Security Systems in HAN
Security Systems in HAN
ASSIGNMENT # 03
Smart homes concept has gained importance for the past few years. In this concept, a huge number of
daily used smart applications are integrated on a single platform. Now due to its extensive use it has
come up with two major challenges of increased security demands and management issues. The major
reasons include low capacity of small sensors, multiple users accessing for the same data, use of the
shared resources and the diversity of the home systems. This article will show us the currently
available security features and management approaches of smart homes and what further needs to be
improved in this aspect. Also, showing the solution so that the efficient usage can be obtained from
the smart homes in future.
Introduction
The smart homes are integration of the different applications being provided by the different
providers(vendors), all of which need to be interconnected for the perfect execution within the smart
home. Because, of this diversity there arises two major issues leaving loop holes in smart homes
security and management
Therefore, the smart homes require solutions to make up for these problems securing both the data
and the user. We will consider all the currently in use security mechanisms and will classify them on a
set criterion. Then we will see good practices being employed in the smart homes’ security and at the
end we will discuss that how the smart homes can work efficiently and grow in future.
With the advancement in the scientific field, the use of the smart homes use has increased quite
largely making one’s life easier and more comfortable. With the more and more inclusion of the
applications in the smart home, they all must intercommunicate to provide the composed services to
the end user. This can be justified by the two layers of HAN (home area network).
The smart homes have impact on the life style of the users in the various areas, making it easier and
more comfortable. The major application areas covered by the smart homes are
Methodology
The devices in the smart homes are connected in one or more than one HAN. For the connection there
are two approaches
There are different methods for the smart devices to interface i.e. may generally use the web browser
or they may use the specified mobile application. They may also have their own built in web server
for a powerful web operated GUI (general user interface). Other devices may have the API
(application program interface).
In addition to HAN the smart homes are connected to wide area networks (WAN) of two types
1. Cable based communication- which mainly uses the x10 standard (power lines technology)
2. Radio based communication
1. Insteon- patent protected technology. Uses the radio based communication operating at
869.5MHz – 921MHz.
2. LONWORKS- communication standard. It uses different types e.g. twisted pair, coaxial
cables, power lines, fiber optics, infrared and radio.
3. The KNX standard- it is composed of the three available standards.
3.Security approaches
Privacy
Integrity
Authenticity
Availability
Authorization
As the smart homes don’t have high computational power, therefore the complex strategy including
all the above-mentioned aspects can’t be included in the security algorithms of the smart homes.
Smart homes also acquire characteristics from IOT, because they include the IOT components. Thus,
the IOT based security approaches may also be applied on the smart homes, referred to as WSN, it
includes the following
1. Perceptual layer- gathers data from surrounding and then impacts on the environment
2. Network layer- helps in the reliability of data via perceptual layer
3. Support layer- used for the applications used in communication within HAN to provide the
secure support for apps for their proper functioning e.g. providing strong encryption
algorithms in cloud computing.
4. Application layer- specific functions depending upon the user demands
This method also addresses to the security issues from lowest level (user end) to highest level (IOT),
including the physical security of devices, secured communication between them and secured data
processing.
The three-layer model presented is in reference with EU FP7 IoT-A project. The IOT-A security
model has three major characteristics
1. Trust
2. Security
3. Privacy
After the development of the security algorithms, the major issue is its implementation in the real-
world applications. The major issues faced in it is
Therefore, the FP7 RERUM fortifies the IoT technologies by using the approach of “security, privacy,
and reliability by design”.
4. Threats
The security issues mentioned above leads to certain major defects in the smart home system. The
threats may be classified as follows
Privacy/security threats due to the abusive use and hijacking (secrete intervention) the HAN.
This leads to the loss of personal data to the insecure hands.
Physical attack on devices- leads to the changed system characteristics and loss of encryption
algorithms.
Disasters and outages- leads to the cases where the user loses control.
Damage or loss of (IT assets)- leads to the loss of highly important data from the affected
device.
The above three-layer security model under goes through some threats which are described layer wise
as follows
As most of the HAN communications are done via radio broadcast, it is more vulnerable to attack or
hijacking. Also, the internet connectivity of the appliances makes them exposed to attacks. Therefore,
certain measures are required to be taken against them to make the HAN more secure.
5.1. Privacy
The date being shared between the constrained devices should be secured properly among the
sending link. It employs the use of the encryption keys in HAN. There are two basic approaches for
this purpose
1. Static key management- in this the cryptographic keys are sent across the devices before the
link is up.
2. Dynamic key management- in this the cryptographic keys are sent across the devices only
when they are demanded.
5.2. Integrity
In the IT systems the trustworthiness of the system is a highly important characteristic and is achieved
by the content digest calculation algorithms (hashing algorithms). The commonly used hashing
algorithms are SHA-224, SHA-256, SHA-384, and SHA-512. For the smart devices the SHA-3
(secure hash algorithm) is under practice.
Another practice to check that whether the received data is correct or not is to check it with the
historical data. In which, the home server checks that if the received data is different from the stored
base then the data is rejected and labelled as corrupted.
5.3. Authentication
It depends upon the encryption techniques used to maintain the integrity of the data. One of the
techniques uses MAC to keep the HASH of the content message. The hash and MAC based
techniques are reliable for both the public and private systems, making use of the standard protocols.
The robust protocols may not be supported by all the IoT systems and must need an appropriate
development to be adaptable for the smart homes.
There are certain factors that determine that the security mechanism being developed is feasible for
implementation or not. General factors include
Cost effectiveness
Throughput
Bandwidth
Latency
Another criterion used for the determination of the implementation of the security mechanism for the
constrained devices includes the following points
E0 (Event Energy-Limited).
E1: (Period Energy-Limited).
E2: (Lifetime Energy-Limited).
E9: (No Direct Quantitative Limitations to Available Energy).
Good Practices
The security algorithms being applied in the secure smart homes must be light, easy and highly
effective. In addition to these qualities the algorithm must also cover all the security aspects discussed
above in the paper. For this purpose, several mechanisms are adopted which are known as the good
practices, they cover all the general security protocols as well as the specified countermeasures
against the different types of threats for the different devices.
A general user guideline is available for the good practice protocols, which are discussed below
1. Often security checks to keep the security events updated so that the user may be prevented
against the unauthorized access.
2. Secure communication within HAN and WAN, to keep the data secure and intact.
3. Keeping the identity of the user secret, by using the cryptography.
4. To protect the user data from being intervened.
5. To give access only to the authorized users.
6. Self protection for the users for keeping them safe against the attacks.
First one is the homogenous approach where all the devices and software have been supplied
by the single supplier.
Second one is the heterogenous approach in which the user gets the different devices from
different vendors and makes a composite system of its own.
The paper reviews the basic security mechanisms that might not assure an appropriate level of
security. Taking security as a part of the design is clearly stated and supported by several
works listed previously. It shows the fact that the smart homes are being built to customize more and
more applications rather than protecting the information of the users. This requirement would have to
become a standard for producing IoT devices, otherwise, all the work that is being conducted by the
various institutes would be no more than only not realized intentions.
Developing a new network layer architecture would address several security issues; however, it would
require a huge effort from the researchers as they will have to focus on securing data. Energy
efficiency is probably a restriction and hence an advantage as it might boost up the design and
construction of more powerful microchips to support robust cryptography. However, this constraint is
being addressed by delegating functionality to external entities outside of the device such as cloud
environments. Undoubtedly, this constraint also leads to improve and develop cryptography
algorithms for IoT.
It is contradictory that industries propose solutions for securing homes while not proving security
features in their products. One possible solution could be the creation of a security standard that
guarantee the security of smart homes that contemplates at least basic mandatory security
requirements.
Most of the solutions reviewed, are out-of-the-box; hence, it should be agnostic to technology to
easily implement them within any smart home. Some changes will have to be made for a clean
integration and support.
The use of digital certificates and nonce are initiatives that have been proposed for the Wi-Fi
environment. Such solutions are being used to connect devices and they comply with the energy-
efficiency directive.
In summary, there is still a lot of work to do in regards of data privacy, authentication, software
security, data management, standards and policies. Researchers are already working on initiatives to
address such issues and it is time to consolidate efforts with the industry to secure, protect and
potentiate this field that is reaching millions of users. Besides, it might be time to start thinking of a
near future where existing protocols would not be enough to support and secure all the connected stuff
in the smart homes.
Conclusions
This paper focuses on the issues regarding the security and manageability of the smart home systems.
And the future advancements that can be made in this field. For the security issues various solutions
have been provided covering almost all the aspects of the security issues. The conclusion is that the
smart homes are vulnerable to several the threats and the proper security and management measures
should be taken to make more secure. And the external actors must be included for data security and
data management for all the layers of the system.
References
Cedric Levy-Bencheton, Eleni Darra, Guillaume Tetu, Guillaume Dufay, and Mouhannad
Alattar. 2015. Security and resilience of smart home environments good practices and
recommendations. Tech. Rep. European Union Agency for Network and Information
Security.
Karsten Bormann, Mehmet Ersue, and Ari Keranen. 2014. RFC 7228, Terminology for
constrained-node networks. Retrieved July 10, 2017 from: https://tools.ietf.org/html/rfc7228.
Tianming Li, Narayan B. Mandayam, and Alex Reznik. 2013. A framework for distributed
resource allocation and admission control in a cognitive digital home. IEEE Trans. Wireless
Commun. 12, 3 (2013), 984–995. DOI:https://doi.org/10.1109/TWC.2012.011513.111495
Tongtong Li, Jian Ren, and Xiaochen Tang. 2012. Secure wireless monitoring and control
systems for smart grid and smart home. IEEE Wirel. Commun. 19, 3 (2012), 66–73.
DOI:https://doi.org/10.1109/MWC.2012.6231161
Juan A. Nazabal, Francisco J. Falcone, Carlos Fernandez-Valdivielso, and Ignacio R. Matias.
2013. Energy management system proposal for efficient smart homes. In Proceedings of the
2013 International Conference on New Concepts in Smart Cities: Fostering Public and
Private Alliances (SmartMILE). DOI:https://doi.org/10.1109/SmartMILE.2013.6708174
Hsien-Po Shiang and Mihaela van der Schaar. 2010. Information-constrained resource
allocation in multicamera wireless surveillance networks. IEEE Trans. Circ. Syst. Video Tech.
20, 4 (2010), 505–517, DOI:https://doi.org/10.1109/TCSVT.2009.2035837
Geng Yang, Jian Xu, Wei Chen, Zheng-Hua Qi, and Hai-Yong Wang. 2010. Security
characteristic and technology in the internet of things. Journal of Nanjing University of Posts
and Telecommunications (Natural Science). 30, 4 (2010),
R. Kowsik and L. Vignesh. 2016. Mitigating insider data theft attacks in the cloud. In
Proceedings of the 2016 2nd International Conference on Science Technology Engineering
and Management (ICONSTEM). 2016, 561–567.
DOI:https://doi.org/10.1109/ICONSTEM.2016.7560956
Eric Rescorla and Nagendra Modadugu. 2012. RFC 6347. Datagram transport layer security
version 1.2. Retrieved May 2017 from https://tools.ietf.org/html/rfc6347.
Z. Shelby, K. Hartke, and C. Bormann. 2014. RFC 7252. The constrained application protocol
(CoAP). Retrieved May 2017 from https://tools.ietf.org/html/rfc7252.
Elaine Barker, William Barker, William Burr, William Polk, and Miles Smid. 2012. NIST
special publication 800-57Recommendation for Key Management. Part 1: General. National
Institute of Standards & Technology. Retrieved May2017 from
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800–57pt1r4.pdf.
Mo Li, Zhenjiang Li, and Athanasios V. Vasilakos. 2013. A survey on topology control in
wireless sensor networks: Taxonomy, comparative study, and open issues. Proc. IEEE 101,
12, 2538–2557. DOI:https://doi.org/10.1109/JPROC.2013.2257631
Yi Huang, Husheng Li, Kristy A. Campbell, and Zhu Han. 2011. Defending false data
injection attack on smart grid network using adaptive CUSUM test. In Proceedings of the
IEEE 45th Annual Conference on Information Sciences and
Systems. 2011, 1–6. DOI:http://dx.doi.org/10.1109/CISS.2011.5766111
J. Bernheim Brush, Jaeyeon Jung, Ratul Mahajan, and Frank Martinez. 2013. Digital
neighborhood watch: Investigating the sharing of camera data amongst neighbors. In
Proceedings of the 2013 Conference on Computer Supported Cooperative Work (CSCW’13).
ACM, New York, 693–700. DOI:https://doi.org/10.1145/2441776.2441853
Himanshu Khurana, Rakesh Bobba, Tim Yardley, Pooja Agarwal, and Erich Heine. 2010.
Design principles for power grid cyber infrastructure authentication protocols. In Proceedings
of the 43rd Hawaii International Conference on System Sciences (Honolulu, HI, 2010), 1–10.
DOI:https://doi.org/10.1109/HICSS.2010.136