Network‐layer security for the Internet of Things using TinyOS and BLIP

SUMMARY The design of standard communications and security mechanisms for resource-constrained sensing applications and devices may provide an important contribution for its integration with the Internet and consequently towards the realization of what we nowadays identify as the Internet of Things. This vision will only be realizable if appropriate security mechanisms are available, and in this context we target the design and experimental evaluation of security mechanisms for communications at the network-layer with sensing devices (smart objects) using the standard IPv6 protocol. Our work proposes and evaluates the usage of new compressed security headers for the network layer with smart objects. We implement and evaluate what is, as far as we know, the first proposal of security at the network layer experimentally evaluated using the TinyOS operating system and its networking stack. As we verify in the course of our evaluation study, various scenarios employing network-layer secure communications involving smart objects are feasible, particularly when security mechanisms are designed to benefit from cross-layer interactions that allow the optimization of expensive cryptographic operations. Copyright © 2012 John Wiley & Sons, Ltd.

[1]  Cristina Alcaraz,et al.  Key management systems for sensor networks in the context of the Internet of Things , 2011, Comput. Electr. Eng..

[2]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[3]  Jorge Sá Silva,et al.  Enabling Network-Layer Security on IPv6 Wireless Sensor Networks , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[4]  Cheryl Madson,et al.  The Use of HMAC-SHA-1-96 within ESP and AH , 1998, RFC.

[5]  Young-Joo Kim,et al.  SSL-Based Lightweight Security of IP-Based Wireless Sensor Networks , 2009, 2009 International Conference on Advanced Information Networking and Applications Workshops.

[6]  David E. Culler,et al.  IP is dead, long live IP for wireless sensor networks , 2008, SenSys '08.

[7]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[8]  Fernando Boavida,et al.  Why is IPSec a viable option for wireless sensor networks , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[9]  Pascal Thubert,et al.  Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks , 2011, RFC.

[10]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[11]  Jorge Sá Silva,et al.  A secure interconnection model for IPv6 enabled wireless sensor networks , 2010, 2010 IFIP Wireless Days.

[12]  Vipul Gupta,et al.  Sizzle: A Standards-Based End-to-End Security Architecture for the Embedded Internet (Best Paper) , 2005, PerCom.

[13]  Jonathan Loo,et al.  6LoWPAN: a study on QoS security threats and countermeasures using intrusion detection system approach , 2012, Int. J. Commun. Syst..

[14]  Utz Roedig,et al.  Securing communication in 6LoWPAN with compressed IPsec , 2011, 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS).

[15]  Kang Yen,et al.  Sensor network security: a survey , 2009, IEEE Communications Surveys & Tutorials.

[16]  Gabriel Montenegro,et al.  IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals , 2007, RFC.

[17]  Hung-Yu Chien,et al.  Server‐less RFID authentication and searching protocol with enhanced security , 2012, Int. J. Commun. Syst..

[18]  Donald E. Eastlake rd Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH) , 2005 .

[19]  Russ Housley,et al.  Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP) , 2004, RFC.

[20]  Sheila Frankel,et al.  The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec , 2003, RFC.

[21]  Philippas Tsigas,et al.  ContikiSec: A Secure Network Layer for Wireless Sensor Networks under the Contiki Operating System , 2009, NordSec.

[22]  JeongGil Ko,et al.  Connecting low-power and lossy networks to the internet , 2011, IEEE Communications Magazine.

[23]  Joel J. P. C. Rodrigues,et al.  Routing and mobility approaches in IPv6 over LoWPAN mesh networks , 2011, Int. J. Commun. Syst..

[24]  Joel J. P. C. Rodrigues,et al.  A survey on IP‐based wireless sensor network solutions , 2010, Int. J. Commun. Syst..

[25]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[26]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.