International Core Journal of Engineering 2020-26 | Page 178

2019 International Conference on Artificial Intelligence and Advanced Manufacturing (AIAM) Design and Implementation of IoT Gateway Security System Jinpo Fan Zhiqiang Wang* Changchun Li Department of electronic and communication engineering Beijing Electronic Science and Technology Institute Beijing, China [email protected] Department of cyberspace security Beijing Electronic Science and Technology Institute Beijing, China [email protected] Department of electronic and communication engineering Beijing Electronic Science and Technology Institute Beijing, China leakage and information systems being attacked. Abstract—With the rapid development of the Internet of Things (IoT) technology, massive terminal devices access the network. These devices often have limited computing power, insufficient resource space, and poor security protection capabilities, which are easily exploited by hackers and lead to serious security incidents. IoT gateway is a network access device, which can be designed with a relatively complete security mechanism to effectively improve the security protection level of the system. Based on the open source OpenWrt system, this paper adopts the modular design structure, realizes the identity authentication and encryption communication between the sensing layer and the network layer through China cryptographic algorithm, network security protocol and Physical Unclonable Function (PUF), designs the software and hardware and builds the test environment. The results show that the gateway has strong security and stability, which can resist DDOS attacks and spoofing attacks, and has flexible network access modes and deployments, meeting the requirements of data collection, device management and multimedia converged communication in the IoT environment. Keywords—IoT Gateway, cryptographic algorithm PUF, IPsec VPN, At present, universities, research institutes and high-tech enterprises have developed different types of IoT gateways according to their own needs. Literature [3] proposes an IoT gateway that implements protocol conversion and data interaction between wireless sensor networks and mobile communication networks. Literature [4]-[6] propose the design of smart home gateway using ARM as the core. This solution combines the server and the gateway with the superior performance of ARM, and sets up a web server on the gateway to provide an external network access interface, but this solution does not consider the security issue during the information transmission process. Literature [7]-[8] design a variety of home gateway control methods, but lack the corresponding guarantee mechanism for the confidentiality, integrity and non-repudiation of data transmission and storage, and lack user access control and identity authentication. Aiming at the environmental security requirements of IoT, this paper designs the security system from different dimensions of equipment security and communication security. It design a security gateway in the field of IoT adopting modular design structure such as MTK low-power CPU, PUF circuit, special cryptographic chip and peripheral interface circuit, which combines SM2-with-SM3 digital certificate, China cryptographic algorithm and network security protocol. In the network access mode, it has multiple access modes such as Ethernet port, WiFi, 4G, which can be used in smart home, environmental monitoring, logistics tracking, smart agriculture, etc. More precisely, our contributions in this paper are as follows. China I. I NTRODUCTION The Internet of Things is an important part of the new generation of information technology as well as the extension and development of the Internet. The Internet of Things is a strategic emerging industry. Internet vendors and traditional home appliance manufacturers have been deploying in the areas of industrial IoT, smart home, and smart logistics. There are a large number of terminal nodes in the Internet of Things, and the threats are particularly prominent. Attacks against IoT devices and network communications continue to emerge. Security issues have become the biggest worry in the development of the Internet of Things [1-2]. x We begin with a brief discussion of the characteristics of physical non-clonable functions, such as uniqueness and stability. We combine this feature with lightweight identity authentication of the sensing layer, and design a security mechanism for the sensing layer of IoT. The IoT gateway is a bridge connecting the sensor network and the Internet. It has relatively rich storage and computing resources, a relatively complete security mechanism can be designed on it. At present, most researches on IoT gateway technology are carried out from heterogeneous network fusion and data analysis, and there is insufficient attention to the security of gateways. In the military-civilian integration of IoT and the Industrial IoT, the neglect of security issues will increase the risk of information 978-1-7281-4691-1/19/$31.00 ©2019 IEEE DOI 10.1109/AIAM48774.2019.00039 x Subsequently, we protect the security of IoT transport layer through IPSec VPN technology, and realize key negotiation and identity authentication by using China cryptographic algorithm and SM2-with-SM3 digital certificate. x Next, we explain the design and implementation of IoT security gateway. The novelty of the gateway lies 156