In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
