IoTSySDescription

The IoTSyS gateway provides an oBIX Web service interface to access heterogeneous existing building automation technologies and smart meters (e.g. KNX, BACnet, ZigBee, Wireless M-Bus). The gateway provides a Web service protocol binding to SOAP and RESTful HTTP and CoAP Web service endpoints. Furthermore, virtual IPv6 endpoints are provided for all devices behind the gateway making them globally accessible in the Internet. Within this project state of the art Web service security technologies and access control technologies should be applied to protect these Web service endpoints. Transport layer security should be provided for HTTP (TLS/SSL) and CoAP (DTLS), but also message layer security should be considered. For the SOAP WS-endpoint the WS-Security stack can be used for securing message exchange by applying signatures and encryption. For the RESTful Web service endpoints XML Signature and XML Encryption should be used on the payload. Finally, access control mechanisms should be applied to allow fine-grained access control on oBIX objects for certain clients (e.g. based on XACML). The resulting outcome should be an IoTSyS security OSGI bundle that can be deployed on the gateway and protects the incoming and outgoing requests to the gateway.

Benefit for the Student

Dive into latest technologies and emerging protocols for the Internet of Things/Web of Things. Gain hands on experience in Java based software development and security for Web services. Apply theoretical knowledge on cryptography and security in practice and enhance and tighten your security skills.

Benefit for the Project

Security is currently a strong and open issue for the IoTSyS project which has highest priority. Due to the security and privacy issues arising through offering public access to automation devices a contribution on this topic would be a huge gain for the project.

Requirements

Strong skills in Java based software development are necessary.
Know-how about OSGI, IoC container design and implementation, Java byte code modification frameworks is a plus.

Mentors

Markus Jung, Thomas Hofer

Contact

Mentors are regularly around in our GSoC IRC channel #TU-CSE-SoC at irc.freenode.net. You can also reach us via the mailinglist – send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. using the prefix [IOTSYS] (a subscription is required).

More Information

http://www.iue.tuwien.ac.at/cse/wiki/doku.php?id=security
http://code.google.com/p/iotsys

http://datatracker.ietf.org/doc/draft-ietf-core-coap/ (CoAP)
https://tools.ietf.org/html/rfc6347 (DTLS)
https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss (WS-Security)
http://www.w3.org/TR/soap/ (SOAP)
https://www.oasis-open.org/committees/obix/ (oBIX)
https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml (XACML)