Final published version
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - Fusion
T2 - coalesced confidential storage and communication framework for the IoT
AU - Bagci, Ibrahim Ethem
AU - Raza, Shahid
AU - Roedig, Utz
AU - Voigt, Thiemo
PY - 2016/10
Y1 - 2016/10
N2 - Comprehensive security mechanisms are required for a successful implementation of the Internet of Things (IoT). Existing solutions focus mainly on securing the communication links between Internet hosts and IoT devices. However, as most IoT devices nowadays provide vast amounts of flash storage space it is as well required to consider storage security within a comprehensive security framework. Instead of developing independent security solutions for storage and communication we propose Fusion, a framework which provides coalesced confidential storage and communication. Fusion uses existing secure communication protocols for the IoT such as IPsec and DTLS and re-uses the defined communication security mechanisms within the storage component. Thus, trusted mechanisms developed for communication security are extended into the storage space. Notably, this mechanism allows us to transmit requested data directly from the file system without decrypting read data blocks and then re-encrypting these for transmission. Thus, Fusion provides benefits in terms of processing speed and energy efficiency which are important aspects for resource constrained IoT devices. The paper describes the Fusion architecture and its instantiation for IPsec and DTLS based systems. We describe Fusion’s implementation and evaluate its storage overheads, communication performance and energy consumption.
AB - Comprehensive security mechanisms are required for a successful implementation of the Internet of Things (IoT). Existing solutions focus mainly on securing the communication links between Internet hosts and IoT devices. However, as most IoT devices nowadays provide vast amounts of flash storage space it is as well required to consider storage security within a comprehensive security framework. Instead of developing independent security solutions for storage and communication we propose Fusion, a framework which provides coalesced confidential storage and communication. Fusion uses existing secure communication protocols for the IoT such as IPsec and DTLS and re-uses the defined communication security mechanisms within the storage component. Thus, trusted mechanisms developed for communication security are extended into the storage space. Notably, this mechanism allows us to transmit requested data directly from the file system without decrypting read data blocks and then re-encrypting these for transmission. Thus, Fusion provides benefits in terms of processing speed and energy efficiency which are important aspects for resource constrained IoT devices. The paper describes the Fusion architecture and its instantiation for IPsec and DTLS based systems. We describe Fusion’s implementation and evaluate its storage overheads, communication performance and energy consumption.
KW - security
KW - Internet of Things
KW - IPsec
KW - DTLS
KW - storage security
KW - Contiki OS
U2 - 10.1002/sec.1260
DO - 10.1002/sec.1260
M3 - Journal article
VL - 9
SP - 2656
EP - 2673
JO - Security and Communication Networks
JF - Security and Communication Networks
SN - 1939-0114
IS - 15
ER -