The New Advanced Society

4 (iv) Integrity: This implies to mechanism to ascertain that received information which is temporarily or permanently stored in IoT system has not been compromised in any way. Infrastructure of IoT ecosystem holds a number of sensitive information. Any attempt or successfully manipulated information may result in severe damage to the usage of the system. Data integrity is a critical factor for IoT ecosystem. A malicious user may use offensive means for manipulating critical information using a wrongly configured resource. Software vulnerability associated with the IoT application may even be explored for this purpose. Virus infections and other malicious programs could potentially be used for altering source of data. Hence it could adversely impact system integrity. With respect to authentication of devices, integrity aspect ensures genuineness. It also encompasses the identity of the systems. Also a non-compromised user is a vital aspect for facilitating desired service in the IoT system reliably. Certain service instances like mission critical military applications must maintain high integrity level over an IoT system.

5 (v) Lightweight Protocols: This requirement is one of its kind for security. The specific requirement was visualized due to the inherent limitation regarding computing and power handling capabilities of the devices of the IoT system. Such thing is an indirect requirement, but a constraint which is required to be considered for design and implementation of various protocols for IoT networks. This is applicable both for encryption and authentication of data as well as device attached to IoT system. Underneath algorithms are essentially required to work with constraint capacities of the associated devices.

6 (vi) Standardization and Policies: IoT ecosystem usually comprise of various devices of heterogenous characteristics. From the networking point of view the system may be of dynamic nature, where various IoT devices be put to active use depending on the dynamics of its utilization requirements. At the same time, it is also required for ensuring protection of acquired data, management and transmission of such data using a secured manner. Above all formalized means for enforcing desired set of regulations are required to meet the defined standards of the ecosystem. Service Level Agreements (SLAs) is required to unambiguously spell out all details of the services planned for being provided. Commonly followed network security protocols and standards may not be applicable such a system having dynamic characteristics. Implementing standardized set of regulations coupled with SLAs would be able to enhance mutual trust among users and devices leads to effective usage, remarkable growth to result in high scalability of the system.

The most commonly used public key cryptographic means are Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC). RSA calculates the product of two large prime numbers and tries to find difficulty of factoring it. However, ECC is a comparatively newer approach in the field of public key cryptography which is based on the algebraic structure of elliptic curves over finite fields. In the matter of performance, ECC is accessed to be faster than RSA. Hence it has become a default choice for the public key cryptosystem for resource constrained systems like IoT.

In the recent times Cryptographic Hash function has emerged as a new approach towards security by converting a bit string of variable length into a fixed-length hash value. Significantly the conversion function is a one way conversation function only, which cannot have any reverse function mechanism. The Hash functions maintains following four vital characteristics in terms of mathematics and algorithm: (i) Function of low computing complexity. (ii) It is an irreversible or “one-way” function. (iii) Non-feasibility for modifying input value with non-alternation of the hash (iv) As a matter of rule it must be followed by using a common and one hash, it must not be possible to have multiple corresponding inputs.

Proliferation of technological advancements in the areas of Cloud Computing as well as IoT ecosystem has shown the path for many new approaches. Amalgamation of these two technological paradigms has proven to have shown to have multiplicative advantages for their applications. In this section we will deliberate on this aspect of Cloud as well as IoT covering details of commercially available IoT Clouds as well.

Based upon the fundamental nature of cloud, it is capable to store and handle huge amounts of information from various devices of an ecosystem. At the same time where there are multiple and heterogenous devices in an ecosystem that acquire huge amounts of data, it becomes a difficult task for identifying as well as keeping track of all IoT device from where associated and corresponding data are collected. Computing capability of cloud in a virtual and unlimited processing scenario can handle such huge data processing requirements.

Considering an IoT environment, the sensing devices keep on acquiring the sensor data and temporarily store them before processing in a near real time environment. In this condition limited storage capability poses as a hindrance for data storage. At the same time processing of huge amounts of data in a near real time environment is a challenge for such resource limited IoT devices. At this point characteristics of unlimited computing power of Cloud come to play. Similarly, in a huge IoT eco system some of the sensing devices may not always be on active use. Hence malicious users may exploit them for intrusion to the system security. Hence the identity of the IoT devices is having equal importance as that of the legitimate users of the system.

For effective cloud implementation essential actors play their designated roles for IoT, as depicted in Figure 3.1. Details of their roles considered for each actor are listed below.

1 (i) Things or IoT devices: This is used to collect and transmit data using various sensors for further processing.

2 (ii) Processing node: This solves the purpose of processing input as well as output data acquired by things or devices.

3 (iii) Trans-receiver: This sends or receives various instructions and other associated commands from the processing node or the devices.

4 (iv) Actuator: This is used to initiate or trigger a thing or device for performing a specified assigned task by processing the input data.

Figure 3.1 Actors of an IoT system.

The respective roles played by things or devices are generally reflected as incorporating themselves to cloud. Following such a structured approach, devices of the IoT ecosystem would be able to authenticate themselves to the cloud and also be able to process the acquired data in the desired manner with best utilization of cloud infrastructure. In the similar manner, receiver node of IoT network would also require necessary authentication method for obtaining authorization signifying as legitimate receiving entity. Considering data for being hosted in the cloud, establishing access controls as well as de-assigning users and IoT devices which might have been redundant or changed or no longer in use is a crucial thing for consideration. Figure 3.2represents a generalized architecture of IoT Cloud. Further details on the same would be considered in the next section covering details on IAM Related Developments framework for the IoT cloud.

Figure 3.2 IoT Cloud system architecture.