This is a repository for an open-source project of SST (Secure Swarm Toolkit) and the local authentication and authorization entity, Auth, for the Internet of Things (IoT) security. Auth is a local point of authorization, and Auth's main roles are 1) providing authentication/authorization for its locally registered entities or devices and 2) working as a bridge of authorization between its local entities and the Internet.
Our conference papers [IoTDI '17], [FiCloud '16] describe a secure network architecture with key distribution mechanisms using Auth (local, automated authorization entity). The architecture provides security guarantees while addressing IoT-related issues, including resource constraints and intermittent connectivity. The architectural concept of locally centralized, globally distributed authentication and authorization is illustrated in our magazine article [IT Professional '17']. Our ACM journal article [ACM TIOT '20] presents a secure migration technique as a recovery mechanism from Denial-of-Service (DoS) attacks or failures. In 2023, we released C API for SST introduced in an open-source software journal [SoftwareX '23]. We also recently applied SST for access control of decentralized and distributed file systems [Mid4CC '23]. For the most in-depth technical document of SST, please refer to this Ph.D. dissertation [UC Berkeley '17].
This repository includes 1) an open-source Java implementation of Auth and 2) sample codes for local entities to use Auth (authentication/authorization) services provided by Auth in various programming languages for different platforms.
- OpenSSL command line tools for creating certificates and keystores of Auths and example entities
- Java 11 or above
- IntelliJ IDEA for managing Java project of Auth
- Maven CLI (command line interface) for building Auth from the command line
- Node.js for running example server and client entities
- android: Directory for SST's Auth and entities for Android platform (currently under development)
- auth: Directory for the Java implementation of Auth (local authentication/authorization entity), IntelliJ IDEA project
- entity: Directory for SST's APIs in C, Python, and JavaScript and example IoT entities using SST to be authenticated/authorized by Auth. This directory also includes a sub-directory for Secure Communication Accessors as software building blocks for writing IoT applications.
- examples: Directory for scripts and descriptions to run example Auths and entities.
See "How to run examples" in README.md under examples/ for a fully working example.
- Hokeun Kim (Assistant Professor at Arizona State University)
- Dongha Kim (Ph.D. Student at Arizona State University)
- Yeongbin Jo (M.S. Student at Hanyang University)
- Salomon Lee (CTO at AlcaCruz Inc.)
- Eunsuk Kang (Assistant Professor at Carnegie Mellon University)
- Marten Lohstroh (Assistant Researcher at UC Berkeley)
- Taekyung Kim (M.S. Student at Hanyang University)
- bluecove-2.1.2.jar: For Bluetooth APIs, exists under auth/library/jars
This project is currently intended for academic and research purposes, although the ultimate goal of this project is to build a secure and robust network architecture for the Internet of Things. Therefore, users must use the provided source codes with caution at their own risk when the tools provided in this project are used for commercial or safety-critical purposes.
This work was supported in part by the TerraSwarm Research Center, one of six centers supported by the STARnet phase of the Focus Center Research Program (FCRP), a Semiconductor Research Corporation program sponsored by MARCO and DARPA. This work was supported in part by the National Research Foundation of Korea (NRF) grants funded by the Korea government (MSIT).
Last updated on February 2, 2024