Abstract
The advantage of using the Network Address Translation device is that the internal IP address, which makes the IP address space of Internet of Things (IoT) devices expanded, is invisible from the outside and safe from external attacks. However, the use of these private IPv4 addresses poses traversal problems, especially for the mobile IoTs to operate peer-to-peer applications. An alternative solution is to use IPv6 technologies for future IoT devices. However, IPv6 package, including IPSec, is too complex to apply to the IoT device because it is a technology developed for the user terminal with enough computing power. This paper proposes a gatekeeper to enable the real IP addresses of IoTs inside the same subnetwork to be not explicitly addressable and visible from outside of the gatekeeper. Each IoT device publishes its virtual IP address via the Registrar Server or Domain Name System (DNS) with which the gatekeeper shares the address mapping information. While the gatekeeper maintains the mapping information for the local IoT devices, the registration server or DNS has global address mapping information so that any peer can reach the mapping information. All incoming and outgoing packets must pass through the gatekeeper responsible for the address conversion and security checks for them from the entrance. This paper aims to apply our gatekeeper system to a platform of self-driving cars that allows surrounding IoT cameras and autonomous vehicles to communicate with each other securely, safely, and rapidly. So, this paper finally analyzes improvement effects on latency to show that our gatekeeper system guarantees the latency goal of 20 ms under the environment of 5G links.
Highlights
Received: November 2020 Accepted: December 2020 Published: 23 December 2020Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.Modern smart cities still need to allow IPv4 network-connected Internet of Things (IoT) devices
The contribution of this paper is the introduction of the gatekeeper, which can support end-to-end secure sessions between two IoTs located behind their gatekeepers
This paper suggests using the dual addresses of the virtual Internet Protocol (IP) and real IP where the proposed gatekeeper plays the leading role in enabling the real IP addresses of IoTs inside local subnetworks to be not explicitly addressable and visible from outside of the gatekeeper
Summary
Received: November 2020 Accepted: December 2020 Published: 23 December 2020. Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. The IoT device, gatekeeper, and Registrar Server (or DNS) share information about the relationship between the real IP address and virtual IP address [9,10,11,12,13,14,15]. In the gatekeeper system with IPv6, 128-bit address conversion occurs, and 128-bit mapping information needs to be handled in the registrar server or DNS. While the NAT system requires other completely different methods to deal with security management or edge computing, the gatekeeper holds security management information It leads edge computing for its own IoT devices. The gatekeeper approach enables moving the necessary computing for network address translation and security management from the central servers to the gatekeepers located at the subnetwork entrances.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.