Security analysis of the constrained application protocol in the Internet of Things

  • Alghamdi T
  • Lasebae A
  • Aiash M
  • 65


    Mendeley users who have this article in their library.
  • 14


    Citations of this article.


The concept of Internet of Things involves huge number of constrained devices such as wireless sensors to communicate in a machine-to-machine pattern. Based on the implementation scenario, such communication might take place over a public network such as the Internet, which is based on the TCP/IP stack. However, different research working groups argue that some of these stack protocols such as the Hyper Text Transfer Protocol (HTTP) might not be suitable for constrained devices. Therefore, the IETF Constrained RESTful Environments (CoRE) WG has proposed the Constrained Application Protocol (CoAP); an application layer protocol for constrained devices in the IoTs. The CoRE WG proposed using IPSec or DTLS to secure the CoAP communication at different levels of the protocol stack. However, to investigate the feasibility of such a proposal, we use the X.805 security standard to analyze the security aspects of such implementation. The analysis highlights the main security drawbacks and hence argues of the need for a new integrated security solution.

Author-supplied keywords

  • CoAP
  • DTLS
  • IPSec
  • S-CoAP

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document


  • Thamer A. Alghamdi

  • Aboubaker Lasebae

  • Mahdi Aiash

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free