A Comprehensive Security Architecture for Information Management throughout the Lifecycle of IoT Products

Research output: Contribution to journalArticleScientificpeer-review

10 Citations (Scopus)
142 Downloads (Pure)

Abstract

The Internet of things (IoT) is expected to have an impact on business and the world at large in a way comparable to the Internet itself. An IoT product is a physical product with an associated virtual counterpart connected to the internet with computational as well as communication capabilities. The possibility to collect information from internet-connected products and sensors gives unprecedented possibilities to improve and optimize product use and maintenance. Virtual counterpart and digital twin (DT) concepts have been proposed as a solution for providing the necessary information management throughout the whole product lifecycle, which we here call product lifecycle information management (PLIM). Security in these systems is imperative due to the multiple ways in which opponents can attack the system during the whole lifecycle of an IoT product. To address this need, the current study proposes a security architecture for the IoT, taking into particular consideration the requirements of PLIM. The security architecture has been designed for the Open Messaging Interface (O-MI) and Open Data Format (O-DF) standards for the IoT and product lifecycle management (PLM) but it is also applicable to other IoT and PLIM architectures. The proposed security architecture is capable of hindering unauthorized access to information and restricts access levels based on user roles and permissions. Based on our findings, the proposed security architecture is the first security model for PLIM to integrate and coordinate the IoT ecosystem, by dividing the security approaches into two domains: user client and product domain. The security architecture has been deployed in smart city use cases in three different European cities, Helsinki, Lyon, and Brussels, to validate the security metrics in the proposed approach. Our analysis shows that the proposed security architecture can easily integrate the security requirements of both clients and products providing solutions for them as demonstrated in the implemented use cases.

Original languageEnglish
Article number3236
Pages (from-to)1-21
Number of pages21
JournalSensors
Volume23
Issue number6
DOIs
Publication statusPublished - Mar 2023
MoE publication typeA1 Journal article-refereed

Funding

The authors thank the support from the Finnish Foundation for Technology and European Union’s Horizon 2020 project FINEST TWINS. This research was funded by the Finnish Foundation for Technology (grant no. 8076) and European Union’s Horizon 2020 project FINEST TWINS (grant no. 856602).

Keywords

  • identity and access management (IAM)
  • information management
  • Internet of things (IoT)
  • product lifecycle information management (PLIM)
  • security architecture

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

  • SDG 11 - Sustainable Cities and Communities

Access to Document

Other files and links

    Fingerprint

    Dive into the research topics of 'A Comprehensive Security Architecture for Information Management throughout the Lifecycle of IoT Products'. Together they form a unique fingerprint.
    View full fingerprint

    • -: FINEST TWINS GA856602Nieminen

      Nieminen, M. (Project Member), Toiskallio, K. (Project Member), Hajian, H. (Project Member), Rönkkö, J. (Project Member), Syri, S. (Project Member), Yeung, D. (Project Member), Hyvönen, J. (Project Member), Kuzmanovski, V. (Project Member), Salomaa, V. (Project Member), Agriesti, S. (Project Member), Koskinen, K. (Project Member), Mir, S. (Project Member), Abdollahi, E. (Project Member), Dibaj, S. (Project Member), Yousefnezhad, N. (Project Member), Zhou, Z. (Project Member), Farjam, T. (Project Member), Moradpoor, I. (Project Member), Esquivias Canadas, A. (Project Member), Ingi, D. (Project Member), Klossner, S. (Project Member), Malhi, A. (Project Member), Vosough, S. (Project Member), Kajosaari, A. (Project Member), Pinho, P. (Project Member), Anashin, P. (Project Member), Hiltunen, P. (Project Member), Helenius, O. (Project Member), Ojala, P. (Project Member), Österbacka, M. (Project Member), Nummi, P. (Project Member), Ghanbari, H. (Project Member), Malik, A. (Project Member), Keyriläinen, T. (Project Member), Knapic, S. (Project Member), Olin, J. J. (Project Member), Ahdekivi, V. (Project Member), Fröhlich, K. (Project Member), Madhikermi, M. (Project Member), Farsaei, A. (Project Member), Hollmen, J. (Project Member), Ju, Y. (Project Member), Kangassalo, P. (Project Member), Liu, Z. (Project Member), Bhusal, P. (Project Member), Laguardia Tavares, P. (Project Member), Mäkelä, J. (Project Member), Kauppi, A. (Project Member), Saif, A. (Project Member), Khajavi Haghighat, S. (Project Member), Olkkonen, V. (Project Member), Pihlava, K. (Project Member), Tan, X. (Project Member), Doostmohammadian, M. (Project Member), Javanshir, N. (Project Member), Sipetas, C. (Project Member), Su, Y. (Project Member), Ainamo, A. (Project Member), Munilal Jain, K. (Project Member), Putta, A. (Project Member), Toivio, T. (Project Member), Apopei, I.-V. (Project Member), Jokisalo, J. (Project Member), Avci, C. (Project Member), Bayrak, M. (Project Member), Liaquat, M. (Project Member), Espinosa, A. (Project Member), Limnell, J. (Project Member), Marques de Carvalho Martins Canha, D. (Project Member), Ahmed, K. (Project Member), Pirilä, J. (Project Member), Tervo, S. (Project Member), Wallgren, K. (Project Member), Abolfazli, E. (Project Member), Bagheri Majdabadi, M. (Project Member), Bobrov, N. (Project Member), Huotari, M. (Project Member), Koivunen, T. (Project Member) & Nzewi, L. (Project Member)

      01/12/201931/05/2027

      Project: EU_HEFWP

    Cite this