Conference paper
Analyzing the communication security between smartphones and IoT based on CORAS
Technical University of Denmark1
Department of Applied Mathematics and Computer Science, Technical University of Denmark2
Cyber Security, Department of Applied Mathematics and Computer Science, Technical University of Denmark3
Copenhagen Center for Health Technology, Centers, Technical University of Denmark4
The exponential growth of Internet-of-Things (IoT) devices and applications may expose tremendous security vulnerabilities in practice, as there are different protocols in the application layer to exchange sensor data, e.g., MQTT, AMQP, CoAP. For the MQTT protocol, IoT devices would publish a plain message that could potentially cause loss of data integrity and data stealing.
Motivated by this, we first present a risk assessment on the communication channel between smartphones and IoT using the method of CORAS, which is a model-based security risk analysis framework. Then the paper analyzes several known cryptographic methods and mechanisms to identify which cryptography solution best fits resource constrained IoT devices.
Further, we discuss appropriate cryptographic algorithms that can help protect data integrity between smartphones and IoT.
| Language: | English |
|---|---|
| Publisher: | Springer |
| Year: | 2018 |
| Pages: | 251-265 |
| Proceedings: | 12th International Conference on Network and System Security |
| Series: | Lecture Notes in Computer Science (including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| ISBN: | 3030027430 , 3030027449 , 9783030027438 and 9783030027445 |
| ISSN: | 03029743 |
| Types: | Conference paper |
| DOI: | 10.1007/978-3-030-02744-5_19 |
| ORCIDs: | Meng, Weizhi and Jensen, Christian D. |
