SST v1.0.0 with C API: Pluggable security solution for the Internet of Things

Abstract

The Internet of things (IoT) integrates heterogeneous computing devices, allowing each node to communicate with one another. However, the connected “things” raise security challenges that need protection for IoT devices from network-based attacks. As an integrated solution, Secure Swarm Toolkit (SST) provides authorization infrastructure that addresses the security requirements of IoT devices. The pre-release version of SST primarily provided the Node.js and JavaScript-based API for programming IoT nodes (network entities) using the SST's infrastructure. This new release introduces easy-to-use C API functions, making SST more usable on bare-metal platforms such as embedded microcontrollers without middleware, including operating systems. In this paper, we release the first official version (v1.0.0) of SST and propose a new set of C API as a pluggable security solution for the IoT. Our new C API is easy to use and supports resource-constrained IoT systems such as bare-metal embedded computers where middleware or operating systems are unavailable. For evaluation, we present an example IoT system using SST in practical IoT environments with WiFi-connected embedded devices, providing essential security processes, authentication, and authorization, of IoT devices with a minimal execution-time overhead of less than 10% and linear communication overhead, compared to the system without any security. Thanks to the proposed C API, we expect SST to be applied to existing IoT software platforms more easily.