Envisioning Secure and Scalable Network Access Control: A Framework for Mitigating Device Heterogeneity and Network Complexity in Large-Scale Internet-of-Things (IoT) Deployments
Keywords:
Network Access Control (NAC), Internet-of-Things (IoT), Lightweight AuthenticationAbstract
Rapid IoT expansion brings unprecedented network access security vulnerabilities. Large-scale equipment requires different communication protocols, security levels, and administrative needs. Heterogeneous and complex large-scale networks demand scalable and adaptive NAC solutions. NAC concerns in large IoT systems are comprehensively discussed in this research. Traditional NAC approaches struggle with device heterogeneity and network complexity, therefore we carefully examine alternatives. Scalable infrastructures, lightweight authentication, and policy-driven enforcement are priorities.
NAC IoT research is heavily discussed in the study. Our new paradigm for scalable NAC solutions for large-scale IoT is based on these ideas. Unique dynamic device profiling, context-aware access control, and machine learning-driven anomaly detection are used. Real-time dynamic device profiling identifies connected devices, enabling the system to react to IoT changes. Context-aware access control uses environmental data and device activity to make granular access choices for security and functionality. Lastly, machine learning-driven anomaly detection identifies network-accessing rogue devices.
References
A. Rahman, M. A. Razak, S. A. Hussin, and E. L. Wong, "Lightweight Authentication Protocol for Secure Communication in M2M Networks," in 2014 IEEE Conference on Wireless Communications, Networking and Information Security (WCNIS), pp. 124-129, Dec. 2014.
D. Kim and K. Kim, "Lightweight EAP based Authentication Protocol for Resource-Constrained Devices in Wireless Sensor Networks," in 2011 5th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 147-152, July 2011.
H. Seo, J. Kim, H. Park, S. Jin, and D. Kim, "Lightweight and Secure Key Management Scheme for Identity-Based Cryptography in Sensor Networks," in 2011 International Conference on Convergence Information Technology (ICCIT), pp. 1126-1130, Nov. 2011.
B. Fraser, P. Samar, A. Solis, and V. Ganapathy, "Policy-Driven Network Access Control," in IEEE Communications Magazine, vol. 43, no. 7, pp. 90-97, July 2005.
M. Conti, C. Lalioti, S. Municazio, and P. Troncarelli, "Policy-Based Dynamic Access Control in the Cloud," in IEEE Transactions on Dependable and Secure Computing, vol. 11, no. 4, pp. 394-407, July-Aug. 2014.
M. Miettinen, J. Arkko, P. Savolainen, and P. Nikander, "Toward Context-Aware Trust Management in Future Internet Architectures," in IEEE Communications Magazine, vol. 49, no. 11, pp. 80-87, Nov. 2011.
C. Bettini, S. A. de Freitas, and L. Veríssimo, "Beyond Firewalls: Context-Aware Security for Mobile Devices," in IEEE Wireless Communications, vol. 16, no. 4, pp. 82-88, April 2009.
Y. Yu, S. Mao, W. Lou, and J. Wu, "DoS Attacks against Network Access Control (NAC) Systems: A Survey," in IEEE Communications Surveys & Tutorials
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
