The Internet of Things (IoT) is a wide-reaching network of devices, and these devices can intercommunicate and collaborate with each other to produce variety of services at any time, any place, and in any way. Maintaining access control, authentication and managing the identity of devices while they interact with other devices, services and people is an important challenge for Identity Management (IdM).The IdM presents significant challenges in the current Internet communication. These challenges are exacerbated in the IoT by the unbound number of devices and expected limitations in constrained resources. Current IdM solutions are mainly concerned with identities that are used by end users, and services to identify themselves in the networked world. However, these IdM solutions are designed by considering that significant resources are available and applicability of these IdM solutions to the resource constrained IoT needs a thorough analysis.
This thesis contributes to the area of IdM for ubiquitous devices in the IoT. It initially presents the motivational factors together with the IdM problems in the context of IoT and proposes an IdM framework. Following this, it refers to the major challenges for IdM. Key milestones identified for IdM are context management, context-aware clustering with hierarchical addressing, trust management, mutual authentication and access control. All IoT devices deal with multiple contexts. Hence, context management requires context awareness and the decision theory based device classification and framework is presented for context management. Time analysis and simulation results confirm that proposed solution is energy efficient. This context management is used to presents context-aware clustering with hierarchical addressing scheme. The proposed addressing scheme confirms the performance for throughput, end-to-end delay and energy by simulation. A relationship between trust and access control along with the trust management life cycle is introduced. This thesis presents a fuzzy approach to trust based access control with the notion of trust levels for IdM and simulation results shows that the proposed trust management model guarantees scalability, and is energy efficient. An attack modeling and threat analysis in order to get actual view of the IoT networks is presented. In the following part of this thesis, it presents a novel scheme for authentication and access control for the IoT devices. Evaluation of proposed scheme using security protocol verification tool for different attacks, and performance analysis in terms of computational time is discussed. In addition to the above, the concept of capability for access control is presented and the implementation of identity driven capability based access control in the IoT is discussed. Implementation results witness that the proposed access control scheme is efficient in terms of access time, and compared with the existing solutions. This thesis also presents the evaluation of the proposed scheme using security protocol verification tool at the end. Results in the view of attack resistance, energy efficiency, and other performance parameters are discussed in every contribution of this research work.
The main focus of this packet analyzer with intrusion detection tool is security for the banking system. Transactions and customer valuable information, needs to be secured from the vulnerable aspect of networking. Packet analyzer will capture and decode the IP packets on the network, check against various authentication criteria and maintain a log in the database. The system counts the number of IP packets coming from a particular IP address and monitor the network traffic. If an unauthorized access has been detected then it will raise an alert to the system administrator. Administrator has the authority to update the database of clients in their own network, view network traffic log and error log occurred in the network. This packet analyzer aims to provide better network security to the banking system by using a precautionary measure for unauthorized access such as hacking, computer threats, etc.