research-article

Making Constrained Things Reachable: A Secure IP-Agnostic NAT Traversal Approach for IoT

Author:
Oscar Novo

Ericsson Research, Finland, Aalto University, Finland

Ericsson Research, Finland, Aalto University, Finland

0000-0002-5123-2608
View Profile

Authors Info & Claims

ACM Transactions on Internet Technology Volume 19 Issue 1Article No.: 3pp 1–21https://doi.org/10.1145/3230640

Published:05 October 2018Publication History

ACM Transactions on Internet Technology

Abstract

The widespread adoption of the Internet of Things (IoT) has created a demand for ubiquitous connectivity of IoT devices into the Internet. While end-to-end connectivity for IoT requires in practice IPv6, a vast majority of nodes in Internet are only IPv4-capable. To address this issue, the use of Network Address Translation (NAT) at the IoT network boundary becomes necessary. However, the constrained nature of the IoT devices hinders the integration of traditional NAT traversal architectures through IoT networks.

In this article, we introduce a novel transition mechanism that transparently enables IoT devices behind NATs to connect across different network-layer infrastructures. Our mechanism adopts the IoT standards to provide a global connectivity solution in a transparent, secure, and elegant way. Additionally, we revisit the NAT solutions for IoT and describe and evaluate our current implementation.

References

C. Aoun and E. Davies. 2007. Reasons to move the Network Address Translator-Protocol Translator (NAT-PT) to historic status. Retrieved from http://www.ietf.org/rfc/rfc4966.txt.Google Scholar
F. Audet and C. Jennings. 2007. Network Address Translation (NAT) behavioral requirements for Unicast UDP. Retrieved from http://www.ietf.org/rfc/rfc4787.txt.Google Scholar
M. Bagnulo, P. Matthews, and I. van Beijnum. 2011. Stateful NAT64: Network address and protocol translation from IPv6 Clients to IPv4 Servers. Retrieved from http://www.ietf.org/rfc/rfc6146.txt.Google Scholar
M. Bagnulo, A. Sullivan, P. Matthews, and I. van Beijnum. 2011. DNS64: DNS extensions for network address translation from IPv6 clients to IPv4 servers. Retrieved from http://www.ietf.org/rfc/rfc6147.txt.Google Scholar
C. Bormann, M. Ersue, and A. Keranen. 2014. Terminology for constrained-node networks. Retrieved from http://www.ietf.org/rfc/rfc7228.txt.Google Scholar
B. Carpenter. 2011. Advisory guidelines for 6to4 deployment. Retrieved from http://www.ietf.org/rfc/rfc6343.txt.Google Scholar
S. Cheshire and M. Krochmal. 2013. NAT Port Mapping Protocol (NAT-PMP). Retrieved from http://www.ietf.org/rfc/rfc6886.txt.Google Scholar
S. Deering and R. Hinden. 1998. Internet Protocol, Version 6 (IPv6) Specification. Retrieved from http://www.ietf.org/rfc/rfc2460.txt. Google ScholarDigital Library
R. Despres. 2010. IPv6 Rapid Deployment on IPv4 Infrastructures (6rd). Retrieved from http://www.ietf.org/rfc/rfc5569.txt.Google Scholar
Ericsson 2017. Ericsson Mobility Report: On the Pulse of the Networked Society. Technical Report. Ericsson. Retrieved from https://www.ericsson.com/mobility-report.Google Scholar
Roy Thomas Fielding. 2000. Architectural Styles and the Design of Network-based Software Architectures. Ph.D. Dissertation. University of California, Irvine. Retrieved from http://www.ics.uci.edu/&sim;fielding/pubs/dissertation/rest_arch_style.htm.Google ScholarDigital Library
IEEE 2017. IEEE 802.15 standard. Retrieved from http://www.ieee802.org/15.Google Scholar
IGD 2017. Internet Gateway Device (IGD). Retrieved from https://openconnectivity.org/upnp/specifications.Google Scholar
N. Kushalnagar, G. Montenegro, and C. Schumacher. 2007. IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, assumptions, problem statement, and goals. Retrieved from http://www.ietf.org/rfc/rfc4919.txt.Google Scholar
LWM2M 2017. OMA Lightweight M2M, technical specification. Retrieved from http://openmobilealliance.org/about-oma/work-program/m2m-enablers/.Google Scholar
R. Mahy, P. Matthews, and J. Rosenberg. 2010. Traversal Using Relays around NAT (TURN): Relay extensions to Session Traversal Utilities for NAT (STUN). Retrieved from http://www.ietf.org/rfc/rfc5766.txt.Google Scholar
MQTT 2017. MQTT specification. Retrieved from http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqtt-v3.1.1.pdf.Google Scholar
J. Rosenberg. 2010. Interactive Connectivity Establishment (ICE): A protocol for Network Address Translator (NAT) traversal for offer/answer protocols. Retrieved from http://www.ietf.org/rfc/rfc5245.txt.Google Scholar
J. Rosenberg, R. Mahy, P. Matthews, and D. Wing. 2008. Session Traversal Utilities for NAT (STUN). Retrieved from http://www.ietf.org/rfc/rfc5389.txt.Google Scholar
J. Rosenberg, J. Weinberger, C. Huitema, and R. Mahy. 2003. STUN—Simple Traversal of User Datagram Protocol (UDP) through Network Address Translators (NATs). Retrieved from http://www.ietf.org/rfc/rfc3489.txt. Google ScholarDigital Library
Z. Shelby, K. Hartke, and C. Bormann. 2014. The Constrained Application Protocol (CoAP). Retrieved from http://www.ietf.org/rfc/rfc7252.txt.Google Scholar
Zach Shelby, Michael Koster, Carsten Bormann, Peter Van der Stok, and Christian Amsuss. 2018. CoRE Resource Directory. Internet Engineering Task Force. Retrieved from https://datatracker.ietf.org/doc/html/draft-ietf-core-resource-directory.Google Scholar
P. Srisuresh and M. Holdrege. 1999. IP Network Address Translator (NAT) terminology and considerations. Retrieved from http://www.ietf.org/rfc/rfc2663.txt. Google ScholarDigital Library
Thread 2017. Thread network protocol. Retrieved from https://www.threadgroup.org/.Google Scholar
O. Troan and B. Carpenter. 2015. Deprecating the Anycast prefix for 6to4 relay routers. Retrieved from http://www.ietf.org/rfc/rfc7526.txt.Google Scholar
G. Tsirtsis and P. Srisuresh. 2000. Network Address Translation--Protocol Translation (NAT-PT). Retrieved from http://www.ietf.org/rfc/rfc2766.txt. Google ScholarDigital Library
D. Wing, S. Cheshire, M. Boucadair, R. Penno, and P. Selkirk. 2013. Port Control Protocol (PCP). Retrieved from http://www.ietf.org/rfc/rfc6887.txt.Google Scholar
Zigbee. 2017. Zigbee Alliance. Retrieved from http://www.zigbee.org/zigbee-for-developers/zigbee.Google Scholar

Index Terms

Making Constrained Things Reachable: A Secure IP-Agnostic NAT Traversal Approach for IoT
1. Networks
  1. Network architectures
    1. Network design principles
      1. Naming and addressing
  2. Network protocols
    1. Transport protocols

Recommendations

RFC 8576: Internet of Things (IoT) Security: State of the Art and Challenges
Read More
RFC 8323: CoAP (Constrained Application Protocol) over TCP, TLS, and WebSockets
Read More
Internet of Things security

The Internet of things (IoT) has recently become an important research topic because it integrates various sensors and objects to communicate directly with one another without human intervention. The requirements for the large-scale deployment of the ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Internet Technology Volume 19, Issue 1
Regular Papers, Special Issue on Service Management for IOT and Special Issue on Knowledge-Driven BPM
February 2019
321 pages
ISSN:1533-5399
EISSN:1557-6051
DOI:10.1145/3283809
Editor:
Ling Liu
Georgia Institute of Technology, USA
Issue’s Table of Contents
Copyright © 2018 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 5 October 2018
- Accepted: 1 March 2018
- Revised: 1 December 2017
- Received: 1 August 2017
Published in toit Volume 19, Issue 1

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
IoT
M2M
NAT traversal
constrained networks
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 5
  Total Citations
  View Citations
- 422
  Total Downloads
- Downloads (Last 12 months)12
- Downloads (Last 6 weeks)2
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Making Constrained Things Reachable: A Secure IP-Agnostic NAT Traversal Approach for IoT

ACM Transactions on Internet Technology

Abstract

References

Cited By

Index Terms

Recommendations

RFC 8576: Internet of Things (IoT) Security: State of the Art and Challenges

RFC 8323: CoAP (Constrained Application Protocol) over TCP, TLS, and WebSockets

Internet of Things security