30 april 2024 presenterar Kazi Masum Sadique sin doktorsavhandling på Institutionen för data- och systemvetenskap (DSV) vid Stockholms universitet. Titeln är ”Securing IoT Using Decentralized Trust Privacy and Identity Management”.

Rahim Rahmani och Kazi Masum Sadique, DSV, i samband med spikningen av avhandlingen. Foto: Elias Seid.

Doktorand: Kazi Masum Sadique, DSV
Opponent: Qinghua Wang, Högskolan i Kristianstad
Huvudhandledare: Rahim Rahmani, DSV
Handledare: Paul Johannesson, DSV
 

Ladda ner avhandlingen från Diva

Kontaktuppgifter till Kazi Masum Sadique

Disputationen genomförs i DSVs lokaler i Kista, med start klockan 13.00.
Hitta till DSV

Sammanfattning på engelska

The Internet of Things (IoT) is a multidisciplinary area where technology meets people, enriching their quality of life with an improved working environment and efficient productivity. As the number of IoT devices increases, many new technology areas are being integrated with the IoT.

IoT devices mainly connect and collaborate with central cloud servers for data management. The IoT paradigm is built upon the Internet and accesses different layers of Internet architectures. IoT devices are at the access layer of the Internet, and cloud servers are located at the top layer. The innovative use cases of IoT applications drive the requirement for quick decision-making that occurs as close to the source of information as possible. IoT devices need to be authenticated near the source for rapid request processing.

Trustworthy interaction and secure communication between different entities of an IoT paradigm are crucial. A centralized cloud-based implementation of IoT solutions can be problematic for ensuring trustworthy and authenticated interactions in which quicker decision-making is involved. Additionally, privacy leakage possibilities increase with cloud-based solutions, as they involve multiparty interactions, introducing more complexity into ensuring data privacy. Due to IoT application and service heterogeneity, traditional security models are unsuitable for the IoT. There is no generic model for IoT data security and user data privacy that can facilitate trustworthy collaboration and identity management near the source.

The thesis focuses on creating a generic state-of-the-art artefact for IoT security, utilizing decentralized trust, user data privacy, and localized identity management for heterogeneous IoT devices and services.

The main contributions of this thesis include a novel decentralized model for secure and reliable interaction between components of the IoT paradigm, complemented by a decentralized trust management model, an edge gateway-based privacy enhancement scheme, and a decentralized identity management model with new authentication and authorization mechanisms for IoT devices where access to new resources is granted locally, and activities are recorded with context information. The proposed models are generic and can be easily adapted to real-life IoT use cases with minor amendments.

Nyckelord

Internet of Things (IoT), Decentralized Architecture, Distributed Ledger Technology, Edge Computing, Fog Computing, Security, Trust, Privacy, Identity management