基于.Net Micro Framework框架的物联网网关的研究

物联网网关在物联网时代扮演着非常重要的角色,本文对基于.Net Micro Framework平台的多协议及网络自适应的物联网网关系统进行了研究,对实现感知网络与传统通信网络连接和不同类型感知网络之间的协议转换的物联网网关功能进行了分析。     

基于ONVIF协议的物联网网关设计与实现

基于物联网平台,设计了一种支持开放性网络视频接口论坛(open network video interface forum,ONVIF)协议的物联网网关。该网关采用四层架构设计,自底向上为感知接口层、协议适应层、数据模型同步和处理层以及平台通信层。感知接口层和协议适配层执行设备接入功能,称为设备接入模块;数据模型同步与处理层和平台通信层执行网关数据同步和通信功能,称为网关内部模块。网关与设备之间的通信是通过标准的ONVIF协议进行的;网关与云平台之间通过WebSocket方式通信。采用node.js设计实现该网关,并对其功能和性能进行测试,结果表明,支持ONVIF协议的网络摄像机可以通过网关连接到云平台,云平台可以实时查看设备图片数据。     

基于6LoWPAN协议的物联网开发平台的设计

本文主要介绍了基于6LoWPAN的物联网开发平台的设计原理和关键技术。笔者所设计和实现的物联网开发平台从IPv6应用和与3G网络异构集成的角度,实现了端到端的全IP通信。本平台集成了一个嵌入式网关、多种常用传感器节点和6LoWPAN协议栈,具有很好的推广应用价值。     

SIP应用层网关探讨及设计

基于SIP协议构建的网络如智能家居在进行私网和公网间通信时,由于SIP协议由于本身具有的特点.导致了基于SIP构建的私网穿透NAT/FW的难题 .通过分析SIP协议特点,本文提出利用"应用层网关(ALG)"方法来实现SIP网络穿透NAT/FW.文中详细的介绍了SIP应用层网关的原理和实现方法,并利用SIP应用层网关技术实现SIP对NAT/Firewall的穿越.     

基于边缘计算的物联网网关监控系统的研究

针对物联网设备通讯协议的多样性和云端计算力不足的问题,设计了一种基于边缘计算的物联网网关的监控系统,采用EdgeX Foundry边缘计算框架,以树莓派3B+为核心,运用Docker虚拟化容器技术,分布式部署微服务架构,通过仿真与实验相结合的方法,测试分析了基于多种通讯协议的物联网网关的传输性能,构建了基于Modbus通讯协议的温湿度报警系统,得出系统的平均时延为376ms。实验结果表明,物联网网关的传输性能满足工厂需求,为设备的数据采集与控制提供了新的思路,具有很高的应用价值。     

智能家庭网关在智能家居业务中的功能

随着物联网的发展,智能家居逐渐成为物联网研究的热点,智能家庭网关也逐渐成为智能家居的研究对象。文章介绍智能家庭网关在智能家居中的应用,阐述智能家庭网关与智能家居平台的接口关系,提出智能家庭网关连接智能家居平台的解决方案,探讨智能家庭网关在"智慧沃家"的业务流程中的应用。从业务场景、接入协议、插件的开发等方面分析智能家庭网关功能需求,为物联网智能家庭网关的研究和实践提供了参考。     

基于Simulink的传感网实时仿真系统研究

针对实际物联网开发过程中,由于物联网网关种类较多以及物联网结合嵌入式开发复杂的问题,在基于Matlab开发的物联网网关原型的基础上,在PC上实现了一种传感网实时仿真系统。该系统利用Matlab的建模工具Simulink结合其实时视窗目标构建而成,并在该系统中实现了Modbus协议,最终实现了与网关PC的实时通信。     

一种GRID路由协议的网关选取方法

原GRID路由协议的网关选取方法单一,不能适应节点高速随机移动的特征。提出基于结构熵的网关选取方法,定义了栅格内各节点的结构熵,利用节点的结构熵增量作为网关选取的主要准则,并改进了原GRID路由协议的网关选取方法。仿真结果表明,随着栅格节点密度的增加,改进型GRID路由协议使端到端平均时延下降0.2 s,平均跳数下降2跳次,但在一定程度上增加了路由开销。为今后路由协议的网关选取方法提供一种新的思路。     

Sierra Wireless携多产品线淘金中国物联网市场

SierraWireless的产品涵盖模块、网关和平台等,纵贯从前端到后台的三个环节,是产品线较广的物联网厂商之一。     

多媒体通信系统Internet网关的设计和实现

本文介绍了多媒体通信系统Ｉｎｔｅｒｎｅｔ网关的设计方案，该方案实现了内部协议和基于ＴＣＰ／ＩＰ的三个应用层协议之间的相互转换，使内部网络中的任意一个用户可通过该网关方便地访问Ｉｎｔｅｒｎｅｔ网上的信息资源。     

ECC-CoAP: Elliptic Curve Cryptography Based Constraint Application Protocol for Internet of Things

Constraint Application Protocol (CoAP), an application layer based protocol, is a compressed version of HTTP protocol that is used for communication between lightweight resource constraint devices in Internet of Things (IoT) network. The CoAP protocol is generally associated with connectionless User Datagram Protocol (UDP) and works based on Representational State Transfer architecture. The CoAP is associated with Datagram Transport Layer Security (DTLS) protocol for establishing a secure session using the existing algorithms like Lightweight Establishment of Secure Session for communication between various IoT devices and remote server. However, several limitations regarding the key management, session establishment and multi-cast message communication within the DTLS layer are present in CoAP. Hence, development of an efficient protocol for secure session establishment of CoAP is required for IoT communication. Thus, to overcome the existing limitations related to key management and multicast security in CoAP, we have proposed an efficient and secure communication scheme to establish secure session key between IoT devices and remote server using lightweight elliptic curve cryptography (ECC). The proposed ECC-based CoAP is referred to as ECC-CoAP that provides a CoAP implementation for authentication in IoT network. A number of well-known cryptographic attacks are analyzed for validating the security strength of the ECC-CoAP and found that all these attacks are well defended. The performance analysis of the ECC-CoAP shows that our scheme is lightweight and secure.

     

Secure communication in CloudIoT through design of a lightweight authentication and session key agreement scheme

Internet of Things (IoT) is a newly emerged paradigm where multiple embedded devices, known as things, are connected via the Internet to collect, share, and analyze data from the environment. In order to overcome the limited storage and processing capacity constraint of IoT devices, it is now possible to integrate them with cloud servers as large resource pools. Such integration, though bringing applicability of IoT in many domains, raises concerns regarding the authentication of these devices while establishing secure communications to cloud servers. Recently, Kumari et al proposed an authentication scheme based on elliptic curve cryptography (ECC) for IoT and cloud servers and claimed that it satisfies all security requirements and is secure against various attacks. In this paper, we first prove that the scheme of Kumari et al is susceptible to various attacks, including the replay attack and stolen-verifier attack. We then propose a lightweight authentication protocol for secure communication of IoT embedded devices and cloud servers. The proposed scheme is proved to provide essential security requirements such as mutual authentication, device anonymity, and perfect forward secrecy and is robust against security attacks. We also formally verify the security of the proposed protocol using BAN logic and also the Scyther tool. We also evaluate the computation and communication costs of the proposed scheme and demonstrate that the proposed scheme incurs minimum computation and communication overhead, compared to related schemes, making it suitable for IoT environments with low processing and storage capacity.     

Authenticated key agreement scheme for fog-driven IoT healthcare system

The convergence of cloud computing and Internet of Things (IoT) is partially due to the pragmatic need for delivering extended services to a broader user base in diverse situations. However, cloud computing has its limitation for applications requiring low-latency and high mobility, particularly in adversarial settings (e.g. battlefields). To some extent, such limitations can be mitigated in a fog computing paradigm since the latter bridges the gap between remote cloud data center and the end devices (via some fog nodes). However, fog nodes are often deployed in remote and unprotected places. This necessitates the design of security solutions for a fog-based environment. In this paper, we investigate the fog-driven IoT healthcare system, focusing only on authentication and key agreement. Specifically, we propose a three-party authenticated key agreement protocol from bilinear pairings. We introduce the security model and present the formal security proof, as well as security analysis against common attacks. We then evaluate its performance, in terms of communication and computation costs.

     

卫星物联网混合随机接入技术

在卫星物联网(IoT)场景中,随着终端数量不断增加,频谱资源日益紧张。传统的随机接入技术频谱利用率较低,使得传统随机接入协议不适用于未来卫星IoT的高并发业务需求。同时,卫星通信链路长,开放性强,难以保证特种终端信号的安全性。对此,本文提出一种适用于卫星IoT的混合随机接入方案。该方案引入重叠传输的容量提升与安全性优势,利用扩频码对瞬时功率谱密度的控制能力,构造功率域非正交接入条件,并通过接收端的迭代分离实现稳健接收。对本文所提方案的吞吐量性能进行闭式解推导分析与计算机仿真,结果表明,与传统的随机接入协议相比,所提方案可提高系统吞吐量。同时,相较于常用信号隐藏方法,所提方法利用常规接入数据包的功率优势,强化了波形隐藏效果,提升了特种信息接入的安全性。     

Modeling and verifying based on timed automata of Internet of things gateway security system

The Internet of things (IoT) is a multiple heterogeneous network,and its perception layer is often faced with various security threats.As the bridge between the perception layer and the network layer,the IoT gateway should have the security management function to prevent the security issue from spreading to the upper layer.According to the current security deficiencies in IoT gateway,a universal IoT gateway security system was proposed based on the IoT gateway middleware technology.Various security protocols or algorithms can be embedded in IoT gateway security system,and the modeling and analysis can help the design and implementation of IoT gateway.The formal modeling and verification of the IoT gateway security system was performed by timed automata.The results show that the IoT gateway security system satisfies the security properties of confidentiality,availability,authenticity,robustness,integrity and freshness.     

SRGH: A secure and robust group‐based handover AKA protocol for MTC in LTE‐A networks

Machine‐type communication (MTC) is defined as an automatic aggregation, processing, and exchange of information among intelligent devices without humans intervention. With the development of immense embedded devices, MTC is emerging as the leading communication technology for a wide range of applications and services in the Internet of Things (IoT). For achieving the reliability and to fulfill the security requirements of IoT‐based applications, researchers have proposed some group‐based handover authentication and key agreement (AKA) protocols for mass MTCDs in LTE‐A networks. However, the realization of secure handover authentication for the group of MTCDs in IoT enabled LTE‐A network is an imminent issue. Whenever mass MTCDs enter into the coverage area of target base‐station simultaneously, the protocols incur high signaling congestion. In addition, the existing group‐based handover protocols suffer from the huge network overhead and numerous identified problems such as lack of key forward/backward secrecy, privacy‐preservation. Moreover, the protocols fail to avoid the key escrow problem and vulnerable to malicious attacks. To overcome these issues, we propose a secure and robust group‐based handover (SRGH) AKA protocol for mass MTCDs in LTE‐A network. The protocol establishes the group key update mechanism with forward/backward secrecy. The formal security proof demonstrates that the protocol achieves all the security properties including session key secrecy and data integrity. Furthermore, the formal verification using the AVISPA tool shows the correctness and informal analysis discusses the resistance from various security problems. The performance evaluation illustrates that the proposed protocol obtains substantial efficiency compared with the existing group‐based handover AKA protocols.     

A survey on communication protocols and performance evaluations for Internet of Things

The Internet of Things (IoT) is a large-scale network of devices capable of sensing, data processing, and communicating with each other through different communication protocols. In today's technology ecosystem, IoT interacts with many application areas such as smart city, smart building, security, traffic, remote monitoring, health, energy, disaster, agriculture, industry. The IoT network in these scenarios comprises tiny devices, gateways, and cloud platforms. An IoT network is able to keep these fundamental components in transmission under many conditions with lightweight communication protocols taking into account the limited hardware features (memory, processor, energy, etc.) of tiny devices. These lightweight communication protocols affect the network traffic, reliability, bandwidth, and energy consumption of the IoT application. Therefore, determining the most proper communication protocol for application developers emerges as an important engineering problem. This paper presents a straightforward overview of the lightweight communication protocols, technological advancements in application layer for the IoT ecosystem. The survey then analyzes various recent lightweight communication protocols and reviews their strengths and limitations. In addition, the paper explains the experimental comparison of Constrained Applications Protocol (CoAP), Message Queuing Telemetry (MQTT), and WebSocket protocols, more convenient for tiny IoT devices. Finally, we discuss future research directions of communication protocols for IoT.     

一种基于状态机的串口通信协议的设计与实现

为解决串口通信中的数据传输容易出错、可靠性差、安全性不高且容错能力低等问题,设计并实现了一种基于状态机的串口通信协议,并将此协议应用到称重仪表的上位机通信中。本文介绍了串口通信协议的数据包格式以及其通信状态机,并给出了协议实现的部分示例代码及算法流程图。在数据包格式定义中通过设置起始标志、数据长度、校验、结束标志等字段,保证数据传输的正确性;并在数据包接收过程中引入状态机方法,简化编程模型的同时,提高了通信过程的可靠性、安全性以及数据传输的容错能力。     

物联网的安全威胁及需求分析

物联网分布范围的广泛性、节点的移动性以及业务应用的复杂性给物联网的安全带来严峻挑战。根据物联网的架构和特点,划分物联网的安全体系,并分析了不同层面所面临的多种安全问题。分别从物联网末端节点、感知层、网络层、应用层、管理控制五个层面全面分析了物联网可能面临的多种安全威胁,并在此基础上提出了物联网面临的安全需求。     

DTLS based security and two-way authentication for the Internet of Things

In this paper, we introduce the first fully implemented two-way authentication security scheme for the Internet of Things (IoT) based on existing Internet standards, specifically the Datagram Transport Layer Security (DTLS) protocol. By relying on an established standard, existing implementations, engineering techniques and security infrastructure can be reused, which enables easy security uptake. Our proposed security scheme is therefore based on RSA, the most widely used public key cryptography algorithm. It is designed to work over standard communication stacks that offer UDP/IPv6 networking for Low power Wireless Personal Area Networks (6LoWPANs). Our implementation of DTLS is presented in the context of a system architecture and the scheme’s feasibility (low overheads and high interoperability) is further demonstrated through extensive evaluation on a hardware platform suitable for the Internet of Things.