Security in Internet of Things

Abstract: The Internet of Things (IoT) is emerging the Internet and other networks with wireless technologies to make physical objects interact online. The IoT has developed to become a promising technology and receives significant research attention in recent years because of the development of wireless communications and micro-electronics.  Like other immature technological inventions, although IoT will promise their users a better life in the near future, it is a security risk, especially today the privacy is increasingly concerned by people. The key technologies of IoT are not yet mature. Therefore the researches and applications of the IoT are in the early stage. In order to make the IoT pervade people’s everyday life, the security of the IoT must be strengthened. In this thesis, first, the IoT is compared with the Internet. Though the IoT is based on the Internet, due to the characteristics of the IoT, those mature end-to-end security protocols and protective measures in the Internet can not directly provide the end-to-end data security through the perceptual layer, the transport layer the and application layer. For the IoT security addressing issues (such as the Internet DNS attack), this thesis proposes the IoT addressing security model. The traditional access control and the identity authentication only works in the same layer. The IoT addressing security model designed in this thesis effectively solves the issues of vertically passing the authentication results in the addressing process without changing the protocols for two communication parties. Besides, this thesis provides the object access control and privacy protection from the object application layer addressing, DNS addressing and IP addressing phases. Finally, combining the IoT object addressing security model with practical application scenario, this thesis designs the IoT object security access model. In this model, the access requester can access objects in different domains through a single sign-on. This model provides the protection for the end-to-end communication between the access requester and object.