Sect: A Lightweight Secure Thing-Centered Iot Communication System
Abstract
In this paper, we propose a secure lightweight and thing-centered IoT communication system based on MQTT, SecT, in which a device/thing authenticates users. Compared with a server-centered IoT system in which a cloud server authenticates users, a thing-centered system preserves user privacy since the cloud server is primarily a relay between things and users and does not store or see user data in plaintext. The contributions of this work are three-fold. First, we explicitly identify critical functionalities in bootstrapping a thing and design secure pairing and binding strategies. Second, we design a strategy of end-to-end encrypted communication between users and things for the sake of user privacy and even the server cannot see the communication content in plaintext. Third, we design a strong authentication system that can defeat known device scanning attack, brute force attack and device spoofing attack against IoT. We implemented a prototype of SecT on a $10 Raspberry Pi Zero W and performed extensive experiments to validate its performance. The experiment results show that SecT is both cost-effective and practical. Although we design SecT for the smart home application, it can be easily extended to other IoT application domains.
Publication Date
12-6-2018
Publication Title
Proceedings - 15th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, MASS 2018
Number of Pages
46-54
Document Type
Article; Proceedings Paper
Personal Identifier
scopus
DOI Link
https://doi.org/10.1109/MASS.2018.00018
Copyright Status
Unknown
Socpus ID
85060237324 (Scopus)
Source API URL
https://api.elsevier.com/content/abstract/scopus_id/85060237324
STARS Citation
Gao, Chao; Ling, Zhen; Chen, Biao; Fu, Xinwen; and Zhao, Wei, "Sect: A Lightweight Secure Thing-Centered Iot Communication System" (2018). Scopus Export 2015-2019. 10097.
https://stars.library.ucf.edu/scopus2015/10097