nach oben

Wireless Networks

Erschienen in:

18.05.2020

Security offloading network system for expanded security coverage in IPv6-based resource constrained data service networks

verfasst von: Jiyong Han, Daeyoung Kim

Erschienen in: Wireless Networks | Ausgabe 6/2020

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Recent years have seen the development of successful internet of things (IoT) technologies based on IP-enabled data networks. Despite the growing demand for security of resource-constrained data service networks, a majority of nodes in them typically lack memory space and computational ability compared to Internet nodes. This restricts constrained nodes from implementing and operating burdensome security protocols and authentication methods. To overcome this problem, we propose a security offloading network system which expands the security coverage to constrained nodes in IPv6-based heterogeneous networks. The proposed system supports constrained nodes by offloading the handshake and data transmission of a security protocol to offloading agents. Constrained nodes can also utilize the ciphersuites of offloading agents without the burden of deploying them. The offloading server controls the registration, the authentication, and the load-balanced allocation of offloading-agents. The implementation and evaluation show the feasibility of the proposed system by presenting practical network performance analyses in respect of availability, responsiveness, protocol overhead, and validation. This research would be advantageous for constrained nodes to achieve a high level of security, lowering the cost of network devices at the same time.

Vorheriger Artikel Improving proactive routing with a multicriteria and adaptive framework in ad-hoc wireless networks

Nächster Artikel Design and analysis of RPL objective functions using variant routing metrics for IoT applications

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2017). Ddos in the iot: Mirai and other botnets. Computer, 50(7), 80–84. https://doi.org/10.1109/MC.2017.201.CrossRef

Bormann, C., Ersue, M., & Keranen, A. (2014). Terminology for constrained-node networks. Internet Engineering Task Force (IETF), RFC 7228.

Rescorla, E., & Modadugu, N. (2012). Datagram transport layer security version 1.2. Tech. rep.

Hummen, R., Shafagh, H., Raza, S., Voig, T., & Wehrle, K. (2014). Delegation-based authentication and authorization for the ip-based internet of things. In 2014 eleventh annual IEEE international conference on sensing, communication, and networking (SECON), pp. 284–292. https://doi.org/10.1109/SAHCN.2014.6990364.

Hummen, R., Ziegeldorf, J. H., Shafagh, H., Raza, S., & Wehrle, K. (2013). Towards viable certificate-based authentication for the internet of things. In Proceedings of the 2Nd ACM workshop on hot topics on wireless network security and privacy, HotWiSec ’13, pp. 37–42. ACM, New York, NY, USA. https://doi.org/10.1145/2463183.2463193.

Gerdes, S., Bergmann, O., & Bormann, C. (2015). Delegated coap authentication and authorization framework (dcaf). IETF draft,. gerdes-core-dcaf-authorize-04.

Raza, S., Trabalza, D., & Voigt, T. (2012). 6lowpan compressed dtls for coap. In 2012 IEEE 8th international conference on distributed computing in sensor systems, pp. 287–289. https://doi.org/10.1109/DCOSS.2012.55.

Raza, S., Shafagh, H., Hewage, K., Hummen, R., & Voigt, T. (2013). Lithe: Lightweight secure coap for the internet of things. IEEE Sensors Journal, 13(10), 3711–3720.CrossRef

Tschofenig, H., & Fossati, T. (2016). Transport layer security (tls)/datagram transport layer security (dtls) profiles for the internet of things. Tech. rep.

10.

Gerdes, S., Seitz, L., Selander, G., & Bormann, D.C. (2018). An architecture for authorization in constrained environments. Internet-Draft draft-ietf-ace-actors-07, Internet Engineering Task Force. https://tools.ietf.org/html/draft-ietf-ace-actors-07. Work in Progress.

11.

Hong, S., Kim, D., Ha, M., Bae, S., Park, S. J., Jung, W., et al. (2010). Snail: an ip-based wireless sensor network approach to the internet of things. IEEE Wireless Communications, 17(6), 34–42. https://doi.org/10.1109/MWC.2010.5675776.CrossRef

12.

Shelby, Z., Hartke, K., & Bormann, C. (2014). The constrained application protocol (CoAP). RFC 7252. https://doi.org/10.17487/RFC7252. https://rfc-editor.org/rfc/rfc7252.txt.

13.

Gomez, C., Paradells, J., Bormann, C., & Crowcroft, J. (2017). From 6lowpan to 6lo: Expanding the universe of ipv6-supported technologies for the internet of things. IEEE Communications Magazine, 55(12), 148–155. https://doi.org/10.1109/MCOM.2017.1600534.CrossRef

14.

Montenegro, G., Schumacher, C., & Kushalnagar, N. (2007). IPv6 over low-power wireless personal area networks (6LoWPANs): Overview, assumptions, problem statement, and goals. RFC 4919. https://doi.org/10.17487/RFC4919. https://rfc-editor.org/rfc/rfc4919.txt.

15.

Vasseur, J. (2014). Terms used in routing for low-power and lossy networks. RFC 7102. https://doi.org/10.17487/RFC7102. https://rfc-editor.org/rfc/rfc7102.txt.

16.

Dierks, T., & Rescorla, E. (2008). The transport layer security (tls) protocol version 1.2. Tech. rep.

17.

Oma lightweight m2m (2019). https://www.omaspecworks.org/what-is-oma-specworks/iot/lightweight-m2m-lwm2m/.

18.

Contiki: The open source os for the internet of things (2019). http://www.contiki-os.org/.

19.

Han, J., Ha, M., & Kim, D. (2015). Practical security analysis for the constrained node networks: Focusing on the dtls protocol. In 2015 5th international conference on the internet of things (IOT), pp. 22–29. https://doi.org/10.1109/IOT.2015.7356544.

20.

De Couto, D. S. J., Aguayo, D., Bicket, J., & Morris, R. (2005). A high-throughput path metric for multi-hop wireless routing. Wireless Network, 11(4), 419–434. https://doi.org/10.1007/s11276-005-1766-z.CrossRef

21.

Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, J.P., & Alexander, R. (2012). Rpl: Ipv6 routing protocol for low-power and lossy networks. Tech. rep.

22.

Draves, R., Padhye, J., & Zill, B. (2004). Routing in multi-radio, multi-hop wireless mesh networks. pp. 114–128. Cited By 1777.

23.

How does aes encryption work? (2019). https://proprivacy.com/guides/aes-encryption.

24.

Algorithms, key sizes and parameters report (2013). https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report.

25.

Msp430f543x, msp430f541x mixed-signal microcontrollers datasheet (rev. f) (2018). http://www.ti.com/lit/ds/symlink/msp430f5438.pdf.

26.

El-hajj, M., Maroun, C., Fadlallah, A., & Serhrouchni, A. (2018). Analysis of cryptographic algorithms on iot hardware platforms. pp. 1–5. https://doi.org/10.1109/CSNET.2018.8602942.

27.

Montenegro, G., Hui, J., Culler, D., & Kushalnagar, N. (2007). Transmission of IPv6 packets over IEEE 802.15.4 networks. RFC 4944. https://doi.org/10.17487/RFC4944. https://rfc-editor.org/rfc/rfc4944.txt.

28.

Thubert, P., & Hui, J. (2015). Compression format for IPv6 datagrams over IEEE 802.15.4-based networks. RFC 6282. https://doi.org/10.17487/rfc6282. https://rfc-editor.org/rfc/rfc6282.txt.

29.

Alexander, R., Brandt, A., Vasseur, J., Hui, J., Pister, K., Thubert, P., Levis, P., Struik, R., Kelsey, R., & Winter, T. (2012). RPL: IPv6 routing protocol for low-power and lossy networks. RFC 6550. https://doi.org/10.17487/RFC6550. https://rfc-editor.org/rfc/rfc6550.txt.

30.

Texas instruments, dallas, texas, united states (2019). http://www.ti.com.

31.

Eclipse tinydtls, eclipse foundation (2017). https://projects.eclipse.org/projects/iot.tinydtls.

32.

Bormann, C. (2014). 6lowpan-ghc: generic header compression for ipv6 over low-power wireless personal area networks (6lowpans). Tech. rep.

33.

Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., et al. (2005). The avispa tool for the automated validation of internet security protocols and applications. In K. Etessami & S. K. Rajamani (Eds.), Computer aided verification (pp. 281–285). Berlin: Springer.CrossRef

34.

Von Oheimb, D. (2005). The high-level protocol specification language hlpsl developed in the eu project avispa. In Proceedings of APPSEM 2005 workshop (pp. 1–17).

35.

Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on information theory, 29(2), 198–208.MathSciNetCrossRef

36.

Basin, D., Mödersheim, S., & Vigano, L. (2005). Ofmc: A symbolic model checker for security protocols. International Journal of Information Security, 4(3), 181–208.CrossRef

37.

Turuani, M. (2006). The cl-atse protocol analyser. In International conference on rewriting techniques and applications (pp. 277–286). Berlin: Springer.

38.

Armando, A., & Compagna, L. (2004). Satmc: a sat-based model checker for security protocols. In European workshop on logics in artificial intelligence (pp. 730–733). Berlin: Springer.

39.

Viganò, L. (2006). Automated security protocol analysis with the avispa tool. Electronic Notes in Theoretical Computer Science, 155, 61–86.CrossRef

40.

Kang, N., Park, J., Kwon, H., & Jung, S. (2015). Esse: Efficient secure session establishment for internet-integrated wireless sensor networks. International Journal of Distributed Sensor Networks, 2015, 7:7–7:7. https://doi.org/10.1155/2015/393754.CrossRef

41.

Porambage, P., Braeken, A., Kumar, P., Gurtov, A., & Ylianttila, M. (2015). Efficient key establishment for constrained iot devices with collaborative hip-based approach. In 2015 IEEE global communications conference (GLOBECOM) (pp. 1–6). IEEE.

42.

Moskowitz, R., Jokela, P., Henderson, T., & Nikander, P. (2015). Host identity protocol. RFC 5201. https://doi.org/10.17487/rfc5201. https://rfc-editor.org/rfc/rfc5201.txt.

43.

Capossele, A., Cervo, V., De Cicco, G., & Petrioli, C. (2015). Security as a coap resource: An optimized dtls implementation for the iot. In 2015 IEEE international conference on communications (ICC) (pp. 549–554). IEEE.

44.

The ietf wg, dtls in constrained environment (dice) (2017). https://datatracker.ietf.org/wg/dice/charter.

45.

The ietf wg, authentication and authorization or constrained environments (ace) (2019). https://datatracker.ietf.org/wg/ace/charter.

46.

Seitz, L., Gerdes, S., Selander, G., Mani, M., & Kumar, S. (2016). Use Cases for Authentication and Authorization in Constrained Environments. RFC 7744. https://doi.org/10.17487/rfc7744. https://rfc-editor.org/rfc/rfc7744.txt.

47.

Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., & Tschofenig, H. (2019). Authentication and authorization for constrained environments (ACE) using the OAuth 2.0 framework (ACE-OAuth). Internet-Draft draft-ietf-ace-oauth-authz-24, Internet Engineering Task Force. https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-24. Work in Progress.

Titel: Security offloading network system for expanded security coverage in IPv6-based resource constrained data service networks
verfasst von: Jiyong Han
Daeyoung Kim
Publikationsdatum: 18.05.2020
Verlag: Springer US
Erschienen in: Wireless Networks / Ausgabe 6/2020
Print ISSN: 1022-0038
Elektronische ISSN: 1572-8196
DOI: https://doi.org/10.1007/s11276-020-02330-2

Neuer Inhalt

Bildnachweise

Smart-Manufacturing Dashboard Banner/© AdobeStock_583269095, VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Sustainability in Finance_2024/© Robert Kneschke / stock.adobe.com, Search Icon, Banner Hanser, Dirk Wolters/© Netec GmbH, NPL Kreditzweitmarktgesetz/© Good_Stock / Getty Images / iStock, Verbrennungsmotor/© OkFoto.it / stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 6/2020

QoS aware and fault tolerant handovers in software defined LTE networks

Prediction-based secured handover authentication for mobile cloud computing

Energy efficiency resource allocation based on spectrum-power tradeoff in distributed satellite cluster network

Throughput stability and flow fairness enhancement of TCP traffic in multi-hop wireless networks

A novel efficient clustering protocol for energy harvesting in wireless sensor networks

Two dimension angle of arrival-based precoding for pilot contamination reduction in multi-cell massive MIMO systems

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.