The New Advanced Society

Some of the commonly used and commercially available IoT Clouds are discussed below to provide desired insight for its utility and associated effects. In this chapter the broad aim is to bring out its security aspects specifically IAM and its relevance to our day to day lives.

1 (i) Azure IoT Suite: This Microsoft proprietary product provides several services which facilitate users for interacting with corresponding IoT devices for data transaction and for performing various data related operation. Some of them may be aggregation of data, multidimensional data analysis, desired transformation of corresponding data for representing it suitably for day to day and usage on large scale commercially. Azure IoT platform is able to handle the challenge by presenting a complete IoT ecosystem with three varied and associated areas, specifically scaling, patterns for telemetry, and big data. Because of its applicability, this platform can be suitably utilized for different hardware devices, multiple operating systems using varied program coding languages.

2 (ii) Brillo/Weave: This is an established platform of Google with a specific feature of faster implementation of applications over IoT network system. This has two numbers of specific defined backbones namely Brillo and Weave. Brillo is an Android operating based system and aims for the system development associated and embedded low power drawing devices. Weave manages the communication handler’s task facilitating interaction as well as messaging. Essentially Weave facilitates provision to register devices for cloudification. It also facilitates processing of all types of remote operative commands. The above mentioned functions are complementary to each other and also collectively form an IoT system. Brillo/Weave is most prominently intended towards smart homes and found to be user friendly for supporting general IoT devices like smart and net enabled speakers, lights, etc.

3 (iii) AWS IoT Cloud: This platform is a product from Amazon Web Services (AWS) for the Internet of things. This system facilitates convenient interconnection of smart and other connected devices in secured manner with the AWS cloud. With AWS IoT, it is very easy to utilize various provided and subscribed AWS services like Amazon DynamoDB and Amazon S3. Above all AWS IoT applications significantly facilitate offline interaction among connected devices. This multi-utility nature and user-friendliness have effectively contributed for its vast acceptance and popularity.

4 (iv) HomeKit: It is a popular Apple proprietary IoT framework. This IoT framework essentially aims to connect home based or domestic IoT devices. Using smart applications over Apple iOS based system, this enables management and control of connected devices and their corresponding accessories. For example, with HomeKit it is conveniently feasible to discover, configure, control, and manage HomeKit connected smart devices and their accessories in a secure way. Simultaneously, users are capable of initiating and controlling of the functioning IoT devices using Siri service of Apple. Presently, Apple iOS, its watchOS, and tvOS of Apple family are the only ones supporting the HomeKit functionalities.

5 (v) Kura: This IoT project has been proposed and initiated by Eclipse. This project provides Java enabled network for IoT gateways designed for running M2M applications. Kura platform facilitates management of interaction among physical network of IoT devices and the public Internet or the cellular networks. Depending on the network type and its usage. Kura also enables abstraction and isolation of developers from underneath hardware, network subsystems. It also renews and optimizes development of prevailing software, by means of provisioning of APIs which permits and manages access to underlying hardware.

6 (vi) ARM mbed IoT: This is an opensource platform planned and designed for application towards IoT devices based on ARM microcontrollers. It functions as an enabler for the ecosystem to build either an IoT standalone applications or a networked application. ARM mbed IoT platform aims for provisioning a scalable, connected, and secure environment for IoT devices by integrating mbed tools and related services, ARM mbed microcontrollers, mbed OSs, mbed Device Connectors, and mbed Cloud. ARM mbed IoT also provisions a common OS foundation for developing IoT frameworks. It is compatible with all standard communication protocols for connecting devices with each other and also with cloud. At the same time, it also supports automatic power management in order to solve the power consumption problem towards Green Cloud Computing.

A standardized requirement for all IoT systems is that, all the IoT devices are essentially required to know the identity of other devices of the system to interact with. For effective access management of the devices must be owned by a known owner. Here the known owner signifies a user or an entity which is uniquely distinguishable and whose identity can be established uniquely. Deployment of IoT system was initially based up on the IP address range allocated as well as the physical location of IoT devices in the specified geographical area of the system. Identity management of IoT was initially addressed by assigning object naming and IP addressing schemes. Since there are increasing efforts by research community for secured identification, authentication, as well as access management issues with IoT system, several new methods and means have emerged. A few such methods used for identity establishment and resource authorization are Ubiquitous code, ODI, short OID, EPC and RFID identifiers.

Subsequently cloud computing method was adopted to assign virtual identity to users and things. The main drawback of such method was to only handle the addressing virtual identity issues, without considering various underneath protocols for data transmission and their applications on the IoT environment. Similarly Wireless Sensor Network (WSN) protocol having identity management functionality as well as clustering of things has not been able to address the specific requirements of mobility of objects and their data transfer in the environment. Some other means were considered in IoT environment only for user identifications such as Open ID, Liberty Alliance and Shibboleth. Provisioning of identity management cycle using Cloud computing was initially based upon centralized solution model for authentication and authorization of resources. This was also used for proper resource accessibility and availability for desired application and service. However over a period of time it was realized that having a single point of failure in a centralized as well as critical system needs due attention. Alternatively desired mechanism needs to be adopted for tackle this issue.

Various ways and means to address this concern of IAM are going to be one of the prime focuses for the chapter. The following section analyzes how cloud enabled IoT solutions have attempted to handle IAM related matters in IoT ecosystem.

Many efforts have been made by research community to efficiently handle the security related matters of IoT ecosystem. The authors of the chapter on Open Web Application Security Project (OWASP) [3] have listed and described most prominent 10 vulnerabilities associated with architecture of IoT. These features include important features like interfaces of entities related to the IoT architecture which are known as not secured, aspects like physical security of the system, inappropriately configured security configuration matters, insecure associated software and firmware.

In 2017 WAVE [4] was proposed. As best known to us, this was a novel and first approach using blockchain based and decentralized authorization in IoT environment. This made use of fine grained access control policies in conjunction with having smart contracts for event triggering functionality. However, functioning of blockchain nodes on constrained IoT devices was a troublesome matter. Hence to address this some trusted gateways were put to use for the devices in order to perform interaction to the blockchain network.