[Seminar] Authentication and Authorization for the Internet of Things
호스트: 엄현상 교수(880-6755, x6755)
The Internet of Things (IoT) brings about benefits through interaction with humans and the physical world using a variety of technologies including sensors, actuators, controls, mobile devices and cloud computing. However, these benefits can be hampered by malicious interventions of attackers when the IoT is not protected properly. Hence, authentication and authorization comprise critical parts of basic security processes and are sorely needed in the IoT. Characteristics of the IoT render existing security measures such as SSL/TLS and network architectures ineffective against emerging networks and devices. Heterogeneity, scalability, and operation in open environments are serious challenges that need to be addressed to make the IoT secure. Moreover, many existing cloud-based solutions for the security of the IoT rely too much on remote servers over possibly vulnerable Internet connections. In this talk, I will present locally centralized, globally distributed authentication and authorization to address the IoT security challenges. The proposed approach leverages an emerging network architecture based on edge computers, allowing heterogeneity and an agile access control to be handled locally, without having to depend on remote servers. Meanwhile, the proposed approach has a globally distributed architecture throughout the Internet for robustness and scalability. The proposed approach is realized as an open-source toolkit, SST (Secure Swarm Toolkit). SST includes a local authorization entity called Auth to be deployed on edge computers and software building blocks for securely accessing IoT services to help developers build IoT applications. SST also provides mechanisms for maintaining the availability of authorization services even under the threat of denial-of-service (DoS) attacks or other failures. I will discuss SST's security, scalability, resiliency and supports for heterogeneity through analysis and experimental results.
Hokeun Kim is a software engineer in Trust Engineering at LinkedIn Corporation. Before joining LinkedIn, he was a researcher in the Ptolemy project team at UC Berkeley from 2012 to 2017. He received his Ph.D. in Electrical Engineering and Computer Sciences (EECS) from University of California, Berkeley in August 2017. His research interests include system-level security for the Internet of Things (IoT), computer architecture for real-time embedded systems, and modeling and simulation of cyber-physical systems. He received his B.S. in Computer Science Engineering and M.S. in EECS from Seoul National University. He was a research associate at HP Labs in Palo Alto, CA from 2015 to 2016. He was a software engineer at ESTsoft Corp. and YoungWoo CnI Inc. in Seoul, Korea.