Abstract

In this paper, we critically discourse on the current Fast IDentity Online specification, its underlying security layer and the resulting misconceptions or even weaknesses. We juxtapose the presented view against some of the fundamental and long-standing public key infrastructure problems such as the initial enrolment of identities and their keys (e.g., X.509v3 certificates). We then observe a novel approach of zero-knowledge initial enrolment of resource-constrained Internet of Things devices and investigate how its idea of symbiotic security, i.e., a consistent and consolidated cooperative design which involves all architectural building blocks such as software, hardware, networks, and processes, can contribute to the new Fast IDentity Online Internet of Things specification in the making. Finally, we suggest by way of an outlook or future work how this already modular security-by-design mindset can be further enhanced through a dynamic management system to keep cryptographic keys in volatile memory only. The idea is also based on a symbiotic connection between hardware and software to create a number of added benefits from the security perspective.

Full Text

Published Version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Fast Identity Online-Based Facial Authentication System Development in Mobile
Sun-Kyoung Kang
Journal of Computational and Theoretical Nanoscience | VOL. 18
Sun-Kyoung KangSun-Kyoung Kang
01 May 2021
Decentralized Identity Authentication Mechanism: Integrating FIDO and Blockchain for Enhanced Security
Hsia-Hung Ou ... Chien-Hsiu Pan
Applied Sciences | VOL. 14
Hsia-Hung Ou, et. al.Hsia-Hung Ou ... Chien-Hsiu Pan
23 Apr 2024
A Secure and Interoperable Platform for Privacy Protection in the Smart Hotel Context
Maissa Dammak ... Sabrine Aroua
-
Maissa Dammak, et. al.Maissa Dammak ... Sabrine Aroua
28 Oct 2020
A Robust Mutual Authentication between User Devices and Relaying Server(FIDO Server) using Certificate Authority in FIDO Environments
Seungjin Han
Journal of the Korea Society of Computer and Information | VOL. 21
Seungjin HanSeungjin Han
31 Oct 2016
View more papers

More From: Journal of Surveillance, Security and Safety

Paper Title
Journal
Date
Author
A data privacy survey on personal identifiable information (PII) left on rental vehicle infotainment systems
Jason Carlton ... Hafiz Malik
Journal of Surveillance, Security and Safety | VOL. 5
Jason Carlton, et. al.Jason Carlton ... Hafiz Malik
09 Nov 2024
Quantum-Secured Data Centre Interconnect in a field environment
Kaiwei Qiu ... Hao Qin
Journal of Surveillance, Security and Safety | VOL. 5
Kaiwei Qiu, et. al.Kaiwei Qiu ... Hao Qin
24 Sep 2024
Decentralized multi-authority anonymous credential system with bundled languages on identifiers in bilinear groups
Hiroaki Anada
Journal of Surveillance, Security and Safety | VOL. -
Hiroaki AnadaHiroaki Anada
20 Sep 2024
Criticality assessment and cascading effects: impacts of COVID-19 disruptions in public transport on marginalized groups in Dortmund, Germany, São Paulo, Brazil, and Cape Town, South Africa
Tanja Schnittfinke ... Luciana Travassos
Journal of Surveillance, Security and Safety | VOL. 5
Tanja Schnittfinke, et. al.Tanja Schnittfinke ... Luciana Travassos
18 Jul 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.