Nader Mbarek - Service Level Management in Emerging Environments

The non-repudiation service ensures that one party cannot deny its involvement in exchanges. This service can take one or two of the forms described below: the first form is non-repudiation with proof of origin, where the recipient receives proof of the origin of the data. This proof may be a digital signature using asymmetric encryption applied to the result of the hashing of the data exchanged. The second form is non-repudiation with proof of the data delivery, where the sender receives this proof in the form of an acknowledgment, for example (ITU-T 1991). The non-repudiation security service is necessary in the IoT to provide proof of data transmission through objects and also as a proof of the dispatch of any order by users of IoT services. This may fit into the framework of an audit that will allow the tracking and recording in trace files of all events that took place in an IoT environment.

The first form of non-repudiation (i.e. with proof of origin) is based on mechanisms that are used to guarantee integrity, such as the data signature.

Consequently, the adaptation of non-repudiation mechanisms to an IoT environment may borrow from the adaptation of integrity services in the IoT. Non-repudiation was guaranteed in SMARTIE by the implementation of a signature for the list of software and operating systems of objects in order to verify the identity of the hashing issuer (see section 1.4.2.4.2).

Availability refers to the possibility of on-demand access and use of resources by an authorized entity, following authentication and access control. Availability is a security service. Indeed, a service that becomes unavailable after a Denial of Service (DoS)-type attack, for instance, is an unsecured service and may be compromised at any time (Mosenia and Jha 2017). Availability in the IoT is essential to provide an Internet-enabled environment that is completely operational. In the context of the IoT, this service integrates both the availability of devices (that is, objects and gateways), allowing for uninterrupted data collection, and also the availability of IoT services offered to users. This second type of availability is determined by the configuration of the IoT environment, resulting in the need to make appropriate choices for management and administration protocols and for protection against DoS attacks (DDoS: Distributed DoS). Services offered in the IoT must be constantly available while taking into account the critical nature of some of these services (Mosenia and Jha 2017). In this context, availability round-the-clock, 365 days a year, is required for critical IoT services, such as certain applications in the field of e-health.

In accordance with recommendations made by the GSMA (Global System for Mobile Communications Association), a commercial organization that represents the interest of 800 mobile operators around the world, availability was brought to the fore, while indicating that nodes must be capable of continuous communication with each other, with users and with back-end services (GSMA 2016). The European iCore project ((Internet Connected Objects for Reconfigurable Ecosystem) (Menoret 2012), funded by FP7 (October 2011–October 2014), defines the security requirements that must be taken into consideration in a framework concerning the IoT. The framework, called the “Open Cognitive framework” takes into account three levels: Virtual Objects (VO), which offers a virtual representation of objects; Composite Virtual Objects (CVO), which represents the fusions of several VOs; and the user level. This framework makes it possible to ensure that objects are re-used in these services, thus allowing a certain redundancy in order to improve availability. Similarly, the fusion of some VO through the CVOs ensures better availability. A semantic description of object capabilities allows this reutilization. The iCore project also puts forth recommendations to be respected in different practical use cases in the IoT. Thus, the report (Menore 2012) emphasizes the idea of providing mechanisms to protect information infrastructure against DoS threats and to implement the mechanisms required to support the recovery of service after a failure.

The research described in Nagara et al . (2017) specifies a portable DoS testing tool that is based on a software for IoT devices. This DoS test must be carried out at the design and development stage of the product. The tool consists of an attacking entity and a monitor. The attacker carries out a DoS attack on the target device (that is, the IoT object) and transmits information on the traffic to the monitor. In this context, the “Mirai” attack was used and targeted the devices using Linux to transform them into “bots” that could be remotely controlled and used for a large-scale network attack. The tool effectively verifies whether the IoT devices are resistant or vulnerable to DoS-type attacks.

Protecting privacy in the IoT requires specific considerations to protect information related to a person’s privacy from being shared in this kind of environment. Data transmitted by a single object may not generate confidentiality problems that could compromise an individual’s privacy. However, when fragmented data originating from several different objects is re-assembled, compiled and analyzed, it may generate sensitive information that requires appropriate protection.

As already seen in section 1.3.2, the IoT operates in different fields of application through which personal data of the users is collected. In fact, IoT service consumers risk divulging private information, little by little, without realizing it as they are unaware of the nature of the data collected and how it is used in this kind of environment. Current approaches to data protection in IoT are based chiefly on encryption or on access control to the collected data. Nonetheless, threats to privacy in the IoT may not be covered by the mechanisms that these solutions offer. For example, data processing may be outsourced, creating the risk of data being sold for marketing or other purposes to third parties (Sicari et al . 2015).

Trust is a complex concept influenced by many measurable and unmeasurable properties. Trust is closely related to the security of systems and users and is a necessary condition. However, trust is related not only to security but to several other factors, such as the QoS provided by the system, its reliability, its availability and, therefore, the services offered by the system and so on. Another important concept related to trust is the protection of privacy. A trust system must protect the privacy of its users so as to gain their trust. Trust, security and privacy protection are crucial issues in the emerging domain of information technologies such as the IoT (Yan et al . 2014).

Trust is managed through several processes from data collection to the provision of customer service. Trust management in the IoT thus provides an efficient means of evaluating trust relations between IoT entities and helps them in taking decisions about communicating and collaborating with each other. To guarantee this trust, data detection and collection must be reliable in the IoT. Special attention must, therefore, be paid to properties of trust in this kind of environment. These properties include the sensitivity, accuracy, security, reliability, and persistence of the object, as well as the effectiveness of data collection. This collection generates an enormous volume of data that must be carefully processed and analyzed, maintaining trust in terms of reliability, protection of privacy and accuracy. Further, the data must be securely transmitted and communicated in an IoT environment. An important challenge to face in meeting this objective is managing encryption keys in the IoT, as data confidentiality is common to security services, privacy protection and trust management. Moreover, the measures needed to act against attacks that could impact all levels of the IoT environment must be taken into consideration and we must ensure that the system is robust against all types of attacks in order for users to be able to sufficiently trust their IoT environment. Finally, users expect scalable and efficient identity management. Identity management concerns all layers of the IoT architecture, starting from the object all the way up to the user of services hosted in the Cloud. Identity management must respect the confidentiality of the service user’s identity in order to respect their privacy. The context of the IoT service is likely to influence identity management strategies. For example, a critical IoT service in the field of e-health requires finer and more specific identity management (Yan et al . 2014).