Security in internet of things design
Date of Issue2016-03-23
School of Computer Engineering
Internet of Things (IoT) devices are constrained devices with limited memory, CPU and battery life. These devices often are sensors that collect information or even smart devices that control services or electrical appliances . When such devices are connected to the same network, they become known as “things” and form an Internet of Things, which are a network of objects such as embedded computers, smart devices, sensors with the ability to communicate and exchange data with other services and/or devices  in addition, these IoT devices are now also being connected to the internet, such that they can send their data to web servers and cloud data centres for further analysis. There are many efforts by companies to standardize IoT devices and how they interact with other devices. The current data exchange via internet is HTTP, which was not designed for constrained environments. In particular HTTP cannot ensure security during data transmission by default. Back in 2014, the Open Web Applications Security Project ranked the top ten security facing IoT devices together with lack of data encryption during data transmissions on number four in the list . HTTPS is the secure version of HTTP which incorporates TSL can be used for data transmission over the internet. The use of cryptographic functions such as encryption adds a layer of complexity to the generally simplicity of IoT devices and demands much more resources. This report presents the project to study appropriate security measures via encryption to ensure the security of data. This report focuses on the already available encryption methods in asymmetric and symmetric encryption. The solution used in this project hence builds upon existing open solutions to create a much more secure solution. This project will provide performance results of the implementation of both asymmetric and symmetric encryptions on an IoT device. The security approach investigated is RSA with 2048 bit key size, however, this can change depending on the device. The overall performance is measured from how much CPU usage, memory usage and the time taken to encrypt the data.
Final Year Project (FYP)
Nanyang Technological University