Abstract
Cyber landscape evolves rapidly. Internet of Things (IoT) and Edge Computing (EC) have rapidly become an integral part of the modern computing infrastructure. It is expected that there will be more than 50 billion active and connected IoT devices by 2025 [1]. Pervasive IoT/EC creates unprecedented opportunities bridging the gap between previously segregated cyber and physical spaces. However, this progress also brings along new security challenges. IoT devices typically have limited computation, communication, and storage resources. This leads to security architecture designs such as using symmetric keys for group communication. While secure and efficient in stable network settings, symmetric key solutions are ill-adapted for IoT's highly dynamic device mobility behavior and frequent group membership turnover. Whenever IoT members leave a group, the known symmetric keys cannot be made forgotten, posing a serious vulnerability. This leads to frequent re-groupings that require expensive re-authentication, key regeneration, and key redistribution in order to maintain IoT/EC security. We present a novel symmetric key management framework that integrate an Incremental Threshold Scheme (ITS) cryptographical function into communication protocol's key rotation mechanism to allow for secure and efficient symmetric key communication group member node revocation. This ITS-enabled key management framework alleviates the need of frequent and expensive re-grouping and re-keying needed by today's large and dynamic IoT/EC operations. We further applied this ITS-enabled key management framework to a distributed IoT/EC-integrated publish and subscribe framework for applicability validation.
