Hybrid Encryption for Messages’ Confidentiality in SOSE-Based IOT Service Systems

IF 1.3 Q4 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

International Journal of Innovative Computing Information and Control Pub Date : 2021-10-31 DOI:10.11113/ijic.v11n2.292

M. Ahmed

{"title":"Hybrid Encryption for Messages’ Confidentiality in SOSE-Based IOT Service Systems","authors":"M. Ahmed","doi":"10.11113/ijic.v11n2.292","DOIUrl":null,"url":null,"abstract":"Internet of Things (IOT) is an essential paradigm where devices are interconnected into network. The operations of these devices can be through service-oriented software engineering (SOSE) principles for efficient service provision. SOSE is an important software development method for flexible, agile, loose-coupled, heterogeneous and interoperable applications. Despite all these benefits, its adoption for IOT services is slow due to security challenges. The security challenge of integration of IOT with service-oriented architecture (SOA) is man-in-the-middle attack on the messages exchanged. The transport layer security (TLS) creates a secured socket channel between the client and server. This is efficient in securing messages exchanged at the transport layer only. SOSE-based IOT systems needs an end-to-end security to handle its vulnerabilities. This integration enables interoperability of heterogeneous devices, but renders the system vulnerable to passive attacks. The confidentiality problem is hereby addressed by message level hybrid encryption. This is by encrypting the messages by AES for efficiency. However, to enable end-to-end security, the key sharing problem of advanced encryption standard (AES) is handled by RSA public key encryption. The results shows that this solution addressed data contents security and credentials security privacy issues. Furthermore, the solution enables end-to- end security of interaction in SOSE-based IOT systems.","PeriodicalId":50314,"journal":{"name":"International Journal of Innovative Computing Information and Control","volume":"57 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2021-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Innovative Computing Information and Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11113/ijic.v11n2.292","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Internet of Things (IOT) is an essential paradigm where devices are interconnected into network. The operations of these devices can be through service-oriented software engineering (SOSE) principles for efficient service provision. SOSE is an important software development method for flexible, agile, loose-coupled, heterogeneous and interoperable applications. Despite all these benefits, its adoption for IOT services is slow due to security challenges. The security challenge of integration of IOT with service-oriented architecture (SOA) is man-in-the-middle attack on the messages exchanged. The transport layer security (TLS) creates a secured socket channel between the client and server. This is efficient in securing messages exchanged at the transport layer only. SOSE-based IOT systems needs an end-to-end security to handle its vulnerabilities. This integration enables interoperability of heterogeneous devices, but renders the system vulnerable to passive attacks. The confidentiality problem is hereby addressed by message level hybrid encryption. This is by encrypting the messages by AES for efficiency. However, to enable end-to-end security, the key sharing problem of advanced encryption standard (AES) is handled by RSA public key encryption. The results shows that this solution addressed data contents security and credentials security privacy issues. Furthermore, the solution enables end-to- end security of interaction in SOSE-based IOT systems.

查看原文本刊更多论文

基于soe的物联网服务系统中消息机密性的混合加密

物联网(IOT)是将设备连接到网络中的基本范例。这些设备的操作可以通过面向服务的软件工程(service-oriented software engineering, SOSE)原则来高效地提供服务。soe是实现灵活、敏捷、松耦合、异构和互操作应用的重要软件开发方法。尽管有这些好处，但由于安全挑战，它在物联网服务中的采用速度很慢。物联网与面向服务的体系结构(SOA)集成的安全挑战是对交换消息的中间人攻击。传输层安全性(TLS)在客户机和服务器之间创建一个安全的套接字通道。这在保护仅在传输层交换的消息方面非常有效。基于soe的物联网系统需要端到端的安全性来处理其漏洞。这种集成实现了异构设备的互操作性，但使系统容易受到被动攻击。因此，通过消息级混合加密解决了机密性问题。这是通过使用AES加密消息来提高效率。而为了实现端到端的安全性，采用RSA公钥加密来处理高级加密标准AES的密钥共享问题。结果表明，该解决方案解决了数据内容安全和凭证安全隐私问题。此外，该解决方案在基于soe的物联网系统中实现了端到端交互安全。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Innovative Computing Information and Control 工程技术-计算机：人工智能

CiteScore

3.20

自引率

20.00%

发文量

审稿时长

4.3 months

期刊介绍： The primary aim of the International Journal of Innovative Computing, Information and Control (IJICIC) is to publish high-quality papers of new developments and trends, novel techniques and approaches, innovative methodologies and technologies on the theory and applications of intelligent systems, information and control. The IJICIC is a peer-reviewed English language journal and is published bimonthly