Technical Reports

Report Date Covered Start
Report Date Covered End
Report Submission Date
Project Implementation Countries
Project Leaders
Prof Vijay Varadharajan
Team Members
Dr Uday Tupakula [email protected]
Kallol Krishna Karmakar [email protected]
Partner Organizations
Total Budget Approved
USD 21,600

Software Defined Networks based Security Architecture for IoT Infrastructures

Prof Vijay Varadharajan and Dr Uday Tupakula

There has been a rapid growth in the Internet of Things (IoT), with an ever-increasing number of physical devices being connected to the Internet at an unprecedented rate; recent forecasts suggest the number of IoT devices will reach 31 billion in 2020 [8]. These IoT devices are heterogeneous with different operating systems and connectivity capabilities ranging from wireless to mobile networks, often deployed in somewhat uncontrolled and untrustworthy environments, can pose significant and somewhat unique challenges in security and privacy. The main goal of the proposed project was to develop a secure IoT architecture by leveraging the underlying features supported by Software Defined Networks (SDN). The project developed fine granular security policies and a lightweight security protocol to authenticate IoT devices and authorise them to access services in network infrastructure in a secure manner. The project involved three stages. In the first stage, we conducted a detailed study of security attacks on IoT infrastructures and the different security solutions that currently exist to counteract the various types of attacks. Then we analysed the pros and cons of the existing solutions, and developed security requirements that need to be addressed in designing security architecture for IoT Applications. As part of second stage, we developed a lightweight authentication protocol based on a novel public key encryption scheme. The proposed protocol achieved a balance between the efficiency and communication cost without sacrificing security. In the third stage, we proposed a SDN based security architecture for IoT systems. Our security architecture allowed specification of fine granular access policy constraints on communications between end users, devices and services in a distributed environment. A novel feature of the proposed architecture is its ability to specify path based security policies, which is a distinct advantage in SDNs.