Open this publication in new window or tab >>2022 (English)In: ACM Transactions on Internet of Things, ISSN 2577-6207, Vol. 3, no 3, article id 3523064Article in journal (Refereed) Published
Abstract [en]
The Constrained Application Protocol (CoAP) is a major application-layer protocol for the Internet of Things (IoT). The recently standardized security protocol Object Security for Constrained RESTful Environments (OSCORE) efficiently provides end-to-end security of CoAP messages at the application layer, also in the presence of untrusted intermediaries. At the same time, CoAP supports one-to-many communication, targeting use cases such as smart lighting and building automation, firmware update, or emergency broadcast. Securing group communication for CoAP has additional challenges. It can be done using the novel Group Object Security for Constrained RESTful Environments (Group OSCORE) security protocol, which fulfills the same security requirements of OSCORE in group communication environments. While evaluations of OSCORE are available, no studies exist on the performance of Group OSCORE on resource-constrained IoT devices.This article presents the results of our extensive performance evaluation of Group OSCORE over two popular constrained IoT platforms, namely Zolertia Zoul and TI Simplelink. We have implemented Group OSCORE for the Contiki-NG operating system and made our implementation available as open source software. We compared Group OSCORE against unprotected CoAP as well as OSCORE. To the best of our knowledge, this is the first comprehensive and experimental evaluation of Group OSCORE over real constrained IoT devices. © 2022 Copyright held by the owner/author(s).
Place, publisher, year, edition, pages
Association for Computing Machinery, 2022
Keywords
Contiki-NG, End-to-end security, group communication, Group OSCORE, Internet of Things, Firmware, Intelligent buildings, Internet protocols, Open source software, Open systems, Application layer protocols, Application protocols, Contiki, Group communications, Group object security for constrained RESTful environment, Performances evaluation, Secure group communications, Security protocols
National Category
Computer Engineering
Identifiers
urn:nbn:se:ri:diva-59900 (URN)10.1145/3523064 (DOI)2-s2.0-85134881343 (Scopus ID)
Note
Funding details: 952652; Funding details: Horizon 2020 Framework Programme, H2020; Funding details: Innovationsfonden, IFD, HI2OT; Funding details: Stiftelsen för Strategisk Forskning, SSF, RIT17-0032; Funding details: VINNOVA; Funding text 1: Martin Gunnarsson and Krzysztof Mateusz Malarski contributed equally to this research. This work was partially funded by Innovation Fund Denmark through Eureka Turbo project IoT Watch4Life and Nordic University Hub for Industrial IoT (HI2OT); the SSF project SEC4Factory under the grant RIT17-0032; VINNOVA through the Celtic-Next project CRITISEC; and the H2020 project SIFIS-Home (Grant agreement 952652). Authors’ addresses: M. Gunnarsson, RISE Cybersecurity - RISE Research Institutes of Sweden, Scheelevägen 17, Lund, Sweden; email: martin.gunnarsson@ri.se; K. M. Malarski, DTU Technical University of Denmark, Ørsteds Plads 343, Kongens Lyngby, Denmark, 2800; email: krmal@fotonik.dtu.dk; R. Höglund, RISE Cybersecurity - RISE Research Institutes of Sweden, Isafjordsgatan 22, Kista, Sweden, Department of Information Technology - Uppsala University; email: rikard.hoglund@ri.se; M. Tiloca, RISE Cybersecurity - RISE Research Institutes of Sweden, Isafjordsgatan 22, Kista, Sweden email: marco.tiloca@ri.se.
2022-08-112022-08-112023-06-07Bibliographically approved