Access Control in the Internet of Things

Denis, Sitenkov (2014) Access Control in the Internet of Things. Masters thesis, KTH.

PDF (Denis Sitenkov's master's thesis) - Published Version


The new generation of Wireless Sensor Networks, that is known as the Internet of Things enables the direct connection of physical objects to the Internet using microcontrollers. In most cases these microcontrollers have very limited computational resources. The global connectivity provides great opportunities for data collection and analysis as well as for interaction of objects that cannot be connected to the same local area network. Many of application scenarios have high requirements to security and privacy of transmitted data. At the same time security solutions that are utilized for general purpose computers are not always applicable for constrained devices. That leaves a room for new solutions that takes into account the technological aspects of the Internet of Things. In this thesis we investigate the access control solution for the IETF standard draft Constrained Application Protocol, using the Datagram Transport Layer Security protocol for transport security. We use the centralized approach to save access control information in the framework. Since the public key cryptography operations might be computationally too expensive for constrained devices we build our solution based on symmetric cryptography. Evaluation results show that the access control framework increases computational effort of the handshake by 6.0%, increases the code footprint of the Datagram Transport Layer Security implementation by 7.9% and has no effect on the overall handshake time. Our novel protocol is not vulnerable to Denial of Service or Drain Battery Attack.

Item Type:Thesis (Masters)
Additional Information:Thesis supervised by Shahid Raza ( and Ludwig Seitz (
ID Code:5681
Deposited By:Ludwig Seitz
Deposited On:26 Jun 2014 15:12
Last Modified:26 Jun 2014 15:12

Repository Staff Only: item control page