scenario can handle such huge data processing requirements.
Considering an IoT environment, the sensing devices keep on acquiring the sensor data and temporarily store them before processing in a near real time environment. In this condition limited storage capability poses as a hindrance for data storage. At the same time processing of huge amounts of data in a near real time environment is a challenge for such resource limited IoT devices. At this point characteristics of unlimited computing power of Cloud come to play. Similarly, in a huge IoT eco system some of the sensing devices may not always be on active use. Hence malicious users may exploit them for intrusion to the system security. Hence the identity of the IoT devices is having equal importance as that of the legitimate users of the system.
For effective cloud implementation essential actors play their designated roles for IoT, as depicted in Figure 3.1. Details of their roles considered for each actor are listed below.
1 (i) Things or IoT devices: This is used to collect and transmit data using various sensors for further processing.
2 (ii) Processing node: This solves the purpose of processing input as well as output data acquired by things or devices.
3 (iii) Trans-receiver: This sends or receives various instructions and other associated commands from the processing node or the devices.
4 (iv) Actuator: This is used to initiate or trigger a thing or device for performing a specified assigned task by processing the input data.
Figure 3.1 Actors of an IoT system.
The respective roles played by things or devices are generally reflected as incorporating themselves to cloud. Following such a structured approach, devices of the IoT ecosystem would be able to authenticate themselves to the cloud and also be able to process the acquired data in the desired manner with best utilization of cloud infrastructure. In the similar manner, receiver node of IoT network would also require necessary authentication method for obtaining authorization signifying as legitimate receiving entity. Considering data for being hosted in the cloud, establishing access controls as well as de-assigning users and IoT devices which might have been redundant or changed or no longer in use is a crucial thing for consideration. Figure 3.2 represents a generalized architecture of IoT Cloud. Further details on the same would be considered in the next section covering details on IAM Related Developments framework for the IoT cloud.
Figure 3.2 IoT Cloud system architecture.
3.3.2 Commercial IoT Clouds
Some of the commonly used and commercially available IoT Clouds are discussed below to provide desired insight for its utility and associated effects. In this chapter the broad aim is to bring out its security aspects specifically IAM and its relevance to our day to day lives.
1 (i) Azure IoT Suite: This Microsoft proprietary product provides several services which facilitate users for interacting with corresponding IoT devices for data transaction and for performing various data related operation. Some of them may be aggregation of data, multidimensional data analysis, desired transformation of corresponding data for representing it suitably for day to day and usage on large scale commercially. Azure IoT platform is able to handle the challenge by presenting a complete IoT ecosystem with three varied and associated areas, specifically scaling, patterns for telemetry, and big data. Because of its applicability, this platform can be suitably utilized for different hardware devices, multiple operating systems using varied program coding languages.
2 (ii) Brillo/Weave: This is an established platform of Google with a specific feature of faster implementation of applications over IoT network system. This has two numbers of specific defined backbones namely Brillo and Weave. Brillo is an Android operating based system and aims for the system development associated and embedded low power drawing devices. Weave manages the communication handler’s task facilitating interaction as well as messaging. Essentially Weave facilitates provision to register devices for cloudification. It also facilitates processing of all types of remote operative commands. The above mentioned functions are complementary to each other and also collectively form an IoT system. Brillo/Weave is most prominently intended towards smart homes and found to be user friendly for supporting general IoT devices like smart and net enabled speakers, lights, etc.
3 (iii) AWS IoT Cloud: This platform is a product from Amazon Web Services (AWS) for the Internet of things. This system facilitates convenient interconnection of smart and other connected devices in secured manner with the AWS cloud. With AWS IoT, it is very easy to utilize various provided and subscribed AWS services like Amazon DynamoDB and Amazon S3. Above all AWS IoT applications significantly facilitate offline interaction among connected devices. This multi-utility nature and user-friendliness have effectively contributed for its vast acceptance and popularity.
4 (iv) HomeKit: It is a popular Apple proprietary IoT framework. This IoT framework essentially aims to connect home based or domestic IoT devices. Using smart applications over Apple iOS based system, this enables management and control of connected devices and their corresponding accessories. For example, with HomeKit it is conveniently feasible to discover, configure, control, and manage HomeKit connected smart devices and their accessories in a secure way. Simultaneously, users are capable of initiating and controlling of the functioning IoT devices using Siri service of Apple. Presently, Apple iOS, its watchOS, and tvOS of Apple family are the only ones supporting the HomeKit functionalities.
5 (v) Kura: This IoT project has been proposed and initiated by Eclipse. This project provides Java enabled network for IoT gateways designed for running M2M applications. Kura platform facilitates management of interaction among physical network of IoT devices and the public Internet or the cellular networks. Depending on the network type and its usage. Kura also enables abstraction and isolation of developers from underneath hardware, network subsystems. It also renews and optimizes development of prevailing software, by means of provisioning of APIs which permits and manages access to underlying hardware.
6 (vi) ARM mbed IoT: This is an opensource platform planned and designed for application towards IoT devices based on ARM microcontrollers. It functions as an enabler for the ecosystem to build either an IoT standalone applications or a networked application. ARM mbed IoT platform aims for provisioning a scalable, connected, and secure environment for IoT devices by integrating mbed tools and related services, ARM mbed microcontrollers, mbed OSs, mbed Device Connectors, and mbed Cloud. ARM mbed IoT also provisions a common OS foundation for developing IoT frameworks. It is compatible with all standard communication protocols for connecting devices with each other and also with cloud. At the same time, it also supports automatic power management in order to solve the power consumption problem towards Green Cloud Computing.
3.3.3 IAM of IoT Clouds
A standardized requirement for all IoT systems is that, all the IoT devices are essentially required to know the identity of other devices of the system to interact with. For effective access management of the devices must be owned by a known owner. Here the known owner signifies a user or an entity which is uniquely distinguishable and whose identity can be established
