skip to main content
10.1145/2984356.2984374acmconferencesArticle/Chapter ViewAbstractPublication PagescommConference Proceedingsconference-collections
research-article

OnboardICNg: a Secure Protocol for On-boarding IoT Devices in ICN

Published: 26 September 2016 Publication History

Abstract

Information-Centric Networking (ICN) is an emerging networking paradigm that focuses on content distribution and aims at replacing the current IP stack. Implementations of ICN have demonstrated its advantages over IP, in terms of network performance and resource requirements. Because of these advantages, ICN is also considered to be a good network paradigm candidate for the Internet-of-Things (IoT), especially in scenarios involving resource constrained devices.
In this paper we propose OnboardICNg, the first secure protocol for on-boarding (authenticating and authorizing) IoT devices in ICN mesh networks. OnboardICNg can securely onboard resource constrained devices into an existing IoT network, outperforming the authentication protocol selected for the ZigBee-IP specification: EAP-PANA, i.e., the Protocol for carrying Authentication for Network Access (PANA) combined with the Extensible Authentication Protocol (EAP). In particular we show that, compared with EAP-PANA, OnboardICNg reduces the communication and energy consumption, by 87% and 66%, respectively.

References

[1]
IEEE Standard for Local and metropolitan area networks–Part 15.4: Low-Rate Wireless Personal Area Networks (LR-WPANs). IEEE Std 802.15.4-2011, pages 1–314, Sept 2011.
[2]
G. Acs, M. Conti, P. Gasti, C. Ghali, and G. Tsudik. Cache privacy in named-data networking. In ICDCS, pages 41–51. IEEE, 2013.
[3]
M. Amadeo, C. Campolo, A. Iera, and A. Molinaro. Named data networking for IoT: An architectural perspective. In EuCNC, pages 1–5. IEEE, 2014.
[4]
M. Amadeo, C. Campolo, and A. Molinaro. Internet of Things via Named Data Networking: The support of push traffic. In NOF, pages 1–5. IEEE, 2014.
[5]
E. Baccelli, C. Mehlis, O. Hahm, T. C. Schmidt, and M. Wählisch. Information Centric Networking in the IoT: Experiments with NDN in the Wild. In ICN, pages 77–86. ACM, 2014.
[6]
M. Bellare and P. Rogaway. Entity authentication and key distribution. In CRYPTO, pages 232–249. Springer, 1994.
[7]
F. Bersani and H. Tschofenig. The EAP-PSK Protocol: A Pre-Shared Key Extensible Authentication Protocol (EAP) Method. RFC 4764.
[8]
J. Burke, P. Gasti, N. Nathan, and G. Tsudik. Securing instrumented environments over content-centric networking: the case of lighting control and NDN. In INFOCOM Workshops, pages 394–398. IEEE, 2013.
[9]
J. Burke, P. Gasti, N. Nathan, and G. Tsudik. Secure Sensing over Named Data Networking. In NCA, pages 175–180. IEEE, 2014.
[10]
D. W. Carman, P. S. Kruus, and B. J. Matt. Constraints and approaches for distributed sensor network security (final). DARPA Project report,(Cryptographic Technologies Group, Trusted Information System, NAI Labs), 1(1), 2000.
[11]
L. Chen. Recommendation for key derivation using pseudorandom functions. NIST special publication, 800:108, 2008.
[12]
A. Compagno, M. Conti, P. Gasti, L. V. Mancini, and G. Tsudik. Violating consumer anonymity: Geo-locating nodes in named data networking. In ACNS, pages 243–262. Springer, 2015.
[13]
A. Compagno, M. Conti, P. Gasti, and G. Tsudik. Poseidon: Mitigating interest flooding DDoS attacks in named data networking. In LCN, pages 630–638. IEEE, 2013.
[14]
Content centric networking (CCNx) project. http://www.ccnx.org.
[15]
M. Conti, R. Di Pietro, and L. V. Mancini. Secure cooperative channel establishment in wireless sensor networks. In PerCom Workshops, pages 5–9. IEEE, 2006.
[16]
G. De Meulenaer, F. Gosset, F.-X. Standaert, and O. Pereira. On the energy cost of communication and cryptography in wireless sensor networks. In WiMob, pages 580–585. IEEE, 2008.
[17]
S. E. Deering. Internet Protocol, Version 6 (IPv6) Specification. RFC 2460.
[18]
L. Eschenauer and V. D. Gligor. A key-management scheme for distributed sensor networks. In CCS, pages 41–47. ACM, 2002.
[19]
D. Forsberg, Y. Ohba, B. Patil, H. Tschofenig, and A. Yegin. Protocol for carrying authentication for network access (PANA). RFC 5191.
[20]
C. Karlof, N. Sastry, and D. Wagner. TinySec: a link layer security architecture for wireless sensor networks. In SenSys, pages 162–175. ACM, 2004.
[21]
C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, and T. Kivinen. Internet Key Exchange Protocol Version 2 (IKEv2). RFC 7296.
[22]
J. Lee, K. Kapitanova, and S. H. Son. The price of security in wireless sensor networks. Computer Networks, 54(17):2967–2978, 2010.
[23]
D. Liu, P. Ning, and R. Li. Establishing pairwise keys in distributed sensor networks. TISSEC, 8(1):41–77, 2005.
[24]
CCN and NDN TLV encodings in 802.15.4 packets. https://www.ietf.org/mail-archive/web/icnrg/current/pdfs9ieLPWcJI.pdf.
[25]
Named Data Networking project (NDN). http://named-data.org.
[26]
A. Perrig, R. Szewczyk, J. D. Tygar, V. Wen, and D. E. Culler. SPINS: Security protocols for sensor networks. Wireless networks, 8(5):521–534, 2002.
[27]
P. M. Sanchez, R. M. Lopez, and A. F. G. Skarmeta. Panatiki: A network access control implementation based on PANA for IoT devices. Sensors, 13(11):14888–14917, 2013.
[28]
W. Shang, Q. Ding, A. Marianantoni, J. Burke, and L. Zhang. Securing building management systems using named data networking. Network, 28(3):50–56, 2014.
[29]
Z. Shelby and C. Bormann. 6LoWPAN: The wireless embedded Internet, volume 43. John Wiley & Sons, 2011.
[30]
D. Simon, B. Aboba, and R. Hurst. The EAP-TLS Authentication Protocol. RFC 5216.
[31]
A. D. Wood and J. A. Stankovic. Denial of service in sensor networks. Computer, 35(10):54–62, 2002.
[32]
Y. Zhang, D. Raychadhuri, R. Ravindran, and G. Wang. Icn based architecture for iot. IRTF contribution, October, 2013.
[33]
S. Zhu, S. Setia, and S. Jajodia. LEAP+: Efficient security mechanisms for large-scale distributed sensor networks. TOSN, 2(4):500–528, 2006.
[34]
ZigBee Alliance. Zigbee specification, 2006.
[35]
ZigBee Alliance. ZigBee IP specification, 2010.

Cited By

View all
  • (2024)A practical and UC-secure decentralized key management and authentication scheme based on blockchain for VNDNComputer Science and Information Systems10.2298/CSIS230328013G21:3(725-757)Online publication date: 2024
  • (2023)Lightweight Transmission Behavior Audit Scheme for NDN Industrial Internet Identity Resolution and Transmission Based on BlockchainElectronics10.3390/electronics1211253812:11(2538)Online publication date: 4-Jun-2023
  • (2023)Edge-Assisted Intelligent Device Authentication in Cyber–Physical SystemsIEEE Internet of Things Journal10.1109/JIOT.2022.315182810:4(3057-3070)Online publication date: 15-Feb-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ACM-ICN '16: Proceedings of the 3rd ACM Conference on Information-Centric Networking
September 2016
275 pages
ISBN:9781450344678
DOI:10.1145/2984356
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 September 2016

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Authentication
  2. ICN Security
  3. Internet-of-things

Qualifiers

  • Research-article

Conference

ICN'16
Sponsor:

Acceptance Rates

ACM-ICN '16 Paper Acceptance Rate 23 of 84 submissions, 27%;
Overall Acceptance Rate 133 of 482 submissions, 28%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)17
  • Downloads (Last 6 weeks)0
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)A practical and UC-secure decentralized key management and authentication scheme based on blockchain for VNDNComputer Science and Information Systems10.2298/CSIS230328013G21:3(725-757)Online publication date: 2024
  • (2023)Lightweight Transmission Behavior Audit Scheme for NDN Industrial Internet Identity Resolution and Transmission Based on BlockchainElectronics10.3390/electronics1211253812:11(2538)Online publication date: 4-Jun-2023
  • (2023)Edge-Assisted Intelligent Device Authentication in Cyber–Physical SystemsIEEE Internet of Things Journal10.1109/JIOT.2022.315182810:4(3057-3070)Online publication date: 15-Feb-2023
  • (2022)SoK: Public key and namespace management in NDNProceedings of the 9th ACM Conference on Information-Centric Networking10.1145/3517212.3558085(67-79)Online publication date: 6-Sep-2022
  • (2022)Content Object Security in the Internet of Things: Challenges, Prospects, and Emerging SolutionsIEEE Transactions on Network and Service Management10.1109/TNSM.2021.309990219:1(538-553)Online publication date: Mar-2022
  • (2022)PION: Password-based IoT Onboarding Over Named Data NetworkingICC 2022 - IEEE International Conference on Communications10.1109/ICC45855.2022.9839088(1070-1075)Online publication date: 16-May-2022
  • (2021)A Survey on Resilience in the IoTACM Computing Surveys10.1145/346251354:7(1-39)Online publication date: 17-Sep-2021
  • (2021)Securely & Efficiently Integrating Constrained Devices into an ICN-IoT2021 IEEE 7th World Forum on Internet of Things (WF-IoT)10.1109/WF-IoT51360.2021.9595708(536-541)Online publication date: 14-Jun-2021
  • (2021)An Authentication Framework in ICN-Enabled Industrial Cyber-Physical SystemsSecurity and Privacy in New Computing Environments10.1007/978-3-030-66922-5_15(223-243)Online publication date: 22-Jan-2021
  • (2019)A Secure Sign-On Protocol for Smart Homes over Named Data NetworkingIEEE Communications Magazine10.1109/MCOM.2019.180078957:7(62-68)Online publication date: Jul-2019
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media