Research On Safety Access For Internet Of Things Under Resource-constrained Conditions

The Internet of Things(Io T)is well known as the Internet of Everything.Objects or sensing devices in the Io T arecommonly connected through a Internet,and they share information and communicate each other through Internet protocols.Different from the traditional wireless sensor network(WSN),the Io T emphasizes the global network architecture,leading to the great opportunity to analyze communication data from a global perspective.Recently,Io T technology provides theoretical support and technical support for a wide range of practical applications,such as home automation,personal health monitoring(heart rate,pulse or temperature measurement),building automation(heating of buildings,electricity and Control of ventilation systems),industrial automation(grid control)and smart cities.To ensure the security of terminal nodes accessing the Io T,the Datagram Transport Layer Security Protocol(DTLS)and the Constrained Application Protocol(Co AP protocol)are widely used in the Io T security layer and application layer,which define standard solutions for authentication,key exchange,and secure communication.However,terminal nodes are often limited energy overhead,restrictive memory constraints,and reduced computational capabilities.In practise,the DTLS and Co AP protocols require a lot of computing resources in the key derivation process,restricting the communication function and life cycle of terminal nodes.On the other hand,these security protocols also do not provide a reliable solution to the problem of authorizing security.In order to solve the above problems,this thesis study the security access problem of Io T under the condition of limited resource of terminal nodes based on DTLS and Co AP protocol stack.More specifically,to address the problem of secret key encryption and derivation,which require a lot of terminal computing resources,this theis designs a symmetric encryption solution for key generation.In summary,the main contributions of this article are as follows:l Since the key generation time accounts for 70% of the total access handshake process,this thesis first designs an improved lightweight key derivation method.Through testing on the CC2538 platform,this method improves the efficiency by 5 times and reduces the energy consumption by 5.2 times,resulting in4 times accelation of the entire access handshake,and nearly 3.7 times energy saving.This scheme greatly improves the efficiency of terminal nodesin Io T,and,at the same time,prolongs their life cycle.l Under the premise of the efficient key derivation mechanism,an improved access handshake protocol is designed to ensure the security of the entire terminal device accessing the resource server.By redesigning the definition of the nonce field,the key revocation mechanism under the condition of the key expiration is implemented.Experiments show that the new protocol not only can further improve access efficiency,but also is not vulnerable to denial of service or battery exhaustion.Thereby improving the robustness and security in the access process.