Service Level Management in Emerging Environments. Nader Mbarek
Чтение книги онлайн.

Читать онлайн книгу Service Level Management in Emerging Environments - Nader Mbarek страница 9

Название: Service Level Management in Emerging Environments

Автор: Nader Mbarek

Издательство: John Wiley & Sons Limited

Жанр: Отраслевые издания

Серия:

isbn: 9781119818328

isbn:

СКАЧАТЬ This results in an enormous volume of trace files created in the IoT environment given the large number of connected objects. Thus, the mechanisms to optimize traceability must be designed for the context of the IoT. In this kind of an IoT environment, a variety of operating systems with different architectures are available for IoT objects. We can cite here, among others, the example of Google’s Android Things (formerly called Brillo) (Google’s Internet of Things Solutions 2018), Huawei’s LiteOS (2018) and Windows 10’s IoT Core (2018). This diversity can make it even more difficult to standardize security mechanisms and measures.

      As concerns user privacy, data can be collected in IoT systems without involving the users. In this context, this data feedback must be secured and the user’s privacy must be ensured during the collection, transmission, aggregation, storage, extraction and processing of the data. In order to meet these requirements, the appropriate mechanisms for data confidentiality, data authentication and data integrity must be included within the IoT, while respecting the needs of this kind of environment (ITU-T 2012).

      1.4.2. Security services in the IoT environment

      In order to ensure security in the IoT environment, various security services must be provided by applying mechanisms that are specific and adapted to the characteristics of this kind of environment.

      1.4.2.1. Identification and authentication in the IoT

      1.4.2.1.1. Definition

      Identification refers to establishing the identity of the user of a service. It is based on the principle of each user being individually assigned an identifier. Authentication follows identification and enables the user to prove their identity. The user should use an authenticator or a secret code, which only they know. Authentication does not give the right of access. It is the access control that guarantees this privilege if authentication has been successful (ITU-T 1991). Authentication mechanisms can offer several advantages to the IoT environment. Thus, through the identification and authentication mechanisms, the IoT environment takes into account robust devices that are able to reduce the risk of intrusion and avoid violations (Li 2017).

      1.4.2.1.2. Research projects

      Various research studies and projects have dealt with identification and authentication security services. BUTLER (uBiquitous, secUre inTernet-of-things with Location and contExt-awaReness) (CORDIS 2018), a European project funded by FP7 (October 2011–October 2014), studied the mechanisms of identification and authentication in the IoT environment. This project proposed a mechanism for managing the ownership of objects by the users. In this case, users possess connected objects. A user (the owner of an object) has an account with the Trust Manager, which is implemented on an authorization server. The user connects to the authorization server and registers a new resource (a new connected object). The resource must have a unique identifier (generally a URL) and identification information (resource security credentials). The user must then configure the resource with the resource security credentials and, thus, the identity of the user who possesses the object may be verified. Similarly, BUTLER offers a mechanism that makes it possible to identify objects to gateways using digital certificates that are managed by authorization servers (Sottile et al. 2014). There is also academic research that has studied identification and authentication in the IoT. According to the work described in Li (2017), the author highlights the importance of proposing an authentication protocol that makes it possible to relieve nodes (which are constrained in terms of their storage and computing capabilities) of the management of authentication and authorization.

      1.4.2.2. Access control in the IoT

      1.4.2.2.1. Definition