Security in the internet of things

Abstract

The Internet of Things (IoT) interconnects billions of heterogeneous devices in an Internet-like structure extending the current Internet and enabling new forms of interactions between objects. When it comes to integration of IoT systems in such essential fields of life as medicine and healthcare, transportation and manufacturing control, computer-controlled devices in vehicles, security becomes a crucial aspect and it is essential to protect communication between IoT devices and the data they exchange. The constraints of some IoT devices, such as low processing powers, lack of memory and storage space and limited energy sources, make it difficult to apply the already existing solutions used in the standard Internet and to implement strong cryptographic algorithms. In such a scenario, new algorithms and security mechanisms should be designed and the existing well-known methods must be optimized taking into account the particularities of the IoT environment. This thesis focuses on the study of security mechanisms for the IoT environments. In particular, we introduce dynamic broker bridging – a novel mechanism which extends standard publish/subscribe systems to multi-hop architectures and propose three possible approaches of securing the proposed mechanism through end-to-end authentication and authorization. We also present a novel anonymization protocol for datagram-based communication. The protocol has been specially designed to satisfy constrained scenarios typical for the Internet of Things. The design of the protocol also implies confidentiality, thus eliminating the necessity to use any secure communication protocol. We also introduce a novel solution for anonymizing publish/subscribebased networks. The design of the solution is based on the dynamic broker bridging mechanism.