Skip to main content
SpringerLink
Log in

Toward the inclusion of end-to-end security in the OM2M platform

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

The exponential growth in the number of Internet of things (IoT) devices and their potential in many applications in a vast number of domains fuelled the development of different IoT platforms, supported by big companies and industry groups. These platforms are able to provide reliable services to IoT devices and reduce the time to market for the targeted applications. Unfortunately, these proprietary solutions fragment the IoT market and hamper horizontal integration. The need to interoperate the different IoT platforms and communication protocols pushed the Standards Developing Organizations (SDOs) to the specification of a machine-to-machine (M2M) service layer, published as the oneM2M (OM2M) standard. Although the OM2M standard provides generic guidelines to implement security solutions which include authentication, authorization, confidentiality and data integrity, more efficient security schemes should be investigated when constrained IoT devices are concerned. This paper presents two main contributions. First, a CoAPS binding for the OM2M platform is provided that enables secure and reliable communication with constrained IoT devices. Second, a lightweight dynamic access control system is designed, developed and integrated in a OM2M-based architecture. It allows to dynamically grant or revoke access permission in an anonymous way to constrained IoT devices for controlling some actuators. From the experimental results, we can conclude that the computational complexity of the proposed security scheme is extremely low for the client device which requests data access. We show that a constrained IoT device establishes a trust relationship with the OM2M server in few seconds.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Balfour RE (2015) Building the “Internet of Everything” (IoE) for first responders. In: 2015 long Island systems, applications and technology, pp 1–6. IEEE. https://doi.org/10.1109/LISAT.2015.7160172. http://ieeexplore.ieee.org/document/7160172/

  2. Brown DRL, Gallant R, Vanstone SA (2002) Provably secure implicit certificate schemes. Springer, Berlin, pp 156–165. https://doi.org/10.1007/3-540-46088-8_15

    Book  MATH  Google Scholar 

  3. Capossele A, Cervo V, De Cicco G, Petrioli, C (2015) Security as a CoAP resource: an optimized DTLS implementation for the IoT. In: 2015 IEEE International Conference on Communications (ICC). IEEE (2015), pp 549–554. https://doi.org/10.1109/ICC.2015.7248379. http://ieeexplore.ieee.org/document/7248379/

  4. Chen YC, Chuang SC, Yeh LY, Huang JL (2011) A practical authentication protocol with anonymity for wireless access networks. Wirel Commun Mobile Comput 11(10):1366–1375. https://doi.org/10.1002/wcm.933

    Article  Google Scholar 

  5. Corici A, Elmangoush A, Steinke R, Magedanz T, Mwangama J, Ventura N (2014) Utilizing M2M technologies for building reliable smart cities. In: 2014 6th International Conference on New Technologies, Mobility and Security (NTMS). IEEE, pp 1–5. https://doi.org/10.1109/NTMS.2014.6814059. http://ieeexplore.ieee.org/document/6814059/

  6. Elmangoush A, Al-Hezmi A, Magedanz T (2014) The development of M2M standards for ubiquitous sensing service layer. In: 2014 IEEE globecom workshops (GC Wkshps). IEEE, pp 624–629. https://doi.org/10.1109/GLOCOMW.2014.7063502. http://ieeexplore.ieee.org/document/7063502/

  7. Fotiou N, Kotsonis T, Marias GF, Polyzos GC (2016) Access control for the internet of things. In: 2016 international workshop on secure internet of things (SIoT). IEEE, pp 29–38. https://doi.org/10.1109/SIoT.2016.010. http://ieeexplore.ieee.org/document/7913563/

  8. Gope P, Hwang T (2016) A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks. IEEE Trans Ind Electron 63(11):7124–7132. https://doi.org/10.1109/TIE.2016.2585081

    Article  Google Scholar 

  9. Granjal J, Monteiro E (2016) End-to-end transparent transport-layer security for internet-integrated mobile sensing devices. In: 2016 IFIP Networking Conference (IFIP Networking) and Workshops. IEEE, pp 306–314. https://doi.org/10.1109/IFIPNetworking.2016.7497235. http://ieeexplore.ieee.org/document/7497235/

  10. He D, Zhang Y, Chen J (2014) Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wirel Pers Commun 74(2):229–243. https://doi.org/10.1007/s11277-013-1282-x

    Article  Google Scholar 

  11. Hsieh WB, Leu JS (2014) Anonymous authentication protocol based on elliptic curve Diffie–Hellman for wireless access networks. Wirel Commun Mobile Comput 14(10):995–1006. https://doi.org/10.1002/wcm.2252

    Article  Google Scholar 

  12. Hsu YH, Lin FJ (2017) Preventing misuse of duplicate certificates in IoT/M2M systems. In: 2017 26th International Conference on Computer Communication and Networks (ICCCN). IEEE, pp. 1–8. https://doi.org/10.1109/ICCCN.2017.8038508. http://ieeexplore.ieee.org/document/8038508/

  13. Indu I, Anand PMR (2016) Hybrid authentication and authorization model for web based applications. In: 2016 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET). IEEE, pp 1187–1191. https://doi.org/10.1109/WiSPNET.2016.7566324. http://ieeexplore.ieee.org/document/7566324/

  14. Jan MA, Zhang W, Usman M, Tan Z, Khan F, Luo E (2019) SmartEdge: an end-to-end encryption framework for an edge-enabled smart city application. J Netw Comput Appl 137:1–10. https://doi.org/10.1016/J.JNCA.2019.02.023

    Article  Google Scholar 

  15. Kim H, Lee EA (2017) Authentication and authorization for the internet of things. IT Prof 19(5):27–33. https://doi.org/10.1109/MITP.2017.3680960

    Article  Google Scholar 

  16. Lee C, Nkenyereye L, Sung N, Song J (2018) Towards a Blockchain-enabled IoT platform using oneM2M standards. In: 2018 International Conference on Information and Communication Technology Convergence (ICTC). IEEE, pp 97–102. https://doi.org/10.1109/ICTC.2018.8539724

  17. Li J, Zhang W, Dabra V, Choo KKR, Kumari S, Hogrefe D (2019) AEP-PPA: an anonymous, efficient and provably-secure privacy-preserving authentication protocol for mobile services in smart cities. J Netw Comput Appl 134:52–61. https://doi.org/10.1016/J.JNCA.2019.02.003

    Article  Google Scholar 

  18. Liu JK, Au MH, Huang X, Lu R, Li J (2016) Fine-grained two-factor access control for web-based cloud computing services. IEEE Trans Inf Forensics Sec 11(3):484–497. https://doi.org/10.1109/TIFS.2015.2493983

    Article  Google Scholar 

  19. Naik N, Jenkins P (2016) A secure mobile cloud identity: criteria for effective identity and access management standards. In: 2016 4th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud). IEEE, pp 89–90. https://doi.org/10.1109/MobileCloud.2016.22. http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=7474415

  20. Neisse R, Baldini G, Steri G, Ahmad A, Fourneret E, Legeard B (2017) Improving internet of things device certification with policy-based management. In: 2017 global internet of things summit (GIoTS). IEEE, pp 1–6. https://doi.org/10.1109/GIOTS.2017.8016273. http://ieeexplore.ieee.org/document/8016273/

  21. Oh SR, Kim YG (2017) Development of IoT security component for interoperability. In: 2017 13th International Computer Engineering Conference (ICENCO). IEEE, pp 41–44. https://doi.org/10.1109/ICENCO.2017.8289760. http://ieeexplore.ieee.org/document/8289760/

  22. OneM2M: oneM2M - Home (2012). http://www.onem2m.org/

  23. Park CS (2017) A secure and efficient ECQV implicit certificate issuance protocol for the internet of things applications. IEEE Sens J 17(7):2215–2223. https://doi.org/10.1109/JSEN.2016.2625821

    Article  Google Scholar 

  24. Patonico S, Nguyen TL, Shabisha P, Braeken A, Steenhaut K (2018) DTLS integration in oneM2M based on Zolertia RE-motes. In: 2018 4th International Conference on Cloud Computing Technologies and Applications, Cloudtech 2018. Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/CloudTech.2018.8713357

  25. Qu MVSA (2000) Implicit certificate scheme. https://patents.google.com/patent/US6792530

  26. Research C (2009) Standards for efficient cryptography SEC 1: elliptic curve cryptography. Tech. rep. https://www.secg.org/sec1-v2.pdf

  27. RfcDTLS: RFC 6347 - Datagram Transport Layer Security Version 1.2 (2012). http://www.rfc-editor.org/info/rfc6347

  28. Staudemeyer RC, Pohls HC, Wojcik M (2018) The road to privacy in IoT: beyond encryption and signatures, towards unobservable communication. In: 2018 IEEE 19th International Symposium on “A World of Wireless, Mobile and Multimedia Networks” (WoWMoM). IEEE, pp 14–20. https://doi.org/10.1109/WoWMoM.2018.8449779. https://ieeexplore.ieee.org/document/8449779/

  29. Sun G, Sun S, Sun J, Yu H, Du X, Guizani M (2019) Security and privacy preservation in fog-based crowd sensing on the internet of vehicles. J Netw Comput Appl 134:89–99. https://doi.org/10.1016/J.JNCA.2019.02.018

    Article  Google Scholar 

  30. Swetina J, Lu G, Jacobs P, Ennesser F, Song J (2014) Toward a standardized common M2M service layer platform: introduction to oneM2M. IEEE Wirel Commun 21(3):20–26. https://doi.org/10.1109/MWC.2014.6845045

    Article  Google Scholar 

  31. Tinydtls: GitHub - eclipse/tinydtls: Eclipse tinydtls (2015). https://github.com/eclipse/tinydtls

  32. Van den Abeele F, Vandewinckele T, Hoebeke J, Moerman I, Demeester P (2015) Secure communication in IP-based wireless sensor networks via a trusted gateway. In: 2015 IEEE Tenth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP). IEEE, pp 1–6. https://doi.org/10.1109/ISSNIP.2015.7106963. http://ieeexplore.ieee.org/document/7106963/

  33. Wu CW, Lin FJ, Wang CH, Chang N (2017) OneM2M-based IoT protocol integration. In: 2017 IEEE Conference on Standards for Communications and Networking (CSCN). IEEE, pp 252–257. https://doi.org/10.1109/CSCN.2017.8088630. http://ieeexplore.ieee.org/document/8088630/

  34. Younis YA, Kifayat K, Merabti M (2015) A novel evaluation criteria to cloud based access control models. In: 2015 11th International Conference on Innovations in Information Technology (IIT). IEEE, pp 68–73 https://doi.org/10.1109/INNOVATIONS.2015.7381517. http://ieeexplore.ieee.org/document/7381517/

  35. Zhang Z, Qi Q, Kumar N, Chilamkurti N, Jeong HY (2015) A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimed Tools Appl 74(10):3477–3488. https://doi.org/10.1007/s11042-014-1885-6

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Vrije Universiteit Brussel, Pleinlaan 2, 1050, Brussel, Belgium

    Simone Patonico, Thanh-Long Nguyen, Placide Shabisha, An Braeken & Kris Steenhaut

  2. IMEC, Kapeldreef 75, 3001, Leuven, Belgium

    Simone Patonico, Thanh-Long Nguyen, Placide Shabisha, An Braeken & Kris Steenhaut

Authors
  1. Simone Patonico
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thanh-Long Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Placide Shabisha
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. An Braeken
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Kris Steenhaut
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Simone Patonico.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Patonico, S., Nguyen, TL., Shabisha, P. et al. Toward the inclusion of end-to-end security in the OM2M platform. J Supercomput 77, 4056–4080 (2021). https://doi.org/10.1007/s11227-020-03415-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-020-03415-7

Keywords

Search

Navigation