Lightweight IoT security middleware for end-to-end cloud-fog communication

Abstract

IoT (Internet of Things) based smart devices such as sensors and wearables have been actively used in edge clouds i.e., 'fogs' to provide critical data during scenarios ranging from e.g., disaster response to in-home healthcare. Since these devices typically operate in resource constrained environments at the network-edge, end-to-end security protocols have to be lightweight while also being robust, flexible and energy-efficient for data import/ export to/from cloud platforms. In this thesis, we present the design and implementation of a lightweight IoT security middleware for end-to-end cloud-fog communications involving smart devices and cloud-hosted applications. The novelty of our middleware is in its ability to cope with intermittent network connectivity as well as device constraints in terms of computational power, memory and network bandwidth. To provide security during intermittent network conditions, we use a Session Resumption concept in order to reuse encrypted sessions from recent past, if a recently disconnected device wants to resume a prior connection that was interrupted. The primary design goal is to not only secure IoT device communications, but also to maintain security compatibility with an existing core cloud infrastructure. Experiment results show how our middleware implementation provides fast and resource-aware security by leveraging static pre-shared keys (PSKs) for a variety of IoT-based application requirements. Thus, our work lays a foundation for promoting increased adoption of static properties such as Static PSKs that can be highly suitable for handling the trade-offs in high security or faster data transfer requirements within IoT-based applications.