Securing the Internet of Things: A Standardization Perspective
Top Cited Papers
- 16 May 2014
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Internet of Things Journal
- Vol. 1 (3), 265-275
- https://doi.org/10.1109/jiot.2014.2323395
Abstract
The Internet of Things (IoT) is the next wave of innovation that promises to improve and optimize our daily life based on intelligent sensors and smart objects working together. Through Internet Protocol (IP) connectivity, devices can now be connected to the Internet, thus allowing them to be read, controlled, and managed at any time and at any place. Security is an important aspect for IoT deployments. However, proprietary security solutions do not help in formulating a coherent security vision to enable IoT devices to securely communicate with each other in an interoperable manner. This paper gives an overview of the efforts in the Internet Engineering Task Force (IETF) to standardize security solutions for the IoT ecosystem. We first provide an in-depth review of the communication security solutions for IoT, specifically the standard security protocols to be used in conjunction with the Constrained Application Protocol (CoAP), an application protocol specifically tailored to the needs of adapting to the constraints of IoT devices. Since Datagram Transport Layer Security (DTLS) has been chosen as the channel security underneath CoAP, this paper also discusses the latest standardization efforts to adapt and enhance the DTLS for IoT applications. This includes the use of 1) raw public key in DTLS; 2) extending DTLS record Layer to protect group (multicast) communication; and 3) profiling DTLS for reducing the size and complexity of implementations on embedded devices. We also provide an extensive review of compression schemes that are being proposed in IETF to mitigate message fragmentation issues in DTLS.Keywords
This publication has 24 references indexed in Scilit:
- Lithe: Lightweight Secure CoAP for the Internet of ThingsIEEE Sensors Journal, 2013
- Securing the IP-based internet of things with HIP and DTLSPublished by Association for Computing Machinery (ACM) ,2013
- Securing the Internet of ThingsComputer, 2011
- Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based NetworksPublished by RFC Editor ,2011
- Securing communication in 6LoWPAN with compressed IPsecPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- Integrating wireless sensor networks and the internet: a security analysisInternet Research, 2009
- Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) ProfilePublished by RFC Editor ,2008
- TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor NetworksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2008
- Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)Published by RFC Editor ,2006
- Security Architecture for the Internet ProtocolPublished by RFC Editor ,2005