This is a repository for an open-source project of the local authentication and authorization entity, Auth, for security of the Internet of Things (IoT). Auth is a local point of authorization, whose main roles are 1) providing authentication/authorization for its locally registered entities or devices, and 2) working as a bridge of authorization between its local entities and the Internet.
Our conference papers [IoTDI '17], [FiCloud '16] describe a secure network architecture with key distribution mechanisms using Auth (local, automated authorization entity). The architecture provides security guarantees while addressing IoT-related issues including resource constraints and intermittent connectivity. The architectural concept of locally centralized, globally distributed authentication and authorization is illustrated in our journal article [IT Professional '17']. Our recent workshop paper [SafeThings '17] presents a secure migration technique as a recovery mechanism from Denial-of-Service (DoS) attacks or failures.
This repository includes 1) an open-source Java implementation of Auth and 2) sample codes for local entities to use Auth (authentication/authorization) services provided by Auth in various programming languages for different platforms.
- OpenSSL command line tools for creating certificates and keystores of Auths and example entities
- Java 1.8 or above
- IntelliJ IDEA for managing Java project of Auth
- Maven CLI (command line interface) for building Auth from command line
- Node.js for running example server and client entities
- android: Directory for Auth and entities for Android platform (currently under development)
- auth: Directory for the Java implementation of Auth (local authentication/authorization entity), IntelliJ IDEA project
- entity: Directory for entities in the IoT, to be authenticated/authorized by Auth, also includes a directory for Secure Communication Accessors as software building blocks for writing IoT applications.
- examples: Directory for scripts and descriptions to run example Auths and entities.
See "How to run examples" in README.md under examples/.
- Hokeun Kim (Project manager & initiator)
- Salomon Lee (Software Architect @ AlcaCruz Inc.)
- Eunsuk Kang
- Marten Lohstroh
- bluecove-2.1.2.jar: For bluetooth APIs, exists under auth/library/jars
This project is still in its infancy and currently intended for academic and research purposes, although the ultimate goal of this project is to build a secure and robust network architecture for the Internet of Things. Therefore, users must use the provided source codes with caution at their own risk, when the tools provided in this project are used for commercial or safety-critical purposes.
This work was supported in part by the TerraSwarm Research Center, one of six centers supported by the STARnet phase of the Focus Center Research Program (FCRP) a Semiconductor Research Corporation program sponsored by MARCO and DARPA.
Last updated on July 21, 2018