Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Lithe: Lightweight Secure CoAP for the Internet of Things
Mälardalen University, School of Innovation, Design and Engineering. Swedish Institute of Computer Science, Kista, Sweden. (NES)ORCID iD: 0000-0001-8192-0893
Swedish Institute of Computer Science, Kista, Sweden.
Department of Information Technology, Uppsala University, Uppsala, Sweden.
Communication and Distributed Systems, RWTH Aachen University, Germany.
Show others and affiliations
2013 (English)In: IEEE Sensors Journal, ISSN 1530-437X, E-ISSN 1558-1748, Vol. 13, no 10, p. 3711-3720Article in journal (Refereed) Published
Abstract [en]

The Internet of Things (IoT) enables a wide range of application scenarios with potentially critical actuating and sensing tasks, e.g., in the e-health domain. For communication at the application layer, resource-constrained devices are expected to employ the Constrained Application Protocol (CoAP) that is currently being standardized at the IETF. To protect the transmission of sensitive information, secure CoAP (CoAPs) mandates the use of Datagram TLS (DTLS) as the underlying security protocol for authenticated and confidential communica- tion. DTLS, however, was originally designed for comparably powerful devices that are interconnected via reliable, high- bandwidth links.

In this paper, we present Lithe – an integration of DTLS and CoAP for the IoT. With Lithe, we additionally propose a novel DTLS header compression scheme that aims to significantly reduce the header overhead of DTLS leveraging the 6LoWPAN standard. Most importantly, our proposed DTLS header com- pression scheme does not compromise the end-to-end security properties provided by DTLS. At the same time, it considerably reduces the number of transmitted bytes while maintaining DTLS standard compliance. We evaluate our approach based on a DTLS implementation for the Contiki operating system. Our evaluation results show significant gains in terms of packet size, energy consumption, processing time, and network-wide response times, when compressed DTLS is enabled. 

Place, publisher, year, edition, pages
2013. Vol. 13, no 10, p. 3711-3720
Keywords [en]
CoAP, DTLS, CoAPs, 6LoWPAN, Security, Internet of Things
National Category
Engineering and Technology
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:mdh:diva-18867DOI: 10.1109/JSEN.2013.2277656ISI: 000324337900006Scopus ID: 2-s2.0-84883314073OAI: oai:DiVA.org:mdh-18867DiVA, id: diva2:619016
Available from: 2013-05-01 Created: 2013-05-01 Last updated: 2017-12-06Bibliographically approved
In thesis
1. Lightweight Security Solutions for the Internet of Things
Open this publication in new window or tab >>Lightweight Security Solutions for the Internet of Things
2013 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The future Internet will be an IPv6 network interconnecting traditional computers and a large number of smart object or networks such as Wireless Sensor Networks (WSNs). This Internet of Things (IoT) will be the foundation of many services and our daily life will depend on its availability and reliable operations.

Therefore, among many other issues, the challenge of implementing secure communication in the IoT must be addressed. The traditional Internet has established and tested ways of securing networks. The IoT is a hybrid network of the Internet and resource-constrained networks, and it is therefore reasonable to explore the options of using security mechanisms standardized for the Internet in the IoT.

The IoT requires multi-facet security solutions where the communication is secured with confidentiality, integrity, and authentication services; the network is protected against intrusions and disruptions; and the data inside a sensor node is stored in an encrypted form. Using standardized mechanisms, communication in the IoT can be secured at different layers: at the link layer with IEEE 802.15.4 security, at the network layer with IP security (IPsec), and at the transport layer with Datagram Transport Layer Security (DTLS). Even when the IoT is secured with encryption and authentication, sensor nodes are exposed to wireless attacks both from inside the WSN and from the Internet. Hence an Intrusion Detection System (IDS) and firewalls are needed. Since the nodes inside WSNs can be captured and cloned, protection of stored data is also important.

This thesis has three main contributions. (i) It enables secure communication in the IoT using lightweight compressed yet standard compliant IPsec, DTLS, and IEEE 802.15.4 link layer security; and it discusses the pros and cons of each of these solutions. The proposed security solutions are implemented and evaluated in an IoT setup on real hardware. (ii) This thesis also presents the design, implementation, and evaluation of a novel IDS for the IoT. (iii) Last but not least, it also provides mechanisms to protect data inside constrained nodes.

The experimental evaluation of the different solutions shows that the resource-constrained devices in the IoT can be secured with IPsec, DTLS, and 802.15.4 security; can be efficiently protected against intrusions; and the proposed combined secure storage and communication mechanisms can significantly reduce the security-related operations and energy consumption.

Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2013
Series
Mälardalen University Press Dissertations, ISSN 1651-4238 ; 139
Keywords
Security, Internet of Things, 6LoWPAN, CoAP, RPL, Secure Storage, IDS, DTLS, IPsec
National Category
Engineering and Technology
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-18863 (URN)978-91-7485-110-6 (ISBN)
Public defence
2013-06-05, Kappa, Mälardalens högskola, Västerås, 10:15 (English)
Opponent
Supervisors
Available from: 2013-05-02 Created: 2013-04-30 Last updated: 2014-10-07Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Raza, Shahid
By organisation
School of Innovation, Design and Engineering
In the same journal
IEEE Sensors Journal
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 17702 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf