0

Improving Functionality, Efficiency, and Trustworthiness of Secure Communication

Reports on Communications and Distributed Systems 22

Erschienen am 01.02.2023, Auflage: 1. Auflage
CHF 64,90
(inkl. MwSt.)

Noch nicht lieferbar

In den Warenkorb
Bibliografische Daten
ISBN/EAN: 9783844089523
Sprache: Englisch
Umfang: 314

Beschreibung

Secure communication is essential for many use cases that exchange data over the Internet. However, prevalently used security protocols, e.g., TLS 1.2, have been standardized many years ago. The advent of smartphones and the Internet of Things (IoT) introduced new scenarios with more diverse devices and use cases. The resulting evolved Internet motivates the question for a likewise evolved secure communication. To examine the need for improvements, we analyze the state of the art of secure communication for the different scenarios of the evolved Internet. Our analysis reveals several open challenges, especially missing advanced security and privacy features for secure communication in the IoT, the need for increased efficiency of secure communication by smartphones, and the demand for efficient secure low-latency communication in the industrial IoT. Furthermore, we identify open problems in the PKI-based trust infrastructure, and highlight the need to understand drivers and obstacles of the roll-out of new security mechanisms. To tackle these open challenges, we tailor the Tor anonymity network to resource-constrained IoT devices to protect the metadata of IoT communication and realize a resource-efficient in-network access control. Also, we enable IoT devices to use versatile secure communication stacks. Second, we increase secure communication efficiency by realizing secure low-latency communication for the industrial IoT. Moreover, we devise more efficient best practices for the secure connection setup by smartphones. Third, we provide a detailed risk analysis of cross-signing in the Web PKI, revealing that it can cause undesired certificate trust paths. Fourth, we analyze drivers and obstacles for the roll-out of adapted security protocols using TLS 1.3 as example.