As the Internet of Thing (IoT) matures, a lot of concerns are being raised about security, privacy and interoperability. The Web of Things (WoT) model leverages web technologies to improve interoperability. Due to its distributed components, the web scaled well beyond initial expectations. Still, secure authentication and communication across organization boundaries rely on the Public Key Infrastructure (PKI) which is a non-transparent, centralized single point of failure.
At the Software Engineering Group, we develop novel solutions to improve transparency and minimize the chain of trust. Our research focuses on the following areas:
Distributed ledgers represent a breakthrough in decentralized permissionless (or trustless) systems, namely blockchain databases. Blockchains enable trusting the output of a system without trust-ing anyone in particular. Due to cryptographic primitives it is based on, there are strong security assumptions against transaction tampering such as alteration, reversing or reordering. The use of blockchain in the IoT is an ongoing research topic. Applicability includes—but is not limited to—traceability (i.e. in supplychain or to guarantee provenance, authenticity and compliance ofend products), asset sharing and autonomous marketplaces.We expect a lot of novel uses to emerge in the near future.
Mass adoptions of connected devices raises security and privacy issues. Security is often an afterthought when connecting constrained devices to the Internet. Reconciling top-notch security with inherent limitations of constrained devices—such as limited memory or low energy requirements—has proven to be difficult. One particular risk of IoT systems is the exposure of cryptographic keys. Network nodes may be physically accessible to attackers, letting them retrieve the private key(s) by inspecting embedded devices with appropriate tools. Securing keys and collected data on the server-end is also critical, as it is typical for IoT systems to gather vast amount of sensitive data.
This repository encompasses Python implementations for the three ACE entities authorization server, resource server and client proposed in the IETF draft.
This project enables LoRaWAN network server resolving using an Ethereum smart contract. It is compatible with the packet forwarder project.
A pure Python library to decode and encode messages for LoRaWAN radio communication, based on the specification from the LoRa Alliance (based on V1.0.2 Final). This library is compatible with Python 3.4+.