IOT Transaction Security
Enhancing Security and Privacy in IoT Transactions through Customized Encryption
Keywords:
IoT Transaction Security, Internet banking, security, privacy, information, online banking, data, plain text form, encryption algorithms, proxy, client, server, security transport protocol, illegitimate entity, proxy communication node, confidentiality, integrity, cryptographic algorithms, DTLS-TLS translation, secure communication, CoAP architecture, encryption strategy, ID-KEM, Three-pass Protocol, IDMS, EAP OAuth2.0, authentication, authorization servicesAbstract
There are a continuously growing number of customers who use Internet banking because of its convenience. But the security and privacy of Information may be one of the biggest concerns to the Online Banking users. The problem with Online banking applications is that they send data directly to customer in plain text form compromising with security. The solutions to the security issues require the use of software-based solutions that involve the use of encryption algorithms. Proxy plays the role of interface between client and Server. It can also decrypt the received message and encrypt data according to the used security transport protocol of the other side. The vulnerability appears during this phase, especially, where the proxy is not confident or supervised by an illegitimate entity. Consequently, passing through the proxy communication node, security services like confidentiality and integrity can easily be compromised. Exploiting advantages of studied cryptographic algorithms, we focus on our customized security objectives regarding proxy element and DTLS-TLS translation. We detail, in this paper, the algorithm and the sequence diagram of secure communication of our proposal adapted for CoAP architecture. As an encryption strategy, we follow the cryptographic envelope principle based on ID-KEM and Three-pass Protocol. As a hypothesis, we assumed that the communication deploys our recent IDMS (Identity management System) contribution for loT, relying on the EAP OAuth2.0 (Extensible Authentication Protocol and Open Authorization Protocol) protocols via DTLS, as the starting phase in order to keep authentication and authorization services.Published
2018-04-27
How to Cite
[1]
“IOT Transaction Security: Enhancing Security and Privacy in IoT Transactions through Customized Encryption”, JASRAE, vol. 15, no. 2, pp. 711–716, Apr. 2018, Accessed: Sep. 13, 2024. [Online]. Available: https://ignited.in/index.php/jasrae/article/view/8020
Issue
Section
Articles
How to Cite
[1]
“IOT Transaction Security: Enhancing Security and Privacy in IoT Transactions through Customized Encryption”, JASRAE, vol. 15, no. 2, pp. 711–716, Apr. 2018, Accessed: Sep. 13, 2024. [Online]. Available: https://ignited.in/index.php/jasrae/article/view/8020