+1 Recommend
0 collections
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Enterprise Security for the Internet of Things (IoT): Lightweight Bootstrapping with EAP-NOOB

      Read this article at

          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.


          The emergence of radio technologies, such as Zigbee, Z-Wave, and Bluetooth Mesh, has transformed simple physical devices into smart objects that can understand and react to their environment. Devices, such as light bulbs, door locks, and window blinds, can now be connected to, and remotely controlled from, the Internet. Given the resource-constrained nature of many of these devices, they have typically relied on the use of universal global shared secrets for the initial bootstrapping and commissioning phase. Such a scheme has obvious security weaknesses and it also creates undesirable walled-gardens where devices of one ecosystem do not inter-operate with the other. In this paper, we investigate whether the standard Extensible Authentication Protocol (EAP) framework can be used for secure bootstrapping of resource-constrained devices. EAP naturally provides the benefits of per-device individual credentials, straightforward revocation, and isolation of devices. In particular, we look at the Nimble out-of-band authentication for EAP (EAP-NOOB) as a candidate EAP authentication method. EAP-NOOB greatly simplifies deployment of such devices as it does not require them to be pre-provisioned with credentials of any sort. Based on our implementation experience on off-the-shelf hardware, we demonstrate that lightweight EAP-NOOB is indeed a way forward to securely bootstrap such devices.

          Related collections

          Most cited references 66

          • Record: found
          • Abstract: not found
          • Conference Proceedings: not found

          Contiki - a lightweight and flexible operating system for tiny networked sensors

            • Record: found
            • Abstract: found
            • Article: not found

            Demonstration of 575-Mb/s downlink and 225-Mb/s uplink bi-directional SCM-WDM visible light communication using RGB LED and phosphor-based LED.

            We propose and experimentally demonstrate a novel full-duplex bi-directional subcarrier multiplexing (SCM)-wavelength division multiplexing (WDM) visible light communication (VLC) system based on commercially available red-green-blue (RGB) light emitting diode (LED) and phosphor-based LED (P-LED) with 575-Mb/s downstream and 225-Mb/s upstream transmission, employing various modulation orders of quadrature amplitude modulation (QAM) orthogonal frequency division multiplexing (OFDM). For the downlink, red and green colors/wavelengths are assigned to carry useful information, while blue chip is just kept lighting to maintain the white color illumination, and for the uplink, the low-cost P-LED is implemented. In this demonstration, pre-equalization and post-equalization are also adopted to compensate the severe frequency response of LEDs. Using this scheme, 4-user downlink and 1-user uplink transmission can be achieved. Furthermore, it can support more users by adjusting the bandwidth of each sub-channel. Bit error rates (BERs) of all links are below pre-forward-error-correction (pre-FEC) threshold of 3.8x 10(-3) after 66-cm free-space delivery. The results show that this scheme has great potential in the practical VLC system.
              • Record: found
              • Abstract: not found
              • Article: not found

              Toward a Lightweight Authentication and Authorization Framework for Smart Objects


                Author and article information

                Sensors (Basel)
                Sensors (Basel)
                Sensors (Basel, Switzerland)
                27 October 2020
                November 2020
                : 20
                : 21
                [1 ]Department of Computer Science, Aalto University, 02150 Espoo, Finland; sampsa.latvala@ 123456aalto.fi (S.L.); mohit.sethi@ 123456aalto.fi (M.S.); tuomas.aura@ 123456aalto.fi (T.A.)
                [2 ]Department Information and Communication Engineering (DIIC), Faculty of Computer Science, University of Murcia, 30100 Murcia, Spain; eduardo.ingles@ 123456um.es
                [3 ]Odin Solutions (OdinS), 30820 Murcia, Spain; dgarcia@ 123456odins.es
                [4 ]NomadicLab, Ericsson Research, 02420 Kirkkonummi, Finland
                Author notes
                © 2020 by the authors.

                Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license ( http://creativecommons.org/licenses/by/4.0/).


                Biomedical engineering

                eap-noob, contiki, iot, bootstrapping, security


                Comment on this article