Before a device or a user can access IoT services, mutual authentication and authorization between the device/user and the IoT system must be established in accordance with predefined security policies. Security policies must be drawn up with great precision in order to comprehensively cover all possible use cases and must also follow standardized models in order to respond to the requirements of the IoT. It is, therefore, important to standardize security policies for the IoT environment. Further, access to data or services must be entirely transparent, traceable and reproducible. This results in an enormous volume of trace files created in the IoT environment given the large number of connected objects. Thus, the mechanisms to optimize traceability must be designed for the context of the IoT. In this kind of an IoT environment, a variety of operating systems with different architectures are available for IoT objects. We can cite here, among others, the example of Google’s Android Things (formerly called Brillo) (Google’s Internet of Things Solutions 2018), Huawei’s LiteOS (2018) and Windows 10’s IoT Core (2018). This diversity can make it even more difficult to standardize security mechanisms and measures.
As concerns user privacy, data can be collected in IoT systems without involving the users. In this context, this data feedback must be secured and the user’s privacy must be ensured during the collection, transmission, aggregation, storage, extraction and processing of the data. In order to meet these requirements, the appropriate mechanisms for data confidentiality, data authentication and data integrity must be included within the IoT, while respecting the needs of this kind of environment (ITU-T 2012).
A number of international organizations have worked on concepts related to security and privacy in the IoT, either by offering appropriate security mechanisms or by offering methodologies that can be applied across the layers of their IoT architectures. We thus have the ITU-T Y.2060 recommendation (ITU-T, 2012) that aims to secure the IoT environment by starting with an analysis of the threats that are specific to the IoT application. Then, specific security services and mechanisms will be supported at every layer of the IoT architecture to ensure global security within this environment. In terms of the application layer of the ITU-T reference model, different security services will be considered, such as authorization, authentication, privacy and integrity of application data, and also the protection of privacy. As concerns the network layer, the security services include authentication, confidentiality of the application data and the signaling data (configurations and commands) and the protection of the integrity of the network management techniques. For the lowest level of ITU-T IoT architecture, namely the device layer, the main services and mechanisms offered to guarantee security are authentication, authorization, validation of the device integrity, access control, confidentiality of data and the protection of integrity. Following the recommendation (ITU-T, 2014), several specific security abilities must be considered in the IoT environment: the ability to ensure secured communications to guarantee the confidentiality and integrity of the data during transmission and during storage. Further, the recommendation specifies an ability to provide a secure service that guarantees that fraudulent services will be forbidden and an ability for authentication and mutual authorization between objects and users in accordance with predefined policies to guarantee the security of information access. They are closely tied to the specific needs of IoT applications and depend on their field of application. Recommendation Y.2060 (ITU-T 2012) also emphasizes the need for security functions and mechanisms to be supported by IoT gateways interconnecting the different components of the different layers of the IoT architecture specified by ITU-T. In the following section, we will describe the different security services that must be considered in the IoT environment.
1.4.2. Security services in the IoT environment
In order to ensure security in the IoT environment, various security services must be provided by applying mechanisms that are specific and adapted to the characteristics of this kind of environment.
1.4.2.1. Identification and authentication in the IoT
1.4.2.1.1. Definition
Identification refers to establishing the identity of the user of a service. It is based on the principle of each user being individually assigned an identifier. Authentication follows identification and enables the user to prove their identity. The user should use an authenticator or a secret code, which only they know. Authentication does not give the right of access. It is the access control that guarantees this privilege if authentication has been successful (ITU-T 1991). Authentication mechanisms can offer several advantages to the IoT environment. Thus, through the identification and authentication mechanisms, the IoT environment takes into account robust devices that are able to reduce the risk of intrusion and avoid violations (Li 2017).
Further, conventional identification and authentication methods must be adapted to meet the requirements of the IoT environment in terms of scalability, the large number of entities, etc. Several organizations use digital certificates based on public key infrastructure (PKI) for device identification and authentication operations (Allerin 2018). However, certain adaptations must be carried out in order to consider this solution in the IoT context. First of all, the PKI infrastructure must be able to effectively support the process of issuing digital certificates in large numbers and at high speeds. For example, a cloud-based PKI is a more economical and realistic method for the scale required by an IoT environment. Second, digital certificates have a limited lifespan, which means they have an expiry date. In the context of an IoT environment, some use cases may require short-term certificates while many others require certificates with a longer lifetime. A certificate with a longer lifetime is required when a device needs to be authenticated on the basis of a long-term certificate. IoT project managers must then carefully determine the lifespan required for digital certificates and determine the associated advantages and disadvantages. On the other hand, the certificates, which are considered critical elements with their own life cycle, must be managed in an efficient manner. The manual tracking of these certificates is not feasible in an IoT environment. Thus, PKI must be associated with certificate management providers along with a scalable platform. These platforms must then be capable of managing specific IoT use cases (Allerin 2018).
1.4.2.1.2. Research projects
Various research studies and projects have dealt with identification and authentication security services. BUTLER (uBiquitous, secUre inTernet-of-things with Location and contExt-awaReness) (CORDIS 2018), a European project funded by FP7 (October 2011–October 2014), studied the mechanisms of identification and authentication in the IoT environment. This project proposed a mechanism for managing the ownership of objects by the users. In this case, users possess connected objects. A user (the owner of an object) has an account with the Trust Manager, which is implemented on an authorization server. The user connects to the authorization server and registers a new resource (a new connected object). The resource must have a unique identifier (generally a URL) and identification information (resource security credentials). The user must then configure the resource with the resource security credentials and, thus, the identity of the user who possesses the object may be verified. Similarly, BUTLER offers a mechanism that makes it possible to identify objects to gateways using digital certificates that are managed by authorization servers (Sottile et al. 2014). There is also academic research that has studied identification and authentication in the IoT. According to the work described in Li (2017), the author highlights the importance of proposing an authentication protocol that makes it possible to relieve nodes (which are constrained in terms of their storage and computing capabilities) of the management of authentication and authorization.
1.4.2.2. Access control in the IoT
1.4.2.2.1.