Secure and Authorized Client-to-Client Communication for LwM2M

TL;DR

This paper introduces extensions to LwM2M enabling secure client-to-client communication, improving performance and reducing latency in IoT networks while maintaining security compliance.

Contribution

The paper presents novel authorization and management extensions for LwM2M to facilitate secure C2C communication in IoT environments.

Findings

C2C communication achieves ~90% faster notifications

Throughput increases by ~8x with C2C over server-centric

Delivery rate degrades below 100 ms update intervals in server-centric setups

Abstract

Constrained devices on the Internet of Things (IoT) continuously produce and consume data. LwM2M manages millions of these devices in a server-centric architecture, which challenges edge networks with expensive uplinks and time-sensitive use cases. In this paper, we contribute two LwM2M extensions to enable client-to-client (C2C) communication: (i) an authorization mechanism for clients, and (ii) an extended management interface to allow secure C2C access to resources. We analyse the security properties of the proposed extensions and show that they are compliant with LwM2M security requirements. Our performance evaluation on off-the-shelf IoT hardware shows that C2C communication outperforms server-centric deployments. First, LwM2M deployments with edge C2C communication yield a ~90% faster notification delivery and ~8x greater throughput compared to common server-centric scenarios, while keeping a small memory overhead of ~8%. Second, in server-centric communication, the delivery rate degrades when resource update intervals drop below 100 ms.