Abstract

Smart city services are enabled by a massive use of Internet of Things (IoT) technologies. The huge amount of sensors, and terminals with a great variety of typologies and applications, requires a secure way to manage them. Capillary networks can be seen as a short range extension of conventional access network in order to efficiently capture the IoT traffic, and are enablers for smart city services. They can include both IP and non-IP devices, and security can become an issue, especially when simple unidirectional communication devices are considered. The main goal of this paper is to analyze security aspects in IoT capillary networks including unidirectional and bidirectional IP or non-IP devices. We propose an algorithm for secure access for uni- and bi-directional devices. The security procedure is based on a secure key renewal (without any exchange in air), considering a local clock time and a time interval of key validity. Following previous work in 2014 by Giuliano et al., in this paper we assess the duration of the validity of the time window, and present extended simulation results in terms of (average) transmission time in a realistic scenario, i.e., including the presence of disturber(s), then providing indications for the setting of the duration of the key validity time window. Finally, we present the benchmark analysis in order to assess the effectiveness of our approach with respect to other existing standards, as well as the security analysis in terms of typical attacks.