The Internet Protocol Journal, Volume 15, No. 3

The Internet of Things

David Lake, Ammar Rayes, and Monique Morrow, Cisco Systems

Until a point in time around 2008 or 2009, there were more human beings in the world than devices connected to the Internet. That is no longer the case.

In 2010, the global average of connected devices per person was 1.84. Taking only those people who use the Internet (around 2 billion in 2010), that figure becomes 6 devices per person. [1] Chip makers such as ARM have targeted developments of low-power CPUs and predicts up to 50 billion devices connected by 2020. [2]

Today, most of these devices are entities that the user interacts directly with—PC or Mac, smartphone, tablet, etc. But what is changing is that other devices used every day to orchestrate and manage the world we live in are becoming connected entities in their own right.

They consist not just of users interacting with the end devices—the source and treatment of the information garnered will now occur autonomously, potentially linking to other networks of similarly interconnected entities.

Growing to an estimated 25 billion connected devices by 2015, the rapid explosion of devices on the Internet presents some new and interesting challenges. [3]

A Definition of the Internet of Things

The Internet of Things (IoT) consists of networks of sensors attached to objects and communications devices, providing data that can be analyzed and used to initiate automated actions. The attributes of this world of things may be characterized by low energy consumption, auto-configuration, embeddable objects, etc. The data also generates vital intelligence for planning, management, policy, and decision making. In essence, the five properties that characterize the Internet of Things are as follows:

  • A Unique Internet Address by which each connected physical object and device will be identified, and therefore be able to communicate with one another.
  • A Unique Location—can be fixed or mobile—within a network or system (for example, a smart electricity grid) that makes sense of the function and purpose of the object in its specified environment, generating intelligence to enable autonomous actions in line with that purpose.
  • An Increase in Machine-Generated and Machine-Processed Information that will surpass human-processed information, potentially linking in with other systems to create what some have called "the nervous system of the planet."
  • Complex New Capabilities in Security, Analytics, and Management, achievable through more powerful software and processing devices, that enable a network of connected devices and systems to cluster and interoperate transparently in a "network of networks."
  • Time and Location Achieve New Levels of Importance in information processing as Internet-connected objects work to generate ambient intelligence; for example, on the Heating, Ventilation, and Air Conditioning (HVAC) efficiency of a building, or to study soil samples and climatic change in relation to crop growth.

The concepts and technologies that have led to the IoT, or the interconnectivity of real-world objects, have existed for some time. Many people have referred to Machine-to-Machine (M2M) communications and IoT interchangeably and think they are the same. In reality, M2M is only a subset; IoT is a more encompassing phenomenon because it also includes Machine-to-Human communication (M2H). Radio Frequency Identification (RFID), Location-Based Services (LBS), Lab-on-a-Chip (LOC) sensors, Augmented Reality (AR), robotics, and vehicle telematics are some of the technology innovations that employ both M2M and M2H communications within the IoT as it exists today. They were spun off from earlier military and industrial supply chain applications; their common feature is to combine embedded sensory objects with communication intelligence, running data over a mix of wired and wireless networks.

What has really helped IoT gain traction outside these specific application areas is the greater commoditization of IP as a standard communication protocol, and the advent of IPv6 to allow for a unique IP address for each connected device and object. Researchers and early adopters have been further encouraged by advancements in wireless technologies, including radio and satellite; miniaturization of devices and industrialization; and increasing bandwidth, computing, and storage power.

All these factors have played a part in pushing the boundaries toward generating more context from data capture, communication, and analytics through various devices, objects, and machines in order to better understand our natural and man-made worlds. In exploring the relationship between the IoT and Information-Centric Networking (ICN), embedded distributed intelligence will be an important attribute for ICN. Context that is distributed as opposed to centralized is a core architectural component of the IoT for three main reasons:

  • Data Collection: Centralized data collection and smart object management do not provide the scalability required by the Internet. Managing several hundreds of millions of sensors and actuators in a Smart Grid network, for example, cannot be done using a centralized approach.
  • Network Resource Preservation: Network bandwidth is scarce and some smart objects are not mains-powered, meaning that collecting environmental data from a central point in the network unavoidably leads to using a large amount of the network capacity.
  • Closed-Loop Functioning: The IoT needs reduced reaction times. For instance, sending an alarm via multiple hops from a sensor to a centralized system, which runs analytics before sending an order to an actuator, would entail unacceptable delays.

Service Management Systems (SMS) (also known as Management Systems, Network Management Systems, or back-end systems) are the brain in the IoT. SMS interacts with intelligent databases that contain Intellectual Capital (IC) information, contract information, and manufacturing and historical data. SMS also supports image-recognition technologies to identify objects, people, buildings, places, logos, and anything else that has value to consumers and enterprises. Smartphones and tablets equipped with cameras have pushed this technology from mainly industrial applications to broad consumer and enterprise applications.

IC information includes intelligence of the vendor's (for example, Cisco) databases and systems such as contract DB, Manufacturing DB, and more importantly thousands of specific roles that are captured over the years by analyzing software bugs, technical support cases, etc.; that is, Cisco knows which devices were manufactured for which customers and with what features. Data collected by the collector is analyzed and correlated with the repository of proprietary Intellectual Capital, turning it into actionable intelligence to help network planners and administrators increase IT value, simplify IT infrastructure, reduce cost, and streamline processes.

Secure communications allow collected data to be sent securely from the agents or collection system to the SMS. SMS includes a database that stores the collected data and algorithms to correlate the collected data with Intellectual Capital information, turning the data into actionable intelligence that network planners and administrators can use with advanced analytics to determine the optimal solution for a problem (or potential problem) after the data is analyzed and corrected. More importantly, a secure mechanism allows the vendor to connect to the network remotely and take action. Secure communications also allows the SMS (automatically or via a network administer) to communicate back with the device to take action when needed.

However, centralized SMS for a large number of entities is very challenging given the near-real-time requirements and the effect on the network performance (see Figure 1). At the same time, centralized intelligence will be required for many IoT networks to interact with back-end centralized databases that are very difficult to distribute (for example, supplier Intellectual Capital databases).

This centralization is more demanding than the traditional multitier environments, servers, and back-end database types of applications where database caching was an effective approach to achieve high scalability and performance. Solution architects need to consider an optimal hybrid model that supports centralized and distributed systems at the same time. Distributed SMS may need to make sub-optimal decisions by using only narrow information to address real-time (or near-real-time) performance problems.

Figure 1: Typical Deployment of an IoT Network

Device and Data Security

The IoT will comprise many small devices, with varying operating systems, CPU types, memory, etc. Many of these devices will be inexpensive, single-function devices—for example, a temperature or pressure sensor—and could have rudimentary network connectivity. In addition, these devices could be in remote or inaccessible locations where human intervention or configuration is impossible.

The nature of sensors is such that they are embedded in what they are sensing—one can envisage a new workplace, hospital, or school construction project where the technology is introduced during the construction phase as part of the final fit rather than after completion as is common today. This paradigm in itself creates new challenges because the means of connectivity may exist only after the installation teams have left the site.

Additionally, methods must be taken to ensure that the authenticity of the data, the path from the sensor to the collector, and the connectivity authentication parameters cannot be compromised between the initial installation or configuration of the device and its eventual presence on the IoT infrastructure.

The challenges of designing and building IoT devices can be summarized as follows:

  • IoT devices are typically small, inexpensive devices.
  • They are designed to operate autonomously in the field.
  • They may be installed prior to network availability.
  • After deployment, these devices may require secure remote management.
  • The computing platform may not support traditional security algorithms.

Because the IoT will not be a single-use, single-ownership "solution" with sources and the platform on which data may be consumed could be in different ownership, managerial, and connectivity domains, devices will be required to have equal and open access to numerous data consumers concurrently, while still retaining privacy and exclusivity of data where that is required between those consumers.

This requirement was neatly summarized by the IETF Security Area Directors as follows: "A house only needs one toaster even if it serves a family of four!" [4]

So we have seemingly competing, complex security requirements to be deployed on a platform with limited resources:

  • Authenticate to multiple networks securely.
  • Ensure that data is available to multiple endpoints.
  • Manage the contention between that data access.
  • Manage privacy concerns among multiple consumers.
  • Provide strong authentication and data protection that cannot be compromised.

And we have to manage existing challenges that all network-attached devices have to contend with such as Denial of Service (DoS) attacks, transaction replays, compromised identity through subscriber theft, device theft, or compromised encryption.

These problems have particular relevance in the IoT, where the availability of data is of paramount importance. For example, a critical industrial process may rely on accurate and timely temperature measurement—if that sensor is undergoing a DoS attack, the process collection agent must understand that, and be able to either source data from another location or take evasive action.

It must also be able to distinguish between loss of data because of an ongoing DoS attack and loss of the device because of a catastrophic event in the plant. This ability could mean the difference between a safe shut-down and a major incident.

Authentication and authorization will require reengineering to be appropriate for the IoT. Today's strong encryption and authentication schemes are based on cryptographic suites such as Advanced Encryption Standard (AES), Rivest-Shamir-Adelman (RSA) for digital signatures and key transport, and Diffie-Hellman (DH) for key agreement. Although the protocols are robust, they make very high demands of the compute platform—resources that may not exist in all IoT-attached devices.

These authentication and authorization protocols also require a degree of user intervention in terms of configuration. However, many IoT devices will have limited access; initial configuration needs to be protected from tampering, stealing, and other forms of compromise between device build and install, and also for its usable life, which could be many years.

In order to overcome these difficulties, new authentication schemes that allow for strong authentication to many domains while building on the experience of today's strong encryption and authentication algorithms are required.

One possible approach could be to extend methodologies used in the PC industry such as the Trusted Computing Group's Trusted Platform Model (TPM). [5,6]

TPM-enabled devices are fitted at build time with a highly secure hardware device containing a variety of cryptographic elements. Keys and other factors known from this device by trusted third parties are then used in an attestation—a request to validate the authenticity of one device from known parameters.

Because the cryptographic keys are burned into the device during build and the signatures are known to a controlled, trusted third party, a high degree of confidence in the authenticity of the device being queried can be obtained. A typical TPM-compliant cryptographic chip is shown in Figure 2.

Figure 2: Trusted Platform Module

TPM has traditionally been limited by requiring access not only between the devices, but also to a trusted third party. In the IoT, where connectivity may be transient, this requirement is obviously a limitation. Extensions to the TPM to allow for high-confidence attestation between devices without involving a third party have been built; for example, Direct Anonymous Attestation (DAA). [7]

Other elements in security that could be considered include strong authentication between the device and the network attachment point (such as through electrical signatures at the Media Access Control [MAC] layer), application of geographic location and privacy levels to data, strengthening of other network-centric methods such as the Domain Name System (DNS) and the Dynamic Host Configuration Protocol (DHCP) to prevent attacks, and adoption of other protocols that are more tolerant to delay or transient connectivity (such as Delay Tolerant Networks). [8]

An IoT Case Study

The concepts behind the IoT allow management of assets within an enterprise with responsibility shared among customer, partner, and manufacturer in a manner that would previously have been difficult to control.

A typical IT network consists of routers, switches, IP phones, telepresence systems, network management systems such as call managers, data center managers, and many other entities (also known as "machines") with unique identification (for example, serial number, MAC address, or other address (for example, IP address). Such a solution is depicted in Figure 3.

Figure 3: Example of Smart Services

The system has the following components:

  • The IT IP-based network: The network typically is owned by a business customer or an end customer (for example, a small business network). It includes IP devices that may be managed either by the supplier (via service contract), by a third party, Partner 2, or by the customer network administer.
  • Smart agent or collection system (or sensor): An external collection system (for example, a server) or smart agent or collection systems on the managed devices gather the device and network information via numerous methods including Simple Network Management Protocol (SNMP) requests, Command-Line Interface (CLI) commands, syslog, etc. Collected information includes inventory, security data, performance data such as service-level agreement parameters, fault messages, etc.
  • Supplier or partner back-end service management system: A service management system collects data from various devices and networks, correlates the collected data against intelligent Intellectual Capital rules and important databases (for example, Manufacturing database or Contact Management database), analyzes the results, and produces actionable and trending reports that examine the network and predict the performance.
  • Two-way connectivity: Connectivity allows the front-end system (that is, smart agents and collection systems) to send data securely to the supplier or partner service management systems. It also allows the service management system to access the device or network secularly to take action when required.
  • Secure entitlement and data-transfer capability to register and entitle customer networks and communicate securely (via encryption and security keys) with service providers or network vendors: Such capability is typically deployed on the collector and back-end systems.

A Smart Service provides a proactive intelligence-based solution addressing the installed-based lifecycle and Fault, Configuration, Accounting, Performance, and Security (FCAPS) management with the unique benefit of correlating data with the supplier's Intellectual Capital and recognized best practices. Using smart agents, Smart Services collects basic inventory information from the network in order to establish Install Base context.

Conclusions

The implications of the IoT on today's Internet are vast. With such a large number of devices and highly constrained network environments, provisioning and management of the IoT needs to be a part of the architecture. It is both unwise and impractical to provision each active device in the network manually throughout its lifecycle. Earlier technologies, including IP phones, wireless access points, or service provider Customer Premises Equipment (CPE), have demonstrated that provisioning can be carried out securely over the network.

The IoT encompasses heterogeneous types of devices that can be on public or private IP networks: from low-powered, low-cost sensors, to fully functioning multipurpose computers with commercial operating systems. For this reason, there can be no "one-size-fits-all" approach to IoT security. What is required is a series of architectural approaches that are dictated by specific IoT use cases. In certain industry solutions, most notably healthcare, security is not just important; information privacy is specifically mandated in many countries.

The challenges of designing, deploying, and supporting billions of IP-enabled endpoints, each producing data that needs to be analyzed and acted on, present exciting opportunities for the next generation of the Internet.

References

[1] Dave Evans, "The Internet of Things: How the Next Evolution of the Internet Is Changing Everything," April 2011, http://www.cisco.com/web/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf

[2] "ARM targets Internet of Things with new low-power chip."

[3] http://share.cisco.com/internet-of-things.html

[4] Tim Polk and Sean Turner, "Security Challenges for The Internet of Things," IETF Security Area Directors, Feb. 14, 2011, http://www.iab.org/wp-content/IAB-uploads/2011/03/Turner.pdf

[5] Guillaume Piolle and Yves Demazeau, "Une architecture pour la protection étendue des données personelles," 2010, http://guillaume.piolle.fr/doc/piolle10b.pdf

[6] "Trusted Platform Module," ISO/IEC 11889, http://www.iso.org/iso/catalogue_detail.htm?csnumber=50970

[7] Jan Camenisch, "Direct Anonymous Attestation: Achieving Privacy in Remote Authentication," June 15, 2004. http://www.zurich.ibm.com/security/daa/daa-slides-ZISC.pdf

[8] Delay Tolerant Networking Research Group: http://www.dtnrg.org/wiki

DAVID LAKE, B.Sc., is a Consulting Engineer in the Research and Advanced Development Group at Cisco. He has more than 20 years of network design and deployment experience, ranging from X.25 and SNA, through the era of multiprotocol routing to IP, covering a wide range of networking technologies. He has extensive experience in transporting rich-media technologies across complex enterprise and service provider networks. David has worked as customer, network integrator, and manufacturer, and he understands the unique positioning of each of these areas in the IT industry. E-mail: dlake@cisco.com

AMMAR RAYES is a Distinguished Service Engineer at Cisco Systems focusing on Smart Service Technology Strategy. He has authored and co-authored over a hundred papers, patents and books on advances intelecommunications-related technologies. He is the President of the International Society of Service Innovation Professionals www.issip.org, an Associate Editor of ACM Transactions on Internet Technology and Editor-in-Chief of Advances of Internet of Things Journal. Dr. Rayes received his BS and MS Degrees in EE from the University of Illinois at Urbana and his Ph.D. degree in EE from Washington University in St. Louis, Missouri. E-mail: rayes@cisco.com

MONIQUE MORROW is a Distinguished Engineer in the Research and Advanced Development Group at Cisco. She has over 20 years experience in IP internetworking that includes design, implementation of complex customer projects and service development for service providers. She has presented in various conferences on the topic of RFID, Grid Networking and Cloud Computing; and, she co-authored several books and publications. She is currently focused on the Internet of Things/Machine-to-Machine Communications in eHealth and security and is active in various SDOS and forums such the IETF, ITU-T and the FTTH Council Asia-Pacific, holding leadership positions in these organizations. Monique is a Senior Member of the IEEE and a Life Member of the ACM. Monique has a Masters of Science Degree in Telecommunications Management and an MBA. E-mail: mmorrow@cisco.com