Abstract
Communication security is one of the key component of Internet of Things. Now we can communicate with smart device, such as microwave oven, camera, and control it using App in our smart phone, but due to the poor computing power of smart device, it tends to be intractable to protect this communication from attack. By analyzing the security threats faced during the process of smart device and App authenticating each other’s identity, this paper proposed a lightweight transfer protocol for smart device, and introduced “Authentication Center” to help with authentication for smart device and App. In consideration of poor computing power of smart device, the lightweight protocol achieves effective reduction of network resource usage. Acting as a hub, the Authentication Center does the heavy certification and authorization work as well as the management of smart device. This protocol can protect data confidentiality, data integrity against replay attack, man-in-the-middle attack by ensuring the identities of device and App with the help of Authentication Center.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Stallings, W.: Cryptography and Network Security Principles and Practices, 4th edn. Prentice Hall, New Jersey (2005)
Saltzer, J., Schroder, M.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)
Harn, L., Ren, J.: Design of fully deniable authentication service for e-mail applications. IEEE Commun. Lett. 12(3), 219–221 (2008)
Feistel, H., Notz, W., Smith, J.: Cryptographic techniques for machine to machine data communications. Proc. IEEE 63(11), 1545–1554 (1975)
Chou, W.: Inside SSL: accelerating secure transactions. IT Prof. 4(5), 37–41 (2002)
Campbell, C.: Design and specification of cryptographic capabilities. In: Computer Security and the Data Encryption Standard, pp. 54–56. NBS Special Publication 500–27, February 1978
Oppliger, R.: Security at the internet layer. Computer 31, 43–47 (1998)
Stewart, R.: Stream Control Transmission Protocol. RFC4960, September 2007
Ono, K., Schulzrine, H.: The impact of SCTP on SIP server scalability and performance. In: IEEE GLOBECOM, November 2008
Khalifa, T., Naik, K., Alsabaan, M., Nayak, A., Goel, N.: Transport protocol for smart grid infrastructure. In: IEEE UFN, June 2010
Braden, R.: Requirements for Internet Hosts - Communication Layers. RFC1122, October 1989
Bakken, D., Hauser, C., Gjermundrod, H.: Delivery Requirements and Implementation
Aboba, B.: Extesible Authentication Protocol (EAP) [S]. RFC3748, June 2004
Network Working Group. RFC2867 RADIUS Accounting Modifications for Tunnel Protocol Support, June 2000
Network Working Group. RFC2868 Attributes for Tunnel Protocol Support, June 2000
Network Working Group. RFC3575 IANA Consideration for RADIUS, July 2003
Zhang, L., Tiwana, B., Qian, Z., Wang, Z., Dick, R.P., Mao, Z.M., Yang, L.: Accurate online power estimation and automatic battery behavior based power model generation for smart phones. In: Proceedings of the Eighth IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis, CODES/ISSS 2010, pp. 105–114. ACM, New York (2010). http://dx.doi.org/10.1145/1878961.1878982
Acknowledgments
This work is supported by the National Key Research and Development Program of China (No. 2016QY03D0605), the National Nature Science Foundation of China (Nos. 61672111, 61370069), and Beijing Natural Science Foundation (No. 4162043).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Xu, Z., Li, X. (2017). Secure Transfer Protocol Between App and Device of Internet of Things. In: Wang, G., Atiquzzaman, M., Yan, Z., Choo, KK. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2017. Lecture Notes in Computer Science(), vol 10658. Springer, Cham. https://doi.org/10.1007/978-3-319-72395-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-72395-2_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72394-5
Online ISBN: 978-3-319-72395-2
eBook Packages: Computer ScienceComputer Science (R0)