A federated architecture approach for Internet of Things security

Internet of Things (IoT) refers to the capability to connect, communicate and remotely manage a large number of networked, automated devices via the Internet. IoT is becoming as part of daily life and aims to extend pervasive communication and networking anytime, anywhere with any device. In this context security requirements and architectures must be properly formulated, implemented in order to enforce the security policies during their life-cycle. This paper provides a survey and analysis of security in the area of IoT introducing an approach addressed to overcome the conventional security solutions and deploy a federated architecture for dynamic prevention, detection, diagnosis, isolation, and countermeasures against cyber attacks. Based on the analysis of the most common web services, the paper defines the security needs proposing a federated model to design an architecture for secure exchange of services in IoT paradigm.

[1]  Ravi Sandhu,et al.  A Role-Based Delegation Model and Some Extensions , 2000 .

[2]  Xin Zhou,et al.  Study on security architecture in the Internet of Things , 2011, Proceedings of 2012 International Conference on Measurement, Information and Control.

[3]  Shigeru Hosono,et al.  A delegation framework for federated identity management , 2005, DIM '05.

[4]  Vijayalakshmi Atluri,et al.  Supporting conditional delegation in secure workflow management systems , 2005, SACMAT '05.

[5]  Hidehito Gomi,et al.  Dynamic Identity Delegation Using Access Tokens in Federated Environments , 2011, 2011 IEEE International Conference on Web Services.

[6]  Ravi S. Sandhu,et al.  Role-based delegation model/hierarchical roles (RBDM1) , 2004, 20th Annual Computer Security Applications Conference.

[7]  Alessandro Neri,et al.  Design and implementation of a mediation system enabling secure communication among Critical Infrastructures , 2012, Int. J. Crit. Infrastructure Prot..