An inclusive Lifecycle Approach for IoT Devices Trust and Identity Management
Loupos, Konstantinos; Niavis, Harris; Michalopoulos, Fotis; Misiakoulis, George; Skarmeta, Antonio F.; García, Jesús; Palomares, Angel; Song, Hui; Dautov, Rustem; Giampaolo, Francesca; Mancilla, Rosella; Costantino, Francesca; Van Landuyt, Dimitri; Michiels, Sam; More, Stefan; Xenakis, Christos; Bampatsikos, Michail; Politis, Ilias; Krilakis, Konstantinos; Syvridis, Dimitris
Chapter
Submitted version

Date
2023Metadata
Show full item recordCollections
- Publikasjoner fra CRIStin - SINTEF AS [6157]
- SINTEF Digital [2621]
Original version
ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security. 10.1145/3600160.3605083Abstract
ERATOSTHENES is an EC, co-funded, research project strongly considering modern security challenges in the domain of Internet of Things in mind of their huge penetration into our day to day lives. There are a series of recent challenges that recently have been converted into obstacles or risk points that could block the secure operation of IoT networks in all day to day activities, from home to office, to leisure and security. These include examples such as the highly increased number of connected devices (at all network levels) that are on top forming inhomogeneous networks and systems of systems. Different vendor characteristics further increase the attack surface that is expected to further rise in the upcoming years. Such, highly critical, characteristics, dramatically increase the needs for confidentiality access control, user and things’ privacy, devices’ trustworthiness and compliance that require lifecycle considerations. The ERATOSTHENES project orchestrates a novel distributed, automated, auditable, yet privacy-respectful, Trust and Identity Management Framework and Reference Architecture with the ultimate scope to dynamically and holistically manage IoT devices in a lifecycle approach, strengthening trust, identities, and resilience in the entire IoT ecosystem while supporting the enforcement of the NIS directive, GDPR and Cybersecurity Act. This publication describes the ERATOSTHENES technical concept and reference architecture as well as design considerations, architecture characteristics, connectivity and interoperability.