{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,27]],"date-time":"2026-04-27T10:50:56Z","timestamp":1777287056696,"version":"3.51.4"},"reference-count":37,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2024,4,27]],"date-time":"2024-04-27T00:00:00Z","timestamp":1714176000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,4,27]],"date-time":"2024-04-27T00:00:00Z","timestamp":1714176000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Discov Internet Things"],"abstract":"Abstract<\/jats:title>\n The Internet of Things (IoT) devices are pervasively deployed and embedded into our daily lives. Over several years, the massive assimilation of IoT devices has given rise to smart cities, smart factories, smart farms, etc. While IoTs can collect immense amounts of user and environmental information, the lack of adequate security measures is among the major concerns about information security and privacy. With the ever-increasing presence of IoTs, information flow between IoT devices in a single or multi-layered network is becoming increasingly vulnerable to attacks. Although several software-based solutions have been developed over the years that improve the security of resource-constrained IoT devices, there are limited efforts on hardware-oriented IoT security solutions. This paper proposes a Trusted HArdware-based Scalable Secure Architecture (THASSA) for IoT Edge systems. Leveraging standard cryptographic algorithms, THASSA provides a secure mechanism for data transfer and off-loads cryptography operations to trusted hardware. The modularized THASSA architecture allows devices to be added or removed without user intervention. Also, THASSA could be scaled to multiple subsystems using multiple trusted hardware to form IoT clusters with secure data path(s) for mission-critical applications. An experimental study has verified the correctness and effectiveness of THASSA.<\/jats:p>","DOI":"10.1007\/s43926-024-00056-7","type":"journal-article","created":{"date-parts":[[2024,4,27]],"date-time":"2024-04-27T13:02:28Z","timestamp":1714222948000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":23,"title":["A novel trusted hardware-based scalable security framework for IoT edge devices"],"prefix":"10.1007","volume":"4","author":[{"given":"Mohd","family":"Khan","sequence":"first","affiliation":[]},{"given":"Mohsen","family":"Hatami","sequence":"additional","affiliation":[]},{"given":"Wenfeng","family":"Zhao","sequence":"additional","affiliation":[]},{"given":"Yu","family":"Chen","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,4,27]]},"reference":[{"key":"56_CR1","doi-asserted-by":"publisher","first-page":"153","DOI":"10.1007\/978-3-319-76669-0_7","volume-title":"Smart cities: development and governance frameworks","author":"N Chen","year":"2018","unstructured":"Chen N, Chen Y. Smart city surveillance at the network edge in the era of IoT: opportunities and challenges. In: Mahmood Z, editor. Smart cities: development and governance frameworks. Cham: Springer; 2018. p. 153\u201376."},{"issue":"2","key":"56_CR2","doi-asserted-by":"publisher","first-page":"1121","DOI":"10.1109\/COMST.2020.2973314","volume":"22","author":"YA Qadri","year":"2020","unstructured":"Qadri YA, Nauman A, Zikria YB, Vasilakos AV, Kim SW. The future of healthcare internet of things: a survey of emerging technologies. IEEE Commun Surv Tutor. 2020;22(2):1121\u201367.","journal-title":"IEEE Commun Surv Tutor"},{"key":"56_CR3","doi-asserted-by":"publisher","first-page":"42493","DOI":"10.1109\/ACCESS.2021.3066457","volume":"9","author":"FMR Junior","year":"2021","unstructured":"Junior FMR, Kamienski CA. A survey on trustworthiness for the internet of things. IEEE Access. 2021;9:42493\u2013514.","journal-title":"IEEE Access"},{"key":"56_CR4","doi-asserted-by":"crossref","unstructured":"Xu R, Chen Y, Blasch E, Chen G. Blendcac: a blockchain-enabled decentralized capability-based access control for IoTs. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). IEEE; 2018. p. 1027\u201334.","DOI":"10.1109\/Cybermatics_2018.2018.00191"},{"key":"56_CR5","doi-asserted-by":"crossref","unstructured":"Xu R, Chen Y, Blasch E, Chen G. A federated capability-based access control mechanism for internet of things (IoTs). In: Sensors and Systems for Space Applications XI. vol. 10641. International Society for Optics and Photonics; 2018. p. 106410U.","DOI":"10.1117\/12.2305619"},{"issue":"4","key":"56_CR6","doi-asserted-by":"publisher","first-page":"359","DOI":"10.1109\/TSUSC.2017.2716953","volume":"2","author":"N Li","year":"2017","unstructured":"Li N, Liu D, Nepal S. Lightweight mutual authentication for IoT and its applications. IEEE Trans Sustain Comput. 2017;2(4):359\u201370.","journal-title":"IEEE Trans Sustain Comput"},{"issue":"3","key":"56_CR7","doi-asserted-by":"publisher","first-page":"236","DOI":"10.3390\/electronics10030236","volume":"10","author":"A Fitwi","year":"2021","unstructured":"Fitwi A, Chen Y, Zhu S, Blasch E, Chen G. Privacy-preserving surveillance as an edge service based on lightweight video protection schemes using face de-identification and window masking. Electronics. 2021;10(3):236.","journal-title":"Electronics"},{"key":"56_CR8","unstructured":"Naeini PE, Bhagavatula S, Habib H, Degeling M, Bauer L, Cranor LF, Sadeh N. Privacy expectations and preferences in an IoT world. In: Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017); 2017. p. 399\u2013412."},{"key":"56_CR9","doi-asserted-by":"crossref","unstructured":"Khan M, Chen Y. A randomized switched-mode voltage regulation system for IoT edge device to defend against power analysis based side channel attack. In: Proceedings of the 10th International Symposium on Security and Privacy on Internet of Things; 2021. p. 1\u20136.","DOI":"10.36227\/techrxiv.16430886"},{"key":"56_CR10","unstructured":"Peltonen E, Bennis M, Capobianco M, Debbah M, Ding A, Gil-Casti\u00f1eira F, Jurmu M, Karvonen T, Kelanti M, Kliks A, et\u00a0al. 6g white paper on edge intelligence; 2020. arXiv preprint arXiv:2004.14850"},{"key":"56_CR11","unstructured":"Ylianttila M, Kantola R, Gurtov A, Mucchi L, Oppermann I, Yan Z, Nguyen TH, Liu F, Hewa T, Liyanage M, et\u00a0al. 6g white paper: research challenges for trust, security and privacy; 2020. arXiv preprint arXiv:2004.11665"},{"key":"56_CR12","unstructured":"Ahmed A. Vulnerabilities identified in TPM 2.0 can affect billions of devices. Digital Information World; March 08, 2023."},{"issue":"6","key":"56_CR13","doi-asserted-by":"publisher","first-page":"4132","DOI":"10.1109\/JIOT.2020.3026493","volume":"8","author":"MN Khan","year":"2020","unstructured":"Khan MN, Rao A, Camtepe S. Lightweight cryptographic protocols for IoT-constrained devices: a survey. IEEE Internet Things J. 2020;8(6):4132\u201356.","journal-title":"IEEE Internet Things J"},{"key":"56_CR14","doi-asserted-by":"crossref","unstructured":"Surendran S, Nassef A, Beheshti BD. A survey of cryptographic algorithms for IoT devices. In: 2018 IEEE Long Island Systems, Applications and Technology Conference (LISAT). IEEE; 2018. p. 1\u20138.","DOI":"10.1109\/LISAT.2018.8378034"},{"key":"56_CR15","unstructured":"Horn J, Haas W, Prescher T, Gruss D, Lipp M, Mangard S, Schwarz M. Meltdown: reading kernel memory from user space. In 27th Security Symposium Security, vol. 18; 2018."},{"issue":"7","key":"56_CR16","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1145\/3399742","volume":"63","author":"P Kocher","year":"2020","unstructured":"Kocher P, Horn J, Fogh A, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M. Spectre attacks: Exploiting speculative execution. Commun ACM. 2020;63(7):93-101.","journal-title":"Commun ACM."},{"key":"56_CR17","unstructured":"L\u00f6w M. Overview of meltdown and spectre patches and their impacts. Advanced Microkernel Operating Systems. 2018 Jul:53."},{"issue":"3","key":"56_CR18","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1016\/j.dcan.2017.10.006","volume":"4","author":"M Banerjee","year":"2018","unstructured":"Banerjee M, Lee J, Choo KKR. A blockchain future for internet of things security: a position paper. Digit Commun Netw. 2018;4(3):149\u201360.","journal-title":"Digit Commun Netw"},{"issue":"3","key":"56_CR19","doi-asserted-by":"publisher","first-page":"928","DOI":"10.3390\/smartcities3030047","volume":"3","author":"R Xu","year":"2020","unstructured":"Xu R, Nikouei SY, Nagothu D, Fitwi A, Chen Y. Blendsps: a blockchain-enabled decentralized smart public safety system. Smart Cities. 2020;3(3):928\u201351.","journal-title":"Smart Cities"},{"key":"56_CR20","doi-asserted-by":"crossref","unstructured":"Xu R, Ramachandran GS, Chen Y, Krishnamachari B. Blendsm-ddm: blockchain-enabled secure microservices for decentralized data marketplaces. In: 2019 IEEE international smart cities conference (ISC2). IEEE; 2019. p. 14\u20137.","DOI":"10.1109\/ISC246665.2019.9071766"},{"key":"56_CR21","doi-asserted-by":"crossref","unstructured":"Xu R, Chen Y, Blasch E. Microchain: a light hierarchical consensus protocol for IoT systems. In: Blockchain Applications in IoT Ecosystem. Springer; 2021. p. 129\u201349.","DOI":"10.1007\/978-3-030-65691-1_9"},{"key":"56_CR22","doi-asserted-by":"crossref","unstructured":"Ali J, Ali T, Alsaawy Y, Khalid AS, Musa S. Blockchain-based smart-IoT trust zone measurement architecture. In: Proceedings of the International Conference on Omni-Layer Intelligent Systems; 2019. p. 152\u20137.","DOI":"10.1145\/3312614.3312646"},{"issue":"6","key":"56_CR23","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1109\/MWC.2017.1800116","volume":"25","author":"Y Yu","year":"2018","unstructured":"Yu Y, Li Y, Tian J, Liu J. Blockchain-based solutions to security and privacy issues in the internet of things. IEEE Wirel Commun. 2018;25(6):12\u20138.","journal-title":"IEEE Wirel Commun"},{"key":"56_CR24","doi-asserted-by":"crossref","unstructured":"Iannillo AK, State R. A proposal for security assessment of trustzone-m based software. In: 2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW). IEEE; 2019. p. 126\u201327.","DOI":"10.1109\/ISSREW.2019.00110"},{"key":"56_CR25","doi-asserted-by":"crossref","unstructured":"Dorri A, Kanhere SS, Jurdak R, Gauravaram P. Blockchain for IoT security and privacy: the case study of a smart home. In: 2017 IEEE international conference on pervasive computing and communications workshops (PerCom workshops). IEEE; 2017. p. 618\u201323.","DOI":"10.1109\/PERCOMW.2017.7917634"},{"key":"56_CR26","doi-asserted-by":"crossref","unstructured":"Sladovi\u0107 D, Topol\u010di\u0107 D, Delija D. Overview of Mac system security and its impact on digital forensics process. In2020 43rd International Convention on Information, Communication and Electronic Technology (MIPRO) 2020 Sep 28 (pp. 1236-1241). IEEE.","DOI":"10.23919\/MIPRO48935.2020.9245397"},{"key":"56_CR27","doi-asserted-by":"publisher","first-page":"102240","DOI":"10.1016\/j.sysarc.2021.102240","volume":"119","author":"Z Ling","year":"2021","unstructured":"Ling Z, Yan H, Shao X, Luo J, Xu Y, Pearson B, Fu X. Secure boot, trusted boot and remote attestation for arm trustzone-based IoT nodes. J Syst Archit. 2021;119:102240.","journal-title":"J Syst Archit"},{"key":"56_CR28","doi-asserted-by":"crossref","unstructured":"Guan L, Liu P, Xing X, Ge X, Zhang S, Yu M, Jaeger T. Trustshadow: secure execution of unmodified applications with arm trustzone. In: Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services; 2017. p. 488\u2013501.","DOI":"10.1145\/3081333.3081349"},{"key":"56_CR29","doi-asserted-by":"crossref","unstructured":"Pettersen R, Johansen HD, Johansen D. Secure edge computing with arm trustzone. In: IoTBDS; 2017. p. 102\u20139.","DOI":"10.5220\/0006308601020109"},{"key":"56_CR30","doi-asserted-by":"crossref","unstructured":"Lesjak C, Hein D, Winter J. Hardware-security technologies for industrial IoT: trustzone and security controller. In: IECON 2015-41st Annual Conference of the IEEE Industrial Electronics Society. IEEE; 2015. p. 002589\u201395.","DOI":"10.1109\/IECON.2015.7392493"},{"key":"56_CR31","doi-asserted-by":"crossref","unstructured":"Pass R, Shi E, Tramer F. Formal abstractions for attested execution secure processors. In Advances in Cryptology\u2013EUROCRYPT 2017: 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30\u2013May 4, 2017, Proceedings, Part I 36 2017 (pp. 260-289). Springer International Publishing.","DOI":"10.1007\/978-3-319-56620-7_10"},{"key":"56_CR32","doi-asserted-by":"crossref","unstructured":"Yampolskiy M, Andel TR, McDonald JT, Glisson WB, Yasinsac A. Intellectual property protection in additive layer manufacturing: Requirements for secure outsourcing. In: Proceedings of the 4th Program Protection and Reverse Engineering Workshop. IEEE; 2014. p. 1\u20132.","DOI":"10.1145\/2689702.2689709"},{"key":"56_CR33","doi-asserted-by":"crossref","unstructured":"Li H, Xu X, Ren J, Dong Y. ACRN: A big little hypervisor for IoT development. In: Proceedings of the 15th ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments; 2019. p. 31\u201344.","DOI":"10.1145\/3313808.3313816"},{"key":"56_CR34","doi-asserted-by":"crossref","unstructured":"Khazaei H, Bannazadeh H, Leon-Garcia A. Savi-IoT: a self-managing containerized IoT platform. In: 2017 IEEE 5th international conference on future Internet of Things and Cloud (FiCloud). IEEE; 2017. p. 227\u201334","DOI":"10.1109\/FiCloud.2017.27"},{"issue":"2","key":"56_CR35","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1109\/MCOM.2018.1701047","volume":"57","author":"RT Tiburski","year":"2019","unstructured":"Tiburski RT, Moratelli CR, Johann SF, Neves MV, de Matos E, Amaral LA, Hessel F. Lightweight security architecture based on embedded virtualization and trust mechanisms for IoT edge devices. IEEE Commun Mag. 2019;57(2):67\u201373.","journal-title":"IEEE Commun Mag"},{"issue":"7","key":"56_CR36","first-page":"3996","volume":"34","author":"P Prajapati","year":"2022","unstructured":"Prajapati P, Shah P. A review on secure data deduplication: Cloud storage security issue. J King Saud University-Computer Info Sci. 2022;34(7):3996-4007.","journal-title":"J King Saud University-Computer Info Sci."},{"key":"56_CR37","unstructured":"Rowland MM, Hafer JM, Naylor BJ, Hobson J, Stratton A, Chapman J, Wisdom MJ, Vales D, Coe PK, Cook JG, Cook RC. User Guidelines for Westside Elk Nutrition and Habitat-use Models. 2022"}],"container-title":["Discover Internet of Things"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s43926-024-00056-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s43926-024-00056-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s43926-024-00056-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,27]],"date-time":"2024-04-27T13:24:21Z","timestamp":1714224261000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s43926-024-00056-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,27]]},"references-count":37,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2024,12]]}},"alternative-id":["56"],"URL":"https:\/\/doi.org\/10.1007\/s43926-024-00056-7","relation":{"has-preprint":[{"id-type":"doi","id":"10.21203\/rs.3.rs-3417345\/v1","asserted-by":"object"}]},"ISSN":["2730-7239"],"issn-type":[{"value":"2730-7239","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,4,27]]},"assertion":[{"value":"6 October 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 April 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"27 April 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"4"}}