CMXsafe: A Proxy Layer for Securing Internet-of-Things Communications

Jorge David De Hoz Diego*, Taous Madi, Charalambos Konstantinou

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

Security in Internet-of-Things (IoT) environments has become a major concern. This is partly due to a large number of remotely exploitable IoT vulnerabilities in service authentication and access control combined with the lack of timely technical support. To reduce the threat surface of remote vulnerability exploitation, we propose CMXsafe, a secure-by-design application-agnostic proxy layer that can be updated and managed independently of the IoT device application. CMXsafe places IoT devices behind gateways operating as 4th OSI transport layer relayers to offload security concerns of IoT network communications into the proxy layer. Specifically, the proxy layer produces secure communication paths between IoT applications and platforms while enforcing mutual authentication and access control to proxied services. We evaluate the performance of our architecture on the MQTT protocol used in a standard publisher-broker-subscriber configuration provided by Eclipse Mosquitto. We compare the performance penalty on the protocol when securing communications with TLS following a monolithic implementation and with CMXsafe. The experimental results suggest that CMXsafe outperforms integrated security by providing at least a 25% latency reduction and a 22% bandwidth improvement.

Original languageEnglish (US)
Pages (from-to)5767-5782
Number of pages16
JournalIEEE Transactions on Information Forensics and Security
Volume19
DOIs
StatePublished - 2024

Keywords

  • Internet-of-Things
  • secure communications
  • secure proxy session
  • security context
  • socket proxy

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'CMXsafe: A Proxy Layer for Securing Internet-of-Things Communications'. Together they form a unique fingerprint.

Cite this