Flexible IoT security middleware for end-to-end cloud-fog communication

摘要

IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clouds i.e., 'fogs' along with public clouds. They provide critical data during scenarios ranging from e.g., disaster response to in-home healthcare. However, for these devices to work effectively, end-to-end security schemes for the device communication protocols have to be flexible and should depend upon the application requirements as well as the resource constraints at the network-edge. In this paper, we present the design and implementation of a flexible IoT security middleware for end-to-end cloud fog communications involving smart devices and cloud-hosted applications. The novel features of our middleware are in its ability to cope with intermittent network connectivity as well as device constraints in terms of computational power, memory, energy, and network bandwidth. To provide security during intermittent network conditions, we use a 'Session Resumption' algorithm in order for our middleware to reuse encrypted sessions from the recent past, if a recently disconnected device wants to resume a prior connection that was interrupted. In addition, we describe an 'Optimal Scheme Decider' algorithm that enables our middleware to select the best possible end-to-end security scheme option that matches with a given set of device constraints. Experiment results show how our middleware implementation also provides fast and resource-aware security by leveraging static properties i.e., static pre-shared keys (PSKs) for a variety of IoT-based application requirements that have trade-offs in higher security or faster data transfer rates. (C) 2018 Elsevier B.V. All rights reserved.