Our# following# discussion# considers# the# employment# of# security# and# functional# profiles# designed# as# appropriate# for# specific# applications,# and# which# enable# a# more# focused# evaluation#of#transportBlayer#security#complementing#our#previous#analysis.#As#discussed#in# Chapter# 3,# application# security# and# functional# profiles# play# an# important# part# in# the# framework#for#reconfigurable#endBtoBend#security#in#the#context#of#InternetBintegrated#WSN,# which#is#illustrated#in#Figure#3.3.#
Regarding# the# definition# of# appropriate# functional# and# security# profiles,# we# consider# two# types# of# applications,# as# we# proceed# to# discuss.# One# is# that# of# applications# requiring# a# moderate#number#of#DTLS#sessions#per#hour,#also#with#a#moderate#number#of#CoAP#requests# per# DTLS# session.# For# experimental# evaluation# purposes# we# consider# from# 1# to# 400# DTLS# sessions#per#hour,#and#2#CoAP#requests#per#DTLS#session.#The#other#is#that#of#applications# requiring# a# higher# number# of# DTLS# sessions# per# hour,# also# with# a# higher# number# of# CoAP# requests# per# DTLS# session.# For# experimental# evaluation# purposes# we# consider# from# 14# to# 7200# DTLS# sessions# per# hour# with# 10# CoAP# requests# per# DTLS# session.# We# must# also# note# that#a#CoAP#request#involves#two#messages,#one#containing#the#request#sent#to#the#server# and#(at#least)#other#containing#the#corresponding#reply.#We#are#also#interested#in#evaluating# two# endBtoBend# security# modes,# one# with# full# endBtoBend# DTLS# security# supported# by# the# sensing# device,# and# the# other# with# the# proposed# DTLS# handshake# plus# the# LoWPAN# authentication#protocol.##
As#we#proposed#in#[202],#endBtoBend#communications#with#support#for#ECCBbased#publicBkey# infrastructures# may# serve# sensing# applications# in# areas# such# as# healthcare# or# vehicular# applications,# and# the# proposed# mediated# handshake# may# support# DTLS# security# for# such# applications,#with#added#advantages#in#terms#of#the#lifetime#of#sensing#devices#as#well#as#the# protection# of# WSN# domains# against# external# attacks.# From# the# previously# discussed# experimental#measurements#we#may#derive#expected#lifetime#values#for#sensing#applications# described#by#the#two#profiles#discussed,#which#we#illustrate#in#Figures#5.14#and#5.15.#As#in# our#previous#evaluation,#for#the#calculation#of#the#estimated#lifetime#we#consider#the#usage# of#a#TelosB#powered#using#two#new#AA#LRB6#batteries.# For#both#usage#scenarios#we#may#again#observe#a#clear#advantage#of#the#proposed#delegated# DTLS#handshake,#particularly#for#a#lower#number#of#DTLS#sessions#per#hour.#The#illustrated# values# also# consider# the# energy# required# to# support# the# LoWPAN# authentication# protocol.# This#advantage#in#less#expressive#for#a#higher#number#of#DTLS#sessions#per#hour,#mostly#due# to# the# higher# impact# of# AES/CCM# encryption# in# comparison# with# the# impact# of# the# DTLS# handshake.#If#we#consider#that#many#IoT#applications#will#probably#require#low#or#moderate# transmission# rates,# the# proposed# mechanisms# prove# to# be# effective# for# devices# with# the# characteristics#of#our#TelosB#reference#sensing#platform.#
Figure*5.14*9*Impact*of*end9to9end*security*on*the*lifetime*of*sensing*applications*(moderate*usage* profile).*
Figure*5.15*9*Impact*of*end9to9end*security*on*the*lifetime*of*sensing*applications*(higher*usage* profile).*
As#previously#discussed,#we#may#also#consider#other#advantages#of#the#proposed#delegated# and# mediated# handshake,# particularly# in# what# respects# the# protection# of# LoWPAN# communication# domains# against# external# (Internet)# threats,# and# the# availability# of# a# cryptographic# basis# for# the# support# of# other# security# mechanisms# which# depend# on# the# analysis#of#encrypted#applicationBlayer#communications.#
5.6 S
UMMARY*
Many# of# the# currently# envisioned# IoT# sensing# applications# may# require,# or# at# least# benefit# from,# the# usage# of# endBtoBend# standard# Internet# communications# between# constrained#
0# 500000# 1000000# 1500000# 2000000# 2500000# 3000000# 3500000# 4000000# 1# 2# 3# 6# 13# 25# 50# 100# 200# 400# Number#of#DTLS#sessions#per#hour# Pure#endBtoBend#DTLS# Mediated#endBtoBend#DTLS# 0# 5000# 10000# 15000# 20000# 25000# 30000# 35000# 40000# 45000# 14# 28# 56# 113# 225# 450# 900# 1800# 3600# 7200# Number#of#DTLS#sessions#per#hour# Pure#endBtoBend#DTLS# Mediated#endBtoBend#DTLS#
sensing#devices#and#Internet#hosts#or#external#backend#servers.#In#the#present#chapter#we# discuss# research# proposals# to# support# measurable# and# controllable# endBtoBend# security# at# the# transportBlayer,# in# the# sense# that# authentication# and# key# agreement# delegation# to# a# more#powerful#WSN#security#gateway#provides#an#effective#solution#for#the#support#of#CoAP# security# on# more# constrained# sensing# devices,# while# other# endBtoBend# security# modes# are# also#supported.#The#mechanisms#proposed#in#this#chapter#support#such#functionalities,#while# being#completely#compatible#with#transportBlayer#security#as#currently#proposed#for#CoAP,# and#also#transparent#from#the#point#of#view#of#the#two#CoAP#communication#entities.#
The#research#solutions#described#in#the#present#chapter#provide#benefits#in#respect#to#the# efficient#support#of#ECC#authentication#and#key#agreement,#and#also#contribute#to#promote# security# of# LoWPAN# devices# and# communications.# As# verified# with# our# experimental# evaluation,# when# employing# current# sensing# platforms# the# delegation# of# costly# ECC# computations#to#a#more#powerful#device#clearly#pays#off,#even#with#the#additional#overhead# of# supporting# the# LoWPAN# authentication# protocol# required# by# our# proposal.# Other# challenges#remain#to#be#addressed#in#the#context#of#the#proposed#mechanisms,#for#example# the#design#of#different#approaches#to#endBtoBend#security#or#new#techniques#to#decide#on# the#security#mode#in#the#presence#of#particular#sensing#platforms#or#application#profiles.# As#we#consider#in#the#reference#integration#model#described#in#Chapter#3,#mechanisms#may# also#be#designed#to#support#endBtoBend#security#in#the#presence#of#mobile#(roaming)#devices.# If#different#IPv6#prefixes#are#employed#in#the#origin#and#destination#WSN#domains,#a#change# of#address#may#take#place.#In#this#context,#mechanisms#may#be#designed#to#guarantee#the# transparency# of# mobility# from# the# point# of# view# of# endBtoBend# transportBlayer# security,# so# that# a# device# moving# between# different# LoWPAN# domains# is# able# to# continue# using# previously# negotiated# security# sessions# and# its# associated# keying# material.# The# support# of# transparent#mobility#from#the#perspective#of#endBtoBend#security#may#be#supported#via#trust# relationships#established#between#AC#servers#on#different#LoWPAN#domains,#as#well#as#by# the#security#gateways#serving#communications#with#such#domains.#
The# proposed# LoWPAN# authentication# protocol# is# a# fundamental# component# of# the# proposed#delegation#model,#as#it#enables#appropriate#security#in#the#WSN#part#of#endBtoBend# transportBlayer# communications.# The# challenge# here# is# to# provide# appropriate# LoWPAN# security# in# the# context# of# endBtoBend# transportBlayer# communications,# with# a# minimal# or# acceptable#impact#on#the#resources#of#constrained#WSN#sensing#devices.#As#we#have#verified# in#the#experimental#evaluation,#the#impact#of#the#proposed#LoWPAN#authentication#protocol# does#not#compromise#the#lifetime#of#sensing#applications#nor#the#achievement#of#acceptable# compromised#between#security#and#the#resources#required#from#the#WSN.# Other#challenge#guiding#future#work#in#the#context#of#the#proposed#research#solutions#may# be#to#design#different#endBtoBend#security#approaches#or#new#techniques#to#decide#on#the# most# appropriate# security# mode# in# the# presence# of# particular# sensing# platforms# and# applications.# The# LoWPAN# authentication# protocol# may# also# provide# the# ground# for# the#
employment# of# different# security# approaches,# for# example# by# employing# AES/CCM# to# support#integrity#only#(by#using#CBCBMAC)#or#encryption#mechanisms#better#appropriate#to# sensing#platforms#that#do#not#support#AES/CCM#at#the#hardware,#for#the#purpose#of#securing# communications# on# the# LoWPAN# domain# between# the# 6LBR# and# CoAP# sensing# devices# supporting#DTLS.#
The# proposed# approach# enables# the# employment# of# other# cipher# suites# and# delegation# approaches,# as# appropriate# for# different# types# of# sensing# devices,# and# as# long# as# compatibility#is#guaranteed#for#the#pair#of#ciphers#employed.#VeryBconstrained#devices#may# require# the# full# delegation# of# all# DTLS# security# operations# to#the# 6LBR,# while# on# the# other# hand# more# powerful# devices# may# fully# support# DTLS.# The# adaptation# of# security# to# the# requirements#and#characteristics#of#applications#and#devices#has#been#previously#discussed# in#Chapter#3.#
6 END9TO9END$COAP!APPLICATION9LAYER&MESSAGE&SECURITY
5*
In# the# previous# chapters# we# focused# on# how# endBtoBend# security# at# the# network# and# transport#layers#may#be#implemented#with#different#strategies#and#impact#on#the#resources# of# constrained# WSN# devices.# In# the# case# of# networkBlayer# security,# we# proposed# and# evaluated# the# addition# of# new# compressed# security# headers# to# the# 6LoWPAN# adaptation# layer,#while#for#transportBlayer#security#we#address#the#support#of#DTLS#authentication#and# key# agreement# by# delegating# costly# security# operations# to# a# security# gateway# in# a# transparent# fashion,# while# supporting# other# security# mechanisms# and# functionalities.# The# two# research# solutions# thus# represent# complementary# approaches# to# the# problem# of# endBtoBend#security#in#the#context#of#InternetBintegrated#WSN.#
In# the# present# chapter# we# focus# on# how# security# may# be# supported# for# endBtoBend# communications#at#the#applicationBlayer,#again#targeting#an#approach#that#may#complement# the#previous#research#proposals.#We#consider#the#design#of#security#mechanisms#to#operate# in# the# context# of# the# communication# protocol# itself,# with# various# benefits# related# to# how# applications# may# employ# security.# In# our# following# discussion# we# start# by# discussing# the# general# goals# of# applicationBlayer# security# in# the# context# of# InternetBintegrated# WSN,# and# next#we#describe#our#research#solution#to#address#endBtoBend#security#in#the#context#of#the# CoAP#applicationBlayer#protocol.#As#in#the#previous#proposals,#later#in#the#chapter#we#also# discuss#the#experimental#evaluation#of#our#research#proposal.#
6.1 I
NTRODUCTION*
Although# many# of# the# applications# currently# envisioned# for# the# Web# of# Things# (WoT)# are# critical#in#respect#to#security,#the#fact#that#they#are#envisioned#to#employ#very#constrained# sensing# platforms# and# wireless# communications# complicates# the# design# of# appropriate# security#solutions.#As#already#discussed,#in#practice#many#applications#are#required#to#accept#
5This-chapter-has-supported-the-following-publications:# • Granjal#J,#Monteiro#E,#Silva#J.#On-the-effectiveness-of-end:to:end-security-for-Internet:integrated- sensing-applications#(best-paper-award),#The#IEEE#International#Conference#on#Internet#of#Things,# iThings#2012# • Granjal#J,#Monteiro#E,#Silva#J.#Application:layer-security-for-the-WoT:-Extending-CoAP-to-support- end:to:end-message-security-for-Internet:integrated-sensing-applications,#The#11th#International# Conference#on#Wired/Wireless#Internet#Communications#WWIC#2013# • Granjal#J,#Monteiro#E,#Silva#J.#On-the-Feasibility-of-Secure-Application:Layer-Communications-on- the-Web-of-Things,#The#37th#IEEE#Conference#on#Local#Computer#Networks,#LCN#2012# # #
compromises#between#security#and#the#usage#of#resources#available#on#constrained#sensing# platforms.# Energy# is# a# scarce# resource# in# typical# wireless# sensing# devices,# and# in# consequence#WSN#environments#are#required#to#employ#linkBlayer#LoWPAN#communication# technologies# such# as# IEEE# 802.15.4# [74].# WSN# environments# thus# employ# lowBenergy# wireless#communications#at#low#transmission#rates#using#small#packets,#in#order#to#minimize# transmission#errors.#These#limitations#deeply#influence#mechanisms#designed#at#upper#layers# of# the# stack,# as# is# the# case# of# 6LoWPANBbased# communication# technologies# designed# for# constrained#sensing#platforms.#
As# addressed# in# previous# chapters,# technologies# are# being# designed# to# support# the# integration# of# LoWPAN# environments# such# as# WSN# with# the# Internet,# and# which# are# expected# to# play# an# important# role# in# the# fulfillment# of# the# vision# of# the# WoT.# Various# communications# and# security# technologies# for# the# WoT# are# currently# in# the# design# phase,# and#consequently#a#communications#and#security#architecture#for#the#WoT#is#currently#not# completely#defined.#This#aspect#also#motivates#the#identification#and#usage#of#the#reference# integration#architecture#previously#described#in#Chapter#3#to#support#endBtoBend#security#at# the#various#layers,#including#at#the#applicationBlayer.# Focusing#on#how#CoAP#[34]#adopts#security,#we#observe#that#the#current#choice#to#support# endBtoBend#security#is#to#adopt#the#Datagram#Transport#Layer#Security#(DTLS)#Protocol#[127].# This#design#choice#implies#that#security#is#not#integrated#with#the#applicationBlayer#protocol# itself,# but# rather# transparently# applied# at# the# transport# layer# to# all# CoAP# messages.# The# adoption# of# transportBlayer# security# makes# sense# from# the# point# of# view# of# the# current# Internet# architecture,# where# TLS# [128]# as# the# transportBlayer# is# used# to# protect# HTTP# web# communications.#Since# 6LoWPAN# environments# currently#support#only#UDP,#DTLS#appears# as#a#logical#choice#in#protecting#communications#at#higher#layers.#Despite#this,#in#this#chapter# we# argue# that# this# approach# misses# various# advantages# of# addressing# security# at# the# application# layer,# which# we# explore# to# propose# new# security# mechanisms# for# CoAP.# With# such#advantages#in#mind,#in#this#chapter#we#propose#the#addition#of#appropriate#options#to# the#protocol,#which#extend#CoAP#to#support#applicationBlayer#security.#