Internet of Things and Could systems are developing and human being is becoming more dependent on them day by day. Therefore, we need to concern potential security threats more.

1. SECURING INTERACTION AMONG CLOUD SYSTEMS
AND INTERNET OFTHINGS (IOT)
By
Abed Matini

2. Introduction
• Internet ofThings (IoT) and Cloud Systems
- big part of human life
• Internet ofThings
ubiquitous network
monitoring and controlling our environment
gathering - processing - analyzing Data
• Between 26 to 50 Billion devices will be connected to the internet by 2025.

3. Problem
• Big SecurityThreat for IoT Devices;
- 70% vulnerable due to lack of encrypted interaction
- 80% failed to require password
- Strongly dependent onWireless & Cellular networks
Most important:
- 90% of IoT devices include at least one personal Information

4. Main Challenge
• Develop an advanced security Mechanism into IoT devices to interact between
Internet ofThings sensors and Cloud Systems
• Offer a solution for Machine-to-Machine (M2M)
Essential to secure IoT communication
Between Sensor Nodes and Cloud

5. Case study : Smart Lock Systems
• Three component of Smart Locks:
-An electronically-augmented deadbolt installed onto an exterior door
-A mobile device that can electronically control the lock
-A remote web server

6. Security Goal in Smart Lock Systems
Prevent Unauthorized access

7. Two types of network design for smart
Locks
• Device-Gateway-Cloud
rely on users mobile phone – no direct connection between lock and the internet
allow an attacker to evade revocation and access logging.
ex. AirBnB tenant whose lease is expiring
• Direct internet connection between smart lock and the remote server
lock contain a built-in Wi-Fi modem – connected to the home’s Wi-Fi network
revoked attacker still can evade revocation by switching the malicious phone.

8. Geo-fencing &Touch-to-Unlock
• User exist
• Re-enters the geo-fence boundary, recognize by GPS
• Touch the exterior lock face
• Set time period (after re-entering the boundary)
• Problem : Location spoofing

9. Locking system components
• Sensor - > wearable node.
• Base Station - > Smart Lock
• Cloud - > System Application
- > Storage
- > Database
The system gets help from Cloud to do all high processing to reduce processing load
on the wearable node.

10. Wireless Sensor Network (WSN) Key
• Use aWSN key (inWearable Node) to verify the Lock (as a gateway) and Key in a
small distance.
• WhyWSN?
Two Level of Authentication Approach
connecting with cloud

11. WSN and Cloud
• User
• Wearable Node : Includes GPS Position Data
• Wearable Network Coordinator
• Cloud Service Provider : Managing all member data in which come from sensors
Moreover
• Elliptic Curve Cryptography
a public key cryptography algorithm
Elliptic Curve Diffie-Hellman (ECDH)
use secret Message Authentication Code (MAC)

12. Therefore:
• Cloud runs Public Key Cryptography (PKC) for authentication between Wearable
Node and Cloud
• Using Message Authentication Code (MAC) as a hashing function to confirm that
the message came from stated sender
• Time synchronization between all parties to prevent reply attack.
• Cloud Generates Private and Public key
• Wearable device and wearable network coordinator are also preloaded with them

13. Conclusion
• Lack of security in internet of things interaction can be a big threat.
• Encrypted and two authentication level could be offered as a solution in
interaction between Sensors and Cloud system.

14. THANKYOU