SeCaS: Secure Capability Sharing Framework for IoT Devices in a Structured P2P Network

Abstract

The emergence of the internet of Things (IoT) has resulted in the possession of a continuously increasing number of highly heterogeneous connected devices by the same owner. To make full use of the potential of a personal IoT network, there must be secure and effective cooperation between them. While application platforms (e.g., Samsung SmartThings) and interoperable protocols (e.g., MQTT) exist already, the reliance on a central hub to coordinate communication introduces a single-point of failure, provokes bottleneck problems and raises privacy concerns. In this paper we propose SeCaS, a Secure Capability Sharing framework, built on top of a peer-to-peer (P2P) architecture. SeCaS addresses the problems of fault tolerance, scalability and security in resource discovery and sharing for IoT infrastructures using a structured P2P network, in order to take advantage of the self-organised and decentralised communication it provides. SeCaS brings three main contributions: (i) a capability representation that allows each device to specify what services they offer, and can be used as a common language to search for, and exchange, capabilities, resulting in flexible service discovery that can leverage the properties on a distributed hash table (DHT); (ii) a set of four protocols that provides identification of the different devices that exist in the network and authenticity of the messages that are exchanged among them; and (iii) a thorough security and complexity analysis of the proposed scheme that shows SeCaS to be both secure and scalable.