Access Control in the Internet of Things

Abstract: The new generation of Wireless Sensor Networks, that is known as the Internet of Things enables the direct connection of physical objects to the Internet using microcontrollers. In most cases these microcontrollers have very limited computational resources. The global connectivity provides great opportunities for data collection and analysis as well as for interaction of objects that cannot be connected to the same local area network. Many of application scenarios have high requirements to security and privacy of transmitted data. At the same time security solutions that are utilized for general purpose computers are not always applicable for constrained devices. That leaves a room for new solutions that takes into account the technological aspects of the Internet of Things. In this thesis we investigate the access control solution for the IETF standard draft Constrained Application Protocol, using the Datagram Transport Layer Security protocol for transport security. We use the centralized approach to save access control information in the framework. Since the public key cryptography operations might be computationally too expensive for constrained devices we build our solution based on symmetric cryptography. Evaluation results show that the access control framework increases computational effort of the handshake by 6.0%, increases the code footprint of the Datagram Transport Layer Security implementation by 7.9% and has no effect on the overall handshake time. Our novel protocol is not vulnerable to Denial of Service or Drain Battery Attack.