ARTICLE | doi:10.20944/preprints202007.0513.v1
Subject: Engineering, Control And Systems Engineering Keywords: C2; command and control; Identity; Internet of Things; IoT; MQTT; NFC; security; QR Code
Online: 22 July 2020 (10:17:33 CEST)
This paper examines dynamic identity, as it pertains to the IoT; and explores the practical implementation of a mitigation to some of the key weaknesses of a conventional dynamic identity model. This paper explores human-centric and machine-based observer approaches for confirming device identity, permitting automated identity confirmation for deployed systems. It also assesses the advantages of dynamic identity in the context of identity revocation permitting secure change of ownership for IoT devices. The paper explores use-cases for human and machine-based observation for authentication of device identity when devices join a C2 network, and considers the relative merits for these two approaches for different types of system.