Improving Security On Iot Applications Based On The Fiware Platform

Internet of Things (IoT) has increased its presence in many environments. However, this means a greater exposure of sensitive data, rising potential security threats. Thus, security becomes a key requirement for the protection and prevention of cyber attacks to IoT applications and devices. FIWARE Platform, for example, has an architecture of components responsible for interconnecting devices to IoT applications, decreasing complexity and providing a standard set of services to developers. The IDAS 5 version of the platform presents several security gaps, so this work aims to solve some of them by incorporating end-to-end security services using encryption and access control in all NGSI requests (RESTFul API). The main contribution of this paper is the implementation of the DTLS 1.2 protocol in NodeJs to support the LWM2M/CoAP protocol and its addition to the IoT Agent. This paper also allowed the IoT Agent of the FIWARE Platform support TLS communication to the MQTT protocol. Through an experimental evaluation, it was possible to validate the implementation. Our preliminary results show that the encrypted requests had a small increase regarding latency, but this cost is compensated by the increase of security in FIWARE based IoT Applications. The source code of this work is open on the GitHub and it can be used to support security services in other IoT communication protocols.