nternet of Things (IoT) offers new opportunities for business,
technology and science into an highly connected world, but inherent
characteristics of IoT made of numerous resource-constrained devices
from various origins, also raises new challenges in terms of security
and privacy.
This talk focuses on solving the problem of trust establishment for IoT
by proposing a security solution that consists of a secure bootstrap
mechanism for device identification as well as a message attestation
mechanism for aggregate response validation.
To achieve security and privacy requirements, the problem is approached
in a confined environment, named SubNets of Things (SNoT), where
multiple devices depend on it. In this context, devices are uniquely and
securely identified thanks to their environment and their role within
it. Additionally, the underlying message authentication technique
features signature aggregation and hence, generates one compact response
on behalf of all devices in the subnet.