Securing Authentication and Authorization in Computing Continuum

In the era of Computing Continuum, secure and interoperable data sharing across heterogeneous environments is crucial. This research develops innovative cybersecurity components for the computing continuum, integrating the Authentication and Authorization for Constrained Environments (ACE) framework, Ephemeral Diffie-Hellman Over COSE (EDHOC) protocol, and Object Security for Constrained RESTful Environments (OSCORE) protocol. The study focuses on designing, implementing, and evaluating a security model for data sharing across resource-constrained IoT devices, edge nodes, and cloud platforms. The proposed model combines ACE for authentication and authorization, EDHOC for secure key exchange, and OSCORE for message security. This profile enables seamless and secure data sharing across the computing continuum, from Internet of Things (IoT) devices to cloud servers, addressing the unique challenges of distributed computing environments. By facilitating the delegation of authorization management to less constrained trusted hosts, the work optimizes resource utilization while maintaining robust security across the entire continuum.