Controlling Actuators with CoAP
draft-mattsson-core-coap-actuators-01
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Replaced".
Expired & archived
|
|
|---|---|---|---|
| Authors | John Preuß Mattsson , John Fornehed , Göran Selander , Francesca Palombini | ||
| Last updated | 2016-09-22 (Latest revision 2016-03-21) | ||
| Replaced by | draft-mattsson-core-coap-attacks, draft-mattsson-core-coap-attacks | ||
| RFC stream | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Being able to trust information from sensors and to securely control actuators is essential in a world of connected and networking things interacting with the physical world. In this memo we show that just using COAP with a security protocol like DTLS, TLS, or OSCOAP is not enough. We describe several serious attacks any on-path attacker can do, and discusses tougher requirements and mechanisms to mitigate the attacks. While this document is focused on actuators, one of the attacks applies equally well to sensors using DTLS.
Authors
John Preuß Mattsson
John Fornehed
Göran Selander
Francesca Palombini
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)