Abstract
The emergence of radio technologies, such as Zigbee, Z-Wave, and Bluetooth Mesh, has transformed simple physical devices into smart objects that can understand and react to their environment. Devices, such as light bulbs, door locks, and window blinds, can now be connected to, and remotely controlled from, the Internet. Given the resource-constrained nature of many of these devices, they have typically relied on the use of universal global shared secrets for the initial bootstrapping and commissioning phase. Such a scheme has obvious security weaknesses and it also creates undesirable walled-gardens where devices of one ecosystem do not inter-operate with the other. In this paper, we investigate whether the standard Extensible Authentication Protocol (EAP) framework can be used for secure bootstrapping of resource-constrained devices. EAP naturally provides the benefits of per-device individual credentials, straightforward revocation, and isolation of devices. In particular, we look at the Nimble out-of-band authentication for EAP (EAP-NOOB) as a candidate EAP authentication method. EAP-NOOB greatly simplifies deployment of such devices as it does not require them to be pre-provisioned with credentials of any sort. Based on our implementation experience on off-the-shelf hardware, we demonstrate that lightweight EAP-NOOB is indeed a way forward to securely bootstrap such devices.
Highlights
The Internet of Things (IoT) promises to integrate a large number of physical devices, such as light bulbs, electronic locks, and various household appliances, into networks of connected smart objects.Connecting these devices to the Internet allows for remote access and control without the need for any direct physical interaction.Many large home appliances, such as smart TVs and refrigerators, typically reuse the existing Wi-Fi infrastructure for Internet connectivity because of its low marginal cost for connecting any number of devices
We investigate whether the Extensible Authentication Protocol (EAP) framework [8], which is widely used for bootstrapping enterprise Wi-Fi devices, is suitable for resource-constrained devices that use other radio technologies with slightly different deployment setups
The Zigbee Light Link (ZLL) [11] profile is specified for controlling lights in consumer households, while the Zigbee Home Automation (ZHA) [12] profile is specified for smart home appliances, such as wireless window shades and intruder alarms
Summary
The Internet of Things (IoT) promises to integrate a large number of physical devices, such as light bulbs, electronic locks, and various household appliances, into networks of connected smart objects.Connecting these devices to the Internet allows for remote access and control without the need for any direct physical interaction.Many large home appliances, such as smart TVs and refrigerators, typically reuse the existing Wi-Fi infrastructure for Internet connectivity because of its low marginal cost for connecting any number of devices. The Internet of Things (IoT) promises to integrate a large number of physical devices, such as light bulbs, electronic locks, and various household appliances, into networks of connected smart objects. At the same time, there is a growing number of IoT devices that rely on different low-power radio technologies, such as Zigbee [1], Thread [2], and Z-Wave [3] These devices typically form a mesh network and must rely on a gateway or a hub for Internet connectivity. Zigbee [9] is an IEEE 802.15.4-based open standard specified by the Zigbee alliance for creating and maintaining short-range personal area networks (PANs) It is intended for low-cost appliances, such as those used in home automation and health care. The Zigbee Light Link (ZLL) [11] profile is specified for controlling lights in consumer households, while the Zigbee Home Automation (ZHA) [12] profile is specified for smart home appliances, such as wireless window shades and intruder alarms
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
