A Methodology for Secure Remote Deployment of Internet of Things Devices Based on Cryptographic Authentication
Keywords:
Internet of Things, secure deployment, cryptographic authentication, remote attestation, firmware update, device provisioning, decentralized trust, secure onboarding, IoT security, certificate-based identityAbstract
The article is dedicated to the development of a methodological framework for secure remote deployment of Internet of Things devices based on cryptographic authentication. The relevance of the study is determined by the expansion of distributed IoT infrastructures, the growing dependence of industrial and service environments on remote device administration, and the rising exposure of connected endpoints to impersonation, firmware tampering, unauthorized enrollment, and trust-chain disruption. The scientific novelty lies in the integrated interpretation of remote deployment as a multi-phase cryptographic lifecycle rather than as an isolated provisioning event. The work describes the structural logic of identity provisioning, attestation-assisted trust establishment, secure channel creation, authenticated firmware distribution, and decentralized verification. Special attention is paid to hardware-backed onboarding, software-based attestation for constrained and legacy devices, segmented update delivery, and distributed trust validation. The work sets itself the goal of systematizing architectural and security principles that shape contemporary approaches to protected remote IoT deployment. To solve this task, comparative analysis, source synthesis, structural interpretation, and analytical generalization were used. The conclusion describes the transition toward lifecycle-oriented security models. The article will be useful for researchers, system architects, and engineers working with secure IoT infrastructures.
References
[1]. Sousa, P. R., Magalhães, L., Resende, J. S., Martins, R., & Antunes, L. (2021). Provisioning, authentication, and secure communications for IoT devices on FIWARE. Sensors, 21(17), 5898. https://doi.org/10.3390/s21175898
[2]. Ankergård, S. F. J. J., Dushku, E., & Dragoni, N. (2021). State-of-the-art software-based remote attestation: Opportunities and open issues for Internet of Things. Sensors, 21(5), 1598. https://doi.org/10.3390/s21051598
[3]. Gómez-Marín, E., Parrilla, L., Mauro, G., Escobar-Molero, A., Morales, D. P., & Castillo, E. (2022). RESEKRA: Remote enrollment using sealed keys for remote attestation. Sensors, 22(13), 5060. https://doi.org/10.3390/s22135060
[4]. Catuogno, L., & Galdi, C. (2023). Secure firmware update: Challenges and solutions. Cryptography, 7(2), 30. https://doi.org/10.3390/cryptography7020030
[5]. Dirin, A., Oliver, I., & Laine, T. H. (2023). A security framework for increasing data and device integrity in Internet of Things systems. Sensors, 23(17), 7532. https://doi.org/10.3390/s23177532
[6]. Oktian, Y. E., Le, T.-T.-H., Jo, U., Laksmono, A. M. A., & Kim, H. (2024). Secure decentralized firmware update delivery service for Internet of Things. Internet of Things, 26, 101136. https://doi.org/10.1016/j.iot.2024.101136
[7]. Yohan, A., Lo, N. W., & Santoso, L. P. (2025). A robust and efficient blockchain-based framework for updating firmware in IoT environments. Peer-to-Peer Networking and Applications, 18, 207. https://doi.org/10.1007/s12083-025-02031-7
[8]. Heeger, D., Garigan, M., Tsiropoulou, E., & Plusquellic, J. (2021). Secure LoRa firmware update with adaptive data rate techniques. Sensors, 21(7), 2384. https://doi.org/10.3390/s21072384
[9]. Mahfoudhi, F., Sultania, A. K., & Famaey, J. (2022). Over-the-air firmware updates for constrained NB-IoT devices. Sensors, 22(19), 7572. https://doi.org/10.3390/s22197572
[10]. Gu, J., Lee, S.-S., & Kang, H. (2024). DSME-FOTA: Firmware over-the-air update framework for IEEE 802.15.4 DSME MAC to enable large-scale multi-hop industrial IoT networks. Internet of Things, 27, 101239. https://doi.org/10.1016/j.iot.2024.101239
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Kydiuk Oleksandr
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who submit papers with this journal agree to the following terms.
