Enhancing Internet of Things Security using Software-Defined Networking

Abstract Access control technologies are fundamental for addressing the security and privacy requirements of the Internet of Things (IoT). This paper proposes an access control solution for Constrained Application Protocol (CoAP)-based IoT services. The proposed solution considers a network of a single provider that interconnects various IoT endpoints. It leverages the Software-Defined Networking (SDN) paradigm and implements application aware policy enforcement at the network level. All operations are transparent to the IoT endpoints and no modifications are required to the IoT communication protocol. Furthermore, our solution is built on standard OpenFlow, hence it is realistic and it can be easily deployed to an existing network. We prove the feasibility of our solution through a proof of concept implementation using network emulation.

[1]  Stavros Papadopoulos,et al.  Runtime and Routing Security Policy Verification for Enhanced Quality of Service of IoT Networks , 2019, 2019 Global IoT Summit (GIoTS).

[2]  Nick Feamster,et al.  Procera: a language for high-level reactive network control , 2012, HotSDN '12.

[3]  Martín Casado,et al.  NOX: towards an operating system for networks , 2008, CCRV.

[4]  Mabry Tyson,et al.  FRESCO: Modular Composable Security Services for Software-Defined Networks , 2013, NDSS.

[5]  Spiros Spirou,et al.  Stateless multicast switching in software defined networks , 2016, 2016 IEEE International Conference on Communications (ICC).

[6]  Carsten Bormann,et al.  The Constrained Application Protocol (CoAP) , 2014, RFC.

[7]  Nick McKeown,et al.  A network in a laptop: rapid prototyping for software-defined networks , 2010, Hotnets-IX.

[8]  Sean Rivera,et al.  ROS-Defender: SDN-Based Security Policy Enforcement for Robotic Applications , 2019, 2019 IEEE Security and Privacy Workshops (SPW).

[9]  Jason P. Jue,et al.  All One Needs to Know about Fog Computing and Related Edge Computing Paradigms , 2019 .

[10]  Nikos Fotiou,et al.  Edge-ICN and its application to the Internet of Things , 2017, 2017 IFIP Networking Conference (IFIP Networking) and Workshops.

[11]  Nikos Fotiou,et al.  Edge-assisted Traffic Engineering and applications in the IoT , 2018, MECOMM@SIGCOMM.

[12]  Lei Xu,et al.  Towards SDN-Defined Programmable BYOD (Bring Your Own Device) Security , 2016, NDSS.

[13]  Giancarlo Succi,et al.  Authentication in cloud-driven IoT-based big data environment: Survey and outlook , 2019, J. Syst. Archit..

[14]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.

[15]  Adam J. Aviv,et al.  Enabling Practical Software-defined Networking Security Applications with OFX , 2016, NDSS.

[16]  Fernando A. Kuipers,et al.  SDN and Virtualization Solutions for the Internet of Things: A Survey , 2016, IEEE Access.

[17]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[18]  Nikos Fotiou,et al.  Smart application-aware IoT data collection , 2019, Journal of Reliable Intelligent Environments.

[19]  Byrav Ramamurthy,et al.  OpenSec: Policy-Based Security Using Software-Defined Networking , 2016, IEEE Transactions on Network and Service Management.

[20]  Byrav Ramamurthy,et al.  Network Innovation using OpenFlow: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[21]  Carsten Bormann,et al.  CoRE Resource Directory , 2019 .

[22]  Yonggang Wen,et al.  “ A Survey of Software Defined Networking , 2020 .