Motivation
To ensure the success of IoT it is not sufficient to provide only efficient and low-cost connections. It is necessary to be able to provide secure connectivity which is realized through strong authentication and encryption using the SIM (Subscriber Identity Module) card. Unfortunately, the mentioned security measure is limited only to the authentication, access control and encryption towards the mobile network.
The exchanged messages are indeed delivered in clear text to the IoT Platform by the mobile network. To have adequate protection the IoT Platform must have its own authentication, access control and encryption scheme, which is both technically and economically challenging.
To overcome this rather severe limitation, Secure 5G4IoT Lab proposes a novel cross layer Identity Federation, which offers single-sign-on and confidentiality to the IoT vertical sectors such as heath, transport, logistics, automation, etc. using SIM authentication.
The Research Questions:
- Can the authentication of IoT device be stronger and simpler?
- Can the mobile network authentication scheme be used for IoT devices?
- Can single sign on be introduced for IoT devices?
- How can the authentication of primitive IoT devices be done?
The Research Approach:
To find the answers to the research questions efforts have been successively put into the following tasks:
- Exploring the possibility of using the Internet identity management scheme to cellular IoT
- Establishing a testbed using OpenID Connect to enable identity federation between the SIM and IoT device identity