Research On End-to-End Security Technology Of The Internet Of Things

With the rapid development of network technologies,the concept of Internet of Things(IoT)has become a reality in recent years.IoT comprises a huge amount of devices(hereinafter called constrained devices)capable of interacting with the environment and communicating over the Internet.Among other challenges that prevent the growth of IoT,security problem is one of the main challenges.This thesis focuses mainly on secure communication concerns for constrained devices.In essence,constrained devices are devices operating under low power,and with limited computational and network resources.For such characteristics,they do not support standard security protocols and,consequently,they become a potential target for traditional Internet attacks(e.g.Denial of Service and man-in-the-middle).In order to ensure the proposed end-to-end security scheme is compatible with the existing network and has strong feasibility,basic knowledge of the Internet of things is introduced first,including the main features of IoT,the main technologies,the communication model and the security requirements.Then the thesis analyzes the existing IoT security architecture and puts forward a new IoT security architecture based on edge computing.On the basis of the above research,a proxy-based DTLS end-to-end security scheme is proposed.Finally,a platform based on Contiki,which is a well-known embedded operating system,and CC2538 microchips is built to verify the feasibility of the proposed scheme.The main work of the thesis includes:1.Giving a systematic introduction to the related knowledge of IoT,including its main features,main technologies,communication models,security threats and security requirements.The main technologies of IoT is introduced from hardware to operating system,from physical layer to network layer and then to application layer respectively.The communication models of IoT are summarized as Device-to-Device,Device-to-Cloud,Device-to-Gateway and Back-end Date Sharing Pattern.2.Studying the security architecture of IoT.Firstly,the thesis discusses and analyzes the existing security framework of the IoT.Secondly,the thesis introduces the origin and concept of edge computing,and analyzes the importance of edge computing in IoT.Thirdly,a new Io T security architecture is proposed based on edge computing.3.Studying the end-to-end security mechanism of IoT.Firstly,the research progress of the end-to-end security mechanism of the internet of things is discussed and summarized.Secondly,DTLS,an existing end-to-end protocol of the Internet,is introduced.Thirdly,a proxy-based DTLS end-to-end security scheme is proposed to ensure end-to-end authentication and communication security.4.Studying the feasibility of the proposed scheme.A platform based on Contiki operating system and CC2538 microchips is built to verify the feasibility of the proposed scheme.The thesis presents a scheme to enable the constrained devices to communicate with the Internet standard security protocol and demonstrates the feasibility of the scheme by implementing the DTLS protocol on constrained devices.However,this thesis does not have a complete implementation of the proposed scheme.Gateway and edge computing devices should be added in further implementations.