The New Advanced Society. Группа авторов
Читать онлайн книгу.input as well as output data acquired by things or devices.
3 (iii) Trans-receiver: This sends or receives various instructions and other associated commands from the processing node or the devices.
4 (iv) Actuator: This is used to initiate or trigger a thing or device for performing a specified assigned task by processing the input data.
Figure 3.1 Actors of an IoT system.
The respective roles played by things or devices are generally reflected as incorporating themselves to cloud. Following such a structured approach, devices of the IoT ecosystem would be able to authenticate themselves to the cloud and also be able to process the acquired data in the desired manner with best utilization of cloud infrastructure. In the similar manner, receiver node of IoT network would also require necessary authentication method for obtaining authorization signifying as legitimate receiving entity. Considering data for being hosted in the cloud, establishing access controls as well as de-assigning users and IoT devices which might have been redundant or changed or no longer in use is a crucial thing for consideration. Figure 3.2 represents a generalized architecture of IoT Cloud. Further details on the same would be considered in the next section covering details on IAM Related Developments framework for the IoT cloud.
Figure 3.2 IoT Cloud system architecture.
3.3.2 Commercial IoT Clouds
Some of the commonly used and commercially available IoT Clouds are discussed below to provide desired insight for its utility and associated effects. In this chapter the broad aim is to bring out its security aspects specifically IAM and its relevance to our day to day lives.
1 (i) Azure IoT Suite: This Microsoft proprietary product provides several services which facilitate users for interacting with corresponding IoT devices for data transaction and for performing various data related operation. Some of them may be aggregation of data, multidimensional data analysis, desired transformation of corresponding data for representing it suitably for day to day and usage on large scale commercially. Azure IoT platform is able to handle the challenge by presenting a complete IoT ecosystem with three varied and associated areas, specifically scaling, patterns for telemetry, and big data. Because of its applicability, this platform can be suitably utilized for different hardware devices, multiple operating systems using varied program coding languages.
2 (ii) Brillo/Weave: This is an established platform of Google with a specific feature of faster implementation of applications over IoT network system. This has two numbers of specific defined backbones namely Brillo and Weave. Brillo is an Android operating based system and aims for the system development associated and embedded low power drawing devices. Weave manages the communication handler’s task facilitating interaction as well as messaging. Essentially Weave facilitates provision to register devices for cloudification. It also facilitates processing of all types of remote operative commands. The above mentioned functions are complementary to each other and also collectively form an IoT system. Brillo/Weave is most prominently intended towards smart homes and found to be user friendly for supporting general IoT devices like smart and net enabled speakers, lights, etc.
3 (iii) AWS IoT Cloud: This platform is a product from Amazon Web Services (AWS) for the Internet of things. This system facilitates convenient interconnection of smart and other connected devices in secured manner with the AWS cloud. With AWS IoT, it is very easy to utilize various provided and subscribed AWS services like Amazon DynamoDB and Amazon S3. Above all AWS IoT applications significantly facilitate offline interaction among connected devices. This multi-utility nature and user-friendliness have effectively contributed for its vast acceptance and popularity.
4 (iv) HomeKit: It is a popular Apple proprietary IoT framework. This IoT framework essentially aims to connect home based or domestic IoT devices. Using smart applications over Apple iOS based system, this enables management and control of connected devices and their corresponding accessories. For example, with HomeKit it is conveniently feasible to discover, configure, control, and manage HomeKit connected smart devices and their accessories in a secure way. Simultaneously, users are capable of initiating and controlling of the functioning IoT devices using Siri service of Apple. Presently, Apple iOS, its watchOS, and tvOS of Apple family are the only ones supporting the HomeKit functionalities.
5 (v) Kura: This IoT project has been proposed and initiated by Eclipse. This project provides Java enabled network for IoT gateways designed for running M2M applications. Kura platform facilitates management of interaction among physical network of IoT devices and the public Internet or the cellular networks. Depending on the network type and its usage. Kura also enables abstraction and isolation of developers from underneath hardware, network subsystems. It also renews and optimizes development of prevailing software, by means of provisioning of APIs which permits and manages access to underlying hardware.
6 (vi) ARM mbed IoT: This is an opensource platform planned and designed for application towards IoT devices based on ARM microcontrollers. It functions as an enabler for the ecosystem to build either an IoT standalone applications or a networked application. ARM mbed IoT platform aims for provisioning a scalable, connected, and secure environment for IoT devices by integrating mbed tools and related services, ARM mbed microcontrollers, mbed OSs, mbed Device Connectors, and mbed Cloud. ARM mbed IoT also provisions a common OS foundation for developing IoT frameworks. It is compatible with all standard communication protocols for connecting devices with each other and also with cloud. At the same time, it also supports automatic power management in order to solve the power consumption problem towards Green Cloud Computing.
3.3.3 IAM of IoT Clouds
A standardized requirement for all IoT systems is that, all the IoT devices are essentially required to know the identity of other devices of the system to interact with. For effective access management of the devices must be owned by a known owner. Here the known owner signifies a user or an entity which is uniquely distinguishable and whose identity can be established uniquely. Deployment of IoT system was initially based up on the IP address range allocated as well as the physical location of IoT devices in the specified geographical area of the system. Identity management of IoT was initially addressed by assigning object naming and IP addressing schemes. Since there are increasing efforts by research community for secured identification, authentication, as well as access management issues with IoT system, several new methods and means have emerged. A few such methods used for identity establishment and resource authorization are Ubiquitous code, ODI, short OID, EPC and RFID identifiers.
Subsequently cloud computing method was adopted to assign virtual identity to users and things. The main drawback of such method was to only handle the addressing virtual identity issues, without considering various underneath protocols for data transmission and their applications on the IoT environment. Similarly Wireless Sensor Network (WSN) protocol having identity management functionality as well as clustering of things has not been able to address the specific requirements of mobility of objects and their data transfer in the environment. Some other means were considered in IoT environment only for user identifications such as Open ID, Liberty Alliance and Shibboleth. Provisioning of identity management cycle using Cloud computing was initially based upon centralized solution model for authentication and authorization of resources. This was also used for proper resource accessibility and availability for desired application and service. However over a period of time it was realized that having a single point of failure in a centralized as well as critical system needs due attention. Alternatively desired mechanism