SeMIBIoT: Secure Multi-Protocol Integration Bridge for the IoT (original) (raw)
Related papers
Modern IoT Architectures Review: A Security Perspective
—Internet of Things [IoT] enables a number of heterogeneous internet enabled devices to communicate through different protocols and network technologies. The last few years witnessed rapid improvements in different IoT fields e.g. smart energy, defense and public safety, smart farming and smart health. The heterogeneity nature of IoT is a key challenge against standardizations efforts, and hence the interoperability among IoT devices is reduced. In addition to interoperability problems, the limited capabilities hinder the application of security mechanisms. The recent research work focused on how to dynamically manage and secure IoT components across heterogeneous objects, transmission technologies, and networking architectures through proposing various IoT protocol stacks and security techniques. The need for standardized stack increases interoperability and applications development for human life. Many technologies such as software defined networks [SDN], Cloud, and Fog computing have integrated either to IoT applications or architectures to maintain and secure large-scale heterogeneous networks. In this paper, the most recent proposed IoT architectures and a fair discussion to their security benefits are presented and compared according to many factors such as QoS support for applications, security&privacy, mobility, and manageability.
Secure communication for smart IoT objects: Protocol stacks, use cases and practical examples
2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2012
In this paper we discuss security procedures for constrained IoT devices. We start with the description of a general security architecture along with its basic procedures, then discuss how its elements interact with the constrained communication stack and explore pros and cons of popular security approaches at various layers of the ISO/OSI model. We also discuss a practical example for the establishment of end-to-end secure channels between constrained and unconstrained devices. The proposed method is lightweight and allows the protection of IoT devices through strong encryption and authentication means, so that constrained devices can benefit from the same security functionalities that are typical of unconstrained domains, without however having to execute computationally intensive operations. To make this possible, we advocate using trusted unconstrained nodes for the offloading of computationally intensive tasks. Moreover, our design does not require any modifications to the protocol stacks of unconstrained nodes.
IJERT-A Survey of Protocols and End-To-End Security Models for Internet of Things
International Journal of Engineering Research and Technology (IJERT), 2021
https://www.ijert.org/a-survey-of-protocols-and-end-to-end-security-models-for-internet-of-things https://www.ijert.org/research/a-survey-of-protocols-and-end-to-end-security-models-for-internet-of-things-IJERTCONV9IS08022.pdf The Internet of Things (IoT) has brought in an era of ubiquitous computing through which Internet will reach practically everywhere with more number of machines using Internet than humans. This unprecedented increase of physical devices getting online poses both an economic revolution as well as threat to cyber security. The protocol stack for present Internet cannot perform efficiently on resource constrained embedded devices. Hence new protocols have been introduced through optimization and adaption of the classic protocols for enabling IPv6 communication on to the embedded sensors. IEEE 802.15.4 standard define the PHY and MAC layer for the resource constrained devices. 6LoWPAN is the adaptation layer that enables IPv6 communication on IEEE 802.15.4 devices. CoAP is the application layer protocol that interacts seamlessly with Hypertext Transfer Protocol (HTTP) for providing web services to constrained devices. Datagram Transport Layer Security rides over the CoAP to provide security at application layer. The security threats, with Internet of Things, have a deeper reach within out lives and hence end-to-end security of this protocol stack is of paramount importance. To this end, first this survey analyzes the protocol stack for resource constrained embedded devices forming Internet of Things. We then cover the security consideration in each protocol layer. Through this paper we present the analysis of the end-to-end security models proposed by researchers worldwide. This survey, as per best of our knowledge, is the first survey analyzing the end-to-end security models for Internet of Things.
A Survey of Protocols and End-To-End Security Models for Internet of Things
International journal of engineering research and technology, 2021
The Internet of Things (IoT) has brought in an era of ubiquitous computing through which Internet will reach practically everywhere with more number of machines using Internet than humans. This unprecedented increase of physical devices getting online poses both an economic revolution as well as threat to cyber security. The protocol stack for present Internet cannot perform efficiently on resource constrained embedded devices. Hence new protocols have been introduced through optimization and adaption of the classic protocols for enabling IPv6 communication on to the embedded sensors. IEEE 802.15.4 standard define the PHY and MAC layer for the resource constrained devices. 6LoWPAN is the adaptation layer that enables IPv6 communication on IEEE 802.15.4 devices. CoAP is the application layer protocol that interacts seamlessly with Hypertext Transfer Protocol (HTTP) for providing web services to constrained devices. Datagram Transport Layer Security rides over the CoAP to provide security at application layer. The security threats, with Internet of Things, have a deeper reach within out lives and hence end-to-end security of this protocol stack is of paramount importance. To this end, first this survey analyzes the protocol stack for resource constrained embedded devices forming Internet of Things. We then cover the security consideration in each protocol layer. Through this paper we present the analysis of the end-to-end security models proposed by researchers worldwide. This survey, as per best of our knowledge, is the first survey analyzing the end-to-end security models for Internet of Things.
ABAH EMMANUEL JOHN, 2018
ABSTARCT: Internet of Things (IoT) is made up of various technologies, which supports advanced services in various application domains. Security and privacy are a very important aspect for IoT application domains. These applications require data confidentiality, authenticity, integrity and access control within the IoT network. For users and things, security is achieved by enforcing the security and privacy policies. Due to the different standards and communication stacks involved in traditional security solutions, it cannot be directly applied to IoT technologies. In IoT number of interconnected devices is expected to increase tremendously hence scalability is the biggest challenge for IoT development. This survey paper presents the available security protocols at respective IoT layers. A comparison of this information is done with respective to various security aspects and research gaps are identified.
Mechanisms to Secure Communications in the IoT
Security Breaches and Threat Prevention in the Internet of Things, 2000
The maturity of the IoT depends on the security of communications and the protection of end-user's privacy. However, technological and material heterogeneities, and the asymmetric nature of communications between sensor nodes and ordinary Internet hosts, make the security in this case more problematic. Major problem facing the large deployment of IoT is the absence of a unified architecture and a lack of common agreement in defining protocols and standards for IoT parts. Many solutions have been proposed for the standardization of security concepts and protocols in IoT at different layers. Even though many advances and proposals were made for IoT adaptation as IPv6 for Low Power Wireless Personal Area Network (6LoWPAN), and at application layer with protocols such as XMPP, MQTT, CoAP, etc., security of the IoT remains a very challenging task and an open research topic. This chapter focuses on existing protocols and different proposed mechanisms in literature to secure communicat...
Optimized ECC Implementation for Secure Communication between Heterogeneous IoT Devices
Sensors, 2015
The Internet of Things is integrating information systems, places, users and billions of constrained devices into one global network. This network requires secure and private means of communications. The building blocks of the Internet of Things are devices manufactured by various producers and are designed to fulfil different needs. There would be no common hardware platform that could be applied in every scenario. In such a heterogeneous environment, there is a strong need for the optimization of interoperable security. We present optimized elliptic curve Cryptography algorithms that address the security issues in the heterogeneous IoT networks. We have combined cryptographic algorithms for the NXP/Jennic 5148-and MSP430-based IoT devices and used them to created novel key negotiation protocol.
Strengthening IoT Network Protocols: A Model Resilient Against Cyber Attacks
IgMin research, 2024
Th e pervasive Internet of Th ings (IoT) integration has revolutionized industries such as medicine, environmental care, and urban development. Th e synergy between IoT devices and 5G cellular networks has further accelerated this transformation, providing ultra-high data rates and ultra-low latency. Th is connectivity enables various applications, including remote surgery, autonomous driving, virtual reality gaming, and AI-driven smart manufacturing. However, IoT devices' realtime and high-volume messaging nature exposes them to potential malicious attacks. Th e implementation of encryption in such networks is challenging due to the constraints of IoT devices, including limited memory, storage, and processing bandwidth. In a previous work [1], we proposed an ongoing key construction process, introducing a pivotal pool to enhance network security. Th e protocol is designed with a probability analysis to ensure the existence of a shared key between any pair of IoT devices, with the predefi ned probability set by the system designer. However, our earlier model faced vulnerabilities such as the "parking lot attack" and physical attacks on devices, as highlighted in the conclusion section. We present a complementary solution to address these issues, fortifying our previous protocol against cyber threats. Our approach involves the implementation of an internal Certifi cation Authority (CA) that issues certifi cates for each IoT device before joining the network. Furthermore, all encryption keys are distributed by the primary IoT device using the Unix OS 'passwd' mechanism. If a device "disappears, " all encryption keys are promptly replaced, ensuring continuous resilience against potential security breaches. Th is enhanced protocol establishes a robust security framework for IoT networks, safeguarding against internal and external threats.
End-to-End Secure IoT Node Provisioning
Journal of Communications, 2021
Security of Internet of Things (IoT) has been one of the most critical topics since IoT devices took part in daily life. Due to resource constrained nature of IoT networks, meeting requirements of a secure infrastructure always becomes a challenge. The most prevalent method is to rely on conventional application layer protocols to secure IoT network traffic but due to IoT device capabilities, limited mobile network resources and battery powered structure of IoT nodes, most of them are not applicable in practice. Provisioning a new node into a running network also suffers from these challenges. In this study, we investigate whether pure algorithm based protocols can be used to solve secure provisioning of resource limited IoT devices problem. Trusted IoT node provisioning requires new node authentication, authorization for network credentials, secret key generation for data privacy, and distribution of secret keys. Besides that, key management for rejoining nodes should be considered...