Secure Lifecycle Management for Internet of Things Devices
Loading...
URL
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu |
Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
Authors
Date
2020-08-18
Department
Major/Subject
Security and Cloud Computing
Mcode
SCI3084
Degree programme
Master’s Programme in Security and Cloud Computing (SECCLO)
Language
en
Pages
54
Series
Abstract
In recent years, IoT devices have been adopted for various uses cases including for home applications such as smart lighting and heating and cooling systems. The IoT devices are simple and constrained devices. Usually, these simple devices are paired with and managed by controller devices such as smartphones over home wireless network. The pairing protocol along with the command and control protocols between the IoT device and the smartphone are usually proprietary. Therefore, users are required to install a dedicated application to access and control each brand and type of device. LwM2M has been designed as an open standard to increase interoperability between the simple devices from different ecosystems. It can be used to secure the connection between the simple device and the controller. The LwM2M protocol uses pre-shared keys, raw public keys, and X.509 certificates for authentication. However, these authentication methods have some deployment and scalability problems, and out-of-band authentication has been suggested as an alternative. This thesis project aims to adapt the LwM2M protocol for secure device pairing and lifecycle management for Internet of Things device in such a way that it can be used with out-of-band authentication. A proof-of-concept prototype has been implemented with Raspberry Pi 3 B+ as the simple device and an Android smartphone as the controller.Description
Supervisor
Aura, TuomasThesis advisor
Tamrakar, SandeepGinzboorg, Philip
Keywords
IoT security, out-of-band, authentication, QR code, OMA LwM2M