Security is an important cornerstone for the Internet of Things (IoT). This is
why, in the IoT-A project, we deemed as very important to thoroughly address
security and privacy issues in various aspects. A set of requirements based
on the input of external and internal stakeholders was used as a basis for the
identification of the mechanisms and functionalities that guarantee user data
privacy and integrity, user authentication, and trustworthiness of the system.
These functionalities were analysed and orchestrated in Functional Groups (FG) and Functional Components (FC) in the frame of WP1. High-level PS&T specifications were integrated in the frame of the IoT-A Architectural Reference Model (ARM) and then passed to vertical WPs dealing with communication protocols (WP3), infrastructure services (WP4) as well as hardware aspects (WP5). Due to the highly heterogeneous environment provided by the IoT and the huge number of connected, (autonomous) devices foreseen by analysts, a strong focus was placed on scalability and interoperability.
The ARM document paves the way for understanding and adopting the open architecture of IoT-A, as well as provides the overall definition of IoT security, privacy and trust design strategies that we adopted. Then, in WP3 we analysed the security of communication in the peripheral part of the IoT and its impact on the overall communication architecture. In this context we investigated HIP and HIP-BEX protocols, as well as considered issues like mobility, collaborative key establishment, and securing network entry with PANA/EAP.
Then, within the framework of WP4 we developed a secure resolution infrastructure for IoT-A. It ensures privacy and security for the resolution functions as well as offers the basis for other security functionalities outside the resolution infrastructure. It controls the access to IoT resources, real world entities, and to the related information including their respective identifiers. In addition, the resolution infrastructure provides also support for pseudonymity: A user does not need to reveal his/her identity when using an IoT resource or a higher-level service. To achieve all this, various security components were developed.
They deal with authorization and authentication, key exchange and management, trust and reputation, and identity management. Finally, WP5 deals with privacy and security at device level. In particular, it describes the mechanisms needed to authenticate RFID devices and to provide confidentiality of the communication between reader and tag. The PS&T features of the IoT-A architecture will be tested in the forthcoming IoT-A eHealth Use Case.
These functionalities were analysed and orchestrated in Functional Groups (FG) and Functional Components (FC) in the frame of WP1. High-level PS&T specifications were integrated in the frame of the IoT-A Architectural Reference Model (ARM) and then passed to vertical WPs dealing with communication protocols (WP3), infrastructure services (WP4) as well as hardware aspects (WP5). Due to the highly heterogeneous environment provided by the IoT and the huge number of connected, (autonomous) devices foreseen by analysts, a strong focus was placed on scalability and interoperability.
The ARM document paves the way for understanding and adopting the open architecture of IoT-A, as well as provides the overall definition of IoT security, privacy and trust design strategies that we adopted. Then, in WP3 we analysed the security of communication in the peripheral part of the IoT and its impact on the overall communication architecture. In this context we investigated HIP and HIP-BEX protocols, as well as considered issues like mobility, collaborative key establishment, and securing network entry with PANA/EAP.
Then, within the framework of WP4 we developed a secure resolution infrastructure for IoT-A. It ensures privacy and security for the resolution functions as well as offers the basis for other security functionalities outside the resolution infrastructure. It controls the access to IoT resources, real world entities, and to the related information including their respective identifiers. In addition, the resolution infrastructure provides also support for pseudonymity: A user does not need to reveal his/her identity when using an IoT resource or a higher-level service. To achieve all this, various security components were developed.
They deal with authorization and authentication, key exchange and management, trust and reputation, and identity management. Finally, WP5 deals with privacy and security at device level. In particular, it describes the mechanisms needed to authenticate RFID devices and to provide confidentiality of the communication between reader and tag. The PS&T features of the IoT-A architecture will be tested in the forthcoming IoT-A eHealth Use Case.
No comments:
Post a Comment