Abstract

Internet-of-Things (IoT) and sensor technologies have enabled the collection of data in a distributed fashion for analysis and evidence-based decision making. However, security concerns regarding the source, confidentiality and integrity of the data arise. The most common method of protecting data transmission in sensor systems is Transport Layer Security (TLS) or its datagram counterpart (DTLS) today, but exist an alternative option based on Distributed Ledger Technology (DLT) that promise strong security, ease of use and potential for large scale integration of heterogeneous sensor systems. A DLT such as the IOTA Tangle offers great potential to improve sensor data exchange. This paper presents L2Sec, a cryptographic protocol which is able to secure data exchanged over the IOTA Tangle. This protocol is suitable for implementation on constrained devices, such as common IoT devices, leading to greater scalability. The first experimental results evidence the effectiveness of the approach and advocate for the integration of an hardware secure element to improve the overall security of the protocol. The L2Sec source code is released as open source repository on GitHub.

Highlights

  • Internet-of-Things (IoT) systems enable the collection of data from an increasing variety of sensors for analysis and evidence-based decision making

  • It is designed to be (i) sufficiently lightweight to run on constrained IoT devices (i.e., MCU-based platforms without operating systems), (ii) suitable for sensors application data model, such as one single publisher producing time sequenced data, and (iii) modular, such that the building block can be employed in other applications and extendable to ease the integration of additional features and fields

  • The L2Sec protocol defines the interactions between an IoT node and the IOTA Tangle

Read more

Summary

Introduction

Internet-of-Things (IoT) systems enable the collection of data from an increasing variety of sensors for analysis and evidence-based decision making. Such systems have two main additional requirements today (i) the need for (near) real-time performance to serve their function avoiding offline data analysis and (ii) end-to-end security with data source authentication, data confidentiality and integrity from sensor to remote site where data is stored and processed. Any scenario comprising more than one point dedicated to data analysis is deployed with data duplication/exchange at Edge or Cloud level because it is not suitable to open more than one TLS channel from the IoT device. IoT devices are typically resource-constrained and TLS consumes those resources

Methods
Results
Conclusion

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.