Integrity for an Event Notification Within the Industrial Internet of Things by Using Group Signatures

In the last years, academic research has been focused also on the security requirements, threat models, and attack taxonomies from the perspective of the application of Internet of Things in critical applications. Since such systems are strongly data-intensive, it is of pivotal importance to provide integrity for the messages moving throughout the infrastructure by means of publish/subscribe services. Integrity provisioning has received marginal attention with respect to other primary security features. The existing solutions are lacking the needed focus on the peculiarities of event notification and the demands introduced by resource-constrained devices. This work contributes by applying group signatures so as to avoid managing certificates, violating the spatial decoupling, or implying an excessive resource usage. A proof-of-concept prototype of the proposed solution has been realized for platforms based on TinyOS and simulations with TOSSIM have been conducted in order to empirically assess its performance and effectiveness.