Paper accepted at DBSEC 2022

Published: May 26, 2022
Tags:papers
The following paper has been accepted at the 36th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2022):
  • Title: End-to-End Protection of IoT Communications Through Cryptographic Enforcement of Access Control Policies
  • Authors: Stefano Berlato, Roberto Carbone, Umberto Morelli and Silvio Ranise
  • Abstract: It is crucial to ensure the security and privacy of communications in IoT scenarios that process an increasingly large amount of sensitive data. In this context, we propose a cryptographic enforcement mechanism of access control policies to guarantee the confidentiality and integrity of messages exchanged with the MQTT protocol in presence of external attackers, malicious insiders and "honest-but-curious" service providers. A preliminary performance evaluation with a prototype implementation in an open-source tool shows the overhead is acceptable in relevant use case scenarios and provides a higher level of security with respect to other approaches.
  • Complementary Material: Link

About the conference

  • Name: 36th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2022)
  • Date: from July 18, 2022 to July 20, 2022
  • Location: Newark, NJ, USA
  • Website: http://cs.iit.edu/~dbsec2022/

Involved People

Berlato Stefano

Stefano Berlato

Carbone Roberto

Roberto Carbone

Morelli Umberto

Umberto Morelli

Ranise Silvio

Silvio Ranise