Application-layer security for the WoT: Extending CoAP to support end-to-end message security for Internet-integrated sensing applications



Future Web of Things (WoT) applications employing constrained wireless sensing devices will require end-to-end communications with more powerful devices as Internet hosts. While the Constrained Application Protocol (CoAP) is currently being designed with this purpose, its current approach to security is to adopt a transport-layer solution. Transport-layer security may be limitative, considering that it does not provide a granular and flexible approach to security that many applications may require or benefit from. In this context, we target the design and experimental evaluation of alternative security mechanisms to enable the usage of end-to-end secure communications at the application-layer using CoAP. Rather than replacing security at the transport- layer, it is our goal that the proposed mechanisms may be employed in the context of a broader security architecture supporting Internet-integrated wireless sensing applications. Ours is, as far as we known, the first proposal with such goals.


CoAP security, DTLS, end-to-end application-layer security, message security, granular security.


Internet of Things, Security


The 11th International Conference on Wired/Wireless Internet Communications WWIC 2013, June 2013

PDF File

Cited by

Year 2015 : 2 citations

 Vu?ini?, Mališa, et al. "OSCAR." Ad Hoc Networks 32.C (2015): 3-16.

 Bao, Shu-Di, et al. "A data partitioning and scrambling method to secure cloud storage with healthcare applications." Communications (ICC), 2015 IEEE International Conference on. IEEE, 2015.

Year 2014 : 2 citations

 Ukil, Arijit, et al. "Lightweight security scheme for IoT applications using CoAP." International Journal of Pervasive Computing and Communications 10.4 (2014): 372-392.

 Vu?ini?, Mališa, et al. "OSCAR: Object security architecture for the Internet of Things." Ad Hoc Networks (2014).