Internet DRAFT - draft-li-iotops-intelligent-security
draft-li-iotops-intelligent-security
IOTOPS Xinru Li
Internet-Draft Yuyin Ma
Intended status: Informational Guangshuo Chen
Expires: 29 August 2024 29 February 2024
Intelligent Protection Optimization System for IOT
draft-li-iotops-intelligent-security-00
Abstract
Communication technology is becoming more and more developed, the
Internet of Things coverage is becoming more and more
comprehensive, and a large number of data and devices are
joining, which also makes more data security and privacy
issues appear.
Therefore, this draft proposes a scheme to build an
information-centered network. By analyzing common network
attack methods, an intelligent protection
optimization system is established from three aspects: naming and
parsing, data exchange, and data caching, so as to achieve
better content privacy protection without adding additional costs.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet-Drafts
as reference material or to cite them other than as
"work in progress."
This Internet-Draft will expire on 21 August 2024.
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Li, et al. Expires 29 August 2024 [Page 1]
Internet-Draft Intelligent Protection February 2024
Please review these documents carefully, as they describe your
rights and restrictions with respect to this document.
Code Components extracted from this document
must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions
and are provided without warranty as described in
the Revised BSD License.
Table of Contents
1. Introduction
2. Current Situation and Problems
2.1. Terminal Layer
2.2. Transport Layer
2.3. Processing Layer
3. Principle
3.1. Design Principle
3.2. Typical Characteristics
3.2.1. Cache Network
3.2.2. Authenticity of Information
3.2.3. Seamless Migration
3.2.4. Space Expansion
3.2.5. Flexible and Changeable
4. System Design
4.1. Naming and Parsing
4.2. Data Exchange
4.3. Data Caching
5. Security Considerations
6. IANA Considerations
7. Acknowledgments
8. References
8.1. Normative References
8.2. Informative References
Authors' Addresses
1. Introduction
With the penetration of new generation information and
communication technologies such as artificial intelligence,
blockchain, and 5G communication into all areas of society,
various types of intelligent applications and devices have
also emerged, gradually entering the era of the
Internet of everything. The application range of Internet
of Things devices and systems is very wide, and the
characteristics of diversified equipment, diversified
environment, and massive real-time information
also make security issues the core of Internet of Things
systems.
Li, et al. Expires 29 August 2024 [Page 2]
Internet-Draft Intelligent Protection February 2024
The original data interaction mode uses location as connection
to deliver content, but often users are only interested in the
content itself. Therefore, Inter centre Network (ICN) provides
a relatively new network working mode. ICN realizes
nformation search and transmission through content index,
which will effectively simplify the network structure and
improve the security and reliability of the system.
To address the issue of content privacy protection in iot systems
we have designed an intelligent scheme that can perform
security assessments on specific users and combine
the potential of ICN networks to increase the security of content
privacy without incuring significant overhead.
2. Current Situation and Problems
The overall security architecture of the Internet of Things can
roughly include the physical and information collection
security layer, transmission security layer and processing
security layer of the terminal sensor network, which all
contain security risks.
2.1. Terminal Layer
Due to the large number of devices and simple defense
mechanisms, the devices are vulnerable to attacks, weak
identity authentication and authorization mechanisms,
and lack necessary security defense capabilities.
2.2. Transport Layer
Massive data transmission is easy to be stolen or
tampered with, and attackers can also use massive data
to extract statistical characteristics and analyze users.
2.3. Processing Layer
There are many types of equipment data, the calculation
network is complex and changeable, and the data
reliability is low. And the Internet of Things applications
are diverse, may produce malicious program attacks.
3. Principle
3.1. Design Principle
Li, et al. Expires 29 August 2024 [Page 3]
Internet-Draft Intelligent Protection February 2024
Add the necessary security mechanisms to separate content and
location, simplify the addressing process, and turn the network
into a pure content web.
3.2. Typical Characteristics
3.2.1. Cache Network
All intermediate nodes support caching, and in the case of
a cache in the network, users do not have to wait for the
network to forward data from the original node, but can
obtain information from the nearest node with cached data.
3.2.2. Authenticity of Information
The system can encrypt the data that needs to be
guaranteed by the administrator's permission, so that
the user can ensure the authenticity of the information.
3.2.3. Seamless Migration
Modify different types of cache schemes, plan the data
exchange of related nodes, and plan the priority, so as to
avoid service interruption during migration.
3.2.4. Space Expansion
Avoid letting the terminal bear the massive data storage
alone, make full use of rich network equipment, and realize
the simple terminal to independently receive or send the
data of interest to the superior.
3.2.5. Flexible and Changeable
It avoids the fixation of traditional network location
and content binding, focuses on the exchange of
data, and can reduce the possibility of being attacked
by flexible nodes.
4. System Design
The system is built from three aspects, giving full play to the
potential of ICN and increasing the connection between
ICN and the Internet of Things.
Li, et al. Expires 29 August 2024 [Page 4]
Internet-Draft Intelligent Protection February 2024
4.1. Naming and Parsing
The forwarded data needs to include a description of the
content and the name, and since the information grows
too fast, the name needs to be short enough to
accommodate the forwarding capability. The analysis
is divided into absolute and relative concentration two kinds.
4.2. Data Exchange
The system has three basic data exchange modes,
including center mode, flooding mode and ideal mode.
The central mode requires the existence of an omniscient
supernode, the flooding mode can waste a lot of
bandwidth, and the ideal mode is very complex.
4.3. Data Caching
The system will intelligently manage cache data
and optimize data selection, node selection, time
selection and mode selection.
5. Security Considerations
This document does not contain any security considerations.
6. IANA Considerations
This document makes no IANA requests.
7. Acknowledgements
The creation of this document has been a collaborative effort,
and we extend our gratitude to individuals and organizations
whose contributions and insights have enriched the content
and quality of this work.
8. References
8.1. Normative References
[IEEE] M. Cao et al., "Toward On-Device Federated
Learning: A Direct Acyclic Graph-Based Blockchain
Approach", IEEE Trans. Neural Networks and
Learning Systems, pp. 1-15.
Li, et al. Expires 29 August 2024 [Page 5]
Internet-Draft Intelligent Protection February 2024
8.2. Informative References
[IEEE] F. Song, Y. Ma, Z. Yuan, I. You, G. Pau and
H. Zhang, "Exploring Reliable Decentralized
Networks with Smart Collaborative Theory," in
IEEE Communications Magazine, vol. 61,
no. 8, pp. 44-50, August 2023,
doi: 10.1109/MCOM.003.2200443.
Authors' Addresses
Xinru Li
BeiJing JiaoTong University
Haidian District, Beijing
Email: 20211011@bjtu.edu.cn
Yuyin Ma
BeiJing JiaoTong University
Haidian District, Beijing
Email: mayuyin@bjtu.edu.cn
Guangshuo Chen
BeiJing JiaoTong University
Haidian District, Beijing
Email: 17733652726@163.com
Li, et al. Expires 29 August 2024 [Page 6]