An HTTPS-based authentication and authorization method for low-cost IoT devices in smart water metering

Felipe C. Leal; Marcos V. S. Melo; Alfredo M. Vieira; Rubens de S. Matos Junior

doi:10.5753/latinoware.2024.245769

Felipe C. Leal UFS https://orcid.org/0009-0005-9261-5620
Marcos V. S. Melo IFS https://orcid.org/0009-0002-7684-531X
Alfredo M. Vieira IFS https://orcid.org/0000-0002-5946-5254
Rubens de S. Matos Junior IFS https://orcid.org/0000-0002-9535-632X

DOI: https://doi.org/10.5753/latinoware.2024.245769

Resumo

IoT technologies have been enabling real-time monitoring of resources, such as water and electricity consumption, and therefore leveraging the development of smart buildings. Preventing resource wastage is a major concern in the management of household, commercial, and industry environments. Decision-making on such a context depends on how reliable are the sources of incoming data. The enforcement of security aspects in such systems is challenging because of the decentralized, distributed, and resource-constrained devices. This paper presents an authentication and authorization approach for low-cost IoT devices, that is based on HTTP and SSL protocols (known as HTTPS). The proposed solution includes a lightweight API that addresses the approval of motes and sends security tokens, so we assure that only legitimate and authorized devices are registered in the system and guarantee that every incoming data come from those authorized devices. This approach is tested at the context of the SPARC project's smart water metering infrastructure.

Palavras-chave: Internet of Things, security, smart cities

Referências

ONU, “Agenda 2030 para o desenvolvimento sustentável,” Disponível em: [link]. Acesso em 27/07/2023, 2015.

E. Koncagül, M. Tran, R. Connor, and S. Uhlenbrook, “The united nations world water development report 2019: leaving no one behind, facts and figures,” UNESCO World Water Assessment Programme, Tech. Rep., 2019, available at [link].

ONU, “25% da populacão mundial não tem acesso a água potável,” Available at: [link], 2022, accessed at 2023-08-28.

UNICEF, “Water security for all,” Avaialable at [link], 2021, accessed at 2024-09-21.

M. Rodell and B. Li, “Changing intensity of hydroclimatic extreme events revealed by grace and grace-fo,” Nature Water, vol. 1, 03 2023.

RASIL, “Lei nº 6.938, de 31 de agosto de 1981,” Available at: [link], 1981, accessed at 28/08/2023.

U. Nations, “Human rights to water and sanitation,” Avaialable at [link], 2024, accessed at 2024-09-21.

Sistema Nacional de Informações sobre Recursos Hídricos, “Conjuntura dos recursos hídricos 2023,” 2023, accessed: 2024-09-21. [Online]. Available: [link]

L. Atzori, A. Iera, and G. Morabito, “The internet of things: A survey,” Computer Networks, vol. 54, no. 15, pp. 2787–2805, 2010.

J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of things (iot): A vision, architectural elements, and future directions,” Future Generation Computer Systems, vol. 29, no. 7, pp. 1645–1660, 2013.

P. A. F. . R. P. V. B. Gomes, F. S., “Prototyping a solution to promote energy efficiency in smart environments using iot.” Brazilian Journal of Development, pp. 2–8, 2020.

L. A. SILVA, “Os impactos da adocão de tecnologias da indústria 4.0 nas dimensões económica, social e ambiental da sustentabilidade em empresas industriais,” pp. 17–18, 2023.

T. R. Fraga, “Sistema de monitoramento de consumo de água de baixo custo com comunicacão wi-fi aplicado à iot.” Disponível em: [link] Acesso em 27/07/2023, pp. 2–8, 2021.

R. Alves, “Solução de monitoramento de consumo de água residencial,” pp. 8–25, 2015.

C. Moura, R. Sousa, and J. F. Borin, “IoT aplicado ao monitoramento inteligente de distribuição de Água,” Prefeitura da Unicamp, Tech. Rep., 2019. [Online]. Available: [link]

A. Amurim, J. Silva, M. Ortiz, P. Rego, and J. Souza, “Uma solucão de iot baseada no fiware para gerenciamento de recursos energéticos e serviços acadêmicos em um campus universitário,” in Anais do V Workshop de Computação Urbana. Porto Alegre, RS, Brasil: SBC, 2021, pp. 265–278. [Online]. Available: [link]

T. Nandy, M. Y. I. B. Idris, R. Md Noor, L. Mat Kiah, L. S. Lun, N. B. Annuar Juma’at, I. Ahmedy, N. Abdul Ghani, and S. Bhattacharyya, “Review on security of internet of things authentication mechanism,” IEEE Access, vol. 7, pp. 151 054–151 089, 2019.

M. Almulhim, N. Islam, and N. Zaman, “A lightweight and secure authentication scheme for iot-based e-health applications,” International Journal of Computer Science and Network Security, vol. 19, no. 1, pp. 107–120, 2019.

P. Leach, M. Mealling, and R. Salz, “Ietf rfc 4122. a universally unique identifier (uuid) urn namespace,” Available at: [link], 2005, accessed at 2024-07-01.