kth.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
SecureSense: End-to-end secure communication architecture for the cloud-connected Internet of Things
KTH, School of Electrical Engineering (EES), Network and Systems engineering. (Networked Systems Security Group)
2017 (English)In: Future generations computer systems, ISSN 0167-739X, E-ISSN 1872-7115, Vol. 77, p. 40-51Article in journal (Refereed) Published
Abstract [en]

Constrained Application Protocol (CoAP) has become the de-facto web standard for the IoT. Unlike traditional wireless sensor networks, Internet-connected smart thing deployments require security. CoAP mandates the use of the Datagram TLS (DTLS) protocol as the underlying secure communication protocol. In this paper we implement DTLS-protected secure CoAP for both resource-constrained IoT devices and a cloud backend and evaluate all three security modes (pre-shared key, raw-public key, and certificate-based) of CoAP in a real cloud-connected IoT setup. We extend SicsthSense– a cloud platform for the IoT– with secure CoAP capabilities, and compliment a DTLS implementation for resource-constrained IoT devices with raw-public key and certificate-based asymmetric cryptography. To the best of our knowledge, this is the first effort toward providing end-to-end secure communication between resource-constrained smart things and cloud back-ends which supports all three security modes of CoAP both on the client side and the server side. SecureSense– our End-to-End (E2E) secure communication architecture for the IoT– consists of all standard-based protocols, and implementation of these protocols are open source and BSD-licensed. The SecureSense evaluation benchmarks and open source and open license implementation make it possible for future IoT product and service providers to account for security overhead while using all standardized protocols and while ensuring interoperability among different vendors. The core contributions of this paper are: (i) a complete implementation for CoAP security modes for E2E IoT security, (ii) IoT security and communication protocols for a cloud platform for the IoT, and (iii) detailed experimental evaluation and benchmarking of E2E security between a network of smart things and a cloud platform.

Place, publisher, year, edition, pages
Elsevier, 2017. Vol. 77, p. 40-51
Keywords [en]
Cloud, CoAP, DTLS, Internet of Things, IoT, Security
National Category
Communication Systems
Identifiers
URN: urn:nbn:se:kth:diva-212194DOI: 10.1016/j.future.2017.06.008ISI: 000412036600004Scopus ID: 2-s2.0-85023639574OAI: oai:DiVA.org:kth-212194DiVA, id: diva2:1134551
Funder
VINNOVASwedish Research Council FormasSwedish Energy AgencyEU, Horizon 2020, 646184
Note

QC 20170821

Available from: 2017-08-21 Created: 2017-08-21 Last updated: 2024-03-18Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Papadimitratos, Panagiotis

Search in DiVA

By author/editor
Papadimitratos, Panagiotis
By organisation
Network and Systems engineering
In the same journal
Future generations computer systems
Communication Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 691 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf