| Popis: |
In addition to its benefits, the Internet of Things (IoT) technology has also opened the way to novel privacy and security issues. The basis of IoT security starts with the trust in the IoT hardware and its supply chain. Since the integrated circuits (ICs) are the main building blocks of any computer system, IC and IoT supply chain security should be considered together. In previous studies, IC and IoT supply chains have been studied separately and separate solutions have been proposed. The most important of these IC supply chain-related solutions is the Supply Chain Hardware Integrity for Electronics Defense (SHIELD) scheme. Besides, four RFID (Radio Frequency Identification)-enabled solutions by the same authors have been proposed to secure the entire IoT supply chain. The works propose a new RFID-enabled supply chain tracing procedure. In each of these works, a variant of the same is proposed. However, the same variant authentication protocol coupled with the offline supply chain has such security vulnerabilities that make the whole supply chain unsafe. Besides that, the newly started SHIELD scheme has not matured yet, and the proposed authentication protocol improvements are still vulnerable to known non-invasive, side-channel attacks. In this thesis; (i) a novel authentication protocol based on strong mutual authentication is proposed for SHIELD, which resists the demonstrated attacks on previous schemes, and (ii) an online supply chain hop-tracking procedure supported by a novel RFID mutual authentication protocol is proposed. The proposed authentication protocols have been verified by two well-accepted formal protocol analyzers. The verification results demonstrate that the proposed protocols overcome the previous works' vulnerabilities. The proposed novel online supply chain tracing procedure removes the previous offline supply chain tracing procedure weaknesses. |
