Professional Documents
Culture Documents
A Proposal To Use X.509 Certificates For CCHS Connected Home Cloud Based Services 05-26-2015
A Proposal To Use X.509 Certificates For CCHS Connected Home Cloud Based Services 05-26-2015
Introduction The service flow for this architecture starts with IoT
CCHS Connected Home is a new business venture that is enabled appliances. IoT appliances connects to the
focused on developing an end to end digital appliance internet either through WiFi or an internet connected
warranty service. The service, utilizing Internet of hub. These devices connect to a 3rd party IoT Device
Things (IoT) technology, enables a customer to monitor Service Platform (IoT DSP) that manage device
and control the operation and status of appliances in connectivity. The Service Management Platform
the home with a smartphone. If an appliance fails, the receives alerts from the IoT Device Service Platforms
customer is notified of the failure, taken through a and determines the appropriate actions. It can alert
service triage process, and automatically schedules customers using there smart phone or create service
Mutual Authentication
Mutual authentication between a server and client are
very similar except both the server and the client verify
each other’s certificates. Server client verification is
taken care of by the reverse proxy server. In the case of
the Timx API that would be a Tomcat server. Client
server authentication is done with specific code written
in the client application. Basically mutual
authentication works by both the client and the server
exchanging there public digital certificates before the
actual message exchange.
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.URI;
import org.apache.commons.httpclient.methods.GetMethod;
static
{
System.setProperty("javax.net.ssl.trustStore", "c:/apachekeys/client1.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
System.setProperty("javax.net.ssl.keyStore", "c:/apachekeys/client1.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
}
System.out.println(method.getResponseBodyAsString());
1. IEEE “A Systemic Approach for IoT Security”, 2013 IEEE International Conference on Distributed Computing in
Sensor Systems, A. Raiahi, Y. Challal, E. Natalizio, Z. Chtourou, & A. Bouabdallah.
2. Microsoft “Web Service Security”, November 2005, A. Stamos, & S. Stender.
3. Apache “Tomcast 6.0 SSL Configuration How-To”, v6.0.44 May 8th 2015, Apache
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html.
4. “Configuring Tomcat SSL Client/Server Authentication”, October 22nd 2012, Maxim Porges.
http://www.maximporges.com/2009/11/18/configuring-tomcat-ssl-clientserver-authentication/
5. “Construct Secure Networked Applications with Certificates, Certificates add value to Public-key cryptography --
Parts 1 through 4”, January 12th 2001. Todd Sundsted. http://www.javaworld.com/article/2074889/learn-
java/construct-secure-networked-applications-with-certificates--part-1.html
6. “SMTP and Transport Layer Security (TLS) Tutorial”, December 1st 2014, Dr. Erwin Hoffmann, FEHCom.
http://www.fehcom.de/qmail/smtptls.html
7. OpenSSL Wiki Page, May 16th 2015. https://wiki.openssl.org/index.php/Main_Page
8. “Code Examples – Verifying Digital Signatures”, June 26th 2012, Technische Universitat Darmstadt.
https://www.flexiprovider.de/examples/ExampleSMIMEverify.html
9. “X.509 and SSL – A look into the complex world of X.509 and SSL”, July 5th 2007, Phil Dibowitz.
http://www.phildev.net/ssl/ssl_talk_uuasc.pdf
10. “X.509/SSL Guide”, Phil Dibowitz. http://www.phildev.net/ssl/
11. “Iot Hubs Expose Connected Homes to Hackers”, April 7th 2015, Paul F. Roberts, The Security Ledger,
https://securityledger.com/2015/04/research-iot-hubs-expose-connected-homes-to-hackers/
12. Intel Press Release “Intel Unifies and Simplifies Connectivity, Security for IoT”, December 9th 2014.
http://newsroom.intel.com/community/intel_newsroom/blog/2014/12/09/intel-unifies-and-simplifies-
connectivity-security-for-iot
13. Samsung Press Release “The internet of Things Needs Openness and Industry Collaboration to Succeed”, January
5th 2015. http://www.samsung.com/us/news/24395
14. “The Design of Secure System”, January 2010, Pre-publication release, E. Fernandez, E. Gudes, & M. Olivier