{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,28]],"date-time":"2026-02-28T04:22:58Z","timestamp":1772252578459,"version":"3.50.1"},"reference-count":25,"publisher":"MDPI AG","issue":"8","license":[{"start":{"date-parts":[[2020,8,18]],"date-time":"2020-08-18T00:00:00Z","timestamp":1597708800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Ministry of Defence","award":["N\/A"],"award-info":[{"award-number":["N\/A"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"<jats:p>This paper examines dynamic identity, as it pertains to the Internet of Things (IoT), and explores the practical implementation of a mitigation technique for some of the key weaknesses of a conventional dynamic identity model. This paper explores human-centric and machine-based observer approaches for confirming device identity, permitting automated identity confirmation for deployed systems. It also assesses the advantages of dynamic identity in the context of identity revocation permitting secure change of ownership for IoT devices. The paper explores use-cases for human and machine-based observation for authentication of device identity when devices join a Command and Control(C2) network, and considers the relative merits for these two approaches for different types of system.<\/jats:p>","DOI":"10.3390\/fi12080138","type":"journal-article","created":{"date-parts":[[2020,8,18]],"date-time":"2020-08-18T11:15:27Z","timestamp":1597749327000},"page":"138","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Enabling the Secure Use of Dynamic Identity for the Internet of Things\u2014Using the Secure Remote Update Protocol (SRUP)"],"prefix":"10.3390","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3438-3981","authenticated-orcid":false,"given":"Andrew John","family":"Poulter","sequence":"first","affiliation":[{"name":"Faculty of Engineering and the Environment, University of Southampton, Southampton SO17 1BJ, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3864-7072","authenticated-orcid":false,"given":"Steven J.","family":"Ossont","sequence":"additional","affiliation":[{"name":"Faculty of Engineering and the Environment, University of Southampton, Southampton SO17 1BJ, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Simon J.","family":"Cox","sequence":"additional","affiliation":[{"name":"Faculty of Engineering and the Environment, University of Southampton, Southampton SO17 1BJ, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2020,8,18]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Poulter, A.J., Johnst, S.J., and Cox, S.J. (2016, January 12\u201314). SRUP: The Secure Remote Update Protocol. Proceedings of the 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), Reston, VA, USA.","DOI":"10.1109\/WF-IoT.2016.7845397"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Poulter, A.J., Johnston, S.J., and Cox, S.J. (2017). Extensions and Enhancements to \u201cthe Secure Remote Update Protocol\u201d. Future Internet, 9.","DOI":"10.20944\/preprints201709.0136.v1"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Degano, P., Etalle, S., and Guttman, J. (2011). A Formal Analysis of Authentication in the TPM. Formal Aspects of Security and Trust, Springer.","DOI":"10.1007\/978-3-642-19751-2"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Suh, G.E., and Devadas, S. (2007, January 4\u20138). Physical Unclonable Functions for Device Authentication and Secret Key Generation. Proceedings of the 2007 44th ACM\/IEEE Design Automation Conference, San Diego, CA, USA.","DOI":"10.1109\/DAC.2007.375043"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"136","DOI":"10.1038\/423136a","article-title":"Flexible active-matrix electronic ink display","volume":"423","author":"Chen","year":"2003","journal-title":"Nature"},{"key":"ref_6","unstructured":"(2007). Information Technology\u2014Automatic Identification and Data Capture Techniques\u2014Code 128 Bar Code Symbology Specification, International Organization for Standardization. Technical Report ISO\/IEC 15417:2007."},{"key":"ref_7","unstructured":"(2006). Information Technology\u2014Automatic Identification and Data Capture Techniques\u2014Data Matrix Bar Code Symbology Specification, International Organization for Standardization. Technical Report ISO\/IEC 16022:2006."},{"key":"ref_8","unstructured":"Leach, P.J., Mealling, M., and Salz, R. (2020, August 18). A Universally Unique IDentifier (UUID) URN Namespace. Available online: https:\/\/www.hjp.at\/doc\/rfc\/rfc4122.html."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Kulshreshtha, R., Kamboj, A., and Singh, S. (2012). Decoding robustness performance comparison for QR and data matrix code. CCSEIT \u201912: Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology, Coimbatore, India, 26\u201328 October 2012, Association for Computing Machinery.","DOI":"10.1145\/2393216.2393337"},{"key":"ref_10","unstructured":"Hudson, L., Kursancew, V., and Weston, J. (2020, August 18). Pylibdmtx. Available online: https:\/\/github.com\/NaturalHistoryMuseum\/pylibdmtx."},{"key":"ref_11","unstructured":"Hudson, L., and Newby, A. (2020, August 18). Pyzbar. Available online: https:\/\/github.com\/NaturalHistoryMuseum\/pyzbar."},{"key":"ref_12","unstructured":"Bluetooth Special Interest Group (2014). Specification of the Bluetooth System, Bluetooth Special Interest Group."},{"key":"ref_13","unstructured":"802.15 WG\u2014Wireless Personal Area Network Working Group (2020). IEEE Approved Draft Standard for Low-Rate Wireless Networks, IEEE. Number IEEE 802.15.4-2020."},{"key":"ref_14","first-page":"1","article-title":"RFID (radio frequency identification): Principles and applications","volume":"2","author":"Weis","year":"2007","journal-title":"System"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Garcia, F.D., de Koning Gans, G., Muijrers, R., Van Rossum, P., Verdult, R., Schreur, R.W., and Jacobs, B. (2008, January 6\u20138). Dismantling MIFARE classic. Proceedings of the European Symposium on Research in Computer Security, M\u00e1laga, Spain.","DOI":"10.1007\/978-3-540-88313-5_7"},{"key":"ref_16","unstructured":"NFC Forum (2006). NFC Data Exchange Format (NDEF) Technical Specification, History."},{"key":"ref_17","unstructured":"NFC Forum Technical Specification (2008). SNEP: Simple NDEF Exchange Protcol, NFC Forum."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Lotito, A., and Mazzocchi, D. (2013, January 5). OPEN-SNEP project: Enabling P2P over NFC using NPP and SNEP. Proceedings of the 2013 5th International Workshop on Near Field Communication (NFC), Zurich, Switzerland.","DOI":"10.1109\/NFC.2013.6482447"},{"key":"ref_19","unstructured":"NXP Semiconductors B.V. (2017). PN532\/C1\u2014Near Field Communication (NFC) Controller, NXP Semiconductors B.V."},{"key":"ref_20","unstructured":"Microchip Technology Inc. (2016). ATmega16U4\/ATmega32U4\u20148-Bit Microcontroller with 16\/32K Bytes of ISP Flash and USB Controller, Microchip Technology Inc."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"El-hajj, M., Fadlallah, A., Chamoun, M., and Serhrouchni, A. (2019). A Survey of Internet of Things (IoT) Authentication Schemes. Sensors, 19.","DOI":"10.3390\/s19051141"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Bradley, J., Denniss, W., Tschofenig, H., and Jones, M. (2020, August 18). OAuth 2.0 Device Authorization Grant. Available online: https:\/\/tools.ietf.org\/html\/rfc8628.","DOI":"10.17487\/RFC8628"},{"key":"ref_23","unstructured":"Hardt, D. (2020, August 18). The OAuth 2.0 Authorization Framework. Available online: https:\/\/tools.ietf.org\/html\/rfc6749."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"2710","DOI":"10.1016\/j.adhoc.2013.05.003","article-title":"DTLS Based Security and Two-Way Authentication for the Internet of Things","volume":"11","author":"Kothmayr","year":"2013","journal-title":"Ad Hoc Netw."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Poulter, A.J., Johnston, S.J., and Cox, S.J. (2019, January 15\u201318). pySRUP\u2014Simplifying Secure Communications for Command Control in the Internet of Things. Proceedings of the 2019 IEEE 5th World Forum on Internet of Things (WF-IoT), Limerick, Ireland.","DOI":"10.1109\/WF-IoT.2019.8767205"}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/12\/8\/138\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T10:02:33Z","timestamp":1760176953000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/12\/8\/138"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,18]]},"references-count":25,"journal-issue":{"issue":"8","published-online":{"date-parts":[[2020,8]]}},"alternative-id":["fi12080138"],"URL":"https:\/\/doi.org\/10.3390\/fi12080138","relation":{"has-preprint":[{"id-type":"doi","id":"10.20944\/preprints202007.0513.v1","asserted-by":"object"}]},"ISSN":["1999-5903"],"issn-type":[{"value":"1999-5903","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,8,18]]}}}