In this paper we discuss security procedures for constrained IoT devices. We start with the description of a general security architecture along with its basic procedures, then discuss how its elements interact with the constrained communication stack and explore pros and cons of popular security approaches at various layers of the ISO/OSI model. We also discuss a practical example for the establishment of end-to-end secure channels between constrained and unconstrained devices. The proposed method is lightweight and allows the protection of IoT devices through strong encryption and authentication means, so that constrained devices can benefit from the same security functionalities that are typical of unconstrained domains, without however having to execute computationally intensive operations. To make this possible, we advocate using trusted unconstrained nodes for the offloading of computationally intensive tasks. Moreover, our design does not require any modifications to the protocol stacks of unconstrained nodes.
McMAC: a power efficient, short preamble Multi-Channel Medium Access Control protocol for wireless sensor networks
BONETTO, RICCARDO;BUI, NICOLA;ROSSI, MICHELE;ZORZI, MICHELE
2012
Abstract
In this paper we discuss security procedures for constrained IoT devices. We start with the description of a general security architecture along with its basic procedures, then discuss how its elements interact with the constrained communication stack and explore pros and cons of popular security approaches at various layers of the ISO/OSI model. We also discuss a practical example for the establishment of end-to-end secure channels between constrained and unconstrained devices. The proposed method is lightweight and allows the protection of IoT devices through strong encryption and authentication means, so that constrained devices can benefit from the same security functionalities that are typical of unconstrained domains, without however having to execute computationally intensive operations. To make this possible, we advocate using trusted unconstrained nodes for the offloading of computationally intensive tasks. Moreover, our design does not require any modifications to the protocol stacks of unconstrained nodes.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.