Internet DRAFT - draft-yang-t2trg-virtualthing

draft-yang-t2trg-virtualthing



Network Working Group                                     Hyunsik Yang
Internet-Draft                                            Younghan Kim
Intended status: Informational                     Soongsil University
Expires: April 2017                                   October 31, 2016



      IoT architecture based on Virtual thing environment for security
                   draft-yang-t2trg-virtualthing-00.txt


Abstract

   This document provides guidance of IoT architecture based on virtual
   thing environment for security. In the heterogeneous IoT environment,
   Internet of Things(IoT) have a limitation in adapting management
   function such as updating software, adopting various general
   cryptography mechanisms since they have limited processing power,
   storage space and transmission capacities. Moreover, IoT could not
   support all of requirement for IoT management function in
   heterogeneous environment. Especially, security is one of the issue
   in heterogeneous environments. Therefore, this draft describes IoT
   architecture based on virtual thing environment and classify the
   requirements as well as problem statement.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79. This document may not be modified,
   and derivative works of it may not be created, and it may not be
   published except as an Internet-Draft.

   This document may contain material from IETF Documents or IETF
   Contributions published or made publicly available before November 10,
   2008. The person(s) controlling the copyright in some of this
   material may not have granted the IETF Trust the right to allow
   modifications of such material outside the IETF Standards Process.
   Without obtaining an adequate license from the person(s) controlling
   the copyright in such materials, this document may not be modified
   outside the IETF Standards Process, and derivative works of it may
   not be created outside the IETF Standards Process, except to format
   it for publication as an RFC or to translate it into languages other
   than English.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any



Yang, et al.           Expires April 31, 2017                 [Page 1]

Internet-Draft    draft-yang-t2trg-virtualthing-00        October 2016


   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

   This Internet-Draft will expire on April 31 2016.

Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents carefully,
   as they describe your rights and restrictions with respect to this
   document. Code Components extracted from this document must include
   Simplified BSD License text as described in Section 4.e of the Trust
   Legal Provisions and are provided without warranty as described in
   the Simplified BSD License.























Yang, et al.           Expires April 31, 2017                 [Page 2]

Internet-Draft    draft-yang-t2trg-virtualthing-00        October 2016




Table of Contents


   1. Introduction ................................................ 4
      1.1. Terminology ............................................ 4
   2. Problem statement ........................................... 4
         2.1.1. Interface issues                                     ................................... 5
         2.1.2. Software management issues ......................... 5
         2.1.3. On demand security issues .......................... 5
   3. Virtual thing Architecture for IoT                                             ........................... 6
      3.1. Architecture ........................................... 6
   4. Consideration ............................................... 6
   5. Security Considerations                                  ...................................... 7
   6. IANA Considerations ......................................... 7
   7. Conclusion .................................................. 7
   8. References .................................................. 7
      8.1. Normative References                                    .................................... 7
      8.2. Informative References                                      .................................. 7
   9. Acknowledgments ............................................. 7



























Yang, et al.           Expires April 31, 2017                 [Page 3]

Internet-Draft    draft-yang-t2trg-virtualthing-00        October 2016




 1. Introduction

   Currently, in heterogeneous IoT environments, IoT networks are
   required to meet various requirements for management such as
   supporting various interfaces (REST API, specific protocols),
   security issues and software management (OS update, synchronization).
   Moreover, each IoT device may have a different hardware specification
   and requirement depending on what function or application the IoT
   device is design for. Especially, security is one of the major
   management issues in IoT. However, supporting every requirement is a
   challenge for IoT because IoT is a constrained environment with
   resource constrained devices.

  This draft describes an IoT architecture based on virtual thing
  environment to classify the requirement and problem statement.



1.1. Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC-2119 [RFC2119].

   Virtual thing

     It is a virtual machine which can provide various application. This
     entity maps to physical thing(IoT) as 1:1, 1:N, N:N

 2. Problem statement

   In the heterogeneous IoT environment, many functions are required to
   be managed such as supporting various interfaces (REST API, specific
   protocol), security issues and software management (OS update,
   synchronization). However, it is quite a challenge for the current
   IoT to support every requirement since IoT is a constrained
   environment and IoT devices are limited devices. In this situation,
   one of solutions is to enable a gateway to have a lots of function to
   meet the requirements. Although the solution can solve a part of
   requirements, it can't support all requirements since there will be
   burdens when the number of IoT increases continuously. In addition,
   when an IoT device moves to another gateway, this gateway should
   support the same functions that are supported by the previous.
   Moreover, all packets should go to another IoT network through the
   gateway.


Yang, et al.           Expires April 31, 2017                 [Page 4]

Internet-Draft    draft-yang-t2trg-virtualthing-00        October 2016


   To support various functions in heterogeneous environments, IoT
   manager should be considered various requirements to manage IoT such
   as supporting various interfaces (REST API, specific protocol),
   security issues and software management (OS update, synchronization).
   Moreover, it should consider characteristics of IoT like
   specifications of hardware and ability of IoT.



2.1.1. Interface issues

   IoT should support various protocols or REST API to communicate with
   each vender's IoT since every IoT device may have a different
   protocol or API according to its vender and characteristics of IoT.
   However, it is not a good solution if each IoT device is required to
   support various interfaces. Even though, all venders would use a
   unified APIs or interfaces, it has a limitation to meet all
   requirements, for example, security supporting.



2.1.2. Software management issues

   IoT also needs an operating system for management and applications
   also need to update to fix a bug or for a new feature. However, it is
   not easy to update OS or applications at the same time since IoT
   devices do not always connect to the Internet. It also can be an
   issue in the security aspect because confliction of software version
   can create a chance for attackers. To deal with this problem,
   synchronization protocols or management methods are required.



2.1.3. On demand security issues

   In the IoT environment, IoT is required to provide different security
   levels and conditions. For example, when an IoT device sends sensing
   data that it is not important like temperature, IoT doesn't need to
   use a powerful security mechanism. On the other hand, when an IoT
   device sends an important data like health monitoring results or
   action messages, IoT needs a powerful security mechanism and
   functions such as access control or DDoS mitigation.







Yang, et al.           Expires April 31, 2017                 [Page 5]

Internet-Draft    draft-yang-t2trg-virtualthing-00        October 2016




 3. Virtual thing Architecture for IoT



3.1. Architecture

    +---------------------------------------------------------+
    |  <Virtual thing layer>            +---+   +security fn  |
    |                                   | V |   +OS management|
    |                                   +-|-+   +application  |
    +-------------------------------------|-------------------+
    +-------------------------------------|-------------------+
    |  <secure connection layer>          |                   |
    |                              Secure channel             |
    |                                     |                   |
    +-------------------------------------|-------------------+
    +-------------------------------------|-------------------+
    |  <physical layer>                 +-|-+                 |
    |                                   | P |  +IoT           |
    |                                   +---+                 |
    +---------------------------------------------------------+


                Figure 1 Virtual thing Architecture for IoT

   As shown in figure 1, the virtual thing based architecture is
   hierarchically constructed. It consists of three layers. The first
   layer is physical layer. It is a basic layer for physical devices.
   The second layer is a secure connection layer. This section supports
   security connection between physical devices and virtual things. The
   third layer is a virtual thing layer. This layer provides various
   functions such as security, operation system, or sensor configuration.



 4. Consideration

   In this document, we describe virtual thing based on architecture for
   IoT. In future work, we will define specific requirement for standard
   of modeling value.







Yang, et al.           Expires April 31, 2017                 [Page 6]

Internet-Draft    draft-yang-t2trg-virtualthing-00        October 2016


 5. Security Considerations

   TBD

 6. IANA Considerations

   This document has no IANA actions.



 7. Conclusion

   In this document, we describe an IoT management architecture based on
   virtual thing environment to solve existing problems. In addition, we
   describe problem statements with three use cases. In the future work,
   we classify requirements with more use cases.





 8. References

8.1. Normative References

    [I.D. draft-irtf-t2trg-iot-seccons-00]

            O. Garcia-Morchon, S. Kumar, M. Sethi, "Security
             Considerations in the IP-based Internet of Things", draft-
             irtf-t2trg-iot-seccons-00, October 09, 2016.

8.2. Informative References





9. Acknowledgments










Yang, et al.           Expires April 31, 2017                 [Page 7]

Internet-Draft    draft-yang-t2trg-virtualthing-00        October 2016


   Authors' Addresses

   Hyunsik Yang
     Soongsil University
     369, Sangdo-ro, Dongjak-gu,
     Seoul 156-743, Korea
     Email: yangun@dcn.ssu.ac.kr

   Younghan Kim
     Soongsil University
     369, Sangdo-ro, Dongjak-gu,
     Seoul 156-743, Korea
     Email: younghak@ssu.ac.kr



































Yang, et al.           Expires April 31, 2017                 [Page 8]