Description

The IoTSyS gateway provides an OBIX Web service interface to access heterogeneous existing building automation technologies and smart meters (e.g. KNX, BACnet, ZigBee, or Wireless M-Bus). The gateway provides a Web service protocol binding to SOAP as well as RESTful HTTP and CoAP Web service endpoints. Furthermore, virtual IPv6 endpoints are provided for all devices behind the gateway making them globally accessible via the Internet. Within this project state-of-the-art Web service security technologies and access control technologies should be applied to protect these Web service endpoints. Transport layer security should be provided for HTTP (TLS/SSL) and CoAP (DTLS), but also message layer security should be considered. For the SOAP WS-endpoint the WS-Security stack can be used for securing message exchange by applying signatures and encryption. For the RESTful Web service endpoints, XML Signature and XML Encryption should be used in the payload. Finally, access control mechanisms should be applied to allow fine-grained access control on OBIX objects for certain clients (e.g. based on XACML). The resulting outcome should be an IoTSyS security OSGI bundle that can be deployed on the gateway and protects the incoming and outgoing requests to the gateway.

Benefit for the Student

Dive into latest technologies and emerging protocols for the Internet of Things/Web of Things. Gain hands-on experience in Java-based software development and security for Web services. Apply theoretical knowledge on cryptography and security in practice, and enhance and tighten your security skills.

Benefit for the Project

Security is currently a strong and open issue for the IoTSyS project which has highest priority. Due to security and privacy issues arising through offering public access to automation devices, a contribution on this topic would be a huge gain for the project.

Requirements

Strong skills in Java-based software development are necessary. Know-how about OSGI, IoC container design and implementation, and Java byte code modification frameworks is a plus.

Mentors

Andreas Fernbach, Daniel Schachinger

More information

http://code.google.com/p/iotsys (IoTSyS)
http://datatracker.ietf.org/doc/draft-ietf-core-coap/ (CoAP)
https://tools.ietf.org/html/rfc6347 (DTLS)
https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss (WS-Security)
http://www.w3.org/TR/soap/ (SOAP)
https://www.oasis-open.org/committees/obix/ (OBIX)
https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml (XACML)