| Popis: |
The Internet of Things (IoT) has become one of the most attractive domains nowadays. It works by creating a special network between physical devices such as vehicles, home equipment, and other items. In recent days, the common technologies of communication such as Wi-Fi and 2G/3G/4G cellular networks are insufficient for IoT networks because they are designed to serve appliances with immense processing capabilities such as laptops and PCs. Moreover, most of these technologies are centralized and use an existing infrastructure. Currently, new communication technologies such as Z-Wave, 6LowPAN, and Thread are dedicated to the IoT and have been developed to meet its requirements. These technologies can handle many factors such as range, data requirements, security, power demands, and battery life. Nevertheless, the security issues in IoT systems have major concerns and issues because vulnerabilities in such systems may result in fatal catastrophes. In this paper, an enhanced IoT security framework for authentication and authorization is proposed and implemented to protect the IoT protocols from different types of attacks such as man-in-the-middle attacks, reply attacks, and brute force attacks. The proposed framework combines an enhanced token authentication that has identity verification capabilities and a new sender verification mechanism on the IoT device side based on time stamps, which in turn can mitigate the need for local identity verification methods in IoT devices. The proposed IoT security framework was tested using security analysis with different types of attacks compared with previous related frameworks. The analysis shows the high capability of the proposed framework to protect IoT networks against many types of attacks compared with the currently available security frameworks. Finally, the proposed framework was developed using Windows applications to simulate the framework phases, check its validity through the real network, and calculate the payload time added. |
