Avaliação de conformidade de requisitos de autenticação em gateways IOT
| Autor(a) principal: | |
|---|---|
| Data de Publicação: | 2022 |
| Tipo de documento: | Dissertação |
| Idioma: | por |
| Título da fonte: | Biblioteca Digital de Teses e Dissertações da UFRPE |
| Texto Completo: | http://www.tede2.ufrpe.br:8080/tede2/handle/tede2/8674 |
Resumo: | Within the Internet of Things, gateways are devices that play a strategic role in the communication of devices with the external environment. Gateways help with the problem of heterogeneity, acting to conduct the communication of devices even if they use different protocols. However, given its centralized and strategic position in an IoT network, gateway security becomes even more relevant. A successful attack on this device could leave everything inside the Internet of things (IoT) system vulnerable. In this context, considering traditional security requirements, authentication is incredibly important in IoT systems, since it is important that devices go through an authentication process before being inserted into the environment. In this dissertation, the main objective is to evaluate the authentication compliance levels of IoT gateways currently used in the community. For this, an evaluation methodology was developed, described in Business Process Model and Notation (BPMN), to evaluate authentication requirements in IoT gateways. Consequently, it was possible to analyze and select several authentication requirements published by internationally recognized technical organizations, such as IoTSF and OWASP. The gateways currently used in IoT were surveyed, installed, and configured, and the requirements inspection process was performed. In terms of results, it was possible to observe that current gateways, in their default configuration, can only meet approximately 66% of the authentication requirements presented by technical organizations. |
| id |
URPE_1e8bf1ed93953e17a2df6e2456f120db |
|---|---|
| oai_identifier_str |
oai:tede2:tede2/8674 |
| network_acronym_str |
URPE |
| network_name_str |
Biblioteca Digital de Teses e Dissertações da UFRPE |
| repository_id_str |
|
| spelling |
LINS, Fernando Antonio AiresNÓBREGA, Obionor de OliveiraDOMINGUES, Jeísa Pereira de OliveiraCORREIA NETO, Jorge da SilvaROSA, Nelson Soutohttp://lattes.cnpq.br/1872449273495148GOMES, Diego Ribeiro2022-10-06T16:01:59Z2022-07-15GOMES, Diego Ribeiro. Avaliação de conformidade de requisitos de autenticação em gateways IOT. 2022. 82 f. Dissertação (Programa de Pós-Graduação em Informática Aplicada) - Universidade Federal Rural de Pernambuco, Recife.http://www.tede2.ufrpe.br:8080/tede2/handle/tede2/8674Within the Internet of Things, gateways are devices that play a strategic role in the communication of devices with the external environment. Gateways help with the problem of heterogeneity, acting to conduct the communication of devices even if they use different protocols. However, given its centralized and strategic position in an IoT network, gateway security becomes even more relevant. A successful attack on this device could leave everything inside the Internet of things (IoT) system vulnerable. In this context, considering traditional security requirements, authentication is incredibly important in IoT systems, since it is important that devices go through an authentication process before being inserted into the environment. In this dissertation, the main objective is to evaluate the authentication compliance levels of IoT gateways currently used in the community. For this, an evaluation methodology was developed, described in Business Process Model and Notation (BPMN), to evaluate authentication requirements in IoT gateways. Consequently, it was possible to analyze and select several authentication requirements published by internationally recognized technical organizations, such as IoTSF and OWASP. The gateways currently used in IoT were surveyed, installed, and configured, and the requirements inspection process was performed. In terms of results, it was possible to observe that current gateways, in their default configuration, can only meet approximately 66% of the authentication requirements presented by technical organizations.Dentro da Internet das Coisas, os gateways são dispositivos que exercem uma função estratégica na comunicação dos dispositivos com o ambiente externo. Gateways ajudam no problema da heterogeneidade, atuando para realizar a comunicação de dispositivos mesmo que os mesmos utilizem protocolos distintos. Contudo, dada a sua posição centralizada e estratégica em uma rede da Internet das Coisas (IoT), a segurança do gateway se torna ainda mais relevante. Um ataque bem-sucedido a este dispositivo pode deixar vulnerável todas as coisas dentro do sistema IoT. Neste contexto, considerando os requisitos de segurança tradicionais, a autenticação se apresenta com elevada importância em sistemas IoT, visto que é importante que os dispositivos passem por um processo de autenticação antes de serem inseridos no ambiente. Nesta dissertação, o objetivo principal é avaliar os níveis de conformidade de autenticação em gateways IoT atualmente utilizados na comunidade. Para isto, foi desenvolvida uma metodologia de avaliação, descrita em Notação para Modelagem de Processos de Negócio (BPMN), para avaliação de requisitos de autenticação em gateways IoT. Consequentemente, foi possível analisar e selecionar diversos requisitos em autenticação publicados por organizações técnicas internacionalmente reconhecidas, como IoTSF e OWASP. Os gateways atualmente usados em IoT foram levantados, instalados e configurados, e o processo de inspeção dos requisitos foi executado. Em termos de resultados, foi possível observar que os gateways atuais, em sua configuração padrão, só conseguem atender aproximadamente 66% dos requisitos de autenticação apresentados pelas organizações técnicas.Submitted by Mario BC (mario@bc.ufrpe.br) on 2022-10-06T16:01:58Z No. of bitstreams: 1 Diego Ribeiro Gomes.pdf: 2641241 bytes, checksum: 1e6e20c479d20566f9857645fc5f9cbc (MD5)Made available in DSpace on 2022-10-06T16:01:59Z (GMT). No. of bitstreams: 1 Diego Ribeiro Gomes.pdf: 2641241 bytes, checksum: 1e6e20c479d20566f9857645fc5f9cbc (MD5) Previous issue date: 2022-07-15application/pdfporUniversidade Federal Rural de PernambucoPrograma de Pós-Graduação em Informática AplicadaUFRPEBrasilDepartamento de Estatística e InformáticaGatewayRequisitos de autenticaçãoAutenticação em gatewaysInternet das coisasCIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAOAvaliação de conformidade de requisitos de autenticação em gateways IOTinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesis-8268485641417162699600600600-67745551403961205013671711205811204509info:eu-repo/semantics/openAccessreponame:Biblioteca Digital de Teses e Dissertações da UFRPEinstname:Universidade Federal Rural de Pernambuco (UFRPE)instacron:UFRPEORIGINALDiego Ribeiro Gomes.pdfDiego Ribeiro Gomes.pdfapplication/pdf2641241http://www.tede2.ufrpe.br:8080/tede2/bitstream/tede2/8674/2/Diego+Ribeiro+Gomes.pdf1e6e20c479d20566f9857645fc5f9cbcMD52LICENSElicense.txtlicense.txttext/plain; charset=utf-82165http://www.tede2.ufrpe.br:8080/tede2/bitstream/tede2/8674/1/license.txtbd3efa91386c1718a7f26a329fdcb468MD51tede2/86742024-02-23 12:26:01.801oai:tede2:tede2/8674Tk9UQTogQ09MT1FVRSBBUVVJIEEgU1VBIFBSw5NQUklBIExJQ0VOw4dBCkVzdGEgbGljZW7Dp2EgZGUgZXhlbXBsbyDDqSBmb3JuZWNpZGEgYXBlbmFzIHBhcmEgZmlucyBpbmZvcm1hdGl2b3MuCgpMSUNFTsOHQSBERSBESVNUUklCVUnDh8ODTyBOw4NPLUVYQ0xVU0lWQQoKQ29tIGEgYXByZXNlbnRhw6fDo28gZGVzdGEgbGljZW7Dp2EsIHZvY8OqIChvIGF1dG9yIChlcykgb3UgbyB0aXR1bGFyIGRvcyBkaXJlaXRvcyBkZSBhdXRvcikgY29uY2VkZSDDoCBVbml2ZXJzaWRhZGUgClhYWCAoU2lnbGEgZGEgVW5pdmVyc2lkYWRlKSBvIGRpcmVpdG8gbsOjby1leGNsdXNpdm8gZGUgcmVwcm9kdXppciwgIHRyYWR1emlyIChjb25mb3JtZSBkZWZpbmlkbyBhYmFpeG8pLCBlL291IApkaXN0cmlidWlyIGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyAoaW5jbHVpbmRvIG8gcmVzdW1vKSBwb3IgdG9kbyBvIG11bmRvIG5vIGZvcm1hdG8gaW1wcmVzc28gZSBlbGV0csO0bmljbyBlIAplbSBxdWFscXVlciBtZWlvLCBpbmNsdWluZG8gb3MgZm9ybWF0b3Mgw6F1ZGlvIG91IHbDrWRlby4KClZvY8OqIGNvbmNvcmRhIHF1ZSBhIFNpZ2xhIGRlIFVuaXZlcnNpZGFkZSBwb2RlLCBzZW0gYWx0ZXJhciBvIGNvbnRlw7pkbywgdHJhbnNwb3IgYSBzdWEgdGVzZSBvdSBkaXNzZXJ0YcOnw6NvIApwYXJhIHF1YWxxdWVyIG1laW8gb3UgZm9ybWF0byBwYXJhIGZpbnMgZGUgcHJlc2VydmHDp8Ojby4KClZvY8OqIHRhbWLDqW0gY29uY29yZGEgcXVlIGEgU2lnbGEgZGUgVW5pdmVyc2lkYWRlIHBvZGUgbWFudGVyIG1haXMgZGUgdW1hIGPDs3BpYSBhIHN1YSB0ZXNlIG91IApkaXNzZXJ0YcOnw6NvIHBhcmEgZmlucyBkZSBzZWd1cmFuw6dhLCBiYWNrLXVwIGUgcHJlc2VydmHDp8Ojby4KClZvY8OqIGRlY2xhcmEgcXVlIGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyDDqSBvcmlnaW5hbCBlIHF1ZSB2b2PDqiB0ZW0gbyBwb2RlciBkZSBjb25jZWRlciBvcyBkaXJlaXRvcyBjb250aWRvcyAKbmVzdGEgbGljZW7Dp2EuIFZvY8OqIHRhbWLDqW0gZGVjbGFyYSBxdWUgbyBkZXDDs3NpdG8gZGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyBuw6NvLCBxdWUgc2VqYSBkZSBzZXUgCmNvbmhlY2ltZW50bywgaW5mcmluZ2UgZGlyZWl0b3MgYXV0b3JhaXMgZGUgbmluZ3XDqW0uCgpDYXNvIGEgc3VhIHRlc2Ugb3UgZGlzc2VydGHDp8OjbyBjb250ZW5oYSBtYXRlcmlhbCBxdWUgdm9jw6ogbsOjbyBwb3NzdWkgYSB0aXR1bGFyaWRhZGUgZG9zIGRpcmVpdG9zIGF1dG9yYWlzLCB2b2PDqiAKZGVjbGFyYSBxdWUgb2J0ZXZlIGEgcGVybWlzc8OjbyBpcnJlc3RyaXRhIGRvIGRldGVudG9yIGRvcyBkaXJlaXRvcyBhdXRvcmFpcyBwYXJhIGNvbmNlZGVyIMOgIFNpZ2xhIGRlIFVuaXZlcnNpZGFkZSAKb3MgZGlyZWl0b3MgYXByZXNlbnRhZG9zIG5lc3RhIGxpY2Vuw6dhLCBlIHF1ZSBlc3NlIG1hdGVyaWFsIGRlIHByb3ByaWVkYWRlIGRlIHRlcmNlaXJvcyBlc3TDoSBjbGFyYW1lbnRlIAppZGVudGlmaWNhZG8gZSByZWNvbmhlY2lkbyBubyB0ZXh0byBvdSBubyBjb250ZcO6ZG8gZGEgdGVzZSBvdSBkaXNzZXJ0YcOnw6NvIG9yYSBkZXBvc2l0YWRhLgoKQ0FTTyBBIFRFU0UgT1UgRElTU0VSVEHDh8ODTyBPUkEgREVQT1NJVEFEQSBURU5IQSBTSURPIFJFU1VMVEFETyBERSBVTSBQQVRST0PDjU5JTyBPVSAKQVBPSU8gREUgVU1BIEFHw4pOQ0lBIERFIEZPTUVOVE8gT1UgT1VUUk8gT1JHQU5JU01PIFFVRSBOw4NPIFNFSkEgQSBTSUdMQSBERSAKVU5JVkVSU0lEQURFLCBWT0PDiiBERUNMQVJBIFFVRSBSRVNQRUlUT1UgVE9ET1MgRSBRVUFJU1FVRVIgRElSRUlUT1MgREUgUkVWSVPDg08gQ09NTyAKVEFNQsOJTSBBUyBERU1BSVMgT0JSSUdBw4fDlUVTIEVYSUdJREFTIFBPUiBDT05UUkFUTyBPVSBBQ09SRE8uCgpBIFNpZ2xhIGRlIFVuaXZlcnNpZGFkZSBzZSBjb21wcm9tZXRlIGEgaWRlbnRpZmljYXIgY2xhcmFtZW50ZSBvIHNldSBub21lIChzKSBvdSBvKHMpIG5vbWUocykgZG8ocykgCmRldGVudG9yKGVzKSBkb3MgZGlyZWl0b3MgYXV0b3JhaXMgZGEgdGVzZSBvdSBkaXNzZXJ0YcOnw6NvLCBlIG7Do28gZmFyw6EgcXVhbHF1ZXIgYWx0ZXJhw6fDo28sIGFsw6ltIGRhcXVlbGFzIApjb25jZWRpZGFzIHBvciBlc3RhIGxpY2Vuw6dhLgo=Biblioteca Digital de Teses e Dissertaçõeshttp://www.tede2.ufrpe.br:8080/tede/PUBhttp://www.tede2.ufrpe.br:8080/oai/requestbdtd@ufrpe.br ||bdtd@ufrpe.bropendoar:2024-05-28T12:37:17.194942Biblioteca Digital de Teses e Dissertações da UFRPE - Universidade Federal Rural de Pernambuco (UFRPE)false |
| dc.title.por.fl_str_mv |
Avaliação de conformidade de requisitos de autenticação em gateways IOT |
| title |
Avaliação de conformidade de requisitos de autenticação em gateways IOT |
| spellingShingle |
Avaliação de conformidade de requisitos de autenticação em gateways IOT GOMES, Diego Ribeiro Gateway Requisitos de autenticação Autenticação em gateways Internet das coisas CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO |
| title_short |
Avaliação de conformidade de requisitos de autenticação em gateways IOT |
| title_full |
Avaliação de conformidade de requisitos de autenticação em gateways IOT |
| title_fullStr |
Avaliação de conformidade de requisitos de autenticação em gateways IOT |
| title_full_unstemmed |
Avaliação de conformidade de requisitos de autenticação em gateways IOT |
| title_sort |
Avaliação de conformidade de requisitos de autenticação em gateways IOT |
| author |
GOMES, Diego Ribeiro |
| author_facet |
GOMES, Diego Ribeiro |
| author_role |
author |
| dc.contributor.advisor1.fl_str_mv |
LINS, Fernando Antonio Aires |
| dc.contributor.advisor-co1.fl_str_mv |
NÓBREGA, Obionor de Oliveira |
| dc.contributor.referee1.fl_str_mv |
DOMINGUES, Jeísa Pereira de Oliveira |
| dc.contributor.referee2.fl_str_mv |
CORREIA NETO, Jorge da Silva |
| dc.contributor.referee3.fl_str_mv |
ROSA, Nelson Souto |
| dc.contributor.authorLattes.fl_str_mv |
http://lattes.cnpq.br/1872449273495148 |
| dc.contributor.author.fl_str_mv |
GOMES, Diego Ribeiro |
| contributor_str_mv |
LINS, Fernando Antonio Aires NÓBREGA, Obionor de Oliveira DOMINGUES, Jeísa Pereira de Oliveira CORREIA NETO, Jorge da Silva ROSA, Nelson Souto |
| dc.subject.por.fl_str_mv |
Gateway Requisitos de autenticação Autenticação em gateways Internet das coisas |
| topic |
Gateway Requisitos de autenticação Autenticação em gateways Internet das coisas CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO |
| dc.subject.cnpq.fl_str_mv |
CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO |
| description |
Within the Internet of Things, gateways are devices that play a strategic role in the communication of devices with the external environment. Gateways help with the problem of heterogeneity, acting to conduct the communication of devices even if they use different protocols. However, given its centralized and strategic position in an IoT network, gateway security becomes even more relevant. A successful attack on this device could leave everything inside the Internet of things (IoT) system vulnerable. In this context, considering traditional security requirements, authentication is incredibly important in IoT systems, since it is important that devices go through an authentication process before being inserted into the environment. In this dissertation, the main objective is to evaluate the authentication compliance levels of IoT gateways currently used in the community. For this, an evaluation methodology was developed, described in Business Process Model and Notation (BPMN), to evaluate authentication requirements in IoT gateways. Consequently, it was possible to analyze and select several authentication requirements published by internationally recognized technical organizations, such as IoTSF and OWASP. The gateways currently used in IoT were surveyed, installed, and configured, and the requirements inspection process was performed. In terms of results, it was possible to observe that current gateways, in their default configuration, can only meet approximately 66% of the authentication requirements presented by technical organizations. |
| publishDate |
2022 |
| dc.date.accessioned.fl_str_mv |
2022-10-06T16:01:59Z |
| dc.date.issued.fl_str_mv |
2022-07-15 |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
| format |
masterThesis |
| status_str |
publishedVersion |
| dc.identifier.citation.fl_str_mv |
GOMES, Diego Ribeiro. Avaliação de conformidade de requisitos de autenticação em gateways IOT. 2022. 82 f. Dissertação (Programa de Pós-Graduação em Informática Aplicada) - Universidade Federal Rural de Pernambuco, Recife. |
| dc.identifier.uri.fl_str_mv |
http://www.tede2.ufrpe.br:8080/tede2/handle/tede2/8674 |
| identifier_str_mv |
GOMES, Diego Ribeiro. Avaliação de conformidade de requisitos de autenticação em gateways IOT. 2022. 82 f. Dissertação (Programa de Pós-Graduação em Informática Aplicada) - Universidade Federal Rural de Pernambuco, Recife. |
| url |
http://www.tede2.ufrpe.br:8080/tede2/handle/tede2/8674 |
| dc.language.iso.fl_str_mv |
por |
| language |
por |
| dc.relation.program.fl_str_mv |
-8268485641417162699 |
| dc.relation.confidence.fl_str_mv |
600 600 600 |
| dc.relation.department.fl_str_mv |
-6774555140396120501 |
| dc.relation.cnpq.fl_str_mv |
3671711205811204509 |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.publisher.none.fl_str_mv |
Universidade Federal Rural de Pernambuco |
| dc.publisher.program.fl_str_mv |
Programa de Pós-Graduação em Informática Aplicada |
| dc.publisher.initials.fl_str_mv |
UFRPE |
| dc.publisher.country.fl_str_mv |
Brasil |
| dc.publisher.department.fl_str_mv |
Departamento de Estatística e Informática |
| publisher.none.fl_str_mv |
Universidade Federal Rural de Pernambuco |
| dc.source.none.fl_str_mv |
reponame:Biblioteca Digital de Teses e Dissertações da UFRPE instname:Universidade Federal Rural de Pernambuco (UFRPE) instacron:UFRPE |
| instname_str |
Universidade Federal Rural de Pernambuco (UFRPE) |
| instacron_str |
UFRPE |
| institution |
UFRPE |
| reponame_str |
Biblioteca Digital de Teses e Dissertações da UFRPE |
| collection |
Biblioteca Digital de Teses e Dissertações da UFRPE |
| bitstream.url.fl_str_mv |
http://www.tede2.ufrpe.br:8080/tede2/bitstream/tede2/8674/2/Diego+Ribeiro+Gomes.pdf http://www.tede2.ufrpe.br:8080/tede2/bitstream/tede2/8674/1/license.txt |
| bitstream.checksum.fl_str_mv |
1e6e20c479d20566f9857645fc5f9cbc bd3efa91386c1718a7f26a329fdcb468 |
| bitstream.checksumAlgorithm.fl_str_mv |
MD5 MD5 |
| repository.name.fl_str_mv |
Biblioteca Digital de Teses e Dissertações da UFRPE - Universidade Federal Rural de Pernambuco (UFRPE) |
| repository.mail.fl_str_mv |
bdtd@ufrpe.br ||bdtd@ufrpe.br |
| _version_ |
1810102266080788480 |