A Cloud Based Conceptual IdentityManagement Model for Secured Internetof Things Operation

An era ago, projecting artificial intelligence as the pillar of next-generation technology would have been technically difficult. Today, machines are getting smarter, sparking a new wave of technology that resulted to Internet of Things (IoT). With IoT in play, individuals are able to connect more electronic devices other than smartphones and computers to the Internet. The vision is to create the possibility to manage electronic appliances via the Internet with the most minimal human intervention. IoT promises the application of computing to anything anywhere, and anyone at any time. Thus, it has been estimated that over 100 billion devices will be running the IoT model – drawing the power of cloud processing to create a massive network of devices that are bound to change the essential facets of life in various dimensions. However, several obstacles remain to fulfill this vision, among them is security concerns from an Identity of Things (IDoT) management perspective. IoT devices and users are already under cyber attacks, and any lapse in identity management will propagate these attacks. This paper examined how identity management for IoT is likely to play out in a world where the Internet and cloud technologies are expected to take center stage in the running of day-to-day activities. The paper analyses the identity of things challenges in IoT, followed by a proposal of cloud identity management model for IoT. Journal of Cyber Security and Mobility, Vol. 8 1, 53–74. River Publishers doi: 10.13052/jcsm2245-1439.813 This is an Open Access publication. c © 2018 the Author(s). All rights reserved. 54 A. Bello and V. Mahadevan

[1]  Hannu Tenhunen,et al.  International Conference on Ambient Systems , Networks and Technologies ( ANT 2015 ) SEA : A Secure and E ffi cient Authentication and Authorization Architecture for IoT-Based Healthcare Using Smart Gateways , 2015 .

[2]  Klaus Wehrle,et al.  Security Challenges in the IP-based Internet of Things , 2011, Wirel. Pers. Commun..

[3]  Eui-Nam Huh,et al.  Cloud of Things: Integrating Internet of Things and cloud computing and the issues involved , 2014, Proceedings of 2014 11th International Bhurban Conference on Applied Sciences & Technology (IBCAST) Islamabad, Pakistan, 14th - 18th January, 2014.

[4]  Kyong-Ho Lee,et al.  Poster Abstract: Semantically Enriched Object Identification for Internet of Things , 2014, 2014 IEEE International Conference on Distributed Computing in Sensor Systems.

[5]  Markus Jakobsson,et al.  Implicit Authentication through Learning User Behavior , 2010, ISC.

[6]  Ian Oakley,et al.  CASA: context-aware scalable authentication , 2013, SOUPS.

[7]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[8]  Shang-Liang Chen,et al.  A New Approach to Integrate Internet-of-Things and Software-as-a-Service Model for Logistic Systems: A Case Study , 2014, Sensors.

[9]  Thomas A. Limoncelli,et al.  The Practice of Cloud System Administration: Designing and Operating Large Distributed Systems, Volume 2 , 2014 .

[10]  Muhammad Waseem,et al.  A Critical Analysis on the Security Concerns of Internet of Things (IoT) , 2015 .

[11]  Wei Ren,et al.  How to Authenticate a Device? Formal Authentication Models for M2M Communications Defending against Ghost Compromising Attack , 2013, Int. J. Distributed Sens. Networks.

[12]  Geoff V. Merrett,et al.  Experimental validation of opportunistic direct interconnection between different Wireless Sensor Networks , 2016, 2016 IEEE Sensors Applications Symposium (SAS).

[13]  Jacques Bughin,et al.  The internet of things: mapping the value beyond the hype , 2015 .

[14]  Andrei V. Gurtov,et al.  Two-phase authentication protocol for wireless sensor networks in distributed IoT applications , 2014, 2014 IEEE Wireless Communications and Networking Conference (WCNC).

[15]  Ingo Friese,et al.  Challenges from the Identities of Things: Introduction of the Identities of Things discussion group within Kantara initiative , 2014, 2014 IEEE World Forum on Internet of Things (WF-IoT).

[16]  Muaz A. Niazi,et al.  Modeling the internet of things: a hybrid modeling approach using complex networks and agent-based models , 2017, Complex Adapt. Syst. Model..

[17]  Poonam N. Railkar,et al.  Identity Management for Internet of Things , 2015 .

[18]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[19]  Christoph Fiehe,et al.  Applying the BaaS reference architecture on different classes of devices , 2016, 2016 2nd International Workshop on Modelling, Analysis, and Control of Complex CPS (CPS Data).

[20]  Jaydip Sen,et al.  Internet of Things - Applications and Challenges in Technology and Standardization , 2011 .

[21]  Jorge Sá Silva,et al.  Enabling Network-Layer Security on IPv6 Wireless Sensor Networks , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[22]  Catherine Mulligan,et al.  From Machine-to-Machine to the Internet of Things - Introduction to a New Age of Intelligence , 2014 .

[23]  Hamid Aghvami,et al.  Cognitive Machine-to-Machine Communications for Internet-of-Things: A Protocol Stack Perspective , 2015, IEEE Internet of Things Journal.

[24]  Sanggon Lee,et al.  Security Analysis and Improvements of Authentication and Access Control in the Internet of Things , 2014, Sensors.

[25]  Jörg Daubert,et al.  On the Security and Privacy of Internet of Things Architectures and Systems , 2015, 2015 International Workshop on Secure Internet of Things (SIoT).

[26]  Alberto Rodrigues da Silva,et al.  Mobile Cloud Computing , 2014, CloudCom 2014.

[27]  Schahram Dustdar,et al.  Efficient and Scalable IoT Service Delivery on Cloud , 2013, 2013 IEEE Sixth International Conference on Cloud Computing.

[28]  Lynne Baillie,et al.  Data Driven Authentication: On the Effectiveness of User Behaviour Modelling with Mobile Device Sensors , 2014, ArXiv.

[29]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[30]  Benjamin K. S. Khoo,et al.  RFID as an Enabler of the Internet of Things: Issues of Security and Privacy , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[31]  Lin Zhu,et al.  Internet of Things: Key technology, architecture and challenging problems , 2011, 2011 IEEE International Conference on Computer Science and Automation Engineering.

[32]  Hyoungshick Kim,et al.  Security and Privacy Challenges in the Internet of Things [Security and Privacy Matters] , 2017, IEEE Consumer Electronics Magazine.

[33]  Ian Sommerville,et al.  Cloud Migration: A Case Study of Migrating an Enterprise IT System to IaaS , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[34]  Nitin Naik,et al.  A Secure Mobile Cloud Identity: Criteria for Effective Identity and Access Management Standards , 2016, 2016 4th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud).

[35]  Athanasios V. Vasilakos,et al.  A survey on trust management for Internet of Things , 2014, J. Netw. Comput. Appl..

[36]  Wouter Joosen,et al.  A Middleware Layer for Flexible and Cost-Efficient Multi-tenant Applications , 2011, Middleware.

[37]  Srikanth H Kamath,et al.  Security Issues in Internet of Things , 2017 .

[38]  Hongming Cai,et al.  An IoT-Oriented Data Storage Framework in Cloud Computing Platform , 2014, IEEE Transactions on Industrial Informatics.

[39]  Kevin Ashton,et al.  That ‘Internet of Things’ Thing , 1999 .

[40]  Yu-Hung Huang,et al.  A lightweight authentication protocol for Internet of Things , 2014, 2014 International Symposium on Next-Generation Electronics (ISNE).

[41]  Antonio Puliafito,et al.  The Need of a Hybrid Storage Approach for IoT in PaaS Cloud Federation , 2014, 2014 28th International Conference on Advanced Information Networking and Applications Workshops.

[42]  Mark de Reuver,et al.  Mobile cloud computing: state of the art and outlook , 2013 .

[43]  Bo Yang,et al.  Efficient naming, addressing and profile services in Internet-of-Things sensory environments , 2014, Ad Hoc Networks.

[44]  Anjali Sardana,et al.  Identity management framework for cloud based internet of things , 2012, SecurIT '12.

[45]  Antonio Puliafito,et al.  Security and Cloud Computing: InterCloud Identity Management Infrastructure , 2010, 2010 19th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises.

[46]  Alexandra Brintrup,et al.  Resource Management in the Internet of Things: Clustering, Synchronisation and Software Agents , 2011, Architecting the Internet of Things.

[47]  Peilin Hong,et al.  A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks , 2013, J. Netw. Comput. Appl..

[48]  Benjamin Aziz,et al.  Federated Identity and Access Management for the Internet of Things , 2014, 2014 International Workshop on Secure Internet of Things.

[49]  Katrin Borcea-Pfitzmann,et al.  Privacy Implications of the Internet of Things , 2011, AmI Workshops.

[50]  David L. Black,et al.  Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol , 2008, RFC.

[51]  Antonio Pescapè,et al.  Integration of Cloud computing and Internet of Things: A survey , 2016, Future Gener. Comput. Syst..

[52]  Kwok-Yan Lam,et al.  Identity in the Internet-of-Things (IoT): New Challenges and Opportunities , 2016, ICICS.

[53]  R. K. Bunkar,et al.  Data Security and Privacy Protection Issues in Cloud Computing , 2014 .

[54]  Maire O'Neill,et al.  Insecurity by Design: Today's IoT Device Security Problem , 2016 .

[55]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[56]  Zhu Zhu,et al.  Object Naming Service Supporting Heterogeneous Object Code Identification for IoT System , 2018, 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC).

[57]  Daeyoung Kim,et al.  SNAIL: an IP-based wireless sensor network approach to the internet of things , 2010, IEEE Wireless Communications.

[58]  Marta Beltrán,et al.  Identifying, authenticating and authorizing smart objects and end users to cloud services in Internet of Things , 2018, Comput. Secur..

[59]  Huansheng Ning,et al.  Future Internet of Things Architecture: Like Mankind Neural System or Social Organization Framework? , 2011, IEEE Communications Letters.