Building Datagram Transport Layer Security (DTLS)-based access control in the Internet-of-Things

Sammanfattning: With the widespread use of the Internet of Things (IoT), the security problem has raised social attention. Due to the limited calculation ability of the constrained device, it is difficult to download the defense software inside and the device just can use the built-in encryption mechanisms to defend attack. To overcome complex and volatile situations and challenges in the IoT, we propose a the solution based on a framework called Authentication and Authorization for Constrained Environment (ACE)-OAuth for authentication and authorization which could be applied in the IoT environment. More specifically, we implement the DTLS profile and Internet Engineering Task Force (IETF) IoT stack in ACE framework to build a secure environment in the trans- port layer. In this work, we focus on the symmetric-based authenticated setup that utilize the pre-shared key mode to build the secure channel. The implementation of the proposed solution is based on the Operating System (OS) Contik-NG and we use the constrained device Zolertia Firefly. The effectiveness of the proposed solution is evaluated by the operational time, power measurement, and memory footprint of the pre-shared key (PSK) mode to establish a secure channel. The result can be treated as a benchmark for the different protocol steps. We present the footprint of the Random Access Memory (RAM) and Read-Only Memory (ROM), the power measurement and also the operational time.