표제지
국문초록
목차
Ⅰ. 서론 14
1.1. 사물인터넷 동향 14
1.2. 연구 배경 및 논문 구성 17
Ⅱ. 사물인터넷 Control Plane 20
2.1. IEEE 802.15.4 20
2.1.1. IEEE 802.15.4 통신 메커니즘 20
2.1.2. IEEE 802.15.4 디바이스 유형 및 네트워크 구성 21
2.2. 6LoWPAN 25
2.2.1. 6LoWPAN 구성 및 특징 26
2.2.2. 6LoWPAN 주요 기능 27
2.2.3. 6LoWPAN 라우팅 메커니즘 29
2.3. Control Plane 보안 31
2.3.1. IEEE 802.15.4 제공 보안 메커니즘 31
2.3.2. IEEE 802.15.4 보안 연구 동향 32
Ⅲ. 안전한 6LoWPAN Neighbor Discovery 프로토콜 35
3.1. 6LoWPAN Neighbor Discovery 개요 35
3.1.1. 6LoWPAN Neighbor Discovery 35
3.1.2. 6LoWPAN Neighbor Discovery 공격 모델 및 기존 연구 37
3.2. 안전한 6LoWPAN Neighbor Discovery 38
3.2.1. 제안 메커니즘 39
3.2.2. 보안성 평가 및 실험 결과 40
Ⅳ. 사물인터넷 Data Plane 43
4.1. Data Plane 모델 43
4.1.1. Publish-Subscribe 모델 43
4.1.2. Request-Response 모델 45
4.2. Data Plane 대표 프로토콜 46
4.2.1. MQTT 46
4.2.2. CoAP 52
4.3. Data Plane 연구 동향 55
4.3.1. 사용성 분석 및 개선 연구 56
4.3.2. 보안 분석 연구 60
4.3.3. 보안 연구 동향 62
Ⅴ. Subscriber 간 데이터 공유가 가능한 안전한 MQTT-SN 프로토콜 69
5.1. MQTT-SN 69
5.2. IPFS와 Private IPFS 71
5.2.1. IPFS 개요 및 프로토콜 스택 71
5.2.2. IPFS 연구 동향 76
5.3. 제안 프로토콜 개요 및 시스템 구성 79
5.3.1. 제안 프로토콜 시스템 구성 요소 및 역할 80
5.3.2. 제안 프로토콜 동작 방식 및 특성 82
5.4. 제안 프로토콜 구성 단계 및 서비스 절차 85
5.4.1. 초기화 및 등록 단계 85
5.4.2. 안전한 MQTT-SN 서비스 단계 88
5.4.3. 보안 파라미터 및 Key 갱신 단계 94
5.5. Private IPFS를 이용한 Subscriber 간 데이터 공유 96
5.5.1. Private IPFS 구성 및 등록 96
5.5.2. Subscriber 데이터 공유를 위한 안전한 데이터 구조 98
5.5.3. Subscriber 간 안전한 데이터 공유 102
Ⅵ. 제안 프로토콜 안전성 평가 및 실험 105
6.1. 안전성 평가 105
6.1.1. MQTT-SN 안전성 평가 105
6.1.2. Private IPFS를 이용한 Subscriber 간 데이터 공유 공격 모델 108
6.2. 실험 및 평가 109
6.2.1. 실험 환경 및 기초 실험 109
6.2.2. 안전한 MQTT-SN 실험 및 평가 112
6.2.3. Subscriber 간 데이터 공유 실험 및 평가 120
Ⅶ. 결론 126
참고문헌 128
Abstract 138
Table 2-1. Device Type and Role 23
Table 3-1. Securing 6LoWPAN Neighbor Discovery Protocol Notation 36
Table 3-2. Comparison of Cryptographic Processing Time 42
Table 4-1. MQTT QoS Level 49
Table 5-1. Components and Roles 81
Table 5-2. Proposed Protocol Notation 82
Table 5-3. Private IPFS Data Encryption and Decryption 103
Table 6-1. Open Source List for IoT Evaluation Environment 110
Table 6-2. Average Execution Times of Cryptographic Primitives 111
Table 6-3. Cryptographic Operations for MQTT-SN Messages(Publisher) 115
Table 6-4. Number of Messages Lost Relative to Message Size 117
Table 6-5. Average Execution Times of Cryptographic Primitives on IPFS node 124
Figure 1-1. IoT Infrastructure 14
Figure 1-2. IoT Market Size 16
Figure 1-3. Number of IoT Connected Devices Worldwide 16
Figure 1-4. Key Components of the Study 17
Figure 2-1. IEEE 802.15.4 Message Delivery Method 21
Figure 2-2. IEEE 802.15.4 Network Topology 22
Figure 2-3. Beacon Device Scan 23
Figure 2-4. Association Process 24
Figure 2-5. Beacon enabled Mode Data Transmission 24
Figure 2-6. Non-Beacon enabled Mode Data Transmission 25
Figure 2-7. 6LoWPAN Network Architecture 26
Figure 2-8. 6LoWPAN Protocol Stack 27
Figure 2-9. IEEE 802.15.4 6LoWPAN Frame Format 27
Figure 2-10. 6LoWPAN Address 28
Figure 2-11. Compression Header Structure 29
Figure 2-12. 6LoWPAN Routing 29
Figure 2-13. RPL Routing Type 30
Figure 2-14. IEEE 802.15.4 Security Frame 31
Figure 3-1. 6LoWPAN Neighbor Discovery for Address Registration 36
Figure 3-2. Securing 6LoWPAN Neighbor Discovery 39
Figure 3-3. Results of the Formal Verification 41
Figure 3-4. Size of IEEE 802.15.4 Frames of 6LoWPAN Neighbor Discovery Messages 42
Figure 4-1. Publish-Subscribe Model 43
Figure 4-2. Request-Response Model 45
Figure 4-3. MQTT Data Transmission 47
Figure 4-4. MQTT Architecture 47
Figure 4-5. MQTT Connection 48
Figure 4-6. MQTT QoS Level 0 50
Figure 4-7. MQTT QoS Level 1 50
Figure 4-8. MQTT QoS Level 2 51
Figure 4-9. CoAP Architecture Overview 52
Figure 4-10. CoAP Protocol Stack 53
Figure 4-11. CoAP Reliable and Unreliable Message Transmission 53
Figure 4-12. CoAP Reliable and Unreliable Message Transmission Example 54
Figure 4-13. CON Separate Response 55
Figure 4-14. CoAP Publish-Subscribe Model 58
Figure 4-15. WSN Security Solution 62
Figure 4-16. Various DTLS-based Security Protocols 63
Figure 5-1. MQTT-SN Architecture 70
Figure 5-2. IPFS Key Technologies and Protocol Stack 71
Figure 5-3. Content Identifier Structure 72
Figure 5-4. IPFS Object Structure 73
Figure 5-5. Off-chain Configuration using IPFS 77
Figure 5-6. Proposed System Architecture 80
Figure 5-7. Proposed Security Architecture and Proceedings 83
Figure 5-8. Topic Information 86
Figure 5-9. Node(P, S, B) Initialization and Registration 86
Figure 5-10. Activate Node for Topic X 87
Figure 5-11. Result of Initialization and Registration (Example Figure 4-7) 88
Figure 5-12. MQTT-SN Protocol 89
Figure 5-13. Proposed Secure MQTT-SN Using Outer/Inner Secure Channel 90
Figure 5-14. Outer Secure Channel 90
Figure 5-15. Topic Keys for Securing Data on Topic A from P₁ and P₂ 92
Figure 5-16. Transmit Publish Message Using Inner Secure Channel 92
Figure 5-17. Data Sharing Architecture between Subscribers using Private IPFS 96
Figure 5-18. Private IPFS 97
Figure 5-19. Publish Data Format 98
Figure 5-20. Construction of Hash Chain for Integrity of Data 99
Figure 5-21. Data Sharing Process 102
Figure 6-1. MQTT/MQTT-SN Attack Model 105
Figure 6-2. Secure MQTT-SN Test Environment 112
Figure 6-3. Secure MQTT-SN Message Structure 113
Figure 6-4. Delay Time for Connect & Publish Messages 116
Figure 6-5. Delay Time for Publish Messages in Various Hops and Message Sizes 117
Figure 6-6. LoWPAN Network Topology On Cooja 119
Figure 6-7. Number of Transmissions for the Size of the Multicast Group 119
Figure 6-8. Swarm.key File 121
Figure 6-9. IPFS bootstrap add 121
Figure 6-10. IPFS Swarm Peers 122
Figure 6-11. Performance of IPFS v.s. Private IPFS 123
Figure 6-12. IPFS get performance depending on the Number of Participating Node 123
Figure 6-13. Subscriber Data Sharing time using Private IPFS 125