Lightweight security scheme for IoT applications using CoAP. Issue 4 (28th October 2014)
- Record Type:
- Journal Article
- Title:
- Lightweight security scheme for IoT applications using CoAP. Issue 4 (28th October 2014)
- Main Title:
- Lightweight security scheme for IoT applications using CoAP
- Authors:
- Ukil, Arijit
Bandyopadhyay, Soma
Bhattacharyya, Abhijan
Pal, Arpan
Bose, Tulika - Abstract:
- Abstract : Purpose: – The purpose of this paper is to study lightweight security scheme for Internet of Things (IoT) applications using Constrained Application Protocol (CoAP). Resource-constrained characteristics of IoT systems have ushered in compelling requirements for lightweight application protocol and security suites. CoAP has already been established as the candidate protocol for IoT systems. However, low overhead security scheme for CoAP is still an open problem. Existing security solutions like Datagram Transport Layer Security (DTLS) is not suitable, particularly due to its expensive handshaking, public key infrastructure (PKI)-based authentication and lengthy ciphersuite agreement process. Design/methodology/approach: – This paper proposes a lightweight security scheme in CoAP using Advanced Encryption Standard (AES) 128 symmetric key algorithm. The paper presents an object security (payload embedded)-based robust authentication mechanism with integrated key management. The paper introduces few unique modifications to CoAP header to optimize security operation and minimize communication cost. Findings: – It is resilient to number of security attacks like replay attack, meet-in-the-middle attack and secure under chosen plaintext attack. This scheme is generic in nature, applicable for gamut of IoT applications. The paper proves efficacy of our proposed scheme for vehicle tracking application in emulated laboratory setup. Specifically, it compares with DTLS-enabledAbstract : Purpose: – The purpose of this paper is to study lightweight security scheme for Internet of Things (IoT) applications using Constrained Application Protocol (CoAP). Resource-constrained characteristics of IoT systems have ushered in compelling requirements for lightweight application protocol and security suites. CoAP has already been established as the candidate protocol for IoT systems. However, low overhead security scheme for CoAP is still an open problem. Existing security solutions like Datagram Transport Layer Security (DTLS) is not suitable, particularly due to its expensive handshaking, public key infrastructure (PKI)-based authentication and lengthy ciphersuite agreement process. Design/methodology/approach: – This paper proposes a lightweight security scheme in CoAP using Advanced Encryption Standard (AES) 128 symmetric key algorithm. The paper presents an object security (payload embedded)-based robust authentication mechanism with integrated key management. The paper introduces few unique modifications to CoAP header to optimize security operation and minimize communication cost. Findings: – It is resilient to number of security attacks like replay attack, meet-in-the-middle attack and secure under chosen plaintext attack. This scheme is generic in nature, applicable for gamut of IoT applications. The paper proves efficacy of our proposed scheme for vehicle tracking application in emulated laboratory setup. Specifically, it compares with DTLS-enabled CoAP to establish the lightweight feature of our proposed solution. Research limitations/implications: – This paper mainly focuses on implementing in-vehicle tracking systems as an IoT application and used CoAP as the application protocol. Practical implications: – Such a lightweight security scheme would provide immense benefit in IoT systems so that resource constraint-sensing devices and nodes can be made secure. This would impact IoT eco systems to a large extent. Originality/value: – Such kind of security suite that provides both robustness and lightweight feature is hitherto not known to the authors, particularly in CoAP for IoT applications. … (more)
- Is Part Of:
- International journal of pervasive computing and communications. Volume 10:Issue 4(2014)
- Journal:
- International journal of pervasive computing and communications
- Issue:
- Volume 10:Issue 4(2014)
- Issue Display:
- Volume 10, Issue 4 (2014)
- Year:
- 2014
- Volume:
- 10
- Issue:
- 4
- Issue Sort Value:
- 2014-0010-0004-0000
- Page Start:
- 372
- Page End:
- 392
- Publication Date:
- 2014-10-28
- Subjects:
- Sensors -- Security -- Authentication -- CoAP -- IoT -- Lightweight
Ubiquitous computing -- Periodicals
Mobile computing -- Periodicals
Computer network protocols -- Periodicals
Computer network architectures -- Periodicals
Application software -- Development -- Periodicals
004.6 - Journal URLs:
- http://info.emeraldinsight.com/products/journals/journals.htm?PHPSESSID=hprfp8ctb78gnbgodr3rkog6s0&id=ijpcc ↗
http://www.emeraldinsight.com/ ↗
http://www.troubador.co.uk/jpcc/ ↗ - DOI:
- 10.1108/IJPCC-01-2014-0002 ↗
- Languages:
- English
- ISSNs:
- 1742-7371
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4542.452750
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 9902.xml