爱立信GBA引导安全.pdfVIP

ericsson White paper 284 23-3284 Uen | February 2016 bootstrapping security THE KEY TO INTERNET OF THINGS ACCESS AUTHENTICATION AND DATA INTEGRITY Security will be a major challenge as billions of devices join the Internet of Things, and different technologies will compete to provide appropriate solutions. Managing authentication on a large scale is a challenge already successfully met by the telecommunications industry in the form of mutual authentication with secret credentials in the SIM. This technology can now be extended to provide equally strong authentication and data integrity for the Internet of Things. INTRODUCTION The rapid deployment of connected devices and huge increase in data volumes are becoming a major concern for operators – and an opportunity at the same time. In the near future, billions of Internet of Things (IoT) devices will be connected to new IoT services [1]. However, analysts indicate that security issues could be a significant inhibitor to the deployment of many of these services [2]. Secure communication in IoT-type systems currently requires many levels of configuration and/or application-level proprietary algorithms, which discourages users from implementing protection and often encourages functionality to be prioritized over security. The lack of secured links exposes data to attacks and theft, and fraudsters and hackers are already beginning to show increasing interest in this area [3] [4]. This paper shows how Generic Bootstrapping Architecture (GBA) technology [6], based on the Authentication and Key Agreement (AKA) protocol used in network access authentication, can provide device authentication and support communication security at the transport layer. BOOTSTRAPPING SECURITY • INTRODUCTION 2 Authentication and Data Integrity in the IoT Security encompasses a multitude of aspects rang