The key messages in this session were:
- Even though that the approach to security has to be end-to-end, each layer of the SOA for IoT (sensing layer, network layer, service layer, interface layer) must try to enforce its own security mechanism. Each layer as its own weaknesses.
- The security mindset has to be used since the conception of the service. As an example, the election of the sensors and actuators plays an important role, because they are manufactured by third party companies that seek economy, fast delivery, sell millions of devices at a very low cost. It is common that their security mechanisms on those systems on chips are not the best.
- Since R8, 3GPP has pushed evolution towards LTE-A and LTE-A Pro. The standardization entity has designed mechanisms to enable IoT systems to reduce power consumption, expose services via Service Capability Exposure Function (SCEF)... and well, 5G seeks to enhance escalability by providing the same architecture no matter the radio access technology of the IoT system. The new generation core would receive traffic from heterogeneous access technologies.
- For a service operator, the cloud plays a key role, not only as a "place" where data is received, processed and stored, but as a central intelligence analysis center in order to detect anomalous activity and deploy countermeasures: detecting evil behavior is necessary, but trying to dynamically deploy the defense mechanism is also important.
- Since at the end all is measured with numbers (costs and return of investment), there is a trade-off between how exigent is the SLA provided (availability, integrity and confidentiality) for the data and the analysis of the risk of being compromised. I think that the parameters of risk could be the value of the data, how important it is for the business, the additional latency and decreased battery life for a sensor when a full security scheme is deployed. Parameters are countless.
- I think that some of the challenges for IoT regarding security (scalability, interoperability, management, security and privacy) can be addressed via the network slicing concept. This by providing means to escalate the network resources as needed and by deploying IDS/IPS functions on-demand, where needed. The isolation that a network slice provides could enable the contention of an attack by creating network honeypots or quarantine slices to contain malicious or suspicious activity. Feedback loops and OSS/BSS interaction is important to achieve this.
This whole week was amazing. Has given me great view of the importance of security for industry and all the requirements that an architecture should support in order to meet the exigencies of the (new) use cases that industry and other actors would be implementing.
