Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things

Tschofenig, Hannes; Fossati, Thomas

doi:10.17487/rfc7925

Cited by 44 publications

(16 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Although the design of bullet-proof authentication mechanisms is always desirable, it generally implies high computational cost and/or trusted entities, a prerequisite that may be not applicable to several scenarios. For this reason, the Internet Engineering Task Force (IETF) has developed the Constrained Application Protocol (CoAP) [55], a lightweight scheme specifically tailored for energy-and resource-constrained IoT applications that relies on a dedicated security layer. This security layer, namely Datagram Transport Layer Security (DTLS), is built on top of the UDP protocol and provides IoT devices with several security features, together with a reliable authentication framework [56].…”

Section: A Iot Device Identification and Authenticationmentioning

confidence: 99%

Securing the Internet of Things in the Age of Machine Learning and Software-Defined Networking

Restuccia

D’Oro

Melodia

2018

IEEE Internet Things J.

223

View full text Add to dashboard Cite

The Internet of Things (IoT) realizes a vision where billions of interconnected devices are deployed just about everywhere, from inside our bodies to the most remote areas of the globe. As the IoT will soon pervade every aspect of our lives and will be accessible from anywhere, addressing critical IoT security threats is now more important than ever. Traditional approaches where security is applied as an afterthought and as a "patch" against known attacks are insufficient. Indeed, nextgeneration IoT challenges will require a new secure-by-design vision, where threats are addressed proactively and IoT devices learn to dynamically adapt to different threats. To this end, machine learning and software-defined networking will be key to provide both reconfigurability and intelligence to the IoT devices. In this paper, we first provide a taxonomy and survey the state of the art in IoT security research, and offer a roadmap of concrete research challenges related to the application of machine learning and software-defined networking to address existing and nextgeneration IoT security threats.

show abstract

Section: A Iot Device Identification and Authenticationmentioning

confidence: 99%

Securing the Internet of Things in the Age of Machine Learning and Software-Defined Networking

Restuccia

D’Oro

Melodia

2018

IEEE Internet Things J.

223

View full text Add to dashboard Cite

show abstract

“…Consequently, techniques such as certificate pinning [16], should also be employed to authenticate the devices on the grid. This ensures that each device checks the servers certificate against a known copy stored in its firmware [11]. However, although this is an efficient way of preventing MITM attacks it is not completely immune, as an adversary could disable the certificate pinning procedure, and manage to intercept the communication [31].…”

Section: Security Concerns Of Cloud Based Energy Management System -Lmentioning

confidence: 99%

Secure Data Sharing and Analysis in Cloud-Based Energy Management Systems

Anthi

Javed

Rana

et al. 2017

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

Abstract. Analysing data acquired from one or more buildings (through specialist sensors, energy generation capability such as PV panels or smart meters) via a cloud-based Local Energy Management System (LEMS) is increasingly gaining in popularity. In a LEMS, various smart devices within a building are monitored and/or controlled to either investigate energy usage trends within a building, or to investigate mechanisms to reduce total energy demand. However, whenever we are connecting externally monitored/controlled smart devices there are security and privacy concerns. We describe the architecture and components of a LEMS and provide a survey of security and privacy concerns associated with data acquisition and control within a LEMS. Our scenarios specifically focus on the integration of Electric Vehicles (EV) and Energy Storage Units (ESU) at the building premises, to identify how EVs/ESUs can be used to store energy and reduce the electricity costs of the building. We review security strategies and identify potential security attacks that could be carried out on such a system, while exploring vulnerable points in the system. Additionally, we will systematically categorize each vulnerability and look at potential attacks exploiting that vulnerability for LEMS. Finally, we will evaluate current counter measures used against these attacks and suggest possible mitigation strategies.

show abstract

“…Therefore, a more secure and effective low-power consumption scheme is required, which is acceptable under the benchmarks of the existing standard. On the other hand, in the LoRaWAN network, it can be considered to apply Datagram Transport Layer Security (DTLS) [ 45 ] to provide the end-to-end security between each device and its application server. However, the DTLS handshake procedure results in excessive message signaling and computation overheads, which are not clearly suited for the LoRaWAN network.…”

Section: Introductionmentioning

confidence: 99%

“…The proposed protocol is formally analyzed for its security through Burrows–Abadi–Needham (BAN) logic [ 46 ] and the Automated Validation of Internet Security Protocols and Applications (AVSIPA) tool [ 47 ]. Further, the performance analysis is presented in comparison with the DTLS’s two handshake options, Pre-Shared Key (PSK) and Elliptic Curve Cryptography (ECC), along with a case study on a smart factory-enabled parking system [ 45 , 48 ]. In the case study, the proposed protocol is analyzed for its performance by securing communication between the end devices (sensors) at the parking lot and the application server, which is hosted by the smart factory, as shown in Figure 1 .…”

Section: Introductionmentioning

confidence: 99%

An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System

You

Kwon

Choudhary

et al. 2018

Sensors

View full text Add to dashboard Cite

The Internet of Things (IoT) utilizes algorithms to facilitate intelligent applications across cities in the form of smart-urban projects. As the majority of devices in IoT are battery operated, their applications should be facilitated with a low-power communication setup. Such facility is possible through the Low-Power Wide-Area Network (LPWAN), but at a constrained bit rate. For long-range communication over LPWAN, several approaches and protocols are adopted. One such protocol is the Long-Range Wide Area Network (LoRaWAN), which is a media access layer protocol for long-range communication between the devices and the application servers via LPWAN gateways. However, LoRaWAN comes with fewer security features as a much-secured protocol consumes more battery because of the exorbitant computational overheads. The standard protocol fails to support end-to-end security and perfect forward secrecy while being vulnerable to the replay attack that makes LoRaWAN limited in supporting applications where security (especially end-to-end security) is important. Motivated by this, an enhanced LoRaWAN security protocol is proposed, which not only provides the basic functions of connectivity between the application server and the end device, but additionally averts these listed security issues. The proposed protocol is developed with two options, the Default Option (DO) and the Security-Enhanced Option (SEO). The protocol is validated through Burrows–Abadi–Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The proposed protocol is also analyzed for overheads through system-based and low-power device-based evaluations. Further, a case study on a smart factory-enabled parking system is considered for its practical application. The results, in terms of network latency with reliability fitting and signaling overheads, show paramount improvements and better performance for the proposed protocol compared with the two handshake options, Pre-Shared Key (PSK) and Elliptic Curve Cryptography (ECC), of Datagram Transport Layer Security (DTLS).

show abstract

Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things

Cited by 44 publications

References 31 publications

Securing the Internet of Things in the Age of Machine Learning and Software-Defined Networking

Securing the Internet of Things in the Age of Machine Learning and Software-Defined Networking

Secure Data Sharing and Analysis in Cloud-Based Energy Management Systems

An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System

Contact Info

Product

Resources

About