The Journal of the Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회논문지)

The Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회)
권호 표지
DOI QR코드

DOI QR Code

Secure Configuration Scheme for Internet of Things using NFC as OOB Channel

NFC를 OOB 채널로 활용한 사물인터넷 보안 설정 기술

  • 김정인 (덕성여자대학교 디지털미디어학과) ;
  • 강남희 (덕성여자대학교 디지털미디어학과)
  • Received : 2016.05.14
  • Accepted : 2016.06.10
  • Published : 2016.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

The PSK (Pre-shared Secret Key) based method is appropriate for the IoT environment consisting of lightweight devices since this method requires less computing time and energy than the method to configure the session key based on the public key algorithm. A fundamental prerequisite for the PSK based method is that PSK should have been configured between the communication entities safely in advance. However, in case of a small sensor or actuator, no input and output interface such as keyboard and monitor required for configuration exists, so it is more difficult to configure PSK for such lightweight devices safely in the IoT environment than the previous Internet devices. Especially, normal users lack expertise in security so they face difficulty in configuration. Therefore, the default value configured at the time of manufacturing at factories is used or the device installer configures PSK in most cases. In such case, it is a matter for consideration whether all installers and manufacturers can be trusted or not. In order to solve such problem, this paper proposes a secure bootstrapping scheme, which utilizes the NFC (Near Field Communication) as an OOB (Out-Of-Band) channel, for lightweight devices with limited resources.

PSK(Pre-shared Secret Key) 기반 방식은 공개키 기반 알고리즘을 사용하여 세션키를 설정하는 방식보다 적은 계산 시간과 에너지를 사용하므로 경량화 장치로 구성되는 IoT 환경에 적절하다. PSK 기반 방식의 주요한 전제는 사전에 통신 주체 간에 PSK가 안전하게 설정되어야 한다는 것이다. 그러나 IoT 환경의 작은 센서나 액추에이터의 경우 설정을 위해 필요한 키보드, 모니터 같은 입출력장치가 부재하므로 기존 인터넷 장치들보다 PSK를 안전하게 설정하기가 어렵다. 특히 일반 사용자의 경우 보안전문지식이 부족하기 때문에 설정에 어려움이 있다. 따라서 공장에서 제조 시 설정되는 기본 값을 사용하거나 장치의 설치자가 설정하는 경우가 일반적이다. 이 경우 모든 설치자들과 제조사들을 신뢰할 수 있는지는 생각해 볼 문제이다. 이를 해결하기 위해 본 논문에서는 자원이 제한적인 소형 장치들을 대상으로, NFC(Near Field Communication)를 OOB(Out-Of-Band) 채널로 활용한 안전한 초기 설정 (secure bootstrapping) 기술을 제안한다.

Keywords

References

  1. Gartner, http://www.gartner.com/newsroom/id/2905717, Nov. 2014.
  2. Namhi Kang, “Survey on standard technologies for Internet of Things security,” Information and Communications Magazine, Vol. 31, No. 9, pp. 40-45, 2014.
  3. Jeongin Kim, Namhi Kang, “Secure Configuration Scheme of Pre-shared Key for Lightweight Devices in Internet of Things,” The Journal of the Institute of Internet, Broadcasting and Communication, Vol. 15, No. 3, pp. 1-6, 2015. https://doi.org/10.7236/JIIBC.2015.15.3.1
  4. Jiye Park, Saemi Shin, Namhi Kang, "Mutual Authentication and Key Agreement Scheme between Lightweight Devices in Internet of Things," The journal of KOREAN Institute of Communication and Information Science," Vol. 38, No. 9, pp. 707-714, 2013.
  5. P. Eronen, H. Tschofenig, "Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)", IETF Standard, RFC 4279, 2005.
  6. Myny, Kris, et al., “Flexible thin-film NFC tags,” IEEE Communications Magazine, Vol. 53, No. 10, pp. 182-189, 2015. https://doi.org/10.1109/MCOM.2015.7295482
  7. Atzori, Luigi, Antonio Iera, Giacomo Morabito, “The internet of things: A survey,” Computer networks, Vol. 54, No. 15, pp. 2787-2805, 2010. https://doi.org/10.1016/j.comnet.2010.05.010
  8. Kortvedt, Henning, and S. Mjolsnes. "Eavesdropping near field communication." The Norwegian Information Security Conference (NISK). Vol. 27. 2009.
  9. C. Jennings, "Transitive Trust Enrollment for Constrained Devices," IETF Internet Draft, draft-jennings-core-transitive-trust-enrollment-01, 2012.
  10. Han, J., Lin, Y. H., Perrig, A., & Bai, F, "MVSec: Secure and Easy-to-Use Pairing of Mobile Devices with Vehicles," CMU White Paper, CMUCyLab-14-006, 2014.
  11. Jiye Park, Namhi Kang, “Design of Smart Service based on Reverse-proxy for the Internet of Things,” The Journal of the Institute of Internet, Broadcasting and Communication, Vol. 14, No. 06, pp. 1-6, 2014.
  12. Yong-Soon Im, Eun-Young Kang, Jae-Pyo Park, “Security of Image Information using Steganography and QR Code in IoT,” The Journal of the Institute of Internet, Broadcasting and Communication, Vol. 15, No. 02, pp. 31-37, 2015.