LAUSR

In the last years, several academic research efforts have focused on security requirements, threat models, and attack taxonomies concerning the application of the Internet of Things (IoT) in critical systems. Since such systems are strongly data intensive, it is of pivotal importance to provide integrity for the messages moving throughout the IoT infrastructure by means of publish/subscribe services. Integrity provisioning in industrial IoT scenarios has received marginal attention with respect to other primary security features. The existing solutions are lacking the needed focus on the peculiarities of the event notification and on the demand introduced by resource-constrained devices. This work contributes by applying group signatures so as to avoid managing certificates, violating the spatial decoupling, or implying an excessive resource usage. A proof-of-concept prototype of the proposed solution has been realized for platforms based on TinyOS, and simulations with TOSSIM have been conducted in order to empirically assess its performance and effectiveness.