International Journal of Open Information Technologies

The IoT opens up a vast area for creative applications that will change the world and human lives. Small, sensitive devices connected to the Internet will enable all-encompassing computing. This study describes widely accepted technologies and standards for IoT networks, and provides an overview of the most well-known security protocols and technologies currently available for adoption in the IoT, at different levels of a typical communication stack. The first section introduces existing IoT security technologies and protocols. The second section of the overview discusses the technologies and protocols used in the IoT. The next section provides a brief overview of the protocols and security mechanisms in the IoT. The last section discusses security issues and solutions, and shows a comparison of the protocols that were previously discussed in the previous sections. In future work, the authors seek to build a security model for interconnected computing devices based on a lightweight and secure authentication scheme for the Internet of Things. This study will simplify the correct navigation of the IoT security protocol stack.

Kolias, C., Kambourakis, G., Stavrou, A., Voas, J. (2017). DDoS in the IoT: Mirai and other Botnets. Computer, 50(7), 80-84.

Hassan, Q.F. (2018). Internet of things A to Z: Technologies and applications. New York: John Wiley & Sons, Inc.

Winter, T., Thubert, P., Brandt, A., Hui, J.W., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, J.P., Alexander, R.K. (2012). RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks. RFC 6550. Fremont: Internet Engineering Task Force.

802.15.4-2015 – IEEE Standard for Low-Rate Wireless Networks. (2016). https://ieeexplore.ieee.org/document/7460875.

Bormann, C., Hoffman, P. (2013). Concise Binary Object Representation (CBOR), RFC 7049. Fremont: Internet Engineering Task Force.

Schaad, J. (2017). CBOR Object Signing and Encryption (COSE), RFC8152. Fremont: Internet Engineering Task Force.

Jones, M.B. (2017). Using RSA Algorithms with CBOR Object Signing and Encryption (COSE) Messages, RFC8230. Fremont: Internet Engineering Task Force.

Schaad, J. (2016). CBOR encoded message syntax: Additional algorithms. Fremont: Internet Engineering Task Force.

Fielding, R.T., Reschke, J. (2014). Hypertext Transfer Protocol (HTTP/1.1): Message syntax and routing. RFC 7230. Fremont: Internet Engineering Task Force.

Fielding, R.T., Reschke, J. (2014). Hypertext Transfer Protocol (HTTP/1.1): Semantics and content. RFC 7231. Fremont: Internet Engineering Task Force.

Shelby, Z., Hartke, K., Bormann, C. (2014). Constrained Application Protocol (CoAP). RFC 7252. Fremont: Internet Engineering Task Force.

Rescorla, E., Modadugu, N. (2012). Datagram Transport Layer Security version 1.2. RFC 6347. Fremont: Internet Engineering Task Force.

Tschofenig, H., Fossati, T. (2016). Transport Layer Security (TLS)/Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things. RFC 7925. Fremont: Internet Engineering Task Force.

Selander, G., Mattson, J., Palombini, F., Seitz, L. (2018). Object Security for Constrained RESTful Environments (OSCORE), draft-ietf-core-object-security09 (work in progress). Fremont: Internet Engineering Task Force.

Hui, J.W., Thubert, P. (2011). Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks. RFC 6282. Fremont: Internet Engineering Task Force.

IEEE 802.15.4-2011 – IEEE Standard for Local and metropolitan area networks--Part 15.4: Low-Rate Wireless Personal Area Networks (LR-WPANs). (2011). https://standards.ieee.org/standard/802_15_4-2011.html.

Kent, S., Seo, K. (2005). Security architecture for the internet protocol. RFC 4301. Fremont: Internet Engineering Task Force.

Raza, S., Duquennoy, S., Voigt, T., Roedig, U. (2011). Demo abstract: securing communication in 6LoWPAN with compressed IPsec. In: The 7th IEEE International Conference on Distributed Computing in Sensor Systems (DCOSS’11). Piscataway: Institute of Electrical and Electronics Engineers Inc.

Advanced Encryption Standard (AES). (2001). https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf.

Bluetooth Special Interest Group. Bluetooth Specification – Version 4.2. (2014). https://www.bluetooth.com/specifications/specs/.

Hardt, D. (2012). The OAuth 2.0 Authorization Framework. RFC 6749. Fremont: Internet Engineering Task Force.

Banks, A., Gupta, R. MQTT version 3.1.1, OASIS Standard. (2014). http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqttv3.1.1.html.

Raza, S., Voigt, T., Jutvik, V. (2012). Lightweight ikev2: a key management solution for both the compressed IPsec and the IEEE 802.15. 4 Security. https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.641.2588&rep=rep1&type=pdf.