TY - JOUR
T1 - Trust-Based Certificate Management for Industrial IoT Networks
AU - Boudagdigue, Chaimaa
AU - Benslimane, Abderrahim
AU - Kobbane, Abdellatif
AU - Liu, Jiajia
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2023/7/15
Y1 - 2023/7/15
N2 - The Industrial Internet of Things (IIoT) network is composed of devices that contain sensitive data, which makes them vulnerable to various security threats. Digital Certificates can be used to reinforce the security of the IIoT network, however, their management remains a major issue. Hence, in this article, we rely on trust management to deal with the whole certificate management process in IIoT networks, from revocation to verification. For this purpose, we organize the IIoT network into a clustering architecture where each cluster head (CH) hosts an agent, called CH-UR agent, that renews/revokes the certificates of its cluster member nodes. We apply signaling game theory to build a Certificate Revocation Game modeling the interactions between a member IIoT node and the CH-UR agent. Thus, upon the belief on the member node, updated by using the Bayesian rules, the best response strategy for the CH-UR agent can be obtained. Further, we propose a new efficient certificate verification scheme based on short-lived certificates (SLCs) and suitable for IIoT network requirements. The performance evaluation of our framework proves, first, the accuracy and convergence speed of our revocation mechanism to detect untrusted devices and on-off attacks. Second, the effectiveness of our clustering architecture to reduce the resource consumption resulting from the management of SLCs to 60% even with the increase of network density. Third, the effectiveness of the proposed certificate verification scheme to reduce the time needed to obtain the revocation information as well as the resulting storage and communication overhead to achieve this purpose.
AB - The Industrial Internet of Things (IIoT) network is composed of devices that contain sensitive data, which makes them vulnerable to various security threats. Digital Certificates can be used to reinforce the security of the IIoT network, however, their management remains a major issue. Hence, in this article, we rely on trust management to deal with the whole certificate management process in IIoT networks, from revocation to verification. For this purpose, we organize the IIoT network into a clustering architecture where each cluster head (CH) hosts an agent, called CH-UR agent, that renews/revokes the certificates of its cluster member nodes. We apply signaling game theory to build a Certificate Revocation Game modeling the interactions between a member IIoT node and the CH-UR agent. Thus, upon the belief on the member node, updated by using the Bayesian rules, the best response strategy for the CH-UR agent can be obtained. Further, we propose a new efficient certificate verification scheme based on short-lived certificates (SLCs) and suitable for IIoT network requirements. The performance evaluation of our framework proves, first, the accuracy and convergence speed of our revocation mechanism to detect untrusted devices and on-off attacks. Second, the effectiveness of our clustering architecture to reduce the resource consumption resulting from the management of SLCs to 60% even with the increase of network density. Third, the effectiveness of the proposed certificate verification scheme to reduce the time needed to obtain the revocation information as well as the resulting storage and communication overhead to achieve this purpose.
KW - Digital certificate management
KW - Industrial Internet of Things (IIoT)
KW - short-lived certificate (SLC)
KW - signaling game
KW - trust management
UR - http://www.scopus.com/inward/record.url?scp=85151541707&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2023.3259340
DO - 10.1109/JIOT.2023.3259340
M3 - 文章
AN - SCOPUS:85151541707
SN - 2327-4662
VL - 10
SP - 12867
EP - 12885
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 14
ER -