Adaptable End-To-End Security For Mobile IoT Sensing Applications

Authors

Abstract

In this article, we address the limitations of the current solutions for end-to-end security in the context of IoT (Internet of !ings) applications. Such limitations are related to a few important aspects that may, in practice, be crucial to support most IoT applications, particularly the lack of support of mobile sensing devices, the inadequacy of many existing sensing devices while supporting authentication and key negotiation with asymmetric cryptography, and the inexistence of more flexible solutions for enabling security at the application layer, as well as the incompatibility of end-to-end security with the usage of proxies. We propose and evaluate experimentally new mechanisms at the transport and application layers which can, we believe, complement the existing approaches. Our experimental evaluation considers the impact of the proposed approaches in the resources available in constrained sensing devices, and its effectiveness in the light of the requirements of particular applications, and allows us to verify that effective and flexible end-to-end security is indeed feasible in many usage scenarios, thus being effective alternatives to complement current approaches to IoT end-to-end security.

Keywords

IoT; end-to-end security; mobility; transport-layer security; application-layer security; adaptable security

Subject

Security in the IOT

Related Project

MobiWise: from mobile sensing to mobility advising

Conference

1st ACM Workshop on the Internet of Safe Things (Safethings 2017), November 2017