Internet DRAFT - draft-zhang-icn-iot-architecture
draft-zhang-icn-iot-architecture
ICN Research Group Y. Zhang
Internet-Draft D. Raychadhuri
Intended status: Informational WINLAB, Rutgers University
Expires: February 29, 2016 L. Grieco
Politecnico di Bari (DEI)
R. Ravindran
G. Wang
Huawei Technologies
August 28, 2015
ICN based Architecture for IoT
draft-zhang-icn-iot-architecture-00
Abstract
Internet of Things (IoT) promises to connect billions of objects to
Internet. After deploying many stand-alone IoT systems in different
domains, the current trend is to develop a unified de-fragmented IoT
platform so that objects can be made accessible to applications
across organizations and domains. Towards this goal, quite a few
proposals have been made to build a unified IoT platform as an
overlay on top of today's Internet. Such overlay solutions, however,
are inadequate to address the important challenges posed by a unified
IoT system, especially in terms of mobility, scalability, and
communication reliability, due to the inherent inefficiencies of the
current Internet. To address this problem, we propose to build a
unified IoT platform based on the Information Centric Network (ICN)
architecture, which we call ICN-IoT [20]. ICN-IoT leverages the
salient features of ICN, and thus provides seamless device-to-device
(D2D) communication, mobility support, scalability, and efficient
content and service delivery leveraging in-network computing, caching
and storage.
This draft begins by motivating the need for an unified ICN-IoT
platform to connect heterogenous IoT systems. We then propose an
ICN-IoT system architecture and middleware components which includes
device/network-service discovery, naming service, IoT service
discovery, contextual processing, pub/sub management to support
efficient naming, data discovery, data processing and data
distribution.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Zhang, et al. Expires February 29, 2016 [Page 1]
Internet-Draft ICN based Architecture for IoT August 2015
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 29, 2016.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. ICN-Centric Unified IoT Platform . . . . . . . . . . . . . . 2
1.1. Strengths of ICN-IoT . . . . . . . . . . . . . . . . . . 4
2. ICN-IoT System Architecture . . . . . . . . . . . . . . . . . 5
3. ICN-IoT Middleware Architecture . . . . . . . . . . . . . . . 6
4. ICN-IoT Middleware Functions . . . . . . . . . . . . . . . . 7
4.1. Device and Network Service Discovery . . . . . . . . . . 8
4.2. Service Discovery . . . . . . . . . . . . . . . . . . . . 9
4.3. Naming Service . . . . . . . . . . . . . . . . . . . . . 10
4.4. Context Processing and Storage . . . . . . . . . . . . . 11
4.5. Publish-Subscribe Management . . . . . . . . . . . . . . 12
4.6. Security . . . . . . . . . . . . . . . . . . . . . . . . 14
5. Informative References . . . . . . . . . . . . . . . . . . . 14
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17
1. ICN-Centric Unified IoT Platform
In recent years, the current Internet has become inefficient in
supporting rapidly emerging Internet use cases, e.g., mobility,
content retrieval, IoT, contextual communication, etc. As a result,
Zhang, et al. Expires February 29, 2016 [Page 2]
Internet-Draft ICN based Architecture for IoT August 2015
Information Centric Networking has been proposed as a future Internet
design to address these inefficiencies. ICN has the following main
features: (1) it identifies a network object (including a mobile
device, a content, a service, or a context) by its name instead of
its IP address, (2) a hybrid name/address routing, and (3) a delay-
tolerant transport. These features make it easy to realize many in-
network functions, such as mobility support, multicasting, content
caching, cloud/edge computing and security.
Considering these salient features of ICN, we propose to build a
unified IoT platform using ICN, in which the overlay IoT services are
only needed for administrative purposes, while the publishing,
discovery, and delivery of the IoT data/services is directly
implemented within the ICN network. Figure 1 shows the proposed ICN-
centric IoT approach, which is centered around the ICN network
instead of today's Internet.
______________ __________ __________
|IoT Smart Home| |IoT Smart | |IoT Smart |
|Management | |Transport | |Healthcare|
|______________| |Management| |Management|
\ |__________| |__________|
\ | /
\ _____________|___________ /
{ }
{ }
{ ICN }
{ }
{_________________________}
/ | \
/ | \
_________/ ________|______ __\_____________
{ } { } { }
{Smart home} {Smart Transport} {Smart Healthcare}
{__________} {_______________} {________________}
| | | | | |
___|__ __|___ __|__ __|__ ____|____ ____|____
|Home-1||Home-2| |Car-1||Car-2| |Medical ||Medcical |
|______||______| |_____||_____| |Devices-1||Devices-2|
|_________||_________|
Figure 1: The proposed ICN-centric IoT unified platform.
Zhang, et al. Expires February 29, 2016 [Page 3]
Internet-Draft ICN based Architecture for IoT August 2015
1.1. Strengths of ICN-IoT
Our proposed ICN-IoT delivers IoT services over the ICN network,
which aims to satisfy the requirements of the open IoT platform
(discussed in "draft-zhang-icn-iot-challenges-01.txt"[20]):
o Naming. In ICN-IoT, we assign a unique name to an IoT object, an
IoT service, or even a context. These names are persistent
throughout their scopes.
o Scalability. In ICN-IoT, the name resolution is performed at the
network layer, distributed within the entire network. Thus, it
can achieve high degree of scalability exploiting features like
content locality, local computing, and multicasting.
o Resource efficiency. In ICN-IoT, in both the constrained and non-
constrained parts of the network, only those data that are
subscribed by applications in the specified context will be
delivered. Thus, it offers a resource-efficient solution.
o Local traffic Pattern. In ICN-IoT, we can easily cache data or
services in the network, hence making more communications within
local distances and reducing the overall traffic volume.
o Context-aware communications. ICN-IoT supports contexts at
different layers, including device layer, networking layer and
application layer. Contexts at the device layer include
information such as battery level or location; contexts at the
network layer include information such as network address and link
quality; contexts at the application layer are usually defined by
individual applications. In ICN-IoT, device and network layer
contexts are stored within the network, while network elements
(i.e., routers) are able to resolve application-layer contexts to
lower-layer contexts. As a result of adopting contexts and
context-aware communications, communications only occur under
certain contexts that are specified by applications, which can
significantly reduce the entire network traffic volume.
o Seamless mobility handling. In ICN-IoT, ICN's name resolution
layer allows multiple levels of mobility relying on receiver-
oriented nature for self-recovery for consumers, to multicasting
and late-binding techniques to realize seamless mobility support
of producing nodes.
o Data storage. In ICN-IoT, data are stored locally, either by the
mobile device or by the gateway nodes or at service points. Also
in-network storage/caching [22] also speeds up data delivery.
Zhang, et al. Expires February 29, 2016 [Page 4]
Internet-Draft ICN based Architecture for IoT August 2015
o Security and privacy. In ICN-IoT, secure binding between
application-centric names and content instead of IP addresses to
identify devices/data/services, is inherently more secure than the
traditional IP paradigm [30].
o Communication reliability. ICN-IoT supports delay tolerant
communications [35], which in turn provides reliable
communications over unreliable links.
o Ad hoc and infrastructure mode. ICN-IoT supports both
applications operating in ad-hoc and infrastructure modes.
o In-network processing. ICN offers in-network processing that
supports various network services, such as context resolution,
multicast and mobility support.
2. ICN-IoT System Architecture
The ICN-IoT system architecture shown in Figure 2, has the following
five main system components:
+----------------+ +-----------------+ +-----------------+ +------------------+ +-------------------+
|Embedded Systems| <-------> | Aggregator | <------> | Local Service | <-----> | IoT Server | <-----> | Services/Consumers|
+----------------+ +-----------------+ | Gateway | | | +-------------------+
| | +-----------------+ +------------------+
| | ^
+----------------+ +----------------+ |
| Embedded System| |Aggregator | <------------
+----------------+ +----------------+
Figure 2: ICN-IoT System Architecture
o Embedded Systems: The embedded sensor has sensing and actuating
functions and may also be able to relay data for other sensors to
the Aggregator, through wireless or wired links.
o Aggregator: It interconnects various entities in a local IoT
network. Aggregators serve the following functionalities: device
discovery, service discovery, and name assignment.
o Local Service Gateway (LSG): A LSG serves the following
functionalities: (1) connecting the local IoT system to the rest
of the global IoT system, (2) assigning ICN names to local
sensors, (3) enforcing data access policies for local IoT devices,
Zhang, et al. Expires February 29, 2016 [Page 5]
Internet-Draft ICN based Architecture for IoT August 2015
and (4) running context processing services to generate
information specified by application-specific contexts (instead of
raw data) to the IoT server.
o IoT Server: The IoT server is a centralized server that maintains
subscription memberships and provides the lookup service for
subscribers. Unlike legacy IoT servers that are involved in the
data path from publishers to subscribers -- raising the concern of
its interfaces being a bottleneck -- the IoT server in our
architecture is only involved in the control path where publishers
and subscribers exchange their names and certificates.
o Services/Consumer: These are application instances interacting
with the IoT server to fetch or be notified of anything of
interest within the scope of the IoT service.
Specifically, the logical topology of the IoT system can be mesh-
like, with every sensor attached to one or more aggregators, while
every aggregator is attached to a LSG and all the LSGs connected to
the IoT server. Thus, each sensor has its aggregators, each of which
in turn has its LSG. All sensors share the same IoT server. All the
aggregators that are attached to the same LSG are neighbors to each
other. Though our middleware supports mesh topology, in the rest of
the draft, we will focus on the tree topology for the sake of
simplicity.
3. ICN-IoT Middleware Architecture
The proposed ICN-IoT middleware aims to bridge the gap between
underlying ICN functions and IoT applications.
The middleware functions are shown in Fig. 3 and it includes six core
functions: device and network service discovery, naming service,
Context Processing and Storage, IoT service discovery, Pub/Sub
management, and security.
In contrast to centralized or overlay-based implementation in the
legacy IP-based IoT platform, ICN-IoT architecture pushes a large
portion of the functionalities to the network layer, such as naming
resolution, mobility management, in-network processing/caching,
context processing, which greatly simplifies the middleware design.
Zhang, et al. Expires February 29, 2016 [Page 6]
Internet-Draft ICN based Architecture for IoT August 2015
+------------------------------------+
| (IoT Middleware) |
| |
| +----------------------+ +--+ |
| | Pub/Sub Management | | | | +---------------------+
| +----------------------+ | | | | Consumer |
+-------------+ | |IoT Service Discovery | |S | | | +-------------+ |
| Sensor | | +----------------------+ |E | | | | App | |
+ ----------- + | |Context Processing & | |C | | | +-------------+ |
|Gateway |<--> | | and Storage | |U | | <--> | | Service | |
+-------------+ | +----------------------+ |R | | | +-------------+ |
|Actuator | | | Naming Service | |I | | | |
+-------------+ | +----------------------+ |T | | +---------------------+
|Smart thing | | | Device/ Network | |Y | |
+-------------+ | | Service Discovery | | | |
| +----------------------+ +--+ |
+------------------------------------+
^ ^
| |
V V
+---------------------------------------------+
| ICN Network |
| +-------------------------------------+ |
| | Optional: In-network Computing | |
| | (Data Aggregation/Fusion) | |
| +-------------------------------------+ |
| | Network Service | |
| +-------------------------------------+ |
| | Name Based Routing | |
| +-------------------------------------+ |
| | Mobility and Security | |
| +-------------------------------------+ |
+---------------------------------------------+
Figure 3: The ICN-IoT Middleware Functions
4. ICN-IoT Middleware Functions
The ICN-IoT middleware mainly consists of the following functions:
device and network service discovery, service discovery, naming
service, publish/subscribe management, context processing, and
security. For each of these functions we highlight what the function
achieves, advantages an ICN architecture enables in realizing this
function, and provide discussion of how the function can be realized
considering NDN [24] and MobilityFirst (MF) [23].
Zhang, et al. Expires February 29, 2016 [Page 7]
Internet-Draft ICN based Architecture for IoT August 2015
Please note that most of these functions are implemented on
aggregators, LSGs and the IoT servers, and only very limited
functions (mainly for device discovery) are implemented on resource-
constrained sensors.
4.1. Device and Network Service Discovery
Device discovery is a key component of any IoT system. The objective
of device discovery is to expose new devices to the rest of the IoT
system -- every entity should be exposed to its direct upstream
device and possibly other devices. Specifically, it includes the
following three aspects: (1) a newly-added sensor should be exposed
to its aggregator, and possibly to its LSG and the IoT server; (2) a
newly-added aggregator is exposed to its LSG, and possibly to its
neighbor aggregators; and (3) a newly-added LSG should be exposed to
the IoT server. We note that device discovery could be used in other
contexts, such as neighboring sensors discovering each other to form
routing paths, but in this draft, we use the term to specifically
mean discovering new devices for IoT middleware purpose.
During device discovery for newly-added sensors, the sensor passes
its device-level information (such as manufacture ID and model
number) and application-level information (such as service type and
data type) to the upstream devices. If the sensor is to have an ICN
name, the name is assigned by the naming service (described in
Section 4.3), and recorded by both the LSG and the aggregator (and
possibly the IoT server).
ICN enables flexible and context-centric device discovery which is
important in IoT ecosystem where heterogeneous IoT systems belonging
to different IoT services may co-exist. Contextualization is a
result of name-based networking where different IoT services can
agree on unique multicast names that can be pre-provisioned in end
devices and the network infrastructure using the routing control
plane. This also has an advantage of localizing device discovery to
regions of network relevant to an ICN service, also enabling certain
level of IoT asset security. In contrast IP offers no such natural
IoT service mapping; any forced mapping of this manner will entail
high configuration cost both in terms of device configuration, and
network control and forwarding overhead.
In the device discovery phase, sensors expose their information, such
as its manufacture secure ID and model name, to the upstream
aggregators pulling information from sensors. There are two ways of
achieving this aim: (1) sensors pushing the information towards the
aggregators, and (2) aggregators pulling the information from
sensors. In both NDN and MF, the pulling method is used. In NDN,
this process is initiated by the configuration service running on
Zhang, et al. Expires February 29, 2016 [Page 8]
Internet-Draft ICN based Architecture for IoT August 2015
LSG, which periodically broadcasts discovery Interests (using the
name /iot/model).The new sensor replies to the discovery interest
with its information, and the configuration service then registers
the sensor and generates a local ICN name for the sensor. In MF, we
can set group-GUID as the destination address, and the configuration
service issues a request via multicasting. When receiving such
request, the new device replies with the manufacture secure ID, and
the configuration service registers the device and generates a local
ICN name for it.
The network service discovery for IoT infrastructure service like
naming, gateway, or context-processing service is hosted on LSGs or
Aggregators. These devices periodically broadcast their services,
which will be responded to by sensors that need these services.
Please note that only those sensors that need naming service or
context processing service will respond. The detailed process is
very similar to that involved in the device discovery (which is
described above).
4.2. Service Discovery
Service discovery intends to learn IoT services that are hosted by
one aggregator by its neighbor aggregators. The requirements include
low protocol overhead (including low latency and low control message
count), and discovery accuracy.
In today's IoT platforms, sensors, aggregators and LSGs are connected
via IP multicast, which involves complicated group management and
multicast name to IP translation service. Multicast, however, is
greatly simplified in ICN as most ICN architectures have natural
support for multicast.
Below, we explain how service discovery is implemented. The key to
service discovery is to expose aggregator's services to its neighbor
aggregators. How this is implemented differs in NDN and MF. In NDN,
the source aggregator broadcasts an interest using the well-known
name /area/servicename/certificate, which will eventually reach the
destination aggregator. NDN's Interest/Data mechanisms allows only
one response for each Interest send while discovery requires to learn
multiple entities, hence efficient discovery is realized using
exclusion via Selectors in the protocol or as an overlay protocol
[29].
After establishing the multicast group, the source aggregator sends a
request containing the service name and certificate to the multicast
group. The destination aggregator that hosts the service checks the
certificate and registers the source Aggregator if there is a matched
Zhang, et al. Expires February 29, 2016 [Page 9]
Internet-Draft ICN based Architecture for IoT August 2015
service. It replies with an acknowledgment containing certificate to
the source aggregator.
For secure service discovery, a secured name needs to assigned to the
service host. Especially in MF IoT, secured group GUID is utilized
to realize service request multicast, which may be owned by multiple
hosts, hence conventional public/private key scheme may not be
suitable for this case. As an alternative, group key management
protocol (GKMP) [31] can be adopted to resolved the issue above -- A
naming service residing at LSG or IoT server (depending on
application scope) generates a group public key that used as group
GUID for a service, then this group public/private keys pair is
assigned to each Aggregator that host this service. The service host
Aggregator in the group then listen on this group GUID, and use the
group private key to decrypt the incoming discovery message.
Finally, we note that this form of secure service discovery is
difficult for NDN.
As an example of NDN smart home, a thermostat expresses a request to
discover a AC service using well-known name /home/ac/certificate via
broadcast channel. In MF case, a multicast group GUID 1234 can be
assigned to all home appliance IoT service. The thermostat sends
request containing the service name and certificate to 1234. In both
cases, the AC hosting this services replies with acknowledgment if
all conditions match.
4.3. Naming Service
The objective of the naming service is to assure that either device
or service itself is authenticated, attempting to prevent sybil (or
spoofing) attack [31] and that the assigned name closely binds to the
device (or service). Naming service is specific to MobilityFirst,
and it is hard to achieve in the context of NDN. Naming service
assigns and authenticates sensor and device names. An effective
naming service should be secure, persistent, and able to support a
large number of application agnostic names.
Traditional IoT systems use IP addresses as names, which are insecure
and non-persistant. IP addresses also have relatively poor
scalability, due to its fixed structure. Instead, ICN separates
names from locators, and assigns unique and persistent names to each
sensor/device, which satisfies the above requirements.
In what follows, we discuss an approach for secure naming service in
ICN-IoT. We first consider the case where the embedded system is
programmable so that before deployment, the owner can preload
identity information (such as secure ID, a pair of public/private key
and a certificate) , or has some manufacture ID and a pair of public/
Zhang, et al. Expires February 29, 2016 [Page 10]
Internet-Draft ICN based Architecture for IoT August 2015
private key (which is certified by the manufacturer). That is, the
device is associated with information including device identity,
public/private keys (PK_{device}, SK_{device}) and a certificate
either from the owner or the manufacturer which certifies the device
identity and public/private keys. When such a device is discovered,
the aggregator will first verify the device identity (e.g., the
device can generate a signature with the private key SK_{device} and
present the signature and the certificate to the aggregator so that
the aggregator can verify it), and then assign a name to the device
as follows: the aggregator will issue a request to LSG together with
its device identity and $PK_{device}$, so that LSG can assign an NDN
name and generate a certificate (certifying the binding of NDN name,
PK_{device}). To this end, the ICN name and the certificate will be
sent back to the aggregator and will be stored locally if the device
is resource-restricted. Otherwise, the ICN name and the certificate
will be passed to the device.
For the MF-IoT, assigning a GUID for a device is rather
straightforward: after verifying the device identity, the Aggregator
inserts the public key PK_{device} and device information to the
upper layer component to verify if there is a conflict in the
corresponding scope. Specifically, LSG is in charge of local scope
and IoT server guarantees the global uniqueness. Finally, the unique
public key is used a GUID for the new device. Analogously, service
discovery can be secured in a similar way.
In the case where devices are only associated with the secure
manufacture ID while without being pre-loaded public/private keys and
the certificate, it is critical to assure that devices are
authenticated by using other trust model. For example the system can
take advantage of the web-of-trust model or the contextually semantic
information so that the devices manufactured by the same vendor can
authenticate each other. Moreover, in order to comply with the
capability of resource-restricted devices, light-weight cryptographic
primitive (such as symmetric cryptography) may be used instead of
public key cryptography.
Finally, we note that the same naming mechanism can be used to name
higher-level IoT devices such as aggregators and LSGs.
4.4. Context Processing and Storage
In order to facilitate context-aware communication and data
retrieval, we need to support context processing in the IoT system.
The objective of context processing is to expose the sensor's low-
level context information to upstream aggregators and LSGs, as well
as to resolve the application's high-level context requirements using
Zhang, et al. Expires February 29, 2016 [Page 11]
Internet-Draft ICN based Architecture for IoT August 2015
lower-level sensor contexts. The context processing service usually
runs on both aggregators and LSGs.
Context processing requires the underlying network to be able to
support in-network computing at both application and network levels.
ICN inherently supports in-networking computing and caching, which
thus offers unique advantages compared to traditional IP network
where the support for in-network computing and caching is poor.
Application level contexts differ from application to application,
and therefore, we need to provide a set of basic mechanisms to
support efficient context processing. Firstly, the network needs to
define a basic set of contextual attributes for devices (including
sensors, aggregators, and LSGs), including device-level attributes
(such as location, data type, battery level, etc), network-level
attributes (such as ICN names), and service-level attributes (such as
max, min, average, etc).
Secondly, we need to have means to expose sensor/aggregator/LSG
contextual attributes to the rest of the system, through centralized
services such as naming resolution service.
Thirdly, the IoT server needs to allow applications (either producers
or consumers) to specify their contextual requirements. Fourthly,
the unconstrained part of ICN-IoT needs to be able to map the higher-
level application-specific contextual requirements to lower-level
device-level and network-level contextual information.
4.5. Publish-Subscribe Management
Data Publish/Subscribe (Pub/Sub) is an important function for ICN-
IoT, and is responsible for IoT information resource sharing and
management. The objective of pub/sub system is to provide
centralized membership management service. Efficient pub/sub
management poses two main requirements to the underlying system: high
data availability and low network bandwidth consumption.
In conventional IP network, most of the IoT platforms provide a
centralized server to aggregate all IoT service and data. While this
centralized architecture ensures high availability, it scales poorly
and has high bandwidth consumption due to high volume of control/data
exchange, and poor support of multicast.
Next we consider two decentralized pub/sub models. The first one is
the Rendezvous mode that is commonly used for today's pub/sub
servers, and the second one involves Data-Control separation that is
unique to ICN networks where the control messages are handled by the
centralized IoT server and the data messages are handled by the
Zhang, et al. Expires February 29, 2016 [Page 12]
Internet-Draft ICN based Architecture for IoT August 2015
underlying ICN network. Compared to the popular Rendezvous mode
where both control and data messages both meet at the centralized
server, separating data and control messages can greatly improve the
scalability of the entire system, which is enabled by the ICN
network.
In today's IP network, Rendezvous mode is the classic pub/sub scheme
in which data and requests meet at an intermediate node. In this
case the role of the IoT server is only required to authenticate the
consumers and providing it Rendezvous service ID.
While NDN is a Pull-based architecture without supporting the Pub/Sub
mode naturally, COPSS [33] proposes a solution to fix this problem.
It integrates a push based multicast feature with the pull based NDN
architecture at the network layer by introducing Rendezvous Node(RN).
RN is an logical entity that resides in a subset of NDN nodes. The
publisher first forwards a Content Descriptor (CD) as a snapshot to
the RN. RN maintains a subscription table, and receives the
Subscription message from subscriber. The data publisher just sends
the content using Publish packet by looking up FIB instead of PIT.
If the same content prefix is requested by multiple subscribers, RN
will deliver one copy of content downstream, which reduces the
bandwidth consumption substantially.
Compared with the Rendezvous mode in which data plane and control
plane both reside on the same ICN network layer, we consider an
architecture where the control message is handled by the centralized
server while data is handled by ICN network layer. Following the
naming process mentioned above, the LSG has the ICN name for the
local resource which is available for publishing on IoT server. IoT
server maintains the subscription membership, and receives
subscription requests from subscribers. Since the subscribers has no
knowledge about the number of resource providers and their identities
in a dynamic scenario, IoT server has to take responsibility of
grouping and assigning group name for the resource.
MF takes advantage of Group-GUID to identify a service provided by
multiple resources. This Group-GUID will be distributed to the
subscriber as well as the publisher. In an example of NDN, it uses
the common prefix/home/monitoring/ to identify a group of resource
that provides multiple monitoring services such as /home/monitoring/
temperature and /home/monitoring/light. The subscriber retrieves the
prefix from the IoT server, and sends Interest toward the resource.
In a MF example, GUID-x identifies the "home monitoring" service that
combines with "light status" and "temperature". The resource
producers, i.e. the host of "temperature" and the host of "light
status" are notified that their services belong to GUID-x, then
listen on GUID-x. The subscriber sends the request containing GUID-x
Zhang, et al. Expires February 29, 2016 [Page 13]
Internet-Draft ICN based Architecture for IoT August 2015
through multicasting which ultimately reach the producers at the last
common node. Once receiving the request, the resource producer
unicasts the data to the subscriber. In addition, if multiple
resource consumers subscribe to the same resource, the idea of Group-
GUID can be reused to group the consumers to further save bandwidth
using multicast.
4.6. Security
This spans across all the middleware functions. Generally speaking,
the security objective is to assure that the device that connects to
the network should be authenticated, the provided services are
authenticated and the data generated (through sensing or actuating)
by both devices and services can be authenticated and kept privacy
(if needed). To be specific, we consider the approach to secure
device discovery, naming service and service discovery, because other
services, such as pub/sub management and context processing and
storage, can be properly secured according to application-specific
demands.
5. Informative References
[1] Cisco System Inc., CISCO., "Cisco visual networking index:
Global mobile data traffic forecast update.", 2009-2014.
[2] Mohsen, D. and M. Michael, "Smart home mobile RFID-based
Internet-of-Things systems and services.", International
Conference on Internet-of-Things systems and services. ,
2008.
[3] Zhu, Q., Wang, R., Chen, Q., Liu, Y., and W. Qin, "Iot
gateway: Bridgingwireless sensor networks into internet of
things.", Embedded and Ubiquitous Computing (EUC), 2010
IEEE/IFIP 8th International Conference on. IEEE, 2010 ,
2010.
[4] Huang, R., "Smart Campus: The Developing Trends of Digital
Campus.", Open Education Research 4 (2012): 004 , 2012.
[5] Zhu, Q., Wang, R., Chen, Q., Liu, Y., Qin, W., and W. Qin,
"ICN based Architecture for IoT - Requirements and
Challenges.", draft-zhang-icn-iot-challenges-00.txt ,
2014.
[6] Piro, R., Cianci, I., Grieco, L., Boggia, G., and P.
Camarda, "Information Centric Services in Smart Cities.",
Elsevier Journal of Systems and Software , 2014.
Zhang, et al. Expires February 29, 2016 [Page 14]
Internet-Draft ICN based Architecture for IoT August 2015
[7] Grieco, L., Alaya, M., Monteil, T., and K. Drira,
"Architecting Information Centric ETSI-M2M systems.",
Proc. of IEEE PerCom (to appear as work in progress paper)
, 2014.
[8] Dietrich, D., Bruckner, D., Zucker, G., and P. Palensky,
"Communication and computation in buildings: A short
introduction and overview.", IEEE Transaction of
Industrial Electronics , 2010.
[9] Zhang, Y. and R. Yu, "Research on the architecture and key
technology of Internet of Things (IoT) applied on smart
grid.", Advances in Energy Engineering (ICAEE), 2010
International Conference on. IEEE , 2010.
[10] Zhang, Y., Yu, R., Nekovee, M., Liu, Y., Xie, S., and S.
Gjessing, "Cognitive machine-to-machine communications:
visions and potentials for the smart grid.", IEEE Network
, 2012.
[11] Hong, Z., Liu, B., and D. Wang, "Design and Research of
Urban Intelligent Transportation System Based on the
Internet of Things.", Internet of Things. Springer Berlin
Heidelberg , 2012.
[12] Min, Z., Yu, T., and G. Zhai, "Smart Transport System
Based on the Internet of Things.", Applied mechanics and
materials , 2011.
[13] Min, Z., Yu, T., Zhai, G., Zhai, G., and G. Zhai, "The
internet of things for ambient assisted living.",
Information Technology: New Generations (ITNG), 2010
Seventh International Conference on , 2010.
[14] Reijo, S., Abie, H., and M. Sihvonen, "Towards metrics-
driven adaptive security management in E-health IoT
applications.", Proceedings of the 7th International
Conference on Body Area Networks. ICST (Institute for
Computer Sciences, Social-Informatics and
Telecommunications Engineering) , 2012.
[15] Yan, Y., Qian, Y., Sharif, H., and D. Tipper, "A Survey on
Smart Grid Communication Infrastructures: Motivations,
Requirements and Challenges.", IEEE Communications Surveys
and Tutorials , 2013.
Zhang, et al. Expires February 29, 2016 [Page 15]
Internet-Draft ICN based Architecture for IoT August 2015
[16] Shafig, M., Ji, L., Liu, A., Pang, J., and J. Wang, "A
first look at cellular machine-to-machine traffic: large
scale measurement and characterization.", Proceedings of
the ACM Sigmetrics , 2012.
[17] The European Telecommunications Standards InstituteS,
ETSI., "http://www.etsi.org/.", 1988.
[18] Global Intiative for M2M Standardization, oneM2M.,
"http://www.onem2m.org/.", 2012.
[19] Constrained RESTful Environments, CoRE.,
"https://datatracker.ietf.org/wg/core/charter/.", IETF,
2013.
[20] ICN based Architecture for IoT - Requirements and
Challenges, ICN-IoT., "https://tools.ietf.org/html/draft-
zhang-iot-icn-challenges-01.", IETF/ICNRG 2015.
[21] Ghodsi, A., Shenker, S., Koponen, T., Singla, A.,
Raghavan, B., and J. Wilcox, "Information-Centric
Networking: Seeing the Forest of the Trees.", Hot Topics
in Networking , 2011.
[22] Dong, L., Zhang, Y., and D. Raychaudhuri, "Enhance Content
Broadcast Efficiency in Routers with Integrated Caching.",
Proceedings of the IEEE Symposium on Computers and
Communications (ISCC) , 2011.
[23] NSF FIA project, MobilityFirst.,
"http://www.nets-fia.net/", 2010.
[24] NSF FIA project, NDN., "http://named-data.net/", 2010.
[25] Kim, B., Lee, S., Lee, Y., Hwang, I., and Y. Rhee,
"Mobiiscape: Middleware Support for Scalable Mobility
Pattern Monitoring of Moving Objects in a Large-Scale
City.", Journal of Systems and Software, Elsevier, 2011.
[26] Hui, JW. and DE. Culler, "IP is dead, long live IP for
wireless sensor networks.", ACM, SenSys, 2008.
[27] AllSeen Alliance, AllJoyn.,
"https://allseenalliance.org/developers/learn", 2015.
[28] "https://www.iotivity.org/about", 2015.
Zhang, et al. Expires February 29, 2016 [Page 16]
Internet-Draft ICN based Architecture for IoT August 2015
[29] Ravindran, R., Biswas, T., Zhang, X., Chakrabort, A., and
G. Wang, "Information-centric Networking based Homenet",
ACM, Sigcomm, 2013.
[30] Nikander, P., Gurtov, A., and T. Henderson, "Host identity
protocol (HIP): Connectivity, mobility, multi-homing,
security, and privacy over IPv4 and IPv6 networks", IEEE
Communications Surveys and Tutorials, pp: 186-204, 2010.
[31] Newsome, J., Shi, E., Song, DX., and A. Perrig, "The sybil
attack in sensor networks: analysis and defenses", IEEE,
IPSN, 2004.
[32] Harney, H. and C. Muckenhirn, "Group Key Management
Protocol (GKMP) Architecture", RFC Editor 1997.
[33] Jiachen, C., Mayutan, A., Lei, J., Xiaoming, Fu., and KK.
Ramakrishnan, "COPSS: An efficient content oriented
publish/subscribe system", ACM/IEEE ANCS, 2011.
[34] Marica, A., Campolo, C., and A. Molinaro, "Multi-source
data retrieval in IoT via named data networking", ACM ICN
Siggcomm, 2014.
[35] Nelson, S., Bhanage, G., and D. Raychaudhuri, ""GSTAR:
generalized storage-aware routing for mobilityfirst in the
future mobile internet", Proceedings of the sixth
international workshop on MobiArch, pp. 19--24, 2011.
Authors' Addresses
Prof.Yanyong Zhang
WINLAB, Rutgers University
671, U.S 1
North Brunswick, NJ 08902
USA
Email: yyzhang@winlab.rutgers.edu
Prof. Dipankar Raychadhuri
WINLAB, Rutgers University
671, U.S 1
North Brunswick, NJ 08902
USA
Email: ray@winlab.rutgers.edu
Zhang, et al. Expires February 29, 2016 [Page 17]
Internet-Draft ICN based Architecture for IoT August 2015
Prof. Luigi Alfredo Grieco
Politecnico di Bari (DEI)
671, U.S 1
Via Orabona 4, Bari 70125
Italy
Email: alfredo.grieco@poliba.it
Ravi Ravindran
Huawei Technologies
2330 Central Expressway
Santa Clara, CA 95050
USA
Email: ravi.ravindran@huawei.com
Guoqiang Wang
Huawei Technologies
2330 Central Expressway
Santa Clara, CA 95050
USA
Email: gq.wang@huawei.com
Zhang, et al. Expires February 29, 2016 [Page 18]