uu.seUppsala University Publications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
SecureSense: End-to-End Secure Communication Architecture for the Cloud-connected Internet of Things
RISE SICS, Isafjordsgatan 22, Stockholm, Sweden.
RISE SICS, Isafjordsgatan 22, Stockholm, Sweden.
KTH Royal Inst Technol, Networked Syst Secur Grp, Stockholm, Sweden.
Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computer Architecture and Computer Communication. RISE SICS, Isafjordsgatan 22, Stockholm, Sweden. (UNO)ORCID iD: 0000-0002-2586-8573
2017 (English)In: Future generations computer systems, ISSN 0167-739X, E-ISSN 1872-7115, Vol. 77, p. 40-51Article in journal (Refereed) Published
Abstract [en]

Constrained Application Protocol (CoAP) has become the de-facto web standard for the IoT. Unlike traditional wireless sensor networks, Internet-connected smart thing deployments require security. CoAP mandates the use of the Datagram TLS (DTLS) protocol as the underlying secure communication protocol. In this paper we implement DTLS-protected secure CoAP for both resource-constrained IoT devices and a cloud backend and evaluate all three security modes (pre-shared key, raw-public key, and certificate-based) of CoAP in a real cloud-connected IoT setup. We extend Sics(th)Sense- a cloud platform for the IoT- with secure CoAP capabilities, and compliment a DTLS implementation for resource-constrained IoT devices with raw-public key and certificate-based asymmetric cryptography. To the best of our knowledge, this is the first effort toward providing end-to-end secure communication between resource constrained smart things and cloud back-ends which supports all three security modes of CoAP both on the client side and the server side. SecureSense- our End-to-End (E2E) secure communication architecture for the IoT- consists of all standard-based protocols, and implementation of these protocols are open source and BSD-licensed. The SecureSense evaluation benchmarks and open source and open license implementation make it possible for future IoT product and service providers to account for security overhead while using all standardized protocols and while ensuring interoperability among different vendors. The core contributions of this paper are: (i) a complete implementation for CoAP security modes for E2E IoT security, (ii) IoT security and communication protocols for a cloud platform for the IoT, and (iii) detailed experimental evaluation and benchmarking of E2E security between a network of smart things and a cloud platform.

Place, publisher, year, edition, pages
2017. Vol. 77, p. 40-51
National Category
Computer Engineering
Identifiers
URN: urn:nbn:se:uu:diva-333812DOI: 10.1016/j.future.2017.06.008ISI: 000412036600004OAI: oai:DiVA.org:uu-333812DiVA, id: diva2:1158020
Funder
VINNOVASwedish Research Council FormasSwedish Energy AgencyEU, Horizon 2020, 646184
Available from: 2017-11-17 Created: 2017-11-17 Last updated: 2018-01-13Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records BETA

Voigt, Thiemo

Search in DiVA

By author/editor
Voigt, Thiemo
By organisation
Computer Architecture and Computer Communication
In the same journal
Future generations computer systems
Computer Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 55 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf