On April 30, 2024, Kazi Masum Sadique will present his PhD thesis at the Department of Computer and Systems Sciences (DSV), Stockholm University. The title of the thesis is “Securing IoT Using Decentralized Trust Privacy and Identity Management”.

Rahim Rahmani and Kazi Masum Sadique, DSV, at the "nailing ceremony". Photo: Elias Seid.

PhD student: Kazi Masum Sadique, DSV
Opponent: Qinghua Wang, Kristianstad University
Main supervisor: Rahim Rahmani, DSV
Supervisor: Paul Johannesson, DSV
 

Download the PhD thesis from Diva

Contact Kazi Masum Sadique

The defence takes place at DSV in Kista, starting at 13:00 pm.
Find your way to DSV
 

Abstract

The Internet of Things (IoT) is a multidisciplinary area where technology meets people, enriching their quality of life with an improved working environment and efficient productivity. As the number of IoT devices increases, many new technology areas are being integrated with the IoT.

IoT devices mainly connect and collaborate with central cloud servers for data management. The IoT paradigm is built upon the Internet and accesses different layers of Internet architectures. IoT devices are at the access layer of the Internet, and cloud servers are located at the top layer. The innovative use cases of IoT applications drive the requirement for quick decision-making that occurs as close to the source of information as possible. IoT devices need to be authenticated near the source for rapid request processing.

Trustworthy interaction and secure communication between different entities of an IoT paradigm are crucial. A centralized cloud-based implementation of IoT solutions can be problematic for ensuring trustworthy and authenticated interactions in which quicker decision-making is involved. Additionally, privacy leakage possibilities increase with cloud-based solutions, as they involve multiparty interactions, introducing more complexity into ensuring data privacy. Due to IoT application and service heterogeneity, traditional security models are unsuitable for the IoT. There is no generic model for IoT data security and user data privacy that can facilitate trustworthy collaboration and identity management near the source.

The thesis focuses on creating a generic state-of-the-art artefact for IoT security, utilizing decentralized trust, user data privacy, and localized identity management for heterogeneous IoT devices and services.

The main contributions of this thesis include a novel decentralized model for secure and reliable interaction between components of the IoT paradigm, complemented by a decentralized trust management model, an edge gateway-based privacy enhancement scheme, and a decentralized identity management model with new authentication and authorization mechanisms for IoT devices where access to new resources is granted locally, and activities are recorded with context information. The proposed models are generic and can be easily adapted to real-life IoT use cases with minor amendments.

Keywords

Internet of Things (IoT), Decentralized Architecture, Distributed Ledger Technology, Edge Computing, Fog Computing, Security, Trust, Privacy, Identity management