ABSTRACT
In this paper we present a lightweight security scheme for authentication and key management to establish a secure channel for Intelligent Transportation System (ITS) for an IoT (Internet of Things) application. We choose Constrained Application Protocol (CoAP) as lightweight application layer protocol. Low overhead security is still an open challenge for CoAP. We propose a payload embedded low cost symmetric-key based robust authentication and key management mechanism on CoAP. This minimizes the security overhead by eliminating expensive handshaking and ciphersuite agreement of standard TLS and DTLS. We propose some unique modification in the CoAP header to invoke its secure mode in an optimized manner. Further, we propose a secure channel with adaptive reliability which reduces the overall communication cost. Such a low overhead security scheme for CoAP is hitherto unexplored. The efficacy of our proposed scheme is demonstrated through laboratory experiments in an emulated environment.
- Colitti, W. Steenhaut, K. and Caro, N. D. Integrating Wireless Sensor Networks with Web Applications. In Proc. IPSN (2011).Google Scholar
- Ukil, A. Context protecting privacy preservation in ubiquitous computing. In Proc. Computer Information Systems and Industrial Management Applications (CISIM 2010), IEEE (2010), 273--278.Google ScholarCross Ref
- Li, Y. Li, J. Ren, J. and Wu, J. Providing hop-by-hop authentication and source privacy in wireless sensor networks. In Proc. INFOCOM 2012, IEEE (2012), 3071--3075.Google Scholar
- Mare, S. Sorber, J. Shin, M. Cornelius, C. Kotz, D. Adaptlite: privacy-aware, secure, and efficient mhealth sensing. In Proc. WPES 2011, ACM Press (2011), 137--142. Google ScholarDigital Library
- Shelby, Z. Hartke, K. and Bormann, C. Constrained Application Protocol (CoAP), draft-ietf-core-coap-18, 28 June, 2013.Google Scholar
- Bandyopadhyay, S. and Bhattacharyya, A. Lightweight Internet protocols for web enablement of sensors using constrained gateway devices. In Proc. International Conference on Computing, Networking and Communications (ICNC), 2013, San Diego, CA, IEEE (2013), 334--340. Google ScholarDigital Library
- Bandyopadhyay, S. and Bhattacharyya, A. Energy Efficient Sensor Data Distribution Using Mobile Phone in Cyber-Physical-System. In Proc. 14th International Conference on Distributed Computing and Networking (ICDCN), 2013, Mumbai, India.Google Scholar
- Moskowitz, R. HIP Diet EXchange (DEX), IETF draft-moskowitz-hip-rg-dex-01, July 7, 2010.Google Scholar
- Eronen, P. and Tschofenig, H. (Editors) Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) (RFC 4279).Google Scholar
- Modadugu, N. and Rescorla, E. The Design and Implementation of Datagram TLS. In Proc. NDSS (2004).Google Scholar
- Hartke, K. and Bergmann, O. Datagram Transport Layer Security in Constrained Environments. draft-hartke-core-codtls-01 (2012). http://www.ietf.org/proceedings/83/slides/slides-83-lwig-2.pdfGoogle Scholar
- Zenner, E. Nonce Generators and the Nonce Reset Problem. In Proc. 12th International Security Conference (ISC 2009), 411--426. Google ScholarDigital Library
- Needham, R. M.; Schroeder, M. D. Authentication revisited. In ACM SIGOPS Operating Systems Review 21 (1), Jan 1987. doi:10.1145/24592.24593. Google ScholarDigital Library
- Lindell, Y. Foundations of Cryptography. Dept. of Computer Science Bar-Ilan University, Israel (2010).Google Scholar
- Boneh, D. Stanford University, 2012, http://crypto.stanford.edu/~dabo/cs255/lectures/PRP-PRF.pdf.Google Scholar
- http://www.digi.com/products/wireless-routers-gateways/routinggateways/connectportx5#overview.Google Scholar
- Kalitay, H. K. and Nambiarz, M. K. Designing WANem: A Wide Area Network Emulator tool. In proc. 3rd International Conference on Communication Systems and Networks (COMSNETS), 2011.Google ScholarCross Ref
- Ukil, A. Security and Privacy in Wireless Sensor Networks. In Book Smart Wireless Sensor Networks, Intechweb Press (2010), 395--418.Google Scholar
- Bandyopadhyay, S. Bhattacharyya, A. and Pal, A. 2013. Poster Abstract: Adapting Sensed Indication for Vehicular Analytics. In proc. SenSys, Nov 11--15 2013, Roma, Italy (to appear)Google Scholar
- Ukil, A. Sen, J. and Koilakonda, S. 2011. Embedded Security for Internet of Things. In Proc. 2nd IEEE National Conference on Emerging Trends and Applications in Computer Science (NCETACS), 2011, India.Google Scholar
Index Terms
- Lightweight security scheme for vehicle tracking system using CoAP
Recommendations
REST-ful CoAP Message Authentication
SIOT '15: Proceedings of the 2015 International Workshop on Secure Internet of ThingsOne core technology for implementing and integrating the architectural principles of REST into the Internet of Things (IoT) is CoAP, a REST-ful application protocol for constrained networks and devices. Since CoAP defaults to UDP as transport protocol, ...
SecureSense
Constrained Application Protocol (CoAP) has become the de-facto web standard for the IoT. Unlike traditional wireless sensor networks, Internet-connected smart thing deployments require security. CoAP mandates the use of the Datagram TLS (DTLS) protocol ...
Security threats and countermeasures on the internet of things
Internet of things (IoT) refers to intelligent technologies and services that connect all objects based on the internet to communicate information between people and things, things and systems. However, these IoT-based devices are exposed to many security ...
Comments