The Internet of Things (IoT) refers to an interconnected world where physical devices seamlessly integrate into a global network and become active participants of business, information, and social processes. These physical devices are referred to as smart objects since they understand and react to the environment they reside in. However, deploying such Internet-connected smart objects is challenging, since they need to be correctly configured with appropriate network and security credentials. This is exacerbated by the fact that they have minimal input capabilities and may be in inaccessible locations. In this article , we describe how to employ the 3rd Generation Partnership Project (3GPP) Generic Bootstrapping Architecture (GBA) to ensure secure authentication and communication among a variety of devices and services. Although GBA relies on the infrastructure of mobile network operators, it requires no mobile network access but only IP connectivity to perform authentication. We show the feasibility of our approach with a prototype implementation that incurs in a minimal memory overhead. Experimental results also show that our solution is energy-efficient.
Mohit Sethi (Nomadic Lab Ericsson, Aalto University), Pranvera Kortoci, Maria Di Francesco, Tuomas Aura (Aalto University): Secure and Low-Power Authentication for Resource-Constrained Devices
Presentedt at the 5th International Conference on the Internet of Things (IoT), Seoul, 2015