This research paper presents the experience of the authors in implementing protocols for authentication and authorization, along with secure key exchange mechanisms for accessing remote resources within a computing continuum scenario. The implementation encompasses a comprehensive security framework designed to facilitate secure access control and cryptographic key management across resource-constrained Internet of Things (IoT) devices, edge nodes, and cloud platforms, addressing the unique challenges of distributed computing environments. In particular, this implementation integrates the Authentication and Authorization for Constrained Environments (ACE) framework, Ephemeral Diffie-Hellman Over COSE (EDHOC) protocol, and Object Security for Constrained RESTful Environments (OSCORE) protocol. The proposed model combines ACE for authentication and authorization, EDHOC for secure key exchange, and OSCORE for message security. By facilitating the delegation of authorization management to less constrained trusted hosts, the proposed work optimizes resource utilization while maintaining robust security across the entire continuum.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Securing Authentication and Authorization in Computing Continuum

  • Mario Marín-Caballero,
  • Alejandro Arias-Jiménez,
  • Rafael Marín-Pérez,
  • Antonio Skarmeta

摘要

This research paper presents the experience of the authors in implementing protocols for authentication and authorization, along with secure key exchange mechanisms for accessing remote resources within a computing continuum scenario. The implementation encompasses a comprehensive security framework designed to facilitate secure access control and cryptographic key management across resource-constrained Internet of Things (IoT) devices, edge nodes, and cloud platforms, addressing the unique challenges of distributed computing environments. In particular, this implementation integrates the Authentication and Authorization for Constrained Environments (ACE) framework, Ephemeral Diffie-Hellman Over COSE (EDHOC) protocol, and Object Security for Constrained RESTful Environments (OSCORE) protocol. The proposed model combines ACE for authentication and authorization, EDHOC for secure key exchange, and OSCORE for message security. By facilitating the delegation of authorization management to less constrained trusted hosts, the proposed work optimizes resource utilization while maintaining robust security across the entire continuum.