mamun presentation finall
TRANSCRIPT
-
8/10/2019 Mamun Presentation Finall
1/17
IoT Security and a proposed
approach for securing IoT
Md Abdullah Al Mamun
Technical Presentation Skill
1
-
8/10/2019 Mamun Presentation Finall
2/17
Table of Contents
Introduction to IPSec and IPv6
Introuduction to IoT and Wirless Sensor Network
Introduction to I !"#$1%$& and 6'oWP(N
Co)pressed*'ightweight+ IPSec and It,s(pplication in IoT Security
#
-
8/10/2019 Mamun Presentation Finall
3/17
-
8/10/2019 Mamun Presentation Finall
4/17
IPsecData integrity
-
8/10/2019 Mamun Presentation Finall
5/17
-
8/10/2019 Mamun Presentation Finall
6/17
-
8/10/2019 Mamun Presentation Finall
7/17
IP/& and IP/6
%PV& 9ostly used IPprotocol toady
5# bit source anddestination
(ddress
%PV' Euture of IP
Protocol
1#! bit sourceand desitnationaddress
http0..www$cisco$co).en.FS.technologies.tk6&!.tk!#.technolo
gies7white7paper"B""aecd!"%&d5d$ht)l
I)age source
-
8/10/2019 Mamun Presentation Finall
8/17
IP/6 Atension ?eaderOrde
r
Header (ype Ne)t Header
Code
1 ;asic IPv6 ?eader
# ?op4by4?op :ptions "
&
-
8/10/2019 Mamun Presentation Finall
9/17
IP/6 Atension ?eader IP/6 provides eAtension header for supporting IPSec
B
http0..www$cisco$co).en.FS.technologies.tk6&!.tk!#.technolo
gies7white7paper"B""aecd!"%&d5d$ht)l
I)age source
-
8/10/2019 Mamun Presentation Finall
10/17
IoT and WSN
(he %nternet of (hings %o(! network of globally identi=able physical obGects *or things+
their integration with the Internet
their representation in the virtual or digital world
*ireless #ensor Networks *#N! technology that connects the virtual world and the physical
world
nodes can autono)ously co))unicate a)ong each otherand with intelligent syste)s$
1"
-
8/10/2019 Mamun Presentation Finall
11/17
Wireless Sensor Network
+otes ( very low cost low power
co)puter 9onitors one or )ore sensors (
-
8/10/2019 Mamun Presentation Finall
12/17
I !"#$1%$&
%Pv' over low,power PersonalArea Network '-o*PAN!
Fsed at Network 'ayer
%""" ./01231&I !"#$1%$& is astandard for low4powerlow data ratewireless co))unication
between s)all devicesS)all )aAi)u)trans)ison unit*9TF+ of1# bytes
1#
http0..d5uifHcAlHuv@H$cloudfront$net.i)ages.stories.content.handbook
s.protocols.ip4stack$Gpg
-
8/10/2019 Mamun Presentation Finall
13/17
6'oWP(N
'-o*PAN header co)pression
)echanis) that allowsIPv6 packages to berouted in I !"#$1%$&
Header co$pressionThe )aAi)u) physical4layer packet siHe of I !"#$1%$&packet is 1#byte and the )aAi)u) fra)e header siHe is#%byte$
(n IPv6 packet has to =t in 1"#byte$packet headers of a IPv6 packet consu)e &!byte of theavailable 1"#byteheader co)pression )echanis)s are an essential co)ponentof the 6'oWP(N standard$
15
!"#$1%$& ?eader IPv6 Payload
1# ;yte
IPv6 ?eader Co)pression
1"# ;yte
References: S$
-
8/10/2019 Mamun Presentation Finall
14/17
Need Eor IPSec Co)pression
%"(4,'-o*PAN,HC25denes headerco$pression
IP?C for IP headerco)pression
N?C for the neAt headerco)pression
In N?C unfortunatley noheader encodingsspeci=ed for (? and SPeAtension headers ofIPsec Protocol
Eor ensuring end to endsecurity IPSec should beincluded in 6'oWP(N
1&
References: S$
-
8/10/2019 Mamun Presentation Finall
15/17
6'oWP(N N?C ncoding
1%
1 " SPI SN 4 N?1 1
" 1 # 5 & % 6
1 " I2 N?1 1
" 1 # 5 & % 6
I20 Atension ?eader I2N?0 NeAt ?eader
SPI0 Security Para)eter IndeA
SN0 Se@uence Nu)ber
;IT
;IT
6'oWP(N Atensionfor IpsecJ4 in this paperresearcher proposedN?C encoding for (? and
SP eAtension:ut of eight possiblevalues for the Atension?eader I2*I2+ siA arespeci=ed by the ?C15draft$The re)aining twoslots *1"1 and 11"+ arecurrently reserved whichis now proposed for(?.SP Atension
https0..www$iab$org.wp4content.I(;4uploads.#"11."5.
-
8/10/2019 Mamun Presentation Finall
16/17
(pplication of Co)pressIPSec
16
The network is )ade ofT)ote sky based on a 164bits )sp&5" processorwith 1" kb
-
8/10/2019 Mamun Presentation Finall
17/17
Conclusion
1
WSNs will be an integral part of theInternet of things and IPv6 and 6'oWP(N arethe protocol standards that are eApected tobe used in this conteAt
IPsec is the standard )ethod to secureInternet co))unication and IPsec can beeAtended to sensor networks
It is possible and feasible to use
co)pressed IPsec to secure co))unicationbetween sensor nodes and hosts in theInternet$