Figure 1.2. Architecture of the Internet of Things (Lin et al. 2015). For a color version of this figure, see www.iste.co.uk/mbarek/service.zip
1.3.2. Application fields of the IoT
The IoT improves the quality of life in different areas of daily life. Examples include the field of health, smart cities, vehicular networks and so on. The ISO/IEC focuses on the standardization of the underlying technology used in different fields of application of the IoT. Working Group 9 under Technical Committee 1 (JTC 1/WG9) of ISO/IEC studies the normalization of Big Data technologies in IoT domains (International Electrotechnical Commission 2017). Further, various providers offer solutions for IoT service offerings and implementation in different fields of application. For example, the Kaa1 project offers a range of features allowing us to create advanced applications for smart devices, to flexibly manage ecosystems and their peripherals, to orchestrate end-to-end data processing, etc.
1.3.2.1. E-health
An aging population requires monitoring of old people through a decentralized healthcare system based on a set of connected sensors. Each patient possesses a surveillance system that allows them to be monitored and surveilled without the need of visiting the medical center. The medical data collected in this way improve healthcare by customizing treatments and creating an easier everyday life for patients. Thus, automated systems can perform a major part of a doctor’s work (tests, diagnosis, prescriptions, behavior modification) by collecting and analyzing patient data both passively and actively. As a result, a comprehensive and rich database becomes available and can alert doctors to any need that arises, while also providing them with a general overview of the patient’s health up to that point. This application field of the IoT has attracted the attention of several international organizations that have attempted to standardize the technologies used in order to effectively respond to the requirements of this field (International Electrotechnical Commission 2017). International organizations aim to promote the use of e-health technologies around the world. The World Health Organization (WHO) and the Program for Appropriate Technology in Health (PATH) have entered into a partnership to accelerate the development of digital health around the world (World Health Organization 2018). This field of application has attracted a large number of industrial organizations that try to offer different products that would be useful for e-health. Indeed, Ericsson and its partners offer portable prototypes for the field of e-health with long battery lives (Ericsson 2018).
1.3.2.2. Smart cities
In the context of smart buildings, the IoT offers management systems that can automate control functions through intelligent devices while providing real-time data analysis. Because of the data collected from the IoT objects, it is possible to anticipate needs and preferences in terms of lighting, heating or ventilation. Similarly, this information may relate to security systems, electricity meters or the removal of waste and sewage. Reactivity with respect to these data that are collected through IoT objects allow buildings to adapt to changes and to implement the required modifications in real time, for increased efficiency, and to reduce operational costs. Putting in place smart buildings makes it possible to create smart cities by integrating other IoT devices into different services offered by the city such as transport, water and air quality. Various standardization organizations have focused on this field through working groups that study the standardization of the technologies used. For example, ISO and IEC, through the technical subcommittee JTC1/SC25, have established norms for microprocessor systems and interconnection supports associated with equipment for commercial and residential environments (International Electrotechnical Commission 2018). Further, the IEC white paper (2017a) describes smart buildings and smart cities as being fields of application of the IoT. This paper specifies how to orchestrate the infrastructure required for smart and sustainable cities. Even as these groups establish norms, Nokia (2018) has launched several services and technologies on the market to manage video surveillance, the sensor networks for the IoT, parking and the environment within a smart city. In this context, infrastructure has been proposed with applications that make it possible to transform any contemporary city into a smart city.
1.3.2.3. Vehicular networks
All types of transportation systems may benefit from the advantages offered by the IoT. IoT solutions promise to make transportation systems more intelligent and better performing by improving safety, the efficiency of their journeys, the maintenance of vehicles and by offering more strategic traffic-management (Alcatel Lucent Enterprise 2018). Communication systems between vehicles and infrastructure (V2I) and communication systems between vehicles (V2V) enhance safety, efficiency and the performance of public and private transport. They also contribute to reducing congestion and improving space management. Drivers of connected cars can benefit from a large number of services such as navigation, real-time traffic and parking information, as well as the integration of smartphones with the dashboard and portable devices (International Electrotechnical Commission 2017). The revolutionizing of the transportation world by applying the IoT in the field of vehicular networks has been possible because of the use of sensor networks and applications for parking management, traffic management, etc. For example, smart roads use sensors to determine the number of cars in each lane and then manage traffic lights based on this information so as to minimize congestion. The effectiveness of this field of application of the IoT can be seen in the implementation of this transformative technology in different projects. For example, the ParkDC project, implemented by the Washington D.C. transport department, uses a surveillance system based on the IoT to alert drivers to parking spots that are available and to calculate the appropriate parking charges based on real-time demand (Njit 2018).
1.4. Security management and privacy protection in the IoT
1.4.1. Motivations and challenges
The security of information systems is made up of all technical, organizational, legal and human resources required to prevent the unauthorized use, misuse, modification or hijacking of the information system. At present, security is a major challenge in the information world and the goal of security in this context is to maintain the trust of the users and the consistency of the entire information system. Several norms have arisen around concepts related to security, for example the X800 recommendation by ITU-T (1991), which emphasizes the role played by different security services and their applicability.
The IoT is characterized by an environment that is subject to constraints across several levels, which makes it difficult to adopt security mechanisms that were designed for conventional systems. An IoT environment includes objects with low memory resources and limited computational power. Further, the techniques normally used in conventional networks were designed for systems that contained powerful microprocessors and had high storage capacities (Hanna 2015). Existing security techniques must thus be adapted. Further, the large number of objects in an IoT environment makes it a difficult and onerous task to adapt existing security algorithms. For example, methods and algorithms for identification and controlling access to objects become more and more complex as the number of objects in the environment keeps increasing.
Before a device or a user can access IoT services, mutual authentication and authorization between the device/user and the IoT system must be established in accordance with predefined security policies. Security policies must be drawn up with great precision in order to comprehensively cover all possible use cases and must also follow standardized models in order to respond to the requirements of the IoT. It is, therefore, important to standardize security policies for the IoT environment. Further, access to data or services must be entirely transparent, traceable
