Research On Security Scheme For The Internet Of Things Based On SIP Protocol

Internet of Things is regarded as core area of another new round of information industry wave succeeding of computer, the Internet and mobile communication and it will be the next "important productivity" that will push the rapid development of the world. Internet of Things faces some special security problems except those traditional networks face. The particular requirements of application layer involves the privacy protection and the processing and utilization of information, which is concerned with users and should be solved as quickly as possible. The signaling control protocol of application layer SIP, with features such as simplicity, flexible expansibility and the characteristic to transplant easily, is easy to transplant to all kinds of IOT terminal equipments ones that are portable, convinient to use but have low power and capacity. SIP can be used in session connection of remote monitoring of building intercom,video conference and smart home in IOT.This thesis mainly analyses the threats faced by each layer of IOT, and the authentication schemes in SIP protocol are studied. Aiming at the security requirements of IOT applications, such as privacy protection and identity authentication, a security scheme oriented to IOT is proposed based on SIP and the anylysis of security and performance is given. The specific content are as follows:1.Firstly, the existing authentication mechanisms of SIP protocol are studied and their advantages and disadvantages are analysed. Then security threats and requirements in the IOT are analysed.2.Secondly, a security scheme oritented to IOT is proposed based on SIP protocol, which implements the authentication with anonymous hidden identity and session key agreement. By extending the SIP protocol, and referencing HTTP digest authentication mechanism of SIP protocol, two-way authentication is realized in two interactions. At the same time, certificateless key agreement is complemented with needed key information carried in the authentication process. The analysis of security shows that the authentication scheme can resist the attacks such as disguised server attack, offline password gussing and Relay attack. Also, the key argeement can resist the active attactks and passive attacks. The scheme has high security. The analysis of performance shows that the scheme is suitable for IOT teminals those are of limited capacity and computing ability.3.Finally, the security scheme proposed in this paper is tested in the application of SIP phones, and the results are given. The results shows that the scheme is correct and feasible.