In the Internet of Things (IoT), a large number of connectable devices will be connected to the Internet, with many of them being heterogeneous or resource-constrained in terms of processing power, memory, accessibility, and energy budget. Many IoT devices may communicate through assisting intermediaries, such as proxies or gateways, which can perform tasks including message forwarding and caching, or protocol translation.
State-of-the art protocols for IoT-based networks and applications are the standard Constrained Application Protocol (CoAP) and the standard security protocol Object Security for Constrained RESTful Environments (OSCORE). CoAP enables lightweight communication between client and server peers according to the same RESTful paradigm of HTTP, and natively supports intermediary proxies. OSCORE efficiently protects CoAP messages at the application layer, providing end-to-end security between the client and server peers also in the presence of intermediaries.
Particularly in IoT scenarios involving intermediaries like proxies, ensuring a high security level across all communication segments is crucial. To this end, a secure tunneling approach can be used for protecting application messages in two steps. First, a CoAP message is protected end-to-end with OSCORE between the client and server peers exchanging application data. Second, the same CoAP message is additionally protected with OSCORE by applying a second security layer that pertains to the client and the proxy. Among other benefits, the second OSCORE protection allows the proxy to securely identify the client before forwarding request messages to the server.
Thesis description
The goal of this project is to design, implement, and evaluate a solution for enabling the nested protection of CoAP messages using OSCORE, towards secure tunneled communication between IoT devices. Ongoing activities within the standardization body Internet Engineering Task Force (IETF) will be considered as a starting point for the work on the solution.
RISE will provide background information and the necessary guidance during the Master Thesis work. The tasks of the student for this Master Thesis project are:
Student profile
We are looking for an ambitious MSc student who has fulfilled the course requirements.
Good Java programming skills are required, as is good spoken and written English. Experience with network and communication security is a plus.
Applications should include a brief personal statement, a CV, and a list of grades. The application has to mention previous activities or other projects that are relevant for the position.
Welcome with your application
Candidates are encouraged to send in their application as soon as possible. Suitable applicants will be interviewed as applications are received. Last day of application is November 29, 2024. A successful candidate will have the opportunity to contribute to European Research & Development security projects. For more information, please contact Rikard Höglund (rikard.hoglund@ri.se) or Marco Tiloca (marco.tiloca@ri.se).
First day of employment | According to agreement |
---|---|
Salary | According to agreement |
City | Kista |
County | Stockholms län |
Country | Sweden |
Reference number | 2024/267 |
Contact |
|
Last application date | 29.Nov.2024 11:59 PM CET |