Design of Secure IoT Platform for Smart Home System

The purpose of this research is to produce a design of secure IoT platform for the smart home system. The main security challenges of IoT system lies on the sensing layer that consists of small devices that have many limitations such as battery life, computational power, and storage. In this research, we propose a security scheme to secure the sensing layer using hybrid cryptosystem. Data communication between sensor devices and local gateway is secured with ECDH for key exchange and AES for the encryption-decryption process. Since ECDH does not have authentication process that makes it vulnerable to MITM attack, we propose ECDH with identity-based authentication over Bluetooth to overcome this issue. The AES key is derived from ECDH shared secret key using the PBKDF2 function. Data communication from local gateway to home router and cloud servers, and between the cloud server and user end-point is transferred over HTTPS protocol.

[1]  Ricardo Neisse,et al.  Security and privacy issues for an IoT based smart home , 2017, 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO).

[2]  Muhammad Usman,et al.  SIT: A Lightweight Encryption Algorithm for Secure Internet of Things , 2017, ArXiv.

[3]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[4]  Jiguo Yu,et al.  IoT Applications on Secure Smart Shopping System , 2017, IEEE Internet of Things Journal.

[5]  Longfei Wu,et al.  A Survey on Security and Privacy Issues in Internet-of-Things , 2017, IEEE Internet of Things Journal.

[6]  Niraj K. Jha,et al.  A Comprehensive Study of Security of Internet-of-Things , 2017, IEEE Transactions on Emerging Topics in Computing.

[7]  Sandeep K. Sood,et al.  An Energy-Efficient Architecture for the Internet of Things (IoT) , 2017, IEEE Systems Journal.

[8]  Ravi Kishore Kodali,et al.  ECDH based security model for IoT using ESP8266 , 2016, 2016 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT).

[9]  M. Chuah,et al.  IoTOne: Integrated platform for heterogeneous IoT devices , 2017, 2017 International Conference on Computing, Networking and Communications (ICNC).

[10]  Young-Gab Kim,et al.  Secure IoT Platform for Industrial Control Systems , 2017, 2017 International Conference on Platform Technology and Service (PlatCon).

[11]  Yoanes Bandung,et al.  Development of Key Exchange Protocol to Enhance Security of Voice over Internet Protocol on Mobile Phone , 2017 .

[12]  Alexander Kossiakoff,et al.  Systems Engineering Principles and Practice: Kossiakoff/Systems Engineering 2E , 2011 .

[13]  Jiguo Yu,et al.  A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes , 2016, 2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI).