Abstract:
Internet of Things enables every node on a personal network to be managed and monitored remotely over the Internet. Biometric devices, used for access control or as bio-sensors, form a critical part of Internet of Things and are identified using IPv6 address. Malicious users can track activity of these devices by spoofing IPv6 addresses from unsecure wireless communication channels. Tracking device activity and identifying user behavior of the device poses a great threat to device identity and data generated by it. Such a threat can be avoided by keeping the device’s IPv6 address hidden from attacker. This study proposes a method to privacy enable IPv6 address configuration for connected devices in general and biometric devices in particular, while connected as a part of Internet of Things. It is proposed that by changing the device’s IPv6 address periodically and pseudorandomly, its identity can be kept private to a large extent. These address changes are configured on devices based on congruence classes, which generate non-repeatable integer sequence. It is proposed that the interface identification part of IPv6 address is configured with two-level hierarchy with each level level using a different congruence class. Such configuration generates different identification values to ensure conflict free address configuration. The proposition is analyzed for privacy preserving property and communication cost. The results of performance benchmarking using Cooja simulator show that the method does not impose substantial communication overhead on IPv6 address configuration process.