Data Protection in IoT using CoAP based on Enhanced DTLS

The Internet of Things (IoT), refers to all the infrastructures
and technologies put in place to operate various objects
through an Internet connection, it is about connected objects.
One of the most frequently used IoT application protocols is
the Constrained Application Protocol (CoAP) that matches
restricted computers. CoAP is a solution for in-regulated data
formats and a high security to protect government-related data
from cyber-attacks. CoAP advises using DTLS (Datagram
Transport Layer Security) to provide robust security of the
UDP-based TLS edition. Initially, DTLS was planned for
conventional networks. Therefore, a heavyweight solution is
created by moving the protocols over the resource-limited
computers. Unfortunately, DTLS has some security issues
regarding the management of keys and its vulnerability against
common cyber-attacks especially Denial of Service (DoS).
Thus, a security approach is important to secure CoAP-based
IoT infrastructures from these attacks. In our work, we
propose to secure IoT data using enhanced DTLS protocol
over CoAP. The enhancement DTLS make it possible to
prevent DoS and Distributed DoS attacks. In our proposition,
we apply a thrusted party (TP) to which we delegate the
process of the authentication and authorization of clients. In
addition, the TP is responsible of the verification of IP
addresses in order to mitigate attackers from flooding the
network with fake hello messages.