2. Requirements of IoT
Internet of Things Vision
Challenges in IoT
IoT strategic Research and Innovation directions
Future Internet Technologies
Security, Privacy and Trust
3. Five essential requirements for processes and practices that
should be part of every IoT implementation:
Edge computing/analytics
Data ingestion and stream processing.
Device management
Cold path and advanced analytics
Enterprise integration with business systems
4. The vision of the Internet of Things (IoT) can
be seen from two perspectives – “Internet-
centric” and “thing-centric.”
The Internet-centric architecture involves
Internet services as the main focus, as data is
being generated by the “things.”
In the thing-centric architecture, smart
devices take the center stage.
5. The end goal is to have plug-n-play smart
objects that can be deployed in any
environment with an interoperable
interconnection backbone that allows them to
blend with other smart objects around them.
Standardization of frequency bands and
protocols plays a pivotal role in
accomplishing this goal.
6. Source: Elsevier B.V. A., 2013, Internet of Things (IoT): A vision, architectural elements, and future
directions
7. Selecting, implementing, customizing and
supporting new technologies across the IoT
continuum, from sensors and cloud platforms, to
analytics and AI.
Understanding and implementing unfamiliar data
formats and proprietary communication
protocols.
Integrating the IoT infrastructure with existing
systems without overloading corporate networks,
compromising security, exceeding budget or
falling behind competitive efforts
8.
9.
10.
11.
12.
13. Three key security requirements:
Authentication
Confidentiality
Access control
15. Confidentiality and Integrity :-
is analyzed how existing key management
systems could be applied to the IoT context.
It is possible to classify the Key Management
System (KMS) protocols in four major
categories: key pool framework,
mathematical framework, negotiation
framework, and public key framework
16. QUESTIONS RELATED TO CONFIDENTIALITY AND SECURITY:-
Are the IoT proposals adaptable to the IoT environment, considering
both the heterogeneity of the involved devices and the different
application contexts?
How and at which network layer to handle authentication?
Is it feasible to reuse the traditional security mechanisms (e.g.,
encryption algorithms) or it is better to start from new solutions?
How to handle the different keys?
Which kind of key distribution mechanism is the most suitable?
How to ensure an end-to-end integrity verification mechanism in
order to make the system more resilient to malicious attacks?
17. Major challenges related to access control in an IoT scenario which
emerge are:
How to guarantee the access permission in an environment where
not only users, but also things could be authorized to interact with
the system?
It is more effective to exploit a centralized or distributed approach
or a semi-distributed one in order to manage the scalable IoT
architecture?
How to handle the huge amount of transmitted data (i.e., in the form
of stream data) in a common recognized representation?
How to support the identification of entities
18. Some solutions used or proposed related to privacy in IoT systems:
Data Tagging
A user-controlled privacy-preserved access control protocol
Continuously Anonymizing STreaming data via adaptive cLustEring
(CASTLE)
Traditional privacy mechanisms are divided into two categories:
Discretionary Access and Limited Access
Attribute-Based Encryption (ABE)
19. Trust in IoT:-
A main problem with many approaches towards trust definition is
that they do not lend themselves to the establishment of metrics and
evaluation methodologies.
The satisfaction of trust requirements are strictly related to the
identity management and access control issues.
Device Layer: includes all IoT devices and communication among these
devices.
Request Layer: is mainly responsible for collecting experience,
knowledge and recommendation information and calculating fuzzy
trust value.
Access Control Layer: is involved in decision making process and maps
the calculated fuzzy trust value to the access permissions, with the
principle of least privilege
20. Following issues are still open in IoT-trust management:
The introduction of a well-defined trust negotiation language
supporting the semantic interoperability of IoT context.
The definition of a proper object identity management system.
The development of a trust negotiation mechanism in order to
handle data stream access control