Sect: A Lightweight Secure Thing-Centered Iot Communication System

Abstract

In this paper, we propose a secure lightweight and thing-centered IoT communication system based on MQTT, SecT, in which a device/thing authenticates users. Compared with a server-centered IoT system in which a cloud server authenticates users, a thing-centered system preserves user privacy since the cloud server is primarily a relay between things and users and does not store or see user data in plaintext. The contributions of this work are three-fold. First, we explicitly identify critical functionalities in bootstrapping a thing and design secure pairing and binding strategies. Second, we design a strategy of end-to-end encrypted communication between users and things for the sake of user privacy and even the server cannot see the communication content in plaintext. Third, we design a strong authentication system that can defeat known device scanning attack, brute force attack and device spoofing attack against IoT. We implemented a prototype of SecT on a $10 Raspberry Pi Zero W and performed extensive experiments to validate its performance. The experiment results show that SecT is both cost-effective and practical. Although we design SecT for the smart home application, it can be easily extended to other IoT application domains.

Publication Date

12-6-2018

Publication Title

Proceedings - 15th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, MASS 2018

Number of Pages

46-54

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/MASS.2018.00018

Socpus ID

85060237324 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/85060237324

This document is currently not available here.

Share

COinS