Show simple item record

dc.contributor.authorAtutxa Imatz, Asier ORCID
dc.contributor.authorAstorga Burgo, Jasone ORCID
dc.contributor.authorBarceló, Marc
dc.contributor.authorUrbieta Aizpurua, Aitor
dc.contributor.authorJacob, Eduardo
dc.date.accessioned2023-02-07T18:01:39Z
dc.date.available2023-02-07T18:01:39Z
dc.date.issued2023-01
dc.identifier.citationComputers in Industry 144 : (2023) // Article ID 103802es_ES
dc.identifier.issn0166-3615
dc.identifier.issn1872-6194
dc.identifier.urihttp://hdl.handle.net/10810/59710
dc.description.abstractThe use of advanced communications and smart mechanisms in industry is growing rapidly, making cybersecurity a critical aspect. Currently, most industrial communication protocols rely on the Transport Layer Security (TLS) protocol to build their secure version, providing confidentiality, integrity and authentication. In the case of UDP-based communications, frequently used in Industrial Internet of Things (IIoT) scenarios, the counterpart of TLS is Datagram Transport Layer Security (DTLS), which includes some mechanisms to deal with the high unreliability of the transport layer. However, the (D)TLS handshake is a heavy process, specially for resource-deprived IIoT devices and frequently, security is sacrificed in favour of performance. More specifically, the validation of digital certificates is an expensive process from the time and resource consumption point of view. For this reason, digital certificates are not always properly validated by IIoT devices, including the verification of their revocation status; and when it is done, it introduces an important delay in the communications. In this context, this paper presents the design and implementation of an in-network server certificate validation system that offloads this task from the constrained IIoT devices to a resource-richer network element, leveraging data plane programming (DPP). This approach enhances security as it guarantees that a comprehensive server certificate verification is always performed. Additionally, it increases performance as resource-expensive tasks are moved from IIoT devices to a resource-richer network element. Results show that the proposed solution reduces DTLS handshake times by 50–60 %. Furthermore, CPU use in IIoT devices is also reduced, resulting in an energy saving of about 40 % in such devices.es_ES
dc.description.sponsorshipThis work was financially supported by the Spanish Ministry of Science and Innovation through the TRUE-5G project PID2019-108713RB-C54/AEI/10.13039/501100011033. It was also partially supported by the Ayudas Cervera para Centros Tecnológicos grant of the Spanish Centre for the Development of Industrial Technology (CDTI) under the project EGIDA (CER-20191012), and by the Basque Country Government under the ELKARTEK Program, project REMEDY - Real tiME control and embeddeD securitY (KK-2021/00091).es_ES
dc.language.isoenges_ES
dc.publisherElsevieres_ES
dc.relationinfo:eu-repo/grantAgreement/MICINN/PID2019-108713RB-C54es_ES
dc.rightsinfo:eu-repo/semantics/openAccesses_ES
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/3.0/es/*
dc.subjectDTLSes_ES
dc.subjectin-network computinges_ES
dc.subjectIoTes_ES
dc.subjectP4es_ES
dc.titleImproving efficiency and security of IIoT communications using in-network validation of server certificatees_ES
dc.typeinfo:eu-repo/semantics/articlees_ES
dc.rights.holder© 2022 The Author(s). Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by- nc-nd/4.0/).es_ES
dc.rights.holderAtribución-NoComercial-SinDerivadas 3.0 España*
dc.relation.publisherversionhttps://www.sciencedirect.com/science/article/pii/S0166361522001981?via%3Dihubes_ES
dc.identifier.doi10.1016/j.compind.2022.103802
dc.departamentoesIngeniería de comunicacioneses_ES
dc.departamentoeuKomunikazioen ingeniaritzaes_ES


Files in this item

Thumbnail
Thumbnail

This item appears in the following Collection(s)

Show simple item record

© 2022 The Author(s). Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-
nc-nd/4.0/).
Except where otherwise noted, this item's license is described as © 2022 The Author(s). Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by- nc-nd/4.0/).