SecureSense: End-to-end secure communication architecture for the cloud-connected Internet of Things
| Autor: | Shahid Raza, Panos Papadimitratos, Thiemo Voigt, Tómas Helgason |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
IoT
Computer and Information Sciences Computer Networks and Communications computer.internet_protocol Computer science Experimental evaluation Internet of Things Cloud computing 02 engineering and technology Computer security computer.software_genre Communications system Constrained Application Protocol Datagram Transport Layer Security DTLS End-to-end principle Secure communication Clouds 0202 electrical engineering electronic engineering information engineering Network protocols End-to-end secure communications Architecture Internet protocols business.industry Network architecture Data- och informationsvetenskap 020206 networking & telecommunications Network security Interoperability Wireless sensor networks Constrained Application Protocol (CoAP) Hardware and Architecture CoAP Security Asymmetric cryptography 020201 artificial intelligence & image processing Communication architectures business Cloud Wireless sensor network computer Software Computer network |
| Zdroj: | Future Generation Computer Systems. 77:40-51 |
| ISSN: | 0167-739X |
| DOI: | 10.1016/j.future.2017.06.008 |
| Popis: | Constrained Application Protocol (CoAP) has become the de-facto web standard for the IoT. Unlike traditional wireless sensor networks, Internet-connected smart thing deployments require security. CoAP mandates the use of the Datagram TLS (DTLS) protocol as the underlying secure communication protocol. In this paper we implement DTLS-protected secure CoAP for both resource-constrained IoT devices and a cloud backend and evaluate all three security modes (pre-shared key, raw-public key, and certificate-based) of CoAP in a real cloud-connected IoT setup. We extend SicsthSense– a cloud platform for the IoT– with secure CoAP capabilities, and compliment a DTLS implementation for resource-constrained IoT devices with raw-public key and certificate-based asymmetric cryptography. To the best of our knowledge, this is the first effort toward providing end-to-end secure communication between resource-constrained smart things and cloud back-ends which supports all three security modes of CoAP both on the client side and the server side. SecureSense– our End-to-End (E2E) secure communication architecture for the IoT– consists of all standard-based protocols, and implementation of these protocols are open source and BSD-licensed. The SecureSense evaluation benchmarks and open source and open license implementation make it possible for future IoT product and service providers to account for security overhead while using all standardized protocols and while ensuring interoperability among different vendors. The core contributions of this paper are: (i) a complete implementation for CoAP security modes for E2E IoT security, (ii) IoT security and communication protocols for a cloud platform for the IoT, and (iii) detailed experimental evaluation and benchmarking of E2E security between a network of smart things and a cloud platform. Funding details: VINNOVA; Funding text: This research has partly been funded by the Strategic Innovation Program for Internet of Things (SIP-IoT), a joint venture of VINNOVA, Formas och Energimyndigheten; and partly by the EU H2020 project NobelGrid under grant no. 646184.CEBOT;NOBELGRIDVINNOVA;EU, Horisont 2020 |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Full Text from ScienceDirect