Towards Secure and Privacy-Preserving Iot Enabled Smart Home: Architecture and Experimental Study

Towards Secure and Privacy-Preserving Iot Enabled Smart Home: Architecture and Experimental Study

sensors Article Towards Secure and Privacy-Preserving IoT Enabled Smart Home: Architecture and Experimental Study Mamun Abu-Tair 1,*,† , Soufiene Djahel 2,† , Philip Perry 1 , Bryan Scotney 1 , Unsub Zia 1 , Jorge Martinez Carracedo 1 and Ali Sajjad 3 1 School of Computing, Ulster University, Belfast BT37 0QB, UK; [email protected] (P.P.); [email protected] (B.S.); [email protected] (U.Z.); [email protected] (J.M.C.) 2 Department of Computing and Mathematics, Manchester Metropolitan University, Manchester M15 6BH, UK; [email protected] 3 Applied Research, British Telecomm, Ipswich IP5 3RE, UK; [email protected] * Correspondence: [email protected] † These authors contributed equally to this work. Received: 16 September 2020; Accepted: 21 October 2020; Published: 28 October 2020 Abstract: Internet of Things (IoT) technology is increasingly pervasive in all aspects of our life and its usage is anticipated to significantly increase in future Smart Cities to support their myriad of revolutionary applications. This paper introduces a new architecture that can support several IoT-enabled smart home use cases, with a specified level of security and privacy preservation. The security threats that may target such an architecture are highlighted along with the cryptographic algorithms that can prevent them. An experimental study is performed to provide more insights about the suitability of several lightweight cryptographic algorithms for use in securing the constrained IoT devices used in the proposed architecture. The obtained results showed that many modern lightweight symmetric cryptography algorithms, as CLEFIA and TRIVIUM, are optimized for hardware implementations and can consume up to 10 times more energy than the legacy techniques when they are implemented in software. Moreover, the experiments results highlight that CLEFIA significantly outperforms TRIVIUM under all of the investigated test cases, and the latter performs 100 times worse than the legacy cryptographic algorithms tested. Keywords: IoT; lightweight cryptography; smart home; security; privacy preservation; data anonymisation 1. Introduction The Smart Cities concept relies on information gathered from a myriad of tiny IoT sensors. These can be used to monitor the location or behavior of individuals as well as their health and fitness conditions, while other sensors will monitor critical infrastructure such as highways and bridges, valuable assets in Industry 4.0 and crop growth in agriculture. These sensors represent an invaluable source of information that can be efficiently processed and analyzed in an intelligent manner to improve the services offered to the cities’ inhabitants, thereby encouraging more people to adopt smart solutions and use smart devices. Since many of these services are delivered over wireless interfaces and typically carry sensitive private information, there is a need for a comprehensive approach to security and privacy-preservation. These requirements must also be balanced with the need for a particular Quality of Service (QoS) in terms of bandwidth and latency which in turn drives the need for more efficient use of costly or scarce resources such as radio network capacity and edge devices’ computational capabilities [1]. Achieving this, however, is very challenging for several reasons; Sensors 2020, 20, 6131; doi:10.3390/s20216131 www.mdpi.com/journal/sensors Sensors 2020, 20, 6131 2 of 14 • The limited computational capabilities and the inherent design constraints of the sensors make them an easy target for hackers [2]; • The large volume of collected data may include erroneous or intentionally injected malicious data that can lead to serious effects on the system operation and integrity; • Compliance with the General Data Protection Regulation (GDPR) introduces constraints that restrict the usage and sharing of the data collected by companies offering smart home services. Mechanisms are therrefore required for those users who are unwilling to share potentially identity-disclosing data with the service providers; • Inter-operability between devices from different manufacturers makes it difficult to build a unified smart home system. To this end, we propose an IoT-based smart home architecture to support various applications, discuss several security threats and potential countermeasures, and finally undertake an experimental study to identify the most suitable cryptography algorithms for use in this context. The main contributions of this paper are summarized as follows: • Proposing a simple yet comprehensive IoT-based smart home architecture that could serve as a reference model for future works aimed at designing improved smart home systems. • Analyzing the potential security threats that may target such an architecture and outlining the existing countermeasures. • Designing a new security parameter selection algorithm that enables any newly added IoT device to be configured with the most suitable lightweight cryptographic algorithms. • Conducting an experimental study to evaluate the suitability of several hardware-oriented lightweight cryptography algorithms to secure the IoT devices used in this architecture. The remainder of the paper is organized as follows. Section2 summarizes the literature followed by a description of the proposed IoT enabled smart home architecture in Section3. In Section4, we present examples of smart home applications that can be built upon this architecture, then we highlight their associated security threats in Section5. In Section6, we outline several legacy and lightweight cryptographic algorithms that can be used to mitigate the above threats. A new algorithm that enables selecting the most suitable cryptographic algorithms for configuration in IoT devices is proposed in Section7, followed by an experimental evaluation of the achieved encryption/decryption time for a selection of lightweight and legacy cryptography algorithms in Section8. Finally, we conclude in Section9. 2. Related Work In recent years, IoT technology revolutionized the world by substituting humans with intelligent devices to perform many everyday tasks [3,4]. These smart devices become responsible for handling the data as conventional cities undergo the transformation to smart cities [5], homes to smart homes [6], industry to industry 4.0 [7] and so on. Despite the numerous benefits that IoT technology brings, there is a need to ensure the security of the IoT infrastructure and the privacy of the collected data due to the inherent characteristics of the IoT framework and the rapidly expanding spectrum of cyber attacks [8,9]. Several architectures were proposed to add security and privacy features to various working scenarios of IoT networks. Hamed et al. proposed a secure Artificial Intelligence (AI)-based architecture for securing the edge layer of an IoT framework [10]. In this paper, the life cycle of any attack is detected and categorized using the Cyber Kill Chain model. The types of threats and their handling by AI engines for the edge layer were also discussed. Recently, a new safe model for IoT was proposed for supply chain risk management [11]. The designed architecture provides security by applying machine learning techniques, cryptographic hardware monitoring and distributed system coordination. Another multi-layered scheme for secure data transportation between IoT devices connected through a cellular network was developed in [12]. This scheme provides a secure end-to-end Sensors 2020, 20, 6131 3 of 14 communication system for IoT that is comprised of secure interlocking functional elements in the carrier network. A hybrid scheme based on blockchain technology was introduced for ensuring end-to-end security [13]. The proposed scheme uses the Authentication and Authorization for Constrained Environments (ACE) framework [14] for blockchain authorization and the Object Security Architecture for the Internet of Things (OSCAR) object with group key security. In [15], the authors used the concept of decentralized fog computing architecture to map privacy patterns for IoT. They used a smart vehicle use case scenario as a proof of concept to elaborate how privacy-by-design can be used in a practical instance to preserve users’ privacy. The works discussed above mostly provide a proof of concept for the proposed IoT architecture but very few of them provided working evidence of such an architecture. Given the limited resources of typical IoT systems, it is important to analyze the performance of security algorithms in real-world IoT scenarios. There are several papers that discussed the performance of security algorithms for IoT devices when proposing a new IoT model. Recently, a survey paper published a detailed description of lightweight algorithms, but no real-time experiments were conducted for performance analysis [16]. Buchanan et al. published a paper on lightweight cryptography methods and performed an in depth analysis of some of them [17]. They used Fair Evaluation of Lightweight Cryptographic Systems (FELICS) bench-marking to test the efficiency of algorithms for software implementations on 8-bit, 16-bit, and 32-bit micro-controllers. They performed a fair comparison and obtained some interesting findings, but their experiments were conducted for fixed block sizes and no real-world use cases were evaluated using hardware implementations or IoT sensors. A high-performance and low-energy implementation of cryptographic primitives was carried out for programmable system-on-chip IoT devices in [18].

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    14 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us