1,044 research outputs found
Securing Internet of Things with Lightweight IPsec
Real-world deployments of wireless sensor networks (WSNs) require
secure communication. It is important that a receiver is able to verify that sensor
data was generated by trusted nodes. In some cases it may also be necessary
to encrypt sensor data in transit. Recently, WSNs and traditional IP networks
are more tightly integrated using IPv6 and 6LoWPAN. Available IPv6 protocol
stacks can use IPsec to secure data exchange. Thus, it is desirable to extend
6LoWPAN such that IPsec communication with IPv6 nodes is possible. It is
beneficial to use IPsec because the existing end-points on the Internet do not
need to be modified to communicate securely with the WSN. Moreover, using
IPsec, true end-to-end security is implemented and the need for a trustworthy
gateway is removed.
In this paper we provide End-to-End (E2E) secure communication between
an IP enabled sensor nodes and a device on traditional Internet. This is the
first compressed lightweight design, implementation, and evaluation of 6LoWPAN
extension for IPsec on Contiki. Our extension supports both IPsec's Authentication
Header (AH) and Encapsulation Security Payload (ESP). Thus,
communication endpoints are able to authenticate, encrypt and check the integrity
of messages using standardized and established IPv6 mechanisms
Supporting Cyber-Physical Systems with Wireless Sensor Networks: An Outlook of Software and Services
Sensing, communication, computation and control technologies are the essential building blocks of a cyber-physical system (CPS). Wireless sensor networks (WSNs) are a way to support CPS as they provide fine-grained spatial-temporal sensing, communication and computation at a low premium of cost and power. In this article, we explore the fundamental concepts guiding the design and implementation of WSNs. We report the latest developments in WSN software and services for meeting existing requirements and newer demands; particularly in the areas of: operating system, simulator and emulator, programming abstraction, virtualization, IP-based communication and security, time and location, and network monitoring and management. We also reflect on the ongoing
efforts in providing dependable assurances for WSN-driven CPS. Finally, we report on its applicability with a case-study on smart buildings
A Survey on Communication Networks for Electric System Automation
Published in Computer Networks 50 (2006) 877–897, an Elsevier journal. The definitive version of this publication is available from Science Direct. Digital Object Identifier:10.1016/j.comnet.2006.01.005In today’s competitive electric utility marketplace, reliable and real-time information become the key factor for reliable delivery of power to the end-users, profitability of the electric utility and customer satisfaction. The operational and commercial demands of electric utilities require a high-performance data communication network that supports both existing functionalities and future operational requirements. In this respect, since such a communication network constitutes the core of the electric system automation applications, the design of a cost-effective and reliable network architecture is crucial.
In this paper, the opportunities and challenges of a hybrid network architecture are discussed for electric system automation.
More specifically, Internet based Virtual Private Networks, power line communications, satellite communications and wireless communications (wireless sensor networks, WiMAX and wireless mesh networks) are described in detail. The motivation of this paper is to provide a better understanding of the hybrid network architecture that can provide heterogeneous electric system automation application requirements. In this regard, our aim is to present a structured framework for electric utilities who plan to utilize new communication technologies for automation and hence, to make the decision making process more effective and direct.This work was supported by NEETRAC under
Project #04-157
Survey on security issues in file management in cloud computing environment
Cloud computing has pervaded through every aspect of Information technology
in past decade. It has become easier to process plethora of data, generated by
various devices in real time, with the advent of cloud networks. The privacy of
users data is maintained by data centers around the world and hence it has
become feasible to operate on that data from lightweight portable devices. But
with ease of processing comes the security aspect of the data. One such
security aspect is secure file transfer either internally within cloud or
externally from one cloud network to another. File management is central to
cloud computing and it is paramount to address the security concerns which
arise out of it. This survey paper aims to elucidate the various protocols
which can be used for secure file transfer and analyze the ramifications of
using each protocol.Comment: 5 pages, 1 tabl
Literature Survey on IPv6 over low power personal area networks.
As there is an increase in (IOT) Internet of Things, there is a growing implementation of Internet of things in many areas in our day-to-day life. Internet of things entails the linking of different embedded devices like appliances, weather stations and even toys to the internet using the Internet Protocol. Surveys say that the number of embedded devices that are IP-enabled will outnumber the total personal computers in the near future. 6LoWPAN is the name of a concluded working group in the Internet area of the IETF. 6LoWPAN is the technology that enable small, low powered embedded devices to access the internet. 6LoWPAN is a protocol definition that makes IPv6 packets to be carried on top of low power wireless networks, specifically IEEE 802.15.4.
In this literature survey, I am going to give the details about the architecture and design of 6LoWPAN, the routing protocols used, and the security and privacy mechanisms used. There are three types of Lowpans: Ad-Hoc lowpan, Simple lowpan and extended lowpan. I am going to write about the innovative ways to implement security in 6LoWPAN. 6LoWPAN is different because of its small address size and low power features. Hence, to make 6LoWPAN secure new and unique challenges needs to be addressed. The routing protocols in 6LoWPAN are very sensitive because of the limited node’s capabilities in terms of power, transmission range and so on. Hence, it is based on layering decisions: application-based, and other parameter bases
DTLS Performance in Duty-Cycled Networks
The Datagram Transport Layer Security (DTLS) protocol is the IETF standard
for securing the Internet of Things. The Constrained Application Protocol,
ZigBee IP, and Lightweight Machine-to-Machine (LWM2M) mandate its use for
securing application traffic. There has been much debate in both the
standardization and research communities on the applicability of DTLS to
constrained environments. The main concerns are the communication overhead and
latency of the DTLS handshake, and the memory footprint of a DTLS
implementation. This paper provides a thorough performance evaluation of DTLS
in different duty-cycled networks through real-world experimentation, emulation
and analysis. In particular, we measure the duration of the DTLS handshake when
using three duty cycling link-layer protocols: preamble-sampling, the IEEE
802.15.4 beacon-enabled mode and the IEEE 802.15.4e Time Slotted Channel
Hopping mode. The reported results demonstrate surprisingly poor performance of
DTLS in radio duty-cycled networks. Because a DTLS client and a server exchange
more than 10 signaling packets, the DTLS handshake takes between a handful of
seconds and several tens of seconds, with similar results for different duty
cycling protocols. Moreover, because of their limited memory, typical
constrained nodes can only maintain 3-5 simultaneous DTLS sessions, which
highlights the need for using DTLS parsimoniously.Comment: International Symposium on Personal, Indoor and Mobile Radio
Communications (PIMRC - 2015), IEEE, IEEE, 2015,
http://pimrc2015.eee.hku.hk/index.htm
Integration of LoRa Wide Area Network with the 5G Test Network
Abstract. The global communication network is going through major transformation from conventional to more versatile and diversified network approaches. With the advent of virtualization and cloud technology, information technology (IT) is merging with telecommunications to alter the conventional approaches of traditional proprietary networking techniques. From radio to network and applications, the existing infrastructure lacks several features that we wished to be part of 5th Generation Mobile Networks (5G). Having a support for large number of applications, Internet of Things (IoT) will bring a major evolution by creating a comfortable, flexible and an automated environment for end users. A network having the capability to support radio protocols on top of basic networking protocols, when blended with a platform which can generate IoT use cases, can make the expectations of 5G a reality.
Low Power Wide Area Network (LPWAN) technologies can be utilized with other emerging and suitable technologies for IoT applications. To implement a network where all the technologies can be deployed virtually to serve their applications within a single cloud, Network Functions Virtualization (NFV) and Software Defined Network (SDN) is introduced to implement such a networking possibility for upcoming technologies. The 5G Test Network (5GTN), a testbed for implementing and testing 5G features in real time, is deployed in virtual platform which allows to add other technologies for IoT applications. To implement a network with an IoT enabler technology, LoRa Wide Area Network (LoRaWAN) technology can be integrated to test the feasibility and capability of IoT implications. LoRaWAN being an IoT enabler technology is chosen out of several possibilities to be integrated with the 5GTN. Using MultiConnect Conduit as a gateway, the integration is realized by establishing point to point protocol (PPP) connection with eNodeB. Once the connection is established, LoRa packets are forwarded to the ThingWorx IoT cloud and responses can be received by the end-devices from that IoT cloud by using Message Queuing Telemetry Transport (MQTT) protocol. Wireshark, an open source packet analyser, is then used to ensure successful transmission of packets to the ThingWorx using the 5GTN default packet routes
An integrated security Protocol communication scheme for Internet of Things using the Locator/ID Separation Protocol Network
Internet of Things communication is mainly based on a machine-to-machine pattern, where devices are globally addressed and identified. However, as the number of connected devices increase, the burdens on the network infrastructure increase as well. The major challenges are the size of the routing tables and the efficiency of the current routing protocols in the Internet backbone. To address these problems, an Internet Engineering Task Force (IETF) working group, along with the research group at Cisco, are still working on the Locator/ID Separation Protocol as a routing architecture that can provide new semantics for the IP addressing, to simplify routing operations and improve scalability in the future of the Internet such as the Internet of Things. Nonetheless, The Locator/ID Separation Protocol is still at an early stage of implementation and the security Protocol e.g. Internet Protocol Security (IPSec), in particular, is still in its infancy.
Based on this, three scenarios were considered: Firstly, in the initial stage, each Locator/ID Separation Protocol-capable router needs to register with a Map-Server. This is known as the Registration Stage. Nevertheless, this stage is vulnerable to masquerading and content poisoning attacks. Secondly, the addresses resolving stage, in the Locator/ID Separation Protocol the Map Server (MS) accepts Map-Request from Ingress Tunnel Routers and Egress Tunnel Routers. These routers in trun look up the database and return the requested mapping to the endpoint user. However, this stage lacks data confidentiality and mutual authentication. Furthermore, the Locator/ID Separation Protocol limits the efficiency of the security protocol which works against
redirecting the data or acting as fake routers. Thirdly, As a result of the vast increase in the different Internet of Things devices, the interconnected links between these devices increase vastly as well. Thus, the communication between the devices can be easily exposed to disclosures by attackers such as Man in the Middle Attacks (MitM) and Denial of Service Attack (DoS).
This research provided a comprehensive study for Communication and Mobility in the Internet of Things as well as the taxonomy of different security protocols. It went on to investigate the security threats and vulnerabilities of Locator/ID Separation Protocol using X.805 framework standard. Then three Security protocols were provided to secure the exchanged transitions of communication in Locator/ID Separation Protocol. The first security protocol had been implemented to secure the Registration stage of Locator/ID separation using ID/Based cryptography method. The second security protocol was implemented to address the Resolving stage in the Locator/ID Separation Protocol between the Ingress Tunnel Router and Egress Tunnel Router using Challenge-Response authentication and Key Agreement technique. Where, the third security protocol had been proposed, analysed and evaluated for the Internet of Things communication devices. This protocol was based on the authentication and the group key agreement via using the El-Gamal concept. The developed protocols set an interface between each level of the phase to achieve security refinement architecture to Internet of Things based on Locator/ID Separation Protocol. These protocols were verified using Automated Validation Internet Security Protocol and Applications (AVISPA) which is a push button tool for the automated validation of security protocols and achieved results demonstrating that they do not have any security flaws. Finally, a performance analysis of security refinement protocol analysis and an evaluation were conducted using Contiki and Cooja simulation tool. The results of the performance analysis showed that the security refinement was highly scalable and the memory was quite efficient as it needed only 72 bytes of memory to store the keys in the Wireless Sensor Network (WSN) device
- …