Abstract
Internet of Things (IoT) networks are the pillar of recent novel scenarios, such as smart cities or e-healthcare applications. Among other challenges, these networks cover the deployment and interaction of small devices with constrained capabilities and Internet protocol (IP)-based networking connectivity. These constrained devices usually require connection to the Internet to exchange information (e.g., management or sensing data) or access network services. However, only authenticated and authorized devices can, in general, establish this connection. The so-called authentication, authorization and accounting (AAA) services are in charge of performing these tasks on the Internet. Thus, it is necessary to deploy protocols that allow constrained devices to verify their credentials against AAA infrastructures. The Protocol for Carrying Authentication for Network Access (PANA) has been standardized by the Internet engineering task force (IETF) to carry the Extensible Authentication Protocol (EAP), which provides flexible authentication upon the presence of AAA. To the best of our knowledge, this paper is the first deep study of the feasibility of EAP/PANA for network access control in constrained devices. We provide light-weight versions and implementations of these protocols to fit them into constrained devices. These versions have been designed to reduce the impact in standard specifications. The goal of this work is two-fold: (1) to demonstrate the feasibility of EAP/PANA in IoT devices; (2) to provide the scientific community with the first light-weight interoperable implementation of EAP/PANA for constrained devices in the Contiki operating system (Contiki OS), called PANATIKI. The paper also shows a testbed, simulations and experimental results obtained from real and simulated constrained devices.
Highlights
The growth of small devices with constrained capabilities and Internet Protocol (IP)-based networking connectivity is today a reality
The first deployment has been based on real hardware, while the second deployment has been simulated on Cooja with additional nodes
The three main aspects that we have analyzed in our real hardware-based testbed are memory occupied for our implementation, message length and execution time, which are vital in the deployment of protocols in constrained devices
Summary
The growth of small devices with constrained capabilities and Internet Protocol (IP)-based networking connectivity is today a reality They typically form self-configurable wireless multi-hop networks of relay nodes, which are able to recover from communication failures. The nodes that form these networks may require Internet connectivity through a border router (e.g., a sensor sending a measurement to a central server on the Internet), which, in turn, may need to authenticate the node to provide network connectivity. No other secure EAP method uses fewer messages for authentication purposes This means it is a potential candidate in constrained environments, such as IoT networks. This is the EAP method we have used for our experiments
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
