure that can guarantee that not only authentic software entities are executing, but also that only verified, trusted IoT devices are permitted to communicate.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Trusting IoT Devices at Scale in the Computing Continuum Through SPIFFE/SPIRE Certificates

  • Dimitris Bakoyiannis,
  • George Kornaros,
  • Othon Tomoutzoglou,
  • Miltos Grammatikakis,
  • Marcello Coppola

摘要

Secure data access and transmission in IoT systems necessitates strong authentication and authorization techniques because of the broad accessibility of communication channels and the sensitive nature of the data being gathered and sent. Designing such IoT strategies is difficult, though, because the majority of IoT sensors are placed in unsupervised, resource-constrained areas with little storage, connection, or processing capacity. In order to provide anonymous authentication, current systems usually use shared temporary public keys to verify sender certificates or conceal device IDs. We address the significant challenge of securing the computing continuum, which includes cloud, edge, and IoT infrastructures, by using the SPIFFE/SPIRE framework to create a trusted infrastructure that can guarantee that not only authentic software entities are executing, but also that only verified, trusted IoT devices are permitted to communicate.