Most of the existing models for deploying IoT ecosystem involves the vendor being in the loop of the command and control of IoT devices hence users' privacy and security is one of the main challenges. Despite these concerns, users are often faced with a choice between limiting the device functionality or enabling internet access to the IoT devices by signing up to the vendor centralized model in order to access their device from outside their home. In this paper, we argue that although IoT is promising a revolutionary way of offering services to users, most of these devices shouldn't be allowed to have Internet access due to the increased risks to privacy and security. We present an alternative home networking design model which limits the exposure of IoT devices, and enable seamless access to their functionality from outside the home using WireGuard (WG), a state-of-the-art Virtual Private Network (VPN) protocol. We built a test-bed using off-the-shelf IoT devices for testing our proposed network design under various conditions; including access from Home, 4G, Office and Public Wifi networks. We show that our VPN-based remote access to the IoT device offers a better performance in terms of end-to-end delay in all scenarios when using Hypertext Transport Protocol (HTTP) and comparable performance when using double encryption Hypertext Transport Protocol Secure (HTTPS) over the VPN.
翻译:尽管存在这些关切,但用户往往在限制设备功能或使互联网能够进入互联网上使用互联网设备之间,通过签署供应商中央化模式,通过签署供应商中央化模式,从户外访问其设备,在使用IoT生态系统的现有大多数模式中,供应商正在参与IoT装置的指挥和控制循环,因此,用户的隐私和安全是主要挑战之一。在本文中,尽管IoT为向用户提供服务提供了一个革命性的方式,但由于隐私和安全风险增加,大多数这些装置不应被允许进入互联网。我们提出了一个替代的家庭联网设计模式,限制IoT装置的曝光,并使得用户能够通过使用WireGuard(工作组),即最先进的虚拟私人网络(VPN)协议,从户外无缝地进入其功能。我们用现成的 IoGPT设备在各种条件下测试我们拟议的网络设计,包括从家、4G、办公室和公共Wifi网络的接入。我们展示了我们基于VPN的远程访问《IOT-P协议》设备,在使用SUPT-S-Sleval化版本的所有终端时,在使用Sleval-travelilferal-traft-traxleval-dexlationsleval-trapperviews时,我们使用了更好的安全-tal-tal-tal