The New Advanced Society. Группа авторов. Читать онлайн. Newlib. NEWLIB.NET

Автор: Группа авторов
Издательство: John Wiley & Sons Limited
Серия:
Жанр произведения: Программы
Год издания: 0
isbn: 9781119884378
Скачать книгу
versatility and openness, such interconnected devices and users are vulnerable to cyber-attacks. In such a scenario a small lapse in identity management will have exponential effects from such attacks. In this work, an effort has been done to critically examine aspects of IoT security and particularly regarding identity and access management for IoT over Cloud infrastructure. This chapter analyses the identity and access management challenges in IoT, followed by a proposal of cloud identity management model for IoT using distributed ledger technology.

      Keywords: Distributed ledger, Internet of Things, IoT security, cloud IoT, identity and access management

      The concept of Internet of Things (IoT), for the first time was proposed in 1999 by Auto-ID laboratory of the Massachusetts Institute of Technology (MIT). IoT extensively uses Machine to Human (M2H) as well as Machine to Machine (M2M) communication models. Various Dedicated Short-Range Communication (DSC) techniques have enabled interconnection of sensors, receivers, actuators and associated computational nodes for IoT devices for exchanging the acquired data. Since inception, IoT has been continuously growing as a technological ecosystem. It is also noticed that IoT devices are generally constrained from high availability of resources point of view. It is observed that the interconnected systems comprise of a huge number of sensing devices which have less memory coupled with smaller processing capability as well as their firmware or driver software are seldom updated. Usually, they are also deployed at physically unsecured, even at public places and left unattended for prolonged duration. Hence there is a definite requirement to secure IoT infrastructure as well as the network. A principal factor in securing an IoT infrastructure is envisaged regarding device identity and mechanisms to authenticate them in the ecosystem. Well known and existing authentication mechanisms require sufficient computing requirement which are generally not possible by the IoT devices. Associated problems such as issues related to authentication, security, data privacy of the IoT devices are increasing with passage of time. In general, huge volume of data is acquired by various sensors and other IoT devices in the IoT system. Such data, if at all saved using a centrally controlled mechanism or under the supervision of a single Trusted Third Party (TTP) administrator, may lead to the data security and privacy issues. To securely control and manage issues of IoT, classical protection mechanisms like cryptographic means and secured communication protocols are insufficient. In order to tackle these problems, there is a requirement of efficient mechanism having distributed storage, thereby avoiding a central point of failure or control. The mechanism should also facilitate secured authentication and access control having capability of sustaining security related attacks on the system.

      The organization of the rest of the chapter is as follows: Section 3.2 provides details on Internet of Things (IoT) Security. Section 3.3 discusses details on IoT Cloud and Identity related aspects. Section 3.4 elaborates related Developments for Securing IoT for better Identity and Access management. A Distributed Ledger based solution for Identity and Access Management (IAM) security of IoT Cloud is covered in Section 3.5 and Section 3.6 concludes the chapter.

      IoT ecosystem essentially comprises of a network of enabled and smart sensing devices. Such devices drive the IoT system by means of data acquired and the purpose it is deployed for. However due to the openness as well as growing popularity and density of the IoT devices, it is generally under continuous scanning by the malicious users. These users try to gather legitimate user credentials and try for intrusion to the IoT ecosystem. Further they fraudulently take control of the devices associated, there by posing a great threat to the system as a whole. Hence there is a need to deliberate on the salient aspects which have an impact on the security of IoT system.

      3.2.1 IoT Security Overview

      1 (i) Availability: To ensure uninterrupted and errorfree communication between endpoint devices and their corresponding services.

      2 (ii) Identity: To ensure proper authentication among users, endpoints and the associated services.

      3 (iii) Privacy: To ensure prevention of any harm or misuse of the subscribed service-related information as well as end user’s location and data.

      4 (iv) Security: To ensure system’s integrity and communication confidentiality to further facilitate verification, monitoring and tracking of user’s activities and corresponding services.

      3.2.2 IoT Security Requirements

      IoT systems, due to their simultaneous and huge amount of data handling among many users, subsystems and devices are becoming lucrative destination for cyber-attack activities. Such attacks are mainly aimed for mischievously stealing and gaining sensitive system information by eavesdropping. Every connected device of the ecosystem could be potentially leading to some kind of sensitive and critical data of interconnected system of the IoT infrastructure. Due to their multidimensional impact, concerns related to data security are very much relevant and important. Risks associated with the IoT could be much higher as automated processing, decision making and interoperability along with security loopholes can show exponential results towards potential vulnerabilities.

      A prominent and essential requirement related to IoT ecosystem is that devices are mandatorily required to be interconnected. Upon these interconnected resources various IoT activities like sensing, communicating and processing are facilitated. IoT system generally acquires information from end-nodes or devices. After acquiring, data is transmitted and processed at certain nodes designated for their processing towards accomplishment of associated complex tasks. The inherent capability of the system must provide security related protection for various applications for secured online transaction, as well as for maintaining data integrity. Accordingly, concerns for the need of a comprehensive, robust and a effectively secured mechanism merit its relevance to the constantly evolving IoT ecosystem.