The New Advanced Society

Similarly, another evolving area, Cloud computing, is also making its presence felt in almost all technical ecosystems. This is also emerging as a vital processing nodal system for IoT. Accordingly, an efficient and robust cloud IoT identity management framework merits its development due to its definite relevance. Due to the above mentioned concepts, systematic analysis with visualization of associated risks with various elements of IoT for identity management is of paramount importance. Visualizing its importance, some research by academia and related developments have been initiated by industries in this regard.

The organization of the rest of the chapter is as follows: Section 3.2provides details on Internet of Things (IoT) Security. Section 3.3discusses details on IoT Cloud and Identity related aspects. Section 3.4elaborates related Developments for Securing IoT for better Identity and Access management. A Distributed Ledger based solution for Identity and Access Management (IAM) security of IoT Cloud is covered in Section 3.5and Section 3.6concludes the chapter.

IoT ecosystem essentially comprises of a network of enabled and smart sensing devices. Such devices drive the IoT system by means of data acquired and the purpose it is deployed for. However due to the openness as well as growing popularity and density of the IoT devices, it is generally under continuous scanning by the malicious users. These users try to gather legitimate user credentials and try for intrusion to the IoT ecosystem. Further they fraudulently take control of the devices associated, there by posing a great threat to the system as a whole. Hence there is a need to deliberate on the salient aspects which have an impact on the security of IoT system.

IoT infrastructure and associated services are generally established using network enabled endpoint devices. Such devices function with integrated service platform components that work with similar technology to interact with many communication equipment, computing devices and IT services [1]. The terminal-end device of such system is primarily a TCP/IP network Protocol facilitated & internet enabled computing hardware. This could range from PCs, laptop computers, smart phones, tablet PCs, thin-client machines, network printers to some of the special hardware like IP Phone, IP Camera, smart metering systems, POS terminals, etc. In most cases, these devices are used for sensing and capturing data driving events to further enable their provisioning for various services and applications. In the event of any device of IoT ecosystem being compromised, related service could be controlled by attacker which could result in stealing of sensitive information and may be disrupting the services. For effective functioning of IoT ecosystem, undermentioned security aspects are required to be kept in mind with respect to network operators as well as service providers [2].

1 (i) Availability: To ensure uninterrupted and errorfree communication between endpoint devices and their corresponding services.

2 (ii) Identity: To ensure proper authentication among users, endpoints and the associated services.

3 (iii) Privacy: To ensure prevention of any harm or misuse of the subscribed service-related information as well as end user’s location and data.

4 (iv) Security: To ensure system’s integrity and communication confidentiality to further facilitate verification, monitoring and tracking of user’s activities and corresponding services.

IoT systems, due to their simultaneous and huge amount of data handling among many users, subsystems and devices are becoming lucrative destination for cyber-attack activities. Such attacks are mainly aimed for mischievously stealing and gaining sensitive system information by eavesdropping. Every connected device of the ecosystem could be potentially leading to some kind of sensitive and critical data of interconnected system of the IoT infrastructure. Due to their multidimensional impact, concerns related to data security are very much relevant and important. Risks associated with the IoT could be much higher as automated processing, decision making and interoperability along with security loopholes can show exponential results towards potential vulnerabilities.

A prominent and essential requirement related to IoT ecosystem is that devices are mandatorily required to be interconnected. Upon these interconnected resources various IoT activities like sensing, communicating and processing are facilitated. IoT system generally acquires information from end-nodes or devices. After acquiring, data is transmitted and processed at certain nodes designated for their processing towards accomplishment of associated complex tasks. The inherent capability of the system must provide security related protection for various applications for secured online transaction, as well as for maintaining data integrity. Accordingly, concerns for the need of a comprehensive, robust and a effectively secured mechanism merit its relevance to the constantly evolving IoT ecosystem.

From the above discussion, broadly the following three objectives for security aspects of IoT and the associated networks have been assessed. Firstly, desired mechanism to protect IoT devices and associated networking resources from attacks. Secondly necessary mechanism for protecting IoT related services and applications from unauthorized access and usage. Finally, protection of balance of the IoT resources from cascading effect attacks, as usage of compromised information. Similarly a compromised device may function like an attacking platform itself. To summarize these points, we can comfortably come to a conclusion that full proof identification establishment of devices and strict access control are principal factors for securing an IoT ecosystem.

At a broad level, security requirement aspects of IoT are classified into several categories which are discussed below:

1 (i) Availability: This signifies that IoT assets of the system under consideration are made available for usage when request by entities which are authorized to do so and also by the genuine users. This factor allows desired data collection as well as prevents interruptions in the desired service. A fully functional Internet connected environment is essentially required to provide IoT availability in the true sense. Distributed Denial of Service attack (DDOS), Denial of Service (DOS) and flooding attacks generally regarded as threats to availability. However IoT service disruption can also arise from hardware and software failures which could affect service availability.

2 (ii) Authentication: Things in IoT are essentially required to be made identifiable and also to be authenticated. Due to the complex nature of the IoT system, such process sometimes becomes extremely critical with respect to authentication. Since several entity types are associated like type of device, kind of services, specific service provider, corresponding unit for processing, etc., initial service session establishment is required among the IoT devices. Accordingly, desired mechanism for mutual authentication of entities in IoT system in all interactions is essentially required.

3 (iii) Confidentiality: In any IoT ecosystem where there is a complex topological and logical networking of various sensors and data aquation devices, there is a need for exchanging certain enciphered data for having confidentiality. Various standardized and established key management technique are in use. In an IoT ecosystem, a specific type of key management systems requiring lesser processing loads needs to be followed for establishing trust among entities. Similarly lessor resources utilization is also a requirement for key distribution among them. Hence less processor, memory and network bandwidth requiring key management procedure is required to be adopted.