Nader Mbarek - Service Level Management in Emerging Environments

Further, conventional identification and authentication methods must be adapted to meet the requirements of the IoT environment in terms of scalability, the large number of entities, etc. Several organizations use digital certificates based on public key infrastructure (PKI) for device identification and authentication operations (Allerin 2018). However, certain adaptations must be carried out in order to consider this solution in the IoT context. First of all, the PKI infrastructure must be able to effectively support the process of issuing digital certificates in large numbers and at high speeds. For example, a cloud-based PKI is a more economical and realistic method for the scale required by an IoT environment. Second, digital certificates have a limited lifespan, which means they have an expiry date. In the context of an IoT environment, some use cases may require short-term certificates while many others require certificates with a longer lifetime. A certificate with a longer lifetime is required when a device needs to be authenticated on the basis of a long-term certificate. IoT project managers must then carefully determine the lifespan required for digital certificates and determine the associated advantages and disadvantages. On the other hand, the certificates, which are considered critical elements with their own life cycle, must be managed in an efficient manner. The manual tracking of these certificates is not feasible in an IoT environment. Thus, PKI must be associated with certificate management providers along with a scalable platform. These platforms must then be capable of managing specific IoT use cases (Allerin 2018).

Various research studies and projects have dealt with identification and authentication security services. BUTLER (uBiquitous, secUre inTernet-of-things with Location and contExt-awaReness) (CORDIS 2018), a European project funded by FP7 (October 2011–October 2014), studied the mechanisms of identification and authentication in the IoT environment. This project proposed a mechanism for managing the ownership of objects by the users. In this case, users possess connected objects. A user (the owner of an object) has an account with the Trust Manager, which is implemented on an authorization server. The user connects to the authorization server and registers a new resource (a new connected object). The resource must have a unique identifier (generally a URL) and identification information (resource security credentials). The user must then configure the resource with the resource security credentials and, thus, the identity of the user who possesses the object may be verified. Similarly, BUTLER offers a mechanism that makes it possible to identify objects to gateways using digital certificates that are managed by authorization servers (Sottile et al . 2014). There is also academic research that has studied identification and authentication in the IoT. According to the work described in Li (2017), the author highlights the importance of proposing an authentication protocol that makes it possible to relieve nodes (which are constrained in terms of their storage and computing capabilities) of the management of authentication and authorization.

Access control makes it possible to fight against the unauthorized use of a resource. In order to implement this control, a list of entities authorized to access a resource with their access authorizations is defined in accordance with a security policy. This security service is offered to implement different types of access to resources (reading, writing, modification, information deletion and task execution). Access control is based on one or more elements, using an information database that is maintained by authorization centers or the entity itself and this may take the form of an access control list or a hierarchical or distributed matrix. These databases include authentication information (passwords, security tags, etc.) (ITU-T 1991). Two entities are used for access control in the IoT: the data holders (users of IoT services) and objects (data collectors) that send data or receive commands. These two entities must be mutually authenticated (Balte et al . 2015).

Several European research projects have studied the adaptation of access control mechanisms for the IoT environment. ARMOUR (2018) is a European project funded by H2020 (February 2016–February 2018) that addressed some of the challenges surrounding security and trust in the IoT. The work carried out in the framework of this project makes it possible to define a set of components that interact with each other to authorize or block secure data queries in an IoT environment. ARMOUR defines several entities in this environment in order to do this. First, we have the Policy Decision Point (PDP), which is a component that includes the access policies and, by evaluating the access control policies, can authorize or deny authorization to an IoT device (sensor) to carry out an action on a resource (data registration server). For example, a “PERMIT” decision from the PDP allows the Capability Manager (the server communicating with the PDP) to generate and send a token to the sensor to publish the data on the IoT platform. The data publication server (Pub/Sub Server) saves the data and thus allows the data query to be updated and executed if the sensor token received by the Capability Manager allows this action (ARMOUR 2016).

SMARTIE (Secure and SMArter ciTIes data management) (Pokric et al . 2015) is another European project funded by FP7 (September 2013–December 2016) focused on access control in the IoT. SMARTIE’s goal was to develop new mechanisms to establish trust and security in the different IoT layers. The results of the project indicate that Attribute-Based Access Control (ABAC) is an appropriate solution to specify finer access control policies. In ABAC, the identity of an IoT service user is no longer limited to a single attribute but is based on multiple attributes (i.e. user ID, role, etc.) that make up this identity. This is why ABAC provides substantial improvements in authorization and access control within the IoT. ABAC-based solutions make it possible to overcome the disadvantages of centralized access control solutions. Each query requires two steps: an authorization check (identity control and authentication) and, consequently, an access control decision (authorization or prohibition). For each access request, the IoT service user is authenticated with the domain and the access authorization request is obtained for the user. The user’s access authorization request is signed by a trusted domain authority. Thus, the user may send the query to the IoT devices that verify the signature. If the signature is successfully verified, the required information is sent to the user (SMARTIE 2014a, 2014b; Pokric et al . 2015).

The confidentiality service offers protection against non-authorized entities analyzing traffic and against data flows being divulged. Data encryption is the most appropriate mechanism to ensure this security service. Encryption can be carried out using a symmetric system (with a secret key) or an asymmetric system (public key). Symmetric encryption involves knowing the secret key that allows encryption and decryption. For asymmetric encryption, the knowledge of the public encryption key by all entities does not imply knowledge of the private key for decryption. Apart from encryption mechanisms, there must be a key management mechanism in order to exchange keys between the communicating entities (ITU-T 1991).