Evaluating the use of TLS and DTLS protocols in IoT middleware systems applied to E-health

The evolution of the Internet of Things (IoT) has brought new security requirements in terms of communication services with respect to data transmitted in mobile networks. Although IoT middleware systems have been used to cope with the most relevant requirements demanded by different IoT applications, security is a special topic that is not mature enough in this kind of technology. E-health is an example of environment that exposes sensitive data. The security challenges regarding e-health applications are concentrated mainly on issues surrounding the communication layer, specially those cases where data are transmitted over insecure networks. TLS and DTLS protocols have been chosen by most of the existing IoT systems in order to protect such communications. However, none of them was designed to be used in IoT situations. In addition, none of the existing works analyzes their suitability to the IoT regarding the usage of mobile networks, which are common in real-world scenarios of e-health. In this paper, we analyze the use of TLS and DTLS protocols in IoT middleware systems applied to the e-health environment regarding performance (i.e., response time), overhead, network latency and packet loss when operating in mobile networks. We evaluated both protocols through a specific e-health scenario. Tests revealed the usage of mobile networks increases response time and overhead of both protocols, on average, when compared to traditional networks.

[1]  Frank Golatowski,et al.  SIRENA - Service Infrastructure for Real-time Embedded Networked Devices: A service oriented framework for different domains , 2006, International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06).

[2]  Fabiano Hessel,et al.  Cooperative middleware platform as a service for internet of things applications , 2015, SAC.

[3]  Georg Carle,et al.  A DTLS based end-to-end security architecture for the Internet of Things with two-way authentication , 2012, 37th Annual IEEE Conference on Local Computer Networks - Workshops.

[4]  Hannes Tschofenig,et al.  Securing the Internet of Things: A Standardization Perspective , 2014, IEEE Internet of Things Journal.

[5]  Maurizio A. Spirito,et al.  The VIRTUS Middleware: An XMPP Based Architecture for Secure IoT Communications , 2012, 2012 21st International Conference on Computer Communications and Networks (ICCCN).

[6]  Fabiano Hessel,et al.  The importance of a standard securit y archit ecture for SOA-based iot middleware , 2015, IEEE Communications Magazine.

[7]  Paul Fremantle,et al.  A security survey of middleware for the Internet of Things , 2015 .

[8]  Mohammed Hassan Alamri Securing the Constrained Application Protocol (CoAP) for the Internet of Things (IoT) , 2017 .

[9]  Athanasios V. Vasilakos,et al.  Security of the Internet of Things: perspectives and challenges , 2014, Wireless Networks.

[10]  Thiemo Voigt,et al.  6LoWPAN Compressed DTLS for CoAP , 2012, 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems.

[11]  Paul Fremantle,et al.  A security survey of middleware for the Internet of Things , 2015, PeerJ Prepr..

[12]  Andrzej Duda,et al.  DTLS performance in duty-cycled networks , 2015, 2015 IEEE 26th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC).

[13]  David Lake,et al.  Internet of Things: Architectural Framework for eHealth Security , 2014, J. ICT Stand..

[14]  Thiemo Voigt,et al.  Lithe: Lightweight Secure CoAP for the Internet of Things , 2013, IEEE Sensors Journal.

[15]  Sye Keoh,et al.  A Hitchhiker's Guide to the (Datagram) Transport Layer Security Protocol for Smart Objects and Constrained Node Networks , 2013 .

[16]  Carsten Bormann,et al.  The Constrained Application Protocol (CoAP) , 2014, RFC.

[17]  Eric Rescorla,et al.  Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[18]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[19]  Vlad Trifa,et al.  SOA-Based Integration of the Internet of Things in Enterprise Services , 2009, 2009 IEEE International Conference on Web Services.