What security measures are used to protect message in between IoT Agent and sensor device?

Question

As I was testing an android app controls door lock over Bluetooth, I deployed HMAC SHA256 on both the door lock controller and the android app to ensure integrity and authentication of message. Also I have the door lock controller to generate random access token per connection to avoid replace attack.

I would like to replace to the Bluetooth with WiFi and test the application with FIWARE. I found I may need to provide a device name, id and password when provisioning a device with an IoT agent. However I am not sure what may be the measures in place to insure integrity and authentication of message and to avoid replay attack. Can you shed some light? Thanks.

Harry · Answer 1 · 2019-05-15T21:14:29.940

0

This talk (https://youtu.be/Kbpx5CbQL74) seems to answer my question. The token is created with the device id(username) and password, which may be fixed, I am afraid.

And this link https://guided-tour-smartsdk.readthedocs.io/en/latest/sensors/cloudino/

edited May 15 '19 at 21:14

answered May 15 '19 at 20:27

Harry

1,147
13
13

What security measures are used to protect message in between IoT Agent and sensor device?

1 Answers1