International Journal of Network Security, Vol.17, No.2, PP.208-216, Mar. 2015 208
Internet of Things: Hotspot-based Discovery
Service Architecture with Security Mechanism
Degang Xu
1,2
, Zhao Wu
1
, Zhongbo Wu
1
, Qilin Zhang
1
, Leihua Qin
2
, Jingli Zhou
2
(Corresponding author:Degang Xu)
School of Mathematics and Computer Science, Hubei University of Arts and Science
1
No. 296, Longzhong Road, Xiangyang, 441053, China
School of Computer, Huazhong University of Science and Technology
2
(Email: dgx.hust@gmail.com)
(Received Mar. 25, 2013; revised and accepted Nov. 6, 2014)
Abstract
In the emerging Internet of Things (IoT), as a means
to fulfill item-level lookup, apart from the functional re-
quirements with high performance and robustness, lookup
service or discovery service playing a critical role should
meet security and privacy requirements. However, exist-
ing lookup service and discovery service of IoT mainly
rely on a centralized or a chain-style framework, have
some drawbacks or bottlenecks to prevent them from be-
ing widely adopted, while the issue of locating hotspot
resource has received much less attention, as well as the
item-level lookup service is still missing. Therefore, we
first present a distributed hotspot-based discovery ser-
vice architecture based on double-Chord-ring for IoT, and
then give its framework and some relevant mechanisms.
Here we primarily focus on the goals of meeting security
and privacy requirements. Additionally, we further dis-
cuss and analyze our solution.
Keywords: Internet of Things, Object Name Service, Dis-
covery Service, Object Discovery Service, Security Mech-
anism
1 Introduction
The Internet of Things (IoT), an emerging global
Internet-information architecture, has the purpose of pro-
viding an IT-infrastructure facilitating the exchanges of
goods and services in global supply chain networks in a
secure and reliable manner [3, 31], where lookup service
or discovery service plays a critical role. Therefore, as
an essential and critical component for a variety of ap-
plication scenarios of the IoT (specifically, the EPCglobal
Network, an industry proposal to build a global infor-
mation architecture for objects carrying RFID tags with
Electronic Product Codes (EPC)), lookup service should
take some measures to enhance the security and privacy
of the architecture.
Two of the key components of IoT lookup service archi-
tecture required to implement track and trace capabilities
are the Object Name Service (ONS) and the Discovery
Service (DS) envisaged to provide pointers to multiple
providers of information across a supply chain not only
the manufacturer. In the EPCglobal architecture [16], the
most influential architecture and potential future nucleus
of IoT, DS is still in development, ONS only provides a
pointer to the information service provided by the man-
ufacturer of the object. Moreover, ONS [15] is based on
the well-known Domain Name System (DNS), each query
must start from Root ONS. Thus, the ONS will inherit
all of the well-documented DNS weaknesses, such as the
limited redundancy in practical implementations and the
creation of single points of failure [29]. For ONS, this
architecture will have a deep impact on the reliability, se-
curity and privacy of the involved stake holders and their
business processes, especially for information clients.
In IoT, a lookup service to locate item-level informa-
tion stored at potentially unknown supply chain partners
is still missing, and current lookup service and discovery
service mainly rely on a centralized or a chain-style frame-
work, e.g. EPCglobal Architecture, Affilias DS [1, 25],
BRIDGE Project [24] and the Distributed ePedigree Ar-
chitecture [17]. Apart from the issue of security and pri-
vacy, these systems have some drawbacks, such as poor
scalability, load imbalance, poor reliability owing to the
presence of single points of failure, or bottlenecks, which
prevent them from being widely adopted. Moreover, to
the best of our knowledge, the issue of locating hotspot
resource in IoT has received much less attention.
In the last years, Peer-to-Peer (P2P) network has be-
come one of the most popular applications in the Inter-
net, and the P2P paradigm has emerged as an alterna-
tive to centralized and hierarchical architectures. The
approaches to enhance the performance and robustness
of lookup service by using structured P2P systems (e.g.
Chord [28]) based on Distributed Hash Tables (DHT)
that have a high potential as a replacement for ONS as