Service Level Management in Emerging Environments. Nader Mbarek

Чтение книги онлайн.

Читать онлайн книгу Service Level Management in Emerging Environments - Nader Mbarek страница 11

Service Level Management in Emerging Environments - Nader Mbarek

Скачать книгу

and ensure that the information collected and commands received by the objects are legitimate. Verifying the integrity of data involves two processes, one involving the sender and the other the recipient. The entity that is transmitting the data adds verification information (like the Block Check Character or a cryptographic check value such as a hash value) based on the data transmitted. The recipient generates the same verification information based on the data received and compares this information with the information received in order to determine whether or not the data were modified during transmission in the IoT environment (ITU-T 1991).

      The integrity of objects is necessary as the nodes in the IoT may be deployed in an unreliable environment and may be physically attacked to modify the software codes in the objects, for example. This second integrity service in the IoT enables the detection and prevention of any modification to the operating system and the configuration of the objects. The integrity of objects also makes it possible to lock and eliminate non-compliant devices. To implement this type of integrity, a digital fingerprint for the object in question is used to compare data effectively available on the object with the data that should be available.

      1.4.2.5. Non-repudiation in the IoT

      1.4.2.5.1. Definition

      The non-repudiation service ensures that one party cannot deny its involvement in exchanges. This service can take one or two of the forms described below: the first form is non-repudiation with proof of origin, where the recipient receives proof of the origin of the data. This proof may be a digital signature using asymmetric encryption applied to the result of the hashing of the data exchanged. The second form is non-repudiation with proof of the data delivery, where the sender receives this proof in the form of an acknowledgment, for example (ITU-T 1991). The non-repudiation security service is necessary in the IoT to provide proof of data transmission through objects and also as a proof of the dispatch of any order by users of IoT services. This may fit into the framework of an audit that will allow the tracking and recording in trace files of all events that took place in an IoT environment.

      1.4.2.5.2. Research projects

      The first form of non-repudiation (i.e. with proof of origin) is based on mechanisms that are used to guarantee integrity, such as the data signature.

      1.4.2.6. Availability in the IoT

      1.4.2.6.1. Definition

      Availability refers to the possibility of on-demand access and use of resources by an authorized entity, following authentication and access control. Availability is a security service. Indeed, a service that becomes unavailable after a Denial of Service (DoS)-type attack, for instance, is an unsecured service and may be compromised at any time (Mosenia and Jha 2017). Availability in the IoT is essential to provide an Internet-enabled environment that is completely operational. In the context of the IoT, this service integrates both the availability of devices (that is, objects and gateways), allowing for uninterrupted data collection, and also the availability of IoT services offered to users. This second type of availability is determined by the configuration of the IoT environment, resulting in the need to make appropriate choices for management and administration protocols and for protection against DoS attacks (DDoS: Distributed DoS). Services offered in the IoT must be constantly available while taking into account the critical nature of some of these services (Mosenia and Jha 2017). In this context, availability round-the-clock, 365 days a year, is required for critical IoT services, such as certain applications in the field of e-health.

      1.4.2.6.2. Research projects

      The research described in Nagara et al.

Скачать книгу