学术文献库

Most of the existing models for deploying IoT ecosystem involves the vendor being in the loop of the command and control of IoT devices hence users' privacy and security is one of the main challenges. Despite these concerns, users are often faced with a choice between limiting the device functionality or enabling internet access to the IoT devices by signing up to the vendor centralized model in order to access their device from outside their home. In this paper, we argue that although IoT is promising a revolutionary way of offering services to users, most of these devices shouldn't be allowed to have Internet access due to the increased risks to privacy and security. We present an alternative home networking design model which limits the exposure of IoT devices, and enable seamless access to their functionality from outside the home using WireGuard (WG), a state-of-the-art Virtual Private Network (VPN) protocol. We built a test-bed using off-the-shelf IoT devices for testing our proposed network design under various conditions; including access from Home, 4G, Office and Public Wifi networks. We show that our VPN-based remote access to the IoT device offers a better performance in terms of end-to-end delay in all scenarios when using Hypertext Transport Protocol (HTTP) and comparable performance when using double encryption Hypertext Transport Protocol Secure (HTTPS) over the VPN.