IPSO Working Group Resources
This area of the community provides information to people interested in specifying, building, testing, or just trying out Smart Object systems. Check back often, as we will be continually adding resources that are relevant to Smart Objects, such as work integrating Identity and Privacy aspects, and new reference architecture guidelines.
An Application-Layer Approach to End-to-End Security for the Internet of Things White Paper
Any business relying on the Internet of Things (IoT) for their operations requires that solutions are reliable and trustworthy. Security is a prerequisite and protection of online industrial or enterprise assets cannot be overstated. This paper focuses on the need to secure application data end-to-end between IoT device and enterprise application or IoT service provider. Securing application data applies to messages exchanged between applications of two endpoints, specifically sender authentication, receiver authentication, message integrity and message confidentiality. In IoT, an endpoint itself isn’t always reachable except through a gateway, which serves as a proxy to the endpoint device. A gateway may translate addresses, protocols, or commands along the IoT service path. As various types of gateways proliferate in IoT services, the communication security between sender and receiver depends on the security of each hop combined with business agreements and trust relations between the involved parties. Hop-by-hop security offers more points of attack and is a greater risk to the IoT service as IoT proxies such as application-layer gateways and middleboxes may alter the messages they forward at various protocol layers in the stack. The theme of this paper is that IoT data must be secure in transit and securing data at the transport layer alone is not always sufficient for preserving integrity and confidentiality through proxies, gateways or other middleboxes. Application-layer security is needed for many IoT service topologies to prevent critical data from becoming unprotected in middleboxes. The paper gives real-world use cases for application-layer end-to-end IoT security and describes the Open Mobile Alliance solution to these types of use cases, which is Lightweight M2M (LwM2M) application-layer security based on OSCORE.
Internet of Things Protocol Comparison White Paper
Many standards-developing organizations have contributed various technological building blocks to make IoT deployments more robust and secure. A popular debate among technologists working on IoT deployments is about the best choice of protocols for getting data from and to IoT devices. In this article, members of the IPSO Working Group considered six standardized protocols (HTTP, HTTP/2, WebSockets, XMPP, MQTT, CoAP), and refer to them as “transfer protocols.” This is not a comprehensive list of protocols in use in IoT, but it represents an example of each of the different constructs, reliable, unreliable, REST, publish/subscribe, chat, point to point, client/server, extended services etc.
This whitepaper compares the differences between these six transfer protocols as used with IoT devices. The purpose is to provide technical and product personnel, in a way to assess the impact of each protocol and what they provide with regard to their IoT products. IoT products will likely require a suite of standard protocols to support the many different configurations and requirements of the systems/services that they are deployed in.
Lightweight M2M 1.1 White Paper
The OMA Lightweight M2M 1.1 standard (LwM2M 1.1) supports managing a broad spectrum of IoT devices including devices operating in LPWAN networks. LwM2M provides device management and service enablement capabilities for managing the entire lifecycle of the IoT device. LwM2M 1.1 adds support for a Non-IP transport binding. It also introduces more efficient data formats, optimized message exchanges and support for application layer security based on IETF OSCORE. These new LwM2M 1.1 features can significantly improve the performance and security of Non-IP devices in lossy and low bandwidth networks such as NB-IoT.
This white paper discusses the capabilities introduced in LwM2M 1.1 for managing non-IP devices in Cellular IoT networks, specifically Non-IP Data Delivery (NIDD) in NB-IoT leveraging the 3GPP Service Capability Exposure Function (SCEF) node. It highlights the key LwM2M 1.1 features that are relevant in NB-IoT and provides guidance on addressing the unique challenges for managing IoT devices in NB-IoT.
The IPSO Woking Group offers technical publications of white papers and other materials developed by the IPSO Working Group member companies that offer valuable information in support of our mission.
IPSO Smart Object Guidelines provide a common design pattern, an object model, that can effectively use the IETF CoAP protocol to provide high-level interoperability between Smart Object devices and connected software applications on other devices and services.
Public IPSO Repository
The IPSO Smart Object Registry registry is intended for developers that are building products based on IPSO Objects, it is not intended to be used at runtime by applications. Some of the objects are generic in nature, such as voltage, altitude or percentage, while others are more specialized like the colour object or the gyrometer object. Actuators and controllers are also defined such as timer or buzzer and joystick and Level. All of these objects were found to be necessary on a variety of use case domains.