End-to-end Security Enhancement of an IoT Platform Using Object Security

Abstract: The Internet of Things (IoT) is seen as one of the next Internet revolutions. In a near future the majority of all connected devices to the Internet will be IoT devices. These devices will connect previously offline constrained systems, thus it is essential to ensure end-to-end security for such devices. Object Security is a concept where the actual packet or sensitive parts of the packet are encrypted instead of the radio channel. A compromised node in the network will with this mechanism still have the data encrypted ensuring full end-to-end security. This paper proposes an architecture for using the object security format COSE in a typical constrained short-range radio based IoT platform. The IoT platform utilizes Bluetooth Low Energy and the Constrained Application Protocol for data transmission via a capillary gateway. A proof-of-concept implementation based on the architecture validates that the security solution is implementable. An overhead comparison between current channel security guidelines and the proposed object security solution results in a similar size for each data packet. The thesis concludes that object security should be seen as an alternative for ensuring end-to-end security for the Internet of Things.