KIPS Transactions on Computer and Communication Systems (정보처리학회논문지:컴퓨터 및 통신 시스템)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Design and Implementation of CoAP Authorization Framework Based on OAuth 2.0

OAuth 2.0 기반 CoAP 인증 프레임워크 설계 및 구현

  • 김경한 (한국기술교육대학교 컴퓨터공학부) ;
  • 임현교 (한국기술교육대학교 컴퓨터공학부) ;
  • 허주성 (한국기술교육대학교 컴퓨터공학부) ;
  • 한연희 (한국기술교육대학교 컴퓨터공학부)
  • Received : 2016.12.28
  • Accepted : 2017.05.02
  • Published : 2017.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, interest and investment in the Internet of Things (IoT) have increased significantly, and security issues are constantly being raised. As a solution, the IETF ACE Working Group is establishing the ACE framework standard, which is a new security framework for various constrained IoT environments based on the existing OAuth 2.0. However, additional work is required to apply the ACE framework, which proposes a new lightweight security system, to the existing Internet environment, and this additional cost is a factor that hinders the application of OAuth 2.0 to the IOT environment. Therefore, we propose an IoT authentication framework based on OAuth 2.0's existing development motivation, and implement a proposal framework based on CoAPthon and analyze its performance.

최근 사물인터넷에 대한 관심과 투자가 크게 증가하고 있으며 보안 측면에서 문제가 지속적으로 제기되고 있다. 그 해결책으로서 IETF ACE 워킹 그룹이 기존의 OAuth 2.0 기반으로 여러 제약적인 사물인터넷 환경에 적합한 새로운 보안 프레임워크인 ACE 프레임워크 표준을 제정 중에 있다. 그러나 새로운 경량 보안 체계를 제안하는 ACE 프레임워크를 기존 인터넷 환경에 적용하기에는 추가적인 작업이 필요하며, 이러한 추가적 비용은 IoT 환경에 OAuth 2.0의 적용을 저해하는 요인이 된다. 따라서 본 논문에서는 기존 인터넷 환경에서 활용되고 있는 보안 프로토콜인 DTLS를 기반으로 하고, OAuth 2.0의 기존 개발 동기에 맞춘 사물인터넷 인증 프레임워크를 제안하며, python 기반 오픈 라이브러리인 CoAPthon을 기반으로 제안 프레임워크 구현하며 성능을 분석한다.

Keywords

References

  1. Howon Kim, and Dong Kyue Kim, "IoT technology and security," Review of KIISC, Vol.22, No.1, pp.7-31. 2012.
  2. D. Hart, The OAuth 2.0 Authorization Framework, IETF RFC 6749, Oct., 2012.
  3. IETF ACE WG [Internet], https://datatracker.ietf.org/wg/ace/
  4. SooHyun Ahn and Kwanghjo Kim, "A Method of lightweight DTLS protocol for IoT," KIISC CS-Conference Papers, ISC-W'14, v.0. 2014.
  5. A. Capossele, V. Cervo, G. D. Cicco, and C. Petrioli, Security as a CoAP resource: An optimized DTLS implementation for the IoT, IEEE International Conference on Communications (ICC), 2015.
  6. Z. Shelby, K. Hartke, and C. Bormann, The Constrained Application Protocol (CoAP), RFC 7252, Jun., 2014.
  7. SeokKap Ko, IETF CoAP Newest Standard Technology, OSIA Standards & Technology Review, Vol.28, No.4, pp.74-86, 2015.
  8. C. Bormann and Z. Shelby, "Block-Wise Transfers in the Constrained Application Protocol (CoAP)," IETF RFC 7252, Aug., 2016.
  9. E. Hammer-Lahav (Ed.), The OAuth 1.0 Protocol, IETF RFC 5849, Apr., 2010.
  10. L. Seitz, G. Selander, and E. Wahlstroem, Authentication and Authorization for Constrained Environments (ACE), draftietf-ace-oauth-authz-04, October 2016.
  11. C. Bormann, P. Hoffman, Concise Binary Object Representation (CBOR), IETF RFC7049, Oct., 2013.
  12. J. Schaad, CBOR Object Signing and Encryption (COSE), draft-ietf-cose-msg-23, Oct., 2016.
  13. J. Richer (Ed.), OAuth 2.0 Token Introspection, RFC 7662, Oct., 2015.
  14. Californium [Internet], https://github.com/eclipse/californium.git.
  15. CoAPthon [Internet], https://github.com/Tanganelli/CoAPthon.
  16. G. Tanganelli, C. Vallati, and E. Mingozzi, CoAPthon: Easy Development of CoAP-based IoT Applications with Python, IEEE 2nd World Forum on Internet of Things (WF-IoT), 2015.
  17. M. Jones, D. Hardt, The OAuth 2.0 Authorization Framework: Bearer Token Usage, RFC 6750, Oct., 2012.
  18. K. Hartke, Observing Resources in the Constrained Application Protocol (CoAP), IETF RFC 7641, Sep., 2015.
  19. python-oauth2 [Internet], https://github.com/wndhydrnt/python-oauth2.
  20. H. Tschofenig, The OAuth 2.0 Bearer Token Usage over the Constrained Application Protocol (CoAP), draft-tschofenigace-oauth-bt-00, Jul., 2014.