A Lightweight and Secure IoT Remote Monitoring Mechanism Using DNS with Privacy Preservation

摘要

IoT remote control is faced with scalability, secure communication and privacy preservation issues and conventional solutions (HTTPS) have disclosed poor scaling problem and privacy concerns. In this paper, we propose a novel lightweight and secure IoT remote monitoring mechanism using DNS with privacy preservation. Basically, the communication between IoT devices and gateways uses the conventional protocols as usual such as CoAP and MQTT while only the remote monitoring uses DNS protocol. That is, encrypted IoT data, after being encoded with base64, is stored as a DNS TXT record of the domain name of the IoT device and only the designated users are allowed to query and decrypt the data based on TSIG authentication of DNS protocol and asymmetric cryptography. We implemented a prototype system over name-bound virtual networks (NBVNs) in which all virtual nodes are registered in DNS automatically and the network traffic is restricted within each NBVN. Through the preliminary evaluations we confirmed the effectiveness of secure communication and privacy preservation in IoT remote monitoring in the proposed mechanism.