University of Paderborn
In this paper, the authors discuss security procedures for constrained IoT devices. They start with the description of a general security architecture along with its basic procedures, then discuss how its elements interact with the constrained communication stack and explore pros and cons of popular security approaches at various layers of the ISO/OSI model. They also discuss a practical example for the establishment of end-to-end secure channels between constrained and unconstrained devices. The proposed method is lightweight and allows the protection of IoT devices through strong encryption and authentication means, so that constrained devices can benefit from the same security functionalities that are typical of unconstrained domains, without however having to execute computationally intensive operations.