Secure and User-Friendly Commissioning and Bootstrapping of Constrained Devices
Master thesis
Permanent lenke
http://hdl.handle.net/11250/2388270Utgivelsesdato
2015Metadata
Vis full innførselSamlinger
Sammendrag
The spread of Internet of Things (IoT) systems, based on the introductionof constrained devices into physical objects, has required particular effortsto improve security, privacy and simplicity of such systems. The goal ofthis work is to find secure and user-friendly ways for the commissioningand bootstrapping of constrained devices, working with Bluetooth LowEnergy (BLE) as the main wireless communication technology. Animportant assumption for future constrained devices is the absence ofinput/output interfaces like keyboards and displays. That represents thereal challenge which makes the traditional security mechanisms unfeasible.
At first, an analysis of some products from the current generation ofIoT systems has shown a lack in term of security or simplicity. Startingfrom these results this work defines the security requirements to ensureauthentication and confidentiality/integrity for the information exchanged.Then it presents some user-friendly solutions to initiate such devices basedon the security requirements defined. These solutions require only fewinteractions and knowledge for the final users.
After a study of the security features offered by BLE and defined theuser-friendliness level required, scenarios that combine BLE and NFCtechnologies seem to be the best solutions. NFC can be used as the Out-of-Band (OOB) channel for BLE pairing method, providing authenticationand limiting the risk of Man In The Middle (MITM) attacks and passiveeavesdropping. This combination also increase the simplicity and avoidtypical authentication techniques like passkey insertion. The conjunctionBLE-NFC can be easily managed to produce several solutions for differentscenarios. Scenario with movable devices represents the easiest solution.Instead, fixed targets require support devices, like smartphone or tablet,to reach the goal. However, both are based on the same principles.
The presented solutions aim to be considered for the next generationof IoT systems, increasing security and user-friendly level. Current andnear future chips combine BLE and NFC in a unique product which makethe solutions low cost and easy to implement.