دانلود رایگان مقاله انگلیسی معماری شبکه امن اینترنت اشیا مبتنی بر مجوزهای محلی - نشریه IEEE

Abstract

Security is essential to enable the Internet of Things (IoT). Key security measures that work well on the traditional Internet, however, do not necessarily adapt well to the IoT. Specifically, authentication and/or authorization based on certificates provided by certificate authorities (CAs) cannot, in current form, scale to the expected 50 billion devices. And widely used encryption technologies for the Internet require too much energy for resource-constrained devices. This paper describes a secure network architecture with key distribution mechanisms using local, automated authorization entities. The architecture provides security guarantees while addressing IoT-related issues including resource constraints. For evaluation, we show that the architecture’s overhead scales at a significantly slower rate than widely used SSL/TLS and works well with resource-constrained devices.

VI. CONCLUSION

In this paper, we propose a secure network architecture to address IoT-related security requirements, as summarized in Table V. The proposed approach supports frequent, automated authentication and authorization by using a local authorization entity called Auth. Auth authorizes registered entities through session key distribution. By caching the session keys and allowing a variety of cryptographic algorithms, even the entities with intermittent connectivity or resource constraints can be authorized effectively. For authentication and authorization, an entity only needs to use temporary session keys provided by Auth. Thus, it does not have to risk exposing its identity by using its unique value such as a certificate, maintaining its privacy. Through experiments, we show our approach has significantly better scalability than SSL/TLS for the scenarios common in the IoT, while providing a comparable level of security as SSL/TLS.