Thèses sur le sujet « IoT, Security IoT, IoT Protocol, 5G »

The widespread availability of many emerging services enabled by the Internet of Things (IoT) paradigm passes through the capability to provide long-range connectivity to a massive number of things, overcoming the well-known issues of ad-hoc, short-range networks. This scenario entails a lot of challenges, ranging from the concerns about the radio access network efficiency to the threats about the security of IoT networks. In this thesis, we will focus on wireless communication standards for long-range IoT as well as on fundamental research outcomes about IoT networks. After investigating how Machine-Type Communication (MTC) is supported nowadays, we will provide innovative solutions that i) satisfy the requirements in terms of scalability and latency, ii) employ a combination of licensed and license-free frequency bands, and iii) assure energy-efficiency and security.
La diffusione capillare di molti servizi emergenti grazie all’Internet of Things (IoT) passa attraverso la capacità di fornire connettività senza fili a lungo raggio ad un numero massivo di cose, superando le note criticità delle reti ad hoc a corto raggio. Questa visione comporta grandi sfide, a partire dalle preoccupazioni riguardo l’efficienza delle rete di accesso fino alle minacce alla sicurezza delle reti IoT. In questa tesi, ci concentreremo sia sugli standard di comunicazione a lungo raggio per l’IoT sia sulla ricerca di base per le reti IoT. Dopo aver analizzato come vengono supportate le comunicazioni Machine-to-Machine (M2M) oggi, forniremo soluzioni innovative le quali i) soddisfano i requisiti in termini di scalabilità e latenza, ii) utilizzano una combinazione di bande di frequenza licenziate e libere e iii) assicurano efficienza energetica e sicurezza.

Internet of Things (IoT) is an ecosystem comprises CT (Communication Technology),IT (Information Technology) and sometime OT (Operational Technologies) wheredifferent machines and devices can interact with each other and exchange useful datawhich can be processed using different IoT applications to take decisions and performrequired actions. Number of IoT devices and IoT networks are growing exponentially.Security is of utmost importance and without proper security implementation, IoTNetworks with billions of devices will be hacked and used as botnets which can createdisaster. The new IoT use cases cannot be realized using the current communicationtechnologies due to the QoS (Quality of Service) and business requirements. 5Gnetwork are designed keeping IoT use cases in mind and with the development of 5Gnetwork, it will be easier to implement more secured IoT network and enable differentIoT use cases which are not feasible today.To build the future IoT networks with 5G, it’s important to study and understand 5Gsecurity features. Security is perceived as one of the most important considerationwhile building IoT solutions and to implement 5G network for IoT solutions require anoverall understanding of 5G security features. In the thesis, work have been done toidentify the gap in the current research with respect to 5G security features anddescribe 5G features that will enhance IoT security. After identifying key 5G securityfeatures, the implementation of the identified 5G security features will be describedwith the 5G based smart grid and smart factory use cases. The key finding is howdifferent 5G security capabilities secure IoT communication and another importantfinding is that not all security capabilities are applicable to all IoT use cases. Hence,security capabilities to be used based on the 5G use case requirement.

This literature review aims to identify the security challenges facing 5G and Internet of Things. The literature review uses a systematic method for reviewing written by Okoli (2015). During the review, 60 articles were initially selected. These were screened from a number of quality criteria until 19 articles remained. Furthermore, the security challenges presented in these 19 articles are divided into their respective subject areas and based on whether the article writes about security threats or security control. The results give an overview of which of these subjects are most commonly written about in relation to security, 5G and Internet of Things. The review sheds light on the absence of certain threats and their respective controls. The review also sheds light on the absence of a holistic perspective when regarding security in the context of 5G and Internet of Things.
Denna litteraturstudie identifierar de säkerhetsutmaningar som finns i relation till 5G och Internet of Things. Litteraturstudien använder en systematisk metod för litteratursökning som är författad av Okoli (2015). I samband med litteratursökningen görs ett urval på 60 artiklar som mot kvalitetskriterier avgränsas till 19 artiklar. Säkerhetsutmaningarna som presenteras i dessa 19 artiklar delas vidare upp delvis efter vilket område av säkerhet de behandlar samt om de presenterar en säkerhetsrisk eller säkerhetsåtgärd. Resultatet ger en överblick av vilka av dessa områden inom säkerhet relaterade till 5G och Internet of Things som är vanligast förekommande. Undersökningen belyser avsaknaden av vissa typer av säkerhetsrisker och åtgärder som svarar för dessa. Undersökningen belyser också en avsaknad av ett mer holistiskt perspektiv i synen på säkerhet relaterat till 5G och framtidens Internet of Things.

This research studies the security challenges in IoT devices. At first, security challenges have been described and then specifically the security of communication protocols in the IoT has been addressed. Finally, among different communication protocols, ZigBee and Z-Wave protocols have been chosen for this study. The criterion for choosing these two protocols is the level of security they provide for IoT devices to protect them against unauthorized access and hacking. Security, frequency, power consumption and data rate are the characteristics that have been discussed in the review of these two protocols. In the end, a comparison of the various features of these two protocols clarified that the security of IoT devices in each of these protocols depends on the type of the IoT device, the required range and other requirements, however, in most cases the ZigBee protocol showed more security than Z-Wave.

With the ever increasing number of Internet of Things devices going out on the market for consumers that are Zigbee certified there is a need for security testing. This is to make sure that security standards are upheld and improved upon in order to make sure networks are protected from unauthorized users. Even though a lot of research and testing has been done on the Zigbee key exchange mechanism, called Zigbee commissioning, improvements have still not been enough with severe vulnerabilities in consumer grade devices still existing today. The devices tested in this study use EZ-mode commissioning in order to exchange the network key between a Zigbee coordinator and a Zigbee end device in order to encrypt later communication after being paired.  By using a simple radio receiver and a packet capturing program such as Wireshark an eavesdropping attack was conducted in order to capture the network key. The experiment demonstrates that this is still a weak point as the network key was successfully captured using eavesdropping. The analysis of the results show that previous criticisms of Zigbee commissioning have still not fully been addressed and can be a potential weak point in networks that use Zigbee certified IoT products.

The surge of mobile devices, such as smartphones, and tables, demands additional capacity. On the other hand, Internet-of-Things (IoT) and smart grid, which connects numerous sensors, devices, and machines require ubiquitous connectivity and data security. Additionally, some use cases, such as automated manufacturing process, automated transportation, and smart grid, require latency as low as 1 ms, and reliability as high as 99.99\%. To enhance throughput and support massive connectivity, sharing of the unlicensed spectrum (3.5 GHz, 5GHz, and mmWave) is a potential solution. On the other hand, to address the latency, drastic changes in the network architecture is required. The fifth generation (5G) cellular networks will embrace the spectrum sharing and network architecture modifications to address the throughput enhancement, massive connectivity, and low latency. To utilize the unlicensed spectrum, we propose a fixed duty cycle based coexistence of LTE and WiFi, in which the duty cycle of LTE transmission can be adjusted based on the amount of data. In the second approach, a multi-arm bandit learning based coexistence of LTE and WiFi has been developed. The duty cycle of transmission and downlink power are adapted through the exploration and exploitation. This approach improves the aggregated capacity by 33\%, along with cell edge and energy efficiency enhancement. We also investigate the performance of LTE and ZigBee coexistence using smart grid as a scenario. In case of low latency, we summarize the existing works into three domains in the context of 5G networks: core, radio and caching networks. Along with this, fundamental constraints for achieving low latency are identified followed by a general overview of exemplary 5G networks. Besides that, a loop-free, low latency and local-decision based routing protocol is derived in the context of smart grid. This approach ensures low latency and reliable data communication for stationary devices. To address data security in wireless communication, we introduce a geo-location based data encryption, along with node authentication by k-nearest neighbor algorithm. In the second approach, node authentication by the support vector machine, along with public-private key management, is proposed. Both approaches ensure data security without increasing the packet overhead compared to the existing approaches.

La technologie de réseau cellulaire de 5ème génération (5G) sera le réseau supportant l'Internet des objets (IoT). Elle a introduit une fonctionnalité majeure, communications appareil-à-appareil (D2D), que permettent communications sans fil à consommation d'énergie restreinte en interagissant à proximité et à puissance d'émission plus faible. La coopération entre appareils suscit donc un intérêt considérable pour l'énergie, et peut être utilisé en conjonction avec la récupération d'énergie pour prolonger la durée de vie des appareils. Les programmes de coopération renforcent la mise en réseau d'un appareil à l'autre, ce qui accroît la nécessité d'exécuter des mécanismes de sécurité pour assurer la protection des données et les relations de confiance entre les nœuds du réseau.Ces mécanismes sont fondamentaux pour la protection contre les attaques malveillantes mais elles représentent aussi une importante consommation d'énergie, souvent négligée en raison de l'importance de la protection des données. L'établissement d'un canal securisé peut être coûteux en termes d'utilisation du CPU, la mémoire et la consommation d'énergie, surtout si les appareils sont limités en ressources. La confidentialité et l’intégrité des données ont un faible coût énergétique, mais sont utilisées en permanence. Il est donc nécessaire de quantifier la consommation d'énergie engendrée par la sécurité d'un appareil. Un modèle énergétique basé sur la sécurité est proposé pour répondre à cet objectif.Dans les réseaux composés d'équipements d'utilisateurs (UE), la mobilité est une caractéristique clé. Elle peut agir sur la connexion à proximité d'objets IoT, étendant la couverture 5G vers l'IoT via les UEs. Une solution d'authentification légère est présentée qui permet par l'authentification directe et des communications UE-IoT, d'étendre la couverture et réaliser des économies d'énergie potentielles importantes. Cette approche peut être particulièrement utile en cas de catastrophe où l'infrastructure réseau peut ne pas être disponible.La condentialité et l'authentification des données sont une source de consommation d'énergie importante. Les appareils équipés avec équipements de collecte d'énergie (EH) peuvent avoir un excédent ou un déficit d'énergie. La sécurité appliquée peut donc être ajustée en fonction de l'énergie disponible d'un appareil, en introduisant l'établissement de canal sécurisé qui tient compte de la consommation d'énergie. Après avoir étudié en profondeur les normes 5G, il a été constaté que les réseaux d'UE D2D utilisant ce type de norme dépenseraient une quantité importante d'énergie et seraient généralement moins sûr. Un mécanisme léger de recléage est donc proposé pour réduire les coûts liés cette adaptation. Pour compléter le concept de canal sécurisé prenant en compte l'énergie et le mécanisme de recléage, une méthode de bootstrapping des paramètres de sécurité est également présentée. Le méthode désigne le cœur du réseau (CN) comme responsable de la politique de sécurité, rend l'ensemble du réseau plus sûr et aide à prévenir les pannes de communication. L'adaptation susvisé requiert l'étude du compromis entre l’énergie et sécurité. À cette fin, un processus décisionnel de Markov (MDP) modélisant un canal de communication est présenté lorsqu'un agent choisit les éléments de sécurité à appliquer aux paquets transmis. Ce problème d'optimisation du contrôle stochastique est résolu par plusieurs algorithmes de programmation dynamique et d’apprentissage par le renforcement (RL). Les résultats montrent que l'adaptation susvisé peut prolonger de manière significative la durée de vie de l'équipement et de la batterie, et améliore la fiabilité des données tout en offrant des fonctions de sécurité. Une étude comparative est présentée pour les différents algorithmes RL. Puis une approche d'apprentissage Q-profond (DQL) est proposé que améliore la vitesse d'apprentissage de l'agent et la fiabilité des données
The 5th Generation Cellular Network Technology (5G) will be the network supporting the Internet of Things (IoT) and it introduced a major feature, Device-to-Device (D2D) communications. D2D allows energy-constrained wireless devices to save energy by interacting in proximity at a lower transmission power. Cooperation and device-assisted networking therefore raise signicant interest with respect to energy saving, and can be used in conjunction with energy harvesting to prolong the lifetime of battery-powered devices. However, cooperation schemes increase networking between devices, increasing the need for security mechanisms to be executed to assure data protection and trust relations between network nodes. This leads to the use of cryptographic primitives and security mechanisms with a much higher frequency.Security mechanisms are fundamental for protection against malicious actions but they also represent an important source of energy consumption, often neglected due to the importance of data protection. Authentication procedures for secure channel establishment can be computationally and energetically expensive, especially if the devices are resource constrained. Security features such as condentiality and data authentication have a low energetic cost but are used constantly in a device engaged in data exchanges. It is therefore necessary to properly quantify the energy consumption due to security in a device. A security based energy model is proposed to achieve this goal.In User Equipment (UE) D2D networks, mobility is a key characteristic. It can be explored for connecting directly in proximity with IoT objects. A lightweight authentication solution is presented that allows direct UE-IoT communications, extending coverage and potentially saving signicant energy amounts. This approach can be particularly useful in Public Protection and Disaster Relief (PPDR) scenarios where the network infrastructure may not be available.Security features such as condentiality or data authentication are a significant source of consumption. Devices equipped with Energy Harvesting (EH) hardware can have a surplus or a deficit of energy. The applied security can therefore be adjusted to the available energy of a device, introducing an energy aware secure channel. After in depth analysis of 5G standards, it was found that D2D UE networks using this type of channel would spend a signicant amount of energy and be generally less secure. A lightweight rekeying mechanism is therefore proposed to reduce the security overhead of adapting security to energy. To complete the proposed rekeying mechanism, a security parameter bootstrapping method is also presented. The method denes the Core Network (CN) as the security policy maker, makes the overall network more secure and helps preventing communication outages.Adapting security features to energy levels raises the need for the study of the energy/security tradeoff. To this goal, an Markov Decision Process (MDP) modeling a communication channel is presented where an agent chooses the security features to apply to transmitted packets. This stochastic control optimization problem is solved via several dynamic programming and Reinforcement Learning (RL) algorithms. Results show that adapting security features to the available energy can signicantly prolong battery lifetime, improve data reliability while still providing security features. A comparative study is also presented for the different RL learning algorithms. Then a Deep Q-Learning (DQL) approach is presented and tested to improve the learning speed of the agent. Results confirm the faster learning speed. The approach is then tested under difficult EH hardware stability. Results show robust learning properties and excellent security decision making from the agent with a direct impact on data reliability. Finally, a memory footprint comparison is made to demonstrate the feasibility of the presented system even on resource constrained devices

Nowadays, Internet of Things (IoT) applications are gaining more importance in people’s everyday life. Depending of their usage (for long or short distance communications, using low or high power devices, etc.), several standards exist. In this study, the focus is on Low Power Wide Area Networks (LPWAN) and particularly a protocol which is raising in popularity for long-range low-power communications in IoT: LoRaWAN. LoRaWAN is still at an early stage and has been mainly used in use cases where the network server was managing the keys ensuring confidentiality and integrity of the data. Gemalto has raised the issue of interest conflicts in the case where the network operator and the application provider are two distinct entities: if the end-device and the application server are exchanging sensitive data, the network server should not be able to read them. In order to solve this problem, an architecture using a trusted third party to generate and manage the keys has been implemented during this project. The following research aims at finding security threats and weaknesses on the confidentiality and integrity of the data and devices’ authentication in this study case. The LoRaWAN protocol and key management in general were studied first before describing the studied system and finding the possible attacks exploring its vulnerabilities on the mentioned points via an attack tree. These attacks were simulated in order to define their consequences on the system and according to them, security improvements on the architecture was proposed based on previous work on the topic and exploration on potential countermeasures.
Idag blir Internet av saker (IoT) applikationer allt viktigare i människors vardag. Beroende på användningen (för långeller kortdistanskommunikation, med låga eller höga effektenheter etc.) finns flera standarder. I denna studie ligger fokus på Low Power Wide Area Networks (LPWAN) och i synnerhet ett protokoll som ökar i popularitet för långsiktig lågkapacitetskommunikation i IoT: LoRaWAN. LoRaWAN är fortfarande på ett tidigt stadium och har i huvudsak använts i användarfall där nätverksservern hanterade nycklarna som säkerställer konfidentialitet och integritet av data. Gemalto har tagit upp frågan om intressekonflikter i det fall nätverksoperatören och programleverantören är två separata enheter: Om slutanordningen och applikationsservern utbyter känslig data, ska nätverksservern inte kunna läsa dem. För att lösa detta problem har en arkitektur som använder en betrodd tredje part för att generera och hantera nycklarna implementerats under det här projektet. Följande forskning syftar till att hitta säkerhetshot och svagheter om konfidentialiteten och integriteten hos data och enheternas autentisering i detta studiefall. LoRaWAN-protokollet och nyckelhanteringen i allmänhet kommer att studeras först innan författaren beskriver det studerade systemet och upptäcker de eventuella attacker som undersöker sårbarheten på de nämnda punkterna via ett angreppsträd. Dessa attacker kommer att simuleras för att definiera deras konsekvenser på systemet och enligt dem kommer säkerhetsförbättringar på arkitekturen att föreslås utifrån tidigare arbete med ämnet och undersökning av potentiella motåtgärder

Denna undersökning har granskat det problem som uppstår i samband med den snabba utvecklingen utav Internet of Things där de lågenergienheter saknar kraft för att utföra avancerade säkerhetslösningar. På grund av den låga säkerheten och växande användningsområdet så har Internet of Things enheterna blivit ett lockande mål för eventuella attacker. Den systematiska litteraturanalysen har genomförts genom att granska tidigare mer detaljerade analyser av protokollen och dess säkerhet samt utvecklarnas specifikationer. Detta för att bland annat skapa en sammanfattning utav protokollens säkerhet men också för att sedan jämföra protokollen för att kunna ta fram det säkrare protokollet för hemanvändning. Alla protokoll som tas upp har någon form av säkerhet implementerad för att förse med autentisering i form av MAC (i vissa fall HMAC), nyckelhantering, integritet i form av MIC och kommunikationssäkerhet med kryptering. Alla protokoll har stöd för AES-128 kryptering samt användning av IEEE 802.15.4 säkerhetsserie som ytterligare skydd utöver protokollens egna lösningar. Flertalen av protokollen använder sig också av Elleptic Curve för att säkert transportera nycklar. Analysens slutsats visar att Thread och Z-Wave anses som de två säkraste protokollen för hemmaanvändning. Det baserat på hur protokollen hanterar de olika aspekterna med sin märkbara prioritering av säkerhet tillsammans med det få antalet brister som kan skada det smarta hemmet. Bluetooth Low Energy och EnOcean är de två mindre säkra gällande en IoT miljö. Undersökningen tar också med en diskussion kring olika områden som dykt upp under undersökningens gång. Slutligen tas några punkter som dök upp under granskningen som kan vara bra att tänka på vid utveckling av dessa protokoll men säkerhet i tanken.
This study has examined the problems that arise in connection with the rapid development of the Internet of Things, where the low-energy units lack the power to implement advanced security solutions. Due to the low security and growing area of use, the Internet of Things units have become an attractive target for any attacks. The systematic literature analysis has been carried out by reviewing previously more detailed analyzes of the protocols and their security as well as the developers' specifications. This is to create a wide summary of the security of the protocols and then to compare the protocols to select one or more as the safer protocol for home use. All protocols that are included have some form of security implemented to provide authentication in the form of MAC, key management, integrity in the form of MIC and communication security with encryption. All protocols support AES-128 encryption and the use of IEEE 802.15.4 security suit as additional protection in addition to the protocol's own solutions. The majority of protocols also use Elleptic Curve to safely transport keys. The analysis concludes that Thread and Z-Wave are considered the two most secure home use protocols. It is based on how the protocols handle the various aspects with their noticeable prioritization of security along with the few deficiencies that can damage the smart home. Bluetooth Low Energy and EnOcean are thetwo less secure regarding an IoT environment. The survey also includes a discussion of various areas that emerged during the course of the investigation. Finally, some points that emerged during the review that may be good to consider when developing these protocols with security as focus.

Using low energy devices to communicate over the air presents many challenges to reach security as resources in the world of Internet Of Things (IoT) are limited. Any extra overhead of computing or radio transmissions that extra security might add affects cost of both increased computing time and energy consumption which are all scarce resources in IoT. This thesis details the current state of security mechanisms built into the commercially available protocol stacks Zigbee, Z-wave, and Bluetooth Low Energy, and collects implemented and proposed solutions to common ways of attacking systems built on these protocol stacks. Attacks evaluated are denial of service/sleep, man-in-the-middle, replay, eavesdropping, and in mesh networks, sinkhole, black hole, selective forwarding, sybil, wormhole, and hello flood. An intrusion detection system is proposed to detect sinkhole, selective forwarding, and sybil attacks in the routing protocol present in the communication stack Rime implemented in the operating system Contiki. The Sinkhole and Selective forwarding mitigation works close to perfection in larger lossless networks but suffers an increase in false positives in lossy environments. The Sybil Detection is based on Received Signal Strength and strengthens the blacklist used in the sinkhole and selective forwarding detection, as a node changing its ID to avoid the blacklist will be detected as in the same geographical position as the blacklisted node.

With the term Internet of Things (IoT) we define an eco-system formed by interconnected “smart” objects (things) that: are connected, able to interact,and exchange and elaborate data. To communicate its data and to have access to aggregate information of neighbors make a thing recognizable and it is the basis to fuel it with ‘intelligence’, as is the ability to autonomously re-act to changes in the environment. As an example, an alarm clock could ring earlier than expected according to the expected travel time needed to reach the destination, an heating system could adjust its settings if the outside temperature drastically decreases, etc. In order to perform its operations, IoT devices are able to map the real word in the “cyber” one and vice-versa.It easy to understand that the possible applications of IoT systems are end-less: manufacturing processes, autonomous driving, health, environmental protection, etc.It is extremely difficult to design a protocol that is able to embrace every single IoT use-case due to the diverse scenario requirements and the heterogeneous devices types. Recently, new protocols able to simplify the communications have been standardized. As an example, Institute of Electrical Electronic Engineers (IEEE) 802.15.4 defines the physical and Medium Access Control (MAC) layers for Wireless Sensor Network (WSN). Moreover,in order to fully interconnect the IoT devices through Internet, a number of adaptation layers have been defined by the Internet Engineering Task Force (IETF) community, such as 6LoWPAN and RPL. Application-level protocols have been standardized as well, even though they suffer from the usual trend between the need for standardization and the tendency of manufacturers to create a ‘closed’ ecosystem to lock the customers to a specific vendor. Nevertheless, the market seems to be oriented toward open proto-cols, like Constrained Application Protocol (CoAP) (developed by IETF),Message Queue Telemetry Transport (MQTT) (ISO/IEC PRF 20922), and Lightweight M2M (LwM2M) (developed by the Open Mobile Alliance for M2M).Obviously proprietary solutions still exist, and paying a royalty offers the advantage of “certified” devices that (hopefully) should inter-operate in a seamless way. The principal industrial solutions are ZigBee, LoRa/LoRaWAN, and Sigfox. One of the most serious issues in IoT are in the privacy and security areas. Firstly, the devices to communicate use wireless technologies and, for definition, are easy to eavesdrop, secondly the devices interact directly with the real world, raising concerns in the privacy and safety of users. These are aspects must not be underestimated because a small “incident” can lead to safety risks. In general, IoT security issues are quite similar to the “traditional” devices ones, e.g., use un-encrypted messages, weak authentication methods, guessable password and user names, default login information left unchanged upon deployment, etc. In addition to these problems, IoT devices have computational and memory limitations, they are often battery-powered,and placed in inaccessible areas. These problems make it hard, if not impossible, to use ‘traditional’ security policies and attack countermeasures. As a consequence, novel security approaches must be developed.

Кваліфікаційна робота присв’ячена дослідженню протоколів взаємодії IoT-пристроїв та систем і формуванню інформаційно-технологічної платформи для управління IoT-пристроями. В першому розділі кваліфікаційної роботи розглянуто актуальність досліджень в галузі Інтернету речей. Висвітлено проблематику Інтернету речей. Проаналізовано сучасний стан досліджень в галузі. Описано IoT-екосистему. В другому розділі кваліфікаційної роботи розглянуто протоколи передачі даних для IoT-пристроїв та систем. Досліджено IoT-протоколи маршрутизації мережевого рівня. Описано протоколи інкапсуляції мережевого рівня IoT. Проаналізовано IoT-протоколи сеансового рівня. Висвітлено протоколи управління IoT-пристроями та системами. В третьому розділі кваліфікаційної роботи розглянуто опис сформованої на основі аналізу наукових джерел структури інформаційно-технологічної платформи для інтеграції та управління IoT-пристроями, спроектованої у вигляді девятирівневої моделі. Окремо розглянуто електробезпеку робочих місць користувачів комп’ютерів та описано організацію цивільного захисту на об’єктах промисловості.
The qualification work is devoted to the study of protocols of interaction of IoT-devices and systems and the formation of an information technology platform for the management of IoT-devices. The first section of the qualification work considers the relevance of research in the field of the Internet of Things. The problems of the Internet of Things are covered. The current state of research in the field is analyzed. The IoT ecosystem is described. The second section of the qualification work discusses data transfer protocols for IoT devices and systems. IoT-protocols of network layer routing are investigated. IoT network layer encapsulation protocols are described. Session layer IoT protocols are analyzed. IoT devices and systems control protocols are covered. The third section of the qualification work considers the description of the structure of the information technology platform for integration and control of IoT-devices formed on the basis of the analysis of scientific sources, designed in the form of a nine-level model. The electrical safety of computer users' workplaces is considered separately and the organization of civil protection at industrial facilities is described.
ВСТУП ...8 1 ІНТЕРНЕТ РЕЧЕЙ – СТАН ТА ПЕРСПЕКТИВИ ДОСЛІДЖЕНЬ ...10 1.1 Актуальність досліджень в галузі Інтернету речей ...10 1.2 Проблематика Інтернету речей ...12 1.3 Аналіз сучасного стану досліджень ...14 1.4 IoT-екосистема ...19 1.5 Висновки до першого розділу ...21 2 СТАНДАРТИ ТА ПРОТОКОЛИ ДЛЯ ІНТЕРНЕТУ РЕЧЕЙ ...22 2.1 Протоколи передачі даних для IoT-пристроїв та систем ...22 2.2 IoT-протоколи маршрутизації мережевого рівня ...29 2.3 Протоколи інкапсуляції мережевого рівня IoT ...31 2.4 IoT-протоколи сеансового рівня ...33 2.5 Протоколи управління IoT-пристроями та системами ...38 2.6 Висновок до другого розділу ...40 3 ІНФОРМАЦІЙНО-ТЕХНОЛОГІЧНОЇ ПЛАТФОРМА ТА БЕЗПЕКА IOT-СИСТЕМ ...42 3.1 Структура інформаційно-технологічної платформи для інтеграції та управління IoT-пристроями ...42 3.2 Протоколи та стандарти для убезпечення IoT-систем...52 3.3 Проєкти для підвищення рівня безпеки IoT-пристроїв ...56 3.4 Висновок до третього розділу ...58 4 ОХОРОНА ПРАЦІ ТА БЕЗПЕКА В НАДЗВИЧАЙНИХ СИТУАЦІЯХ ...59 4.1 Електробезпека робочих місць користувачів комп’ютерів...59 4.2 Організація цивільного захисту на об’єктах промисловості та виконання заходів щодо запобігання виникненню надзвичайних ситуацій техногенного походження ...62 ВИСНОВКИ ...65 ПЕРЕЛІК ДЖЕРЕЛ ...67 ДОДАТКИ

碩士
南臺科技大學
電機工程系
107
The Internet of Things (IoT) is the concept that allows objects to become intelligently and interactively connected, and the primary developmental trend for the World Wide Web. However, hospitals and clinics have not become full adopters of the IoT due to the high standard of medical data protection required of healthcare institutions. The principle of their network utilization is, therefore, isolation by design. Furthermore, popular instant messaging technologies have gradually replaced conventional telecommunication technologies and costs, and have become an essential medium in everyday interaction. This study uses three Raspberry Pi 3 Model B and the SY-3000 6-in-1 biosensor module to build an IoT based mobile microsystem platform for processing medical information, integrating Qt, MQTT, TLS data encryption and VoIP communication technologies. The microsystem is tested for its cross-platform performance, low-energy consumption, low cost, immediate assistance, high security, and extension capability. This study hopes to use these technologies to improve medical personnel efficiency and improve operational procedure clustering and data record formatting. The microsystem also includes an instant audio communication component and can reduce installation cost and space consumption typical of conventional landline telephone systems. This microsystem will first serve hospitals and hospice care institutions, providing nurses stations with wifi-transmitted, simultaneous biosignal monitoring of multiple patients. In particular, the biosignal monitoring used in this microsystem builds on a Raspberry Pi integrated SY-3000 module, which is itself an IoT biosignal monitoring medical instrument. It uses Qt developer-designed user interface to provide text and graphics for medical personnel, and uses MQTT and TLS information security protocol for the transmission link with the nurses station, thereby effectively lower data transmission bandwidth demand and ensure patients' medical data privacy. There is also a second Raspberry Pi that acts as a Micro-Server, integrating MQTT, VoIP, LAMP servers to streamline management. Then a third Raspberry Pi serves as a nurses station dedicated to data management, which would receive biosignals from each ward via MQTT and TLS security protocol, confirm data upload to cloud data server and provide smart device monitoring capability. For patients and their family members, VoIP IV technology further provides communication capability with nurses stations for emergency assistance. Together, this IoT and voice communication system with total tracking and security can establish immediate patient health management and operation with the highest efficiency.

碩士
國立交通大學
電機資訊國際學程
105
IoT applications often work with sensitive data and are made up of a large number of constrained devices. These characters require that IoT applications must have a robust and scalable security solution. In this case, public-key cryptography can be the best choice if the cost of computation is acceptable for the constrained devices. For that reason, this work will introduce a low-cost public-key cryptography solution for the constrained devices. The solution is developed base on elliptic curve cryptography and Datagram Transport Layer Security (DTLS) protocol. The elliptic curve cryptography, combined with Elliptic Curve Qu-Vanstone (ECQV) implicit certificate, will offer a public-key cryptography solution with low-cost of computation and bandwidth for IoT applications, and by using the standard protocol DTLS, the solution can be accepted widely. The solution is a security protocol consisting of two phases. The first phase is registration phase in which a constrained node need to execute enrolment procedure to authenticate and get an ECQV implicit certificate from the certificate authority of the IoT system. The obtained ECQV implicit certificate is then used for performing authentication and key exchange scheme in the second phase, this phase is called secure key establishment phase. To prove the feasibility of the solution, an implementation of the protocol has been done based on an embedded SSL library – wolfSSL, and an evaluation of execution time of the implementation is also conducted to assess the efficiency of the solution.

The Internet of things (IoT) recently blossomed remarkably and has been transforming the everyday physical entities around us into an ecosystem of information that will enrich our lives in unimaginable ways. Authentication is one of the primary goals of security in the IoT and acts as the main gateway to a secure system which transmits confidential and/or private data.This thesis focuses on a Device-to-Device Mutual Authentication Protocol, designed for the smart home network, which is an essential component of communication in the Internet of Things(IoT). The protocol has been developed based on asymmetric cryptography to authenticate the devices in the network and for the devices to agree on a shared secret session key. In order to ensure the security of a communications session between the devices, the session keys are changed frequently - ideally after every communication session. The proposed scheme has been programmed in HLPSL, simulated and its efficiency verified using the SPAN/ AVISPA tool. When SPAN substantiates the protocol simulation and the attacker simulation, the back-ends of the AVISPA tool verifies the safety and security of the proposed authentication protocol. The thesis also evaluates the protocol's security against the attacks successful against protocols proposed by other researchers.
Graduate
0544
0984
0537
pwilson1@uvic.ca