IoT–Cloud collaboration to establish a secure connection for lightweight devices

Internet of Things (IoT) technologies allow everyday objects including small devices in sensor networks to be capable of connecting to the Internet. Such an innovative technology can lead to positive changes in human life. However, if there is no proper security mechanism, private and sensitive data around humans can be revealed to the public Internet. In this aspect, this paper considers security issues of the IoT. In particular, we focus on various challenges in deploying Datagram Transport Layer Security (DTLS) protocol into a resource constrained environment. DTLS provides secure communication with UDP-based applications the same as TLS does for TCP-based applications. Several standard organizations such as IETF, oneM2M and OMA recommend using the DTLS as a default secure scheme for CoAP which is a new standard specified for resource-constrained environments. To find a practical way to deploy the DTLS in such a constrained IoT environments, we propose an IoT–Cloud collaboration system, where DTLS handshake delegation is the main component. We also implement and evaluate the proposed system in our real IoT testbed, where constrained devices are interconnected with each other in a multi-hop fashion. Evaluation results show that the proposed scheme dramatically reduces DTLS handshake latency, implementation code size and energy consumption.

[1]  Namhi Kang,et al.  Security Key configuration for resource constrained devices , 2014 .

[2]  Utz Roedig,et al.  Securing Internet of Things with Lightweight IPsec , 2010 .

[3]  Georg Carle,et al.  DTLS based security and two-way authentication for the Internet of Things , 2013, Ad Hoc Networks.

[4]  Carsten Bormann,et al.  Terminology for Constrained-Node Networks , 2014, RFC.

[5]  Klaus Wehrle,et al.  Towards viable certificate-based authentication for the internet of things , 2013, HotWiSec '13.

[6]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[7]  Hannes Tschofenig,et al.  Securing the Internet of Things: A Standardization Perspective , 2014, IEEE Internet of Things Journal.

[8]  Sushil Jajodia,et al.  Practical broadcast authentication in sensor networks , 2005, The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services.

[9]  Nirvana Meratnia,et al.  2nd Joint ERCIM eMobility and MobiSense Workshop , 2012 .

[10]  Hanno Wirtz,et al.  6LoWPAN fragmentation attacks and mitigation mechanisms , 2013, WiSec '13.

[11]  Stefano Chessa,et al.  Wireless sensor networks: A survey on the state of the art and the 802.15.4 and ZigBee standards , 2007, Comput. Commun..

[12]  Carsten Bormann,et al.  Secure bootstrapping of nodes in a CoAP network , 2012, 2012 IEEE Wireless Communications and Networking Conference Workshops (WCNCW).

[13]  T. Newe,et al.  Security Protocols for Use with Wireless Sensor Networks: A Survey of Security Architectures , 2007, 2007 Third International Conference on Wireless and Mobile Communications (ICWMC'07).

[14]  Adam Dunkels,et al.  Powertrace: Network-level Power Profiling for Low-power Wireless Networks , 2011 .

[15]  Thiemo Voigt,et al.  Lithe: Lightweight Secure CoAP for the Internet of Things , 2013, IEEE Sensors Journal.

[16]  Eric Rescorla,et al.  Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[17]  Zach Shelby,et al.  Constrained RESTful Environments (CoRE) Link Format , 2012, RFC.

[18]  Óscar García-Morchón,et al.  End-to-End Transport Security in the IP-Based Internet of Things , 2012, 2012 21st International Conference on Computer Communications and Networks (ICCCN).

[19]  Matthias Kovatsch,et al.  Californium: Scalable cloud services for the Internet of Things with CoAP , 2014, 2014 International Conference on the Internet of Things (IOT).

[20]  Daeyoung Kim,et al.  SNAIL: an IP-based wireless sensor network approach to the internet of things , 2010, IEEE Wireless Communications.

[21]  Luca Mainetti,et al.  Evolution of wireless sensor networks towards the Internet of Things: A survey , 2011, SoftCOM 2011, 19th International Conference on Software, Telecommunications and Computer Networks.

[22]  Ilias Maglogiannis,et al.  Bringing IoT and Cloud Computing towards Pervasive Healthcare , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.