Lightweight security scheme for IoT applications using CoAP
International Journal of Pervasive Computing and Communications
ISSN: 1742-7371
Article publication date: 28 October 2014
Abstract
Purpose
The purpose of this paper is to study lightweight security scheme for Internet of Things (IoT) applications using Constrained Application Protocol (CoAP). Resource-constrained characteristics of IoT systems have ushered in compelling requirements for lightweight application protocol and security suites. CoAP has already been established as the candidate protocol for IoT systems. However, low overhead security scheme for CoAP is still an open problem. Existing security solutions like Datagram Transport Layer Security (DTLS) is not suitable, particularly due to its expensive handshaking, public key infrastructure (PKI)-based authentication and lengthy ciphersuite agreement process.
Design/methodology/approach
This paper proposes a lightweight security scheme in CoAP using Advanced Encryption Standard (AES) 128 symmetric key algorithm. The paper presents an object security (payload embedded)-based robust authentication mechanism with integrated key management. The paper introduces few unique modifications to CoAP header to optimize security operation and minimize communication cost.
Findings
It is resilient to number of security attacks like replay attack, meet-in-the-middle attack and secure under chosen plaintext attack. This scheme is generic in nature, applicable for gamut of IoT applications. The paper proves efficacy of our proposed scheme for vehicle tracking application in emulated laboratory setup. Specifically, it compares with DTLS-enabled CoAP to establish the lightweight feature of our proposed solution.
Research limitations/implications
This paper mainly focuses on implementing in-vehicle tracking systems as an IoT application and used CoAP as the application protocol.
Practical implications
Such a lightweight security scheme would provide immense benefit in IoT systems so that resource constraint-sensing devices and nodes can be made secure. This would impact IoT eco systems to a large extent.
Originality/value
Such kind of security suite that provides both robustness and lightweight feature is hitherto not known to the authors, particularly in CoAP for IoT applications.
Keywords
Acknowledgements
The authors thank Sitaram Venkata Chamarty and Praveen Gauravaram of Tata Consultancy Services (TCS) Innovation Lab, Hyderabad, India, for their valuable comments and suggestions.
Citation
Ukil, A., Bandyopadhyay, S., Bhattacharyya, A., Pal, A. and Bose, T. (2014), "Lightweight security scheme for IoT applications using CoAP", International Journal of Pervasive Computing and Communications, Vol. 10 No. 4, pp. 372-392. https://doi.org/10.1108/IJPCC-01-2014-0002
Publisher
:Emerald Group Publishing Limited
Copyright © 2014, Emerald Group Publishing Limited