Security Embedded CoAP using DTLS for IoT
|
|
- Jemima Houston
- 5 years ago
- Views:
Transcription
1 Security Embedded CoAP using DTLS for IoT Shravya AR 1, Reshma J 2 1 Department of Computer Science BNM Institute of Technology 2 Department of Computer Science BNM Institute of Technology Abstract - The Internet of Things (IoT) consists of a large number of interconnected devices. These devices perform sensing and actuating tasks. Each of the devices is identified through a unique IPv6 address. The devices are connected to the Internet through which the sensors can be read and controlled. At the application layer, these resource constrained devices communicate using the Constrained Application Protocol (CoAP). Data is transmitted through the public Internet and hence security is a major issue. Hence there is a need for developing a secure version of CoAP Datagram Transport Layer Security (DTLS) protocol can be used to secure CoAP. DTLS security protocol operates at the transport layer. Security is also provided at the application layer using authentication techniques. In this paper security is looked at in two layers, namely application layer and transport layer. Keywords Internet of Things, Constrained Application Protocol, Security, Datagram Transport Layer Security Protocol, IPv6 address. I. INTRODUCTION Internet of Things(IoT) is an environment where every small devices can be connected to each other and then subsequently to the cloud. The devices are given unique identifiers. They are capable of transmitting information without human intervention. A thing in Internet of Things can be as tiny as a sensor. The sensor can be implanted on the human body, or can be buried deep into the soil, or imbibed into an automobile. The things can be assigned a IPv6 address. Once the address is allocated the same can be used to identify the objects and establish communication. Internet of Things was earlier referred to as Machine to Machine(M2M) communication. The term Internet of Things was coined by Kevin Ashton in 1999[1]. The things exposes methods which can be used by other devices to discover, read or write. With IoT every device connected to the Internet is capable of communicating with every other device. The machines interact without any human help and hence there is a need for standard way of communication. The existing IP infrastructure has to be put to best use instead of developing everything from scratch. Billions of addresses are needed and hence Ipv4 address space would not be sufficient. To accommodate more addresses IPv6 was introduced. This gave rise to infinite number of addresses thus solving the problem of assigning unique addresses. The devices in IoT are constrained both with respect to power and network bandwidth and hence an efficient protocol has to be used for communication. HTTP is an existing paradigm at the application layer. There was a need for a light weight HTTP and that is when the Internet Engineering Task Force came up with Constrained application protocol (CoAP). CoAP is suitable for IoT devices as it does not require too much processing power. CoAP is easy to implement on small embedded hardware. CoAP is similar to HTTP and hence can be easily converted from one format to the other. CoAP allows message exchange between power limited resources over constrained networks. The power constrained devices have a very limited configuration with respect to speed and memory. In constrained networks, all the capabilities of a TCP/IP stacks are not available and they also have lower transfer rates. CoAP operates over UDP unlike HTTP. The complex operations provided All Rights Reserved 606
2 TCP such as congestion control, flow control are not provided by UDP. Additional functionalities have to be developed if necessary while using CoAP. CoAP uses request response model very similar to HTTP by using the GET, POST, PUT, DELETE commands. In the networking applications security is not always considered during the design of the product. The users often do not change their passwords once they login to a certain device. The default passwords remain unchanged many a times. IoT devices are directly accessible through the Internet. Confidential data like Company data, financial data, and employee personal data have to be safely transmitted across the Internet. In this paper authentication and authorization, both are taken care. Authentication is performed at the application layer and the authorization at the transport layer. II. RELATED WORK End to end security is very important in IoT as the data exchange between the devices take place through the Internet. The devices under consideration are resource constrained. Hence general E2E security mechanisms are not suitable for such environments. There has been work on analysing security challenges in the IP based IoT[2]. A header compression method is proposed in [3] which secures the data among nodes in a 6LowPAN network. Authentication headers and Encapsulating Security Payload headers are encoded using the Next Header Compression Techniques. Jorge in [4] has extended this solution and has included IPSec in tunnel mode. The proposed method was implemented and evaluated by the author using TinyOS. All the applications that run on a particular machine share the IPsec services. 6LowPAN compression techniques that are previously defined are not suitable for web based protocols such as HTTP or CoAP. The ideal security protocols for web based protocols are TLS and DTLS. TLS works over TCP. But our protocol of concern works on UDP. Hence TLS is not the preferred security protocol. Brachman in [5] proposes a mapping between TLS and DTLS. It required a IPv6 border router. But the point of failure was that there was a security breach at the 6BR and thus was ineffective in providing the E2E security. IPSec can also be used to secure the devices on IoT. As stated in [6] IPsec is a layer 3 protocol which can be used with IPv6. It can secure application and transport layer applications and is an application independent protocol. IPSec is transparent to applications as it is integrated to the kernel. But IPSec has issues with Network Address Translation. Also it requires extra messages to set up security parameters and associations. The paper authored by Kai Zhoa and Lina Ge[7] describes that the security issues in IoT are directly dependent on the applications. It describes the issues on the basis of three layer architecture. The applications have different standards based on the Industrial specifications. Any data that is collected by a sensor is transmitted through wireless networks. Most of the sensor devices are unmanned. Hence the attackers can easily get access to the device. Hence security is the most important issue to be considered. A Systematic approach for IoT Security[8] proposes newer approach for designing a security mechanism. IoT includes a lot of new features and mechanisms that are difficult to secure. The security approach in the above paper considers actors and their interactions with other actors. In IoT objects are spread worldwide. Each object will have a single core identity and multiple temporary identities. Reliability of the source and sink sensors is also an important aspect. Data repositories have to be efficiently managed to guarantee reliability of the data transmitted between the source and the sink. In Construction and Strategies in IoT Security System[9] security is viewed in a different perspective. The features and the systematic structures of IoT are analysed along with the All Rights Reserved 607
3 concerns. Intelligent processing depends on technology used in the devices. The security issues are addressed in different layers: network layer, transport layer, application layer. The newer systems can be designed by incorporating the necessary security features. Imbibing security in existing infrastructure is a challenge. III. BACKGROUND IoT consists of heterogeneous devices. The devices have to be interconnected in a secure and reliable manner. The paper proposes to use the DTLS protocol as the security protocol. The protocol operates between the transport and application layer. At the application layer CoAP protocol is used. Authentication can also be performed at the application layer. A. Constrained Application Protocol (CoAP) CoAP is an application level protocol that operates over UDP. It was designed for the resource constrained devices of IoT. The resource constrained devices have low processing power and memory. CoAP is very similar to HTTP but is slightly modified to suit the resource constrained nature of IoT. Figure 1 represents the CoAP and HTTP stacks. As seen, HTTP and CoAP operate over different protocols at the transport layer. At the network layer HTTP generally operates on a IP based network, whereas the constrained devices in IoT uses a 6LowPAN network. CoAP supports unicast and multicast requests. It has a lower overhead in comparison to HTTP. Message exchanges happen in an asynchronous manner. It operates over the datagram oriented UDP. Reliability can be optionally provided by using certain message formats. A fixed length binary header of 4 bytes is used by CoAP. Optionally there could be additional payload. A compact message ID is assigned to each message that helps in identifying duplicates. Figure 1. HTTP and CoAP stack In order to ensure reliability CON messages are used. A CON message is retransmitted after a certain timeout. The message is retransmitted until the receiver sends out an acknowledgement. If the receiver is not able to process the message then it sends out a Reset(RST) message. If reliable transmission is not needed a NON message can be used. These messages are not acknowledged by the receiver. Reset(RST) is sent from the receiving end if a NON message cannot be processes by it. CoAP messages include a message code and a response code. Responses are sent in a piggy backed fashion. In order to process requests efficiently caching of responses is supported. A cache can be located in any of the intermediate devices or at the end point. Proxying of requests is used to limit network traffic and improve performance. CoAP also offers resource discovery that is needed for M2M interactions. The device will be capable of showing its presence to the other members in the network. This discovery can also be restricted to only a few devices by introducing authentication All Rights Reserved 608
4 B. Datagram Transport Layer Security (DTLS) Transport Layer Security (TLS) was widely used to secure communication networks. It was mainly used to protect web based traffic. But TLS runs over TCP. It is difficult to use TLS in datagram environments as packets may be dropped or reordered. In such a case TLS is incapable of handling such losses. DTLS serves as a solution to this problem. Minimal changes have been done to TLS to serve its purpose in a datagram environment. Messages in TLS have to be transmitted and received in a certain defined order. DTLS solves this problem by adding an explicit sequence number. The DTLS records are in the form of a structure. struct { ContentType type; ProtocolVersion version_number; uint16 epoch_number; uint48 sequence_number; uint16 message_length; opaque fragment [DTLSText.length]; } DTLSText; The epoch_number and sequence_number are the newly added fields in the DTLS structure. Epoch number is a counter that is incremented each time there is a change in the value of the cipher. Sequence_number specifies the sequence number of that particular record. Each DTLS record should fit into a single datagram. Handshakes are performed initially between the sender and receiver systems before establishing communication among them. The handshakes include Hello messages, cipher negotiation messages, certificate messages, key exchange messages and finished messages. Figure 2. DTLS Handshake The Handshake messages are organized in flights. DTLS is a chatty protocol and consists of a number of message exchanges. The handshake messages help in establishing the initial communication setup. It also involves negotiation of cipher, keys, and encryption and compression methods. The handshake messages are also cryptographically processed. The IPv6 datagrams headers can be compressed and the payload can be fragmented. The encodings are capable of compressing the header length to as low as 2 bytes. The compression techniques can only be applied to 6LowPAN networks. By fragmented the payload data sizes can All Rights Reserved 609
5 greatly reduced thus saving space. But fragmenting leads to security issues that needs to be carefully handled. Also more energy is spent in fragmenting the packets thus bringing down the life time of the constrained devices in IoT. IV. PROPOSED METHODOLGY In this paper, both authentication and authorization is taken care. The CoAP and DTLS protocol are combined to form a secure CoAP. Authentication is performed at the application layer by prompting the user for a username and a password. A series of name and password pairs are stored in the database. The steps followed in the design process are as follows. Step 1: Create a CoAP server to host certain files. Step 2: Create a CoAP Client that accesses the server. Step 3: Establish a DTLS client and server socket. Step 4: Create a PEM file. Step 5: Define a JSON for DTLS. Step6: Handle hello messages on each side. Step 7: Frame the handshake messages and exchange them. Step 8: Negotiate a suitable cipher. Step 9: Use the cipher in an encryption/decryption engine. Since DTLS operates above the transport layer, a socket connection is necessary for communication. The active socket listens to the incoming request. The handshake message exchange follows the connection establishment. A PEM file is container that includes a public certificate. The certificates may be self signed or signed by a Certificate Authority. PEM Certificate is base 64 blocks consisting of encoded data. A JSON is defined for DTLS that includes all the parameters like version, type, epoch, sequence number etc. It consists of name value pairs. It is a common exchange format used across the web. After a socket connection is established handshake messages are exchanged and a suitable cipher is negotiated. AES encryption engine can be used to perform the necessary encryption and decryption. On an implementation front any lightweight scripting technique can be used. NodeJS is one such platform that can be used for IoT. It is an event driven programming technique and is also asynchronous in nature. It makes use of callback functions to enable asynchronous execution. V. RESULTS As the first step, CoAP server that is designed is kept up and running. The files on that server are accessible only to authenticated devices. The client can choose between the GET and POST methods. The user name and the password should match the list stored in the database. Figure 3. Initial login The socket connection for DTLS is established. The DTLS client and server communicate through a series of handshakes. The client establishes a new session and sends a client hello message. The server acknowledges the client handshake and verifies the sequence number. It also checks for the validity of the data. Separate handler functions need to be written for client and server so as All Rights Reserved 610
6 handle the client and server handshake messages. The handshakes are appropriately processed on either ends. A cipher suit is then negotiated between the communicating parties. A general key is very huge in size. In our implementation we only choose a subset of the key by applying a random function over the entire key. The coordinates returned by one end is communicated to its peer. The key at the similar coordinate values is selected at the other end. The selected subset of the key is passed to an AES engine. CTR mode of AES encryption is used in this paper. In case of a GET request, client sends a request to the server to fetch a certain file. The file contents are sent in an encrypted form and the same is decrypted at the client end. In the case POST, the client sends the contents in an encrypted form which is decrypted at the server end. Figure 5. Encrypted data V. CONCLUSION Security is a very important factor in the Internet of Things today. With personal data in the air necessary security issues have to be handled accurately to prevent any data modification. CoAP is an application level protocol that is used in the constrained devices. Combining CoAP with DTLS enables us to have a secure CoAP. Both Authentication and Authorization are taken care of in this paper. Authentication is done at the application layer and authorization at the security layer (between application and transport layer). The client is authenticated through a user name and password. Authorization is performed by exchanging handshake messages. Only after this the key exchange takes place. A request can be placed for any type of file : txt, json, etc. AES encryption is used in this paper. Any encrypion engine as per the choice of the developer can be used. REFERENCES T. Heer, O. Garcia-Morchon, R. Hummen, S. Keoh, S. S. Kumar, and K. Wehrle, Security challenges in the IP based internet of things, Wireless Pers. Commun. J., vol. 61, no. 3, pp , S. Raza, S. Duquennoy, A. Chung, D. Yazar, T. Voigt, and U. Roedig Securing communication in 6LoWPAN with compressed IPsec, in Proc. 7th Int. Conf. DCOSS, Barcelona, Spain, Jun pp J. Granjal, E. Monteiro, and J. S. Silva, Network-layer security for the internet of things using TinyOS and BLIP, Int. J. Commun. Syst., 2012, doi: /dac M. Brachmann, S. L. Keoh, O. G. Morchon, and S. S. Kumar, End-to end transport security in the IP-based internet of things, in Proc. 21st ICCCN, Aug. 2012, pp C. Bormann. "Using CoAP with IPSec". Internet-Draft (work in progress draft-bormann-core-ipsec-for-coap-00). Universitaet Bremen TZI, December 06, A Survey on the Internet of Things Security Kai Zhao ; Sch. of Inf. Sci. & Eng., Guangxi Univ. for Nat., Nanning, China ; Lina Ge. 8. A systemic approach for IoT security Arbia Riahi, Yacine Challal, Enrico Natalizio, Zied Chtourou, Abdelmadjid Bouabdallah 9. Construction and Strategies in IoT Security System Quandeng GOU School of Computer Science Neijiang Normal University Neijiang, All Rights Reserved 611
Lithe: Lightweight Secure CoAP for the Internet of Things
Lithe: Lightweight Secure CoAP for the Internet of Things S. Raza, H. Shafagh, etc. IEEE Sensors 2013, Volume 13 1 Mahmoud Kalash 28 March 2016 2 Summary: IEEE Sensors journal 2013. Security problem in
More informationImplementation of 6LoWPAN Border Router (6BR) in Internet of Things
Implementation of 6LoWPAN Border Router (6BR) in Internet of Things Mrs. Snehal Deshmukh-Bhosale, Research Scholar, Raisoni College of Engg. & Management, Wagholi Asst. Professor, RMD Sinhgad School of
More informationLithe: Lightweight Secure CoAP for the Internet of Things
Lithe: Lightweight Secure CoAP for the Internet of Things S. Raza, H. Shafagh, etc. IEEE Sensors 2013, Volume 13 Speaker: Renato Iida, Le Wang 2 Outline Introduction Background CoAP and DTLS 6LoWPAN DTLS
More informationInternet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho
Internet Security - IPSec, SSL/TLS, SRTP - 29th. Oct. 2007 Lee, Choongho chlee@mmlab.snu.ac.kr Contents Introduction IPSec SSL / TLS SRTP Conclusion 2/27 Introduction (1/2) Security Goals Confidentiality
More informationJonas Green, Björn Otterdahl HMS Industrial Networks AB. February 22, 2017
Resource-constrained Industrial Things Proposal for the Adaptation of CoAP to EtherNet/IP Jonas Green, Björn Otterdahl HMS Industrial Networks AB February 22, 2017 Connect all devices in a factory to EtherNet/IP
More informationARM IoT Tutorial. CoAP: The Web of Things Protocol Zach Shelby. April 30 th, 2014
ARM IoT Tutorial CoAP: The Web of Things Protocol Zach Shelby April 30 th, 2014 1 2 Introduction Evolution from M2M to IoT M2M Big Data Internet of Things Services Web The Web Little Data Things 3 3 CoAP:
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationConstrained Application Protocol (CoAP) Vilen Looga, M.Sc. Doctoral
Constrained Application Protocol (CoAP) Vilen Looga, M.Sc. Doctoral Student @dcs.aalto Outline Introduction CoAP at a glance Messages Observe Hardware Demo MAMMOTH Conclusions References 50 billion connected
More informationConstrained Application Protocol (CoAP) Vilen Looga, M.Sc. Doctoral
Constrained Application Protocol (CoAP) Vilen Looga, M.Sc. Doctoral Student @dcs.aalto Outline Introduction CoAP at a glance Messages Observe Hardware Demo MAMMOTH Conclusions References 50 billion connected
More informationIPSec. Slides by Vitaly Shmatikov UT Austin. slide 1
IPSec Slides by Vitaly Shmatikov UT Austin slide 1 TCP/IP Example slide 2 IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service
More informationSecurity Issues in Constrained Application Protocol: A Literary Survey
Security Issues in Constrained Application Protocol: A Literary Survey Tanushree Garg 1, Ayush Gupta 1, Prof Snehal Chaudhary 1, Prof Priyanka Paygude 1 1 Information Technology, Bharati Vidyapeeth Deemed
More informationEmbedded Web Services
Nov 1 st, 2011 Embedded Web Services Zach Shelby, Chief Nerd 1 Course Overview Powering M2M with the Internet of Things Industry examples What are Web Services? CoRE - Constrained RESTful Environments
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationCloud Based IoT Application Provisioning (The Case of Wireless Sensor Applications)
Cloud Based IoT Application Provisioning (The Case of Wireless Sensor Applications) (ENCS 691K Chapter 7) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/
More informationCisco 5921 Embedded Services Router
Data Sheet Cisco 5921 Embedded Services Router The Cisco 5921 Embedded Services Router (ESR) is a Cisco IOS software router application. It is designed to operate on small, low-power, Linux-based platforms
More informationLightweight DTLS Implementation in CoAP-based IoT
Lightweight Implementation in -based IoT Vishwas Lakkundi and Keval Singh Altiux Innovations Pvt. Ltd., Bangalore, India {vishwas.lakkundi, keval.singh}@altiux.com Abstract Security is emerging as a key
More informationTransport Layer Security
CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationProtocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.
P2 Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE 802.11i, IEEE 802.1X P2.2 IP Security IPsec transport mode (host-to-host), ESP and
More informationNetworking interview questions
Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected
More informationInternet of Things: An Introduction
Internet of Things: An Introduction IoT Overview and Architecture IoT Communication Protocols Acknowledgements 1.1 What is IoT? Internet of Things (IoT) comprises things that have unique identities and
More informationPerformance Evaluation of CoAP and UDP using NS-2 for Fire Alarm System
Indian Journal of Science and Technology, Vol 9(20), DOI: 10.17485/ijst/2016/v9i20/92603, May 2016 ISSN (Print) : 0974-6846 ISSN (Online) : 0974-5645 Performance Evaluation of CoAP and UDP using NS-2 for
More informationChapter 12 Network Protocols
Chapter 12 Network Protocols 1 Outline Protocol: Set of defined rules to allow communication between entities Open Systems Interconnection (OSI) Transmission Control Protocol/Internetworking Protocol (TCP/IP)
More informationASPERA HIGH-SPEED TRANSFER. Moving the world s data at maximum speed
ASPERA HIGH-SPEED TRANSFER Moving the world s data at maximum speed ASPERA HIGH-SPEED FILE TRANSFER 80 GBIT/S OVER IP USING DPDK Performance, Code, and Architecture Charles Shiflett Developer of next-generation
More informationW3C Workshop on the Web of Things
W3C Workshop on the Web of Things Enablers and services for an open Web of Devices 25 26 June 2014, Berlin, Germany Position Paper by Kheira Bekara, and Chakib Bekara - Centre de de Dveloppement des Technologies
More informationChapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,
Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls 32.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 32.2 Figure 32.1 Common structure
More informationESR Consortium LWM2M-MQTT-1.0
ESR Consortium LWM2M-MQTT-1.0 LWM2M over MQTT Profile Specification ESR030 Reference: ESR-SPE-030-LWM2M-MQTT Version: 1.0 Rev: ADraft4 DEFINITIONS "ESR" means the Specification, including any modifications
More informationIntegration of Wireless Sensor Network Services into other Home and Industrial networks
Integration of Wireless Sensor Network Services into other Home and Industrial networks using Device Profile for Web Services (DPWS) Ayman Sleman Automation and Process Control Engineering, University
More informationLecture 12 Page 1. Lecture 12 Page 3
IPsec Network Security: IPsec CS 239 Computer Software February 26, 2003 Until recently, the IP protocol had no standards for how to apply security Encryption and authentication layered on top Or provided
More informationNetwork Encryption 3 4/20/17
The Network Layer Network Encryption 3 CSC362, Information Security most of the security mechanisms we have surveyed were developed for application- specific needs electronic mail: PGP, S/MIME client/server
More informationLecture 13 Page 1. Lecture 13 Page 3
IPsec Network Security: IPsec CS 239 Computer Software March 2, 2005 Until recently, the IP protocol had no standards for how to apply security Encryption and authentication layered on top Or provided
More informationConstrained Node Networks
Constrained Node Networks 2014-03- 05 Prof. Dr.- Ing. Carsten Bormann TZI Universität Bremen 1 Prof. Carsten Bormann, cabo@tzi.org Connecting: Places People Things Source: Ericsson 2 Scale up: Number of
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Web Security Web is now widely used by business, government, and individuals But Internet and Web are
More informationIP Mobility vs. Session Mobility
IP Mobility vs. Session Mobility Securing wireless communication is a formidable task, something that many companies are rapidly learning the hard way. IP level solutions become extremely cumbersome when
More informationEnhancement of CoAP Packet Delivery Performance for Internet of Things. Hang Liu
Enhancement of CoAP Packet Delivery Performance for Internet of Things Hang Liu Outline Motivation and Industrial Relevance Project Objectives Approach and Previous Results Future Work Outcome and Impact
More informationComputer Networks (Introduction to TCP/IP Protocols)
Network Security(CP33925) Computer Networks (Introduction to TCP/IP Protocols) 부산대학교공과대학정보컴퓨터공학부 Network Type Elements of Protocol OSI Reference Model OSI Layers What we ll learn today 2 Definition of
More informationNetworking: Network layer
control Networking: Network layer Comp Sci 3600 Security Outline control 1 2 control 3 4 5 Network layer control Outline control 1 2 control 3 4 5 Network layer purpose: control Role of the network layer
More informationInternetworking/Internetteknik, Examination 2G1305 Date: August 18 th 2004 at 9:00 13:00 SOLUTIONS
Internetworking/Internetteknik, Examination 2G1305 Date: August 18 th 2004 at 9:00 13:00 SOLUTIONS 1. General (5p) a) The so-called hourglass model (sometimes referred to as a wine-glass ) has been used
More informationPolitecnico di Milano Advanced Network Technologies Laboratory. Application Layer Protocols for the IoT
Politecnico di Milano Advanced Network Technologies Laboratory Application Layer Protocols for the IoT 1 Politecnico di Milano Advanced Network Technologies Laboratory COnstrained Application Protocol
More informationCisco 5921 Embedded Services Router
Data Sheet Cisco 5921 Embedded Services Router The Cisco 5921 Embedded Services Router (ESR) is a Cisco IOS software router. It is designed to operate on small, low-power, Linux-based platforms to extend
More informationHAI Network Communication Protocol Description
Home Automation, Inc. HAI Network Communication Protocol Description This document contains the intellectual property of Home Automation, Inc. (HAI). HAI authorizes the use of this information for the
More informationLoosely Coupled Actor Systems
Loosely Coupled Actor Systems for the Internet of Things Raphael Hiesgen Internet Technologies Group Hamburg University of Applied Sciences Agenda Introduction Where We Are Next Steps Risks and Conclusion
More informationCoAP - Constrained Application Protocol
CoAP - Constrained Application Protocol Dheryta Jaisinghani (PhD1211) and Parikshit Maini (MT1214) April 5, 2013 1/48 Agenda Internet of Things REST framework CoRE framework & CoAP protocol CoAP working
More informationInt ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28
Int ernet w orking Internet Security Literature: Forouzan: TCP/IP Protocol Suite : Ch 28 Internet Security Internet security is difficult Internet protocols were not originally designed for security The
More informationNetwork Security - ISA 656 IPsec IPsec Key Management (IKE)
Network Security - ISA 656 IPsec IPsec (IKE) Angelos Stavrou September 28, 2008 What is IPsec, and Why? What is IPsec, and Why? History IPsec Structure Packet Layout Header (AH) AH Layout Encapsulating
More informationLehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec
Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München ilab Lab 8 SSL/TLS and IPSec Outlook: On Layer 4: Goal: Provide security for one specific port SSL
More informationIPv6 Stack. 6LoWPAN makes this possible. IPv6 over Low-Power wireless Area Networks (IEEE )
Reference: 6LoWPAN: The Wireless Embedded Internet, Shelby & Bormann What is 6LoWPAN? 6LoWPAN makes this possible - Low-power RF + IPv6 = The Wireless Embedded Internet IPv6 over Low-Power wireless Area
More informationDTLS- based Mul/cast Security for Low- Power and Lossy Networks (LLNs) dra$- keoh- dice- mul/cast- security
DTLS- based Mul/cast Security for Low- Power and Lossy Networks (LLNs) dra$- keoh- dice- mul/cast- security Sandeep S. Kumar, Sye Loong Keoh, Oscar Garcia- Morchon, Esko Dijk IETF88 Nov 4, 2013, Berlin
More informationInternet security and privacy
Internet security and privacy IPsec 1 Layer 3 App. TCP/UDP IP L2 L1 2 Operating system layers App. TCP/UDP IP L2 L1 User process Kernel process Interface specific Socket API Device driver 3 IPsec Create
More informationPerformance and overhead evaluation of OSCOAP and DTLS
Performance and overhead evaluation of OSCOAP and DTLS Martin Gunnarsson 1, Tobias Andersson 1, Ludwig Seitz 1 1 RISE SICS AB Box 1263, Kista 16429, Sweden {martin.gunnarsson, tobias.andersson, ludwig.seitz}@ri.se
More informationWireless Sensor Networks Module 3: Application Protocol - CoAP
Wireless Sensor Networks Module 3: Application Protocol - CoAP Dr.-Ing. Koojana Kuladinithi, TZI, University of Bremen koo@comnets.uni-bremen.de Contents Module 3: Application Protocols for WSNs Introduction
More informationExperimental Evaluation of Transport Services CoAP, HTTP and SPDY for Internet of Things
Experimental Evaluation of Transport Services CoAP, HTTP and SPDY for Internet of Things Laila Daniel, Markku Kojo and Mikael Latvala Department of Computer Science University of Helsinki Mosa Consulting,
More informationTCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12
TCP/IP Networking Training Details Training Time : 9 Hours Capacity : 12 Prerequisites : There are no prerequisites for this course. About Training About Training TCP/IP is the globally accepted group
More informationDa t e: August 2 0 th a t 9: :00 SOLUTIONS
Interne t working, Examina tion 2G1 3 0 5 Da t e: August 2 0 th 2 0 0 3 a t 9: 0 0 1 3:00 SOLUTIONS 1. General (5p) a) Place each of the following protocols in the correct TCP/IP layer (Application, Transport,
More informationOSI Layer OSI Name Units Implementation Description 7 Application Data PCs Network services such as file, print,
ANNEX B - Communications Protocol Overheads The OSI Model is a conceptual model that standardizes the functions of a telecommunication or computing system without regard of their underlying internal structure
More informationInteroperability. Luca Mottola slides partly by Simon Duquennoy. Politecnico di Milano, Italy and Swedish Institute of Computer Science
Interoperability Luca Mottola slides partly by Simon Duquennoy Politecnico di Milano, Italy and Swedish Institute of Computer Science 2 Not just stand-alone systems 3 NES in business processes! Motivation
More informationForeword xxiii Preface xxvii IPv6 Rationale and Features
Contents Foreword Preface xxiii xxvii 1 IPv6 Rationale and Features 1 1.1 Internet Growth 1 1.1.1 IPv4 Addressing 1 1.1.2 IPv4 Address Space Utilization 3 1.1.3 Network Address Translation 5 1.1.4 HTTP
More informationINTERNET OF THINGS FOR SMART CITIES BY ZANELLA ET AL.
INTERNET OF THINGS FOR SMART CITIES BY ZANELLA ET AL. From IEEE INTERNET OF THINGS JOURNAL, VOL. 1, NO. 1, FEBRUARY 2014 Presented by: Abid Contents Objective Introduction Smart City Concept & Services
More informationHP Instant Support Enterprise Edition (ISEE) Security overview
HP Instant Support Enterprise Edition (ISEE) Security overview Advanced Configuration A.03.50 Mike Brandon Interex 03 / 30, 2004 2003 Hewlett-Packard Development Company, L.P. The information contained
More informationFundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,
Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, ydlin@cs.nctu.edu.tw Chapter 1: Introduction 1. How does Internet scale to billions of hosts? (Describe what structure
More informationETSF05/ETSF10 Internet Protocols Network Layer Protocols
ETSF05/ETSF10 Internet Protocols Network Layer Protocols 2016 Jens Andersson Agenda Internetworking IPv4/IPv6 Framentation/Reassembly ICMPv4/ICMPv6 IPv4 to IPv6 transition VPN/Ipsec NAT (Network Address
More informationInternet Draft Intended status: Standards Track Expires: January 16, 2019 D. Xiong Chongqing University of Posts and Telecommunications July 15, 2018
Core Internet Draft Intended status: Standards Track Expires: January 16, 2019 H. Wang C. Pu P. Wang Y. Yang D. Xiong Chongqing University of Posts and Telecommunications July 15, 2018 Requirements Analysis
More informationICS 351: Networking Protocols
ICS 351: Networking Protocols IP packet forwarding application layer: DNS, HTTP transport layer: TCP and UDP network layer: IP, ICMP, ARP data-link layer: Ethernet, WiFi 1 Networking concepts each protocol
More informationChapter 09 Network Protocols
Chapter 09 Network Protocols Copyright 2011, Dr. Dharma P. Agrawal and Dr. Qing-An Zeng. All rights reserved. 1 Outline Protocol: Set of defined rules to allow communication between entities Open Systems
More informationInternet based IoT connectivity Technologies
Internet based IoT connectivity Technologies ETRI Protocol Engineering Center Yong-Geun Hong(yghong@etri.re.kr) August 20, 2015 Contents Overview IoT Technologies IoT in the viewpoint of Internet IoT connectivity
More informationPolitecnico di Milano Advanced Network Technologies Laboratory. Constrained Application Protocol (CoAP)
Politecnico di Milano Advanced Network Technologies Laboratory Constrained Application Protocol (CoAP) 1 Background o GOAL: to enable web- based services in constrained wireless networks n 8 bit micro-
More informationGuide To TCP/IP, Second Edition UDP Header Source Port Number (16 bits) IP HEADER Protocol Field = 17 Destination Port Number (16 bit) 15 16
Guide To TCP/IP, Second Edition Chapter 5 Transport Layer TCP/IP Protocols Objectives Understand the key features and functions of the User Datagram Protocol (UDP) Explain the mechanisms that drive segmentation,
More informationKepware Whitepaper. IIoT Protocols to Watch. Aron Semle, R&D Lead. Introduction
Kepware Whitepaper IIoT Protocols to Watch Aron Semle, R&D Lead Introduction IoT is alphabet soup. IIoT, IoE, HTTP, REST, JSON, MQTT, OPC UA, DDS, and the list goes on. Conceptually, we ve discussed IoT
More informationOn Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964
The requirements for a future all-digital-data distributed network which provides common user service for a wide range of users having different requirements is considered. The use of a standard format
More informationLecture 04 Introduction: IoT Networking - Part I
Introduction to Industry 4.0 and Industrial Internet of Things Prof. Sudip Misra Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture 04 Introduction: IoT Networking
More informationChapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet
Chapter 2 - Part 1 The TCP/IP Protocol: The Language of the Internet Protocols A protocol is a language or set of rules that two or more computers use to communicate 2 Protocol Analogy: Phone Call Parties
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationLesson 5 TCP/IP suite, TCP and UDP Protocols. Chapter-4 L05: "Internet of Things ", Raj Kamal, Publs.: McGraw-Hill Education
Lesson 5 TCP/IP suite, TCP and UDP Protocols 1 TCP/IP Suite: Application layer protocols TCP/IP Suite set of protocols with layers for the Internet TCP/IP communication 5 layers: L7, L4, L3, L2 and L1
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
More informationSchahin Rajab TCP or QUIC Which protocol is most promising for the future of the internet?
Schahin Rajab sr2@kth.se 2016 04 20 TCP or QUIC Which protocol is most promising for the future of the internet? Table of contents 1 Introduction 3 2 Background 4 2.1 TCP 4 2.2 UDP 4 2.3 QUIC 4 2.4 HTTP
More informationE&CE 358: Tutorial 1. Instructor: Sherman (Xuemin) Shen TA: Miao Wang
E&CE 358: Tutorial 1 Instructor: Sherman (Xuemin) Shen TA: Miao Wang Email: m59wang@uwaterloo.ca 1 About Tutorials TA: Miao Wang Office: EIT 3133; Tutorials: Th 4:30 5:20 pm Topics Supplementary knowledge
More informationUNIT IV -- TRANSPORT LAYER
UNIT IV -- TRANSPORT LAYER TABLE OF CONTENTS 4.1. Transport layer. 02 4.2. Reliable delivery service. 03 4.3. Congestion control. 05 4.4. Connection establishment.. 07 4.5. Flow control 09 4.6. Transmission
More informationSet of IP routers. Set of IP routers. Set of IP routers. Set of IP routers
Smart Sensor Application Sensor Framework Source End IP Address Set of IP routers IoT Application Layer TCP/IP Appl. Protocols Transport Layer TCP/IP IoT Comm. Framework Application Framework IoT Comm.
More informationM.SARAVANA KARTHIKEYAN
PERVASIVE COMPUTING Unit II Part A 1. What is XML? XML stands for EXtensible Markup Language XML is a markup language much like HTML XML was designed to carry data, not to display data XML tags are not
More informationCreating VPN s with IPsec
2014 Creating VPN s with IPsec SPRING ENTERPRISE INFO SECURITY 4040/601 WILSON CHANCE HINCHMAN This paper will define the term VPN, explain for what and why VPNs are used. IPsec, which is vital to the
More informationApplied IT Security. System Security. Dr. Stephan Spitz 6 Firewalls & IDS. Applied IT Security, Dr.
Applied IT Security System Security Dr. Stephan Spitz Stephan.Spitz@de.gi-de.com Overview & Basics System Security Network Protocols and the Internet Operating Systems and Applications Operating System
More informationS Series Switches. MACsec Technology White Paper. Issue 1.0. Date HUAWEI TECHNOLOGIES CO., LTD.
S Series Switches MACsec Technology White Paper Issue 1.0 Date 2016-03-25 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2016. All rights reserved. No part of this document may be
More informationDiet-ESP: A flexible and compressed format for IPsec/ESP
unrestricted Diet-ESP: A flexible and compressed format for IPsec/ESP draft-mglt-ipsecme-diet-esp-01.txt D. Migault, T. Guggemos 25/02/2014- IETF89- London Table of Contents Securing IoT communications
More informationVirtual private networks
Technical papers Virtual private networks Virtual private networks Virtual private networks (VPNs) offer low-cost, secure, dynamic access to private networks. Such access would otherwise only be possible
More informationWireless Sensor Networks Module 3: Application Protocol CoAP
Wireless Sensor Networks Module 3: Application Protocol CoAP Dr. Ing. Koojana Kuladinithi, TZI, University of Bremen koo@comnets.uni bremen.de Contents Module 3: Application Protocols for WSNs Introduction
More informationA Comparison Of MPLS Traffic Engineering Initiatives. Robert Pulley & Peter Christensen
A Comparison Of MPLS Traffic Engineering Initiatives Robert Pulley & Peter Christensen Need for MPLS Problems in today's network QoS and CoS requirements Need for Resource Reservation Why not RSVP MPLS
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationInnovation and Cryptoventures. Technology 101. Lee Jacobs and Campbell R. Harvey. February 22, 2017
Innovation and Cryptoventures Technology 101 Lee Jacobs and Campbell R. Harvey February 22, 2017 What is a computer? Electronic device that has the ability to store, retrieve, and process data Hardware
More informationINTERNET PROTOCOL SECURITY (IPSEC) GUIDE.
INTERNET PROTOCOL SECURITY (IPSEC) GUIDE www.insidesecure.com INTRODUCING IPSEC NETWORK LAYER PACKET SECURITY With the explosive growth of the Internet, more and more enterprises are looking towards building
More informationUsing the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway
Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway Applying Application Delivery Technology to Web Services Overview The Cisco ACE XML Gateway is the newest
More informationNetwork Security and Cryptography. 2 September Marking Scheme
Network Security and Cryptography 2 September 2015 Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers to the questions,
More informationNetwork Encryption Methods
Network Encryption Network Encryption Methods CSC362, Information Security Objectives understanding the impact of employing encryption at different protocol layers application layer encryption transport
More informationPacketization Layer Path Maximum Transmission Unit Discovery (PLPMTU) For IPsec Tunnels
Packetization Layer Path Maximum Transmission Unit Discovery (PLPMTU) For IPsec Tunnels draft-spiriyath-ipsecme-dynamic-ipsec-pmtu-01 Shibu Piriyath, Umesh Mangla, Nagavenkata Suresh Melam, Ron Bonica
More informationCMPE 257: Wireless and Mobile Networking
CMPE 257: Wireless and Mobile Networking Katia Obraczka Computer Engineering UCSC Baskin Engineering Lecture 9 CMPE 257 Winter'10 1 Announcements Student presentations: March 8th: Daniel and Teddy March
More informationDesign and development of embedded systems for the Internet of Things (IoT) Fabio Angeletti Fabrizio Gattuso
Design and development of embedded systems for the Internet of Things (IoT) Fabio Angeletti Fabrizio Gattuso Network stack Application Transport Network Data Link Physical Level 802.15.4 Bluetooth Lora
More informationExamination 2D1392 Protocols and Principles of the Internet 2E1605 Internetworking. Date: June 1 st 2007 at 14:00 19:00 SOLUTIONS
Examination 2D1392 Protocols and Principles of the Internet 2E1605 Internetworking Date: June 1 st 2007 at 14:00 19:00 SOLUTIONS 1. IP and addressing (5p) a) Your company would like to have all its 511
More informationESR Consortium LWM2M-MQTT-1.0
ESR Consortium LWM2M-MQTT-1.0 LWM2M over MQTT Profile Specification ESR030 Reference: ESR-SPE-030-LWM2M-MQTT Version: 1.0 Rev: ADraft8 DEFINITIONS "ESR" means the Specification, including any modifications
More informationOutline. Introduction. The Internet Architecture and Protocols Link Layer Technologies Introduction to 6LoWPAN The 6LoWPAN Format Bootstrapping
Outline Introduction The Internet of Things Applications of 6LoWPAN The Internet Architecture and Protocols Link Layer Technologies Introduction to 6LoWPAN The 6LoWPAN Format Bootstrapping Link-Layer Commissioning
More informationChapter 5.6 Network and Multiplayer
Chapter 5.6 Network and Multiplayer Multiplayer Modes: Event Timing Turn-Based Easy to implement Any connection type Real-Time Difficult to implement Latency sensitive 2 Multiplayer Modes: Shared I/O Input
More informationSPDY - A Web Protocol. Mike Belshe Velocity, Dec 2009
SPDY - A Web Protocol Mike Belshe Velocity, Dec 2009 What is SPDY? Concept SPDY is an application layer protocol for transporting content over the web with reduced latency. Basic Features 1. Multiplexed
More information