2018 IEEE 3rd Advanced Information Technology, Electronic and Automation Control Conference(IAEAC 2018)

The Research on IOT Security Architecture and Its

Key Technologies
Shan Liu1 ,Keming Yue2 ,Yu Zhang1, Hua Yang1 ,Lu Liu3 , Xiaorong Duan1
1. Shanxi Electric Power Research Institute, State Grid Corporation of China, Taiyuan, China
2. Shanxi electric power exploration and design institute co., China Energy Construction Group, Taiyuan, China
3. Shanxi Jincheng branch, China United Network Communications Corp, Jincheng, China
liushan1106@163.com, yekemingdei@sina.com, zhangyudky@sx.sgcc.com.cn, yanghuadky@sx.sgcc.com.cn,
lulu871106@163.com, duanxiaorong@sx.sgcc.com.cn

Abstract—With the development of scientific information Near Field Sensor

technology, the emergence of the Internet of Things (IOT)
promoted the information industry once again to a new stage of
economic and technological development. From the perspective
of confidentiality, integrity, and availability of information
security, this paper analyzed the current state of the IOT and the
security threats, and then researched the security primary
technologies of the IOT security architecture. IOT security
architecture established the foundation for a reliable information
security system for the IOT.
Keywords— Internet of Things; security architecture;RFID;
WSN; information security
I. INTRODUCTION
The IOT is the development of information technology in a
new stage. There are a variety of information-sensing devices
(such as radio frequency identification, infrared sensors, global
positioning systems, laser scanners, etc.) in the IOT.
Accordance with the agreed implementation, through wired
and wireless manner, any item connects to the Internet to form
a huge network for communication and information exchange.
This practice can realize a network that identified intelligently,
located, tracked, monitored, and managed. The Internet has
realized the sharing of information in different places. While,
The IOT has opened up the channels of the virtual world and
the real world. The IOT has realized the connection of things
and things, people and things at any time and place.Compared
with the traditional Internet, the combination of enterprise
applications, cloud computing, and big data makes the IOT
face its unique challenges [1-2]. The basic model of IoT is
shown below:
Communication Technology
smart card
QR code High speed
data network
Gateway
Tracking and Internet
positioning
Bar code
GPS
Fig.1. The basic model of IoT
With the popularity of the IOT, applications in various
fields have been becoming more and more widespread. The
widespread applications brought some security problems that
have gradually attracted people's attention. The IOT is
composed of wireless nodes with only a simple chip-level
embedded program. As the nodes have diversity of the target,
there are a variety of brands and types of chips hardware.
These chips can result in heterogeneous data content and data
formats. In our daily life, there are multiple applications of the
IOT at the application layer. Our personal information is
automatically collected every second by application devices.
The applications of IOT make our lives easier. These
applications can even control our daily life. Therefore, if we
lose control of the IOT system, it will become a huge potential
security problem [3-4]. The information security problem is
one of the core technologies that can guarantee the sustainable
and safe development of the IOT industry. We must attach
great importance to this issue.
From the perspective of confidentiality, integrity and
availability in information security, this paper studied the
requirements and security threats of the IOT security
architecture. Then we put forward the IOT security architecture.
Last, we further discussed the security-critical technologies of
the IoT.

II. IOT SECURITY ARCHITECTURE SYSTEM ANALYSIS

A. IOT security architecture system construction

978-1-5386-4509-3/18/$31.00 ©2018 IEEE 1277

 The IOT system has three characteristics. There are
comprehensive perception, reliable delivery, and intelligent
processing. Comprehensive perception adopted RFID, sensors,
barcodes, positioning devices to obtain information of objects
at anytime and anywhere. Reliable transmission, through the
integration of various networks and the Internet, can transfer
the information accurately in real time. Intelligent processing
used various intelligent computing technologies (cloud
computing, etc) to analyze and process massive data and
information. And intelligent processing can implement
intelligent control of objects [2]. According to the DCM model
of IOT[5], the IOT is divided into three layers: perceptual layer,
network layer, and application layer. Based on the
characteristics of the IOT, this paper divided IOT security
architecture into four layers of perceptual layer, network layer,
processing layer, and application layer. This four-layer model
can build a scientific and rational security architecture, as
shown in Figure 2.
Application smart home smart transportation smart medical
layer environmental monitoring smart city content service
data mining intelligent computing
Processing
layer parallel computing middleware technology cloud computing
Network computer network mobile communication network
layer
wireless network 3G satellite network
Perceptual RFID sensor infrared sensing
layer GPS QR code actuator
Fig.2. The security architecture of IoT
1) Perceptual layer
The perceptual layer can realize the comprehensive
perception of information. Sensor network equipments, such as
radio frequency identification, two-dimensional codes, and
sensors, are used for comprehensive sensing, capture, and
measurement technologies to collect and capture information at
any time and place. First of all, it is necessary to protect RFID,
GPS, and sensors and other equipment on the all-round
protection of the perceptual layer. And regular safety
inspection and authentication are performed. Secondly, a
secure transmission mechanism for data information need to
build between sensor nodes. During transmission, data
information cannot be transmitted by unauthorized nodes.
2) Network layer
The main function of the network layer can achieve reliable
transmission of information and secure data information
transmission through mobile communication networks,
computer networks, and wireless networks. Currently, the main
transmission technologies at the network layer include: long-
distance cable technology, wireless communication technology,
and network communication technology. In the process of data
transmission, the network layer is also affected by the
propagation of fake routing information, selective
forwarding/non-forwarding, black hole attacks and so on. As a
result, data cannot be efficiently transmitted to the destination,
and the network even may be corrupted.
3) Processing layer
The main function of the network layer can realize the
intelligent processing of information to analyze and process the
massive data and information. The purpose of this practice can
realize intelligent decision-making and control. Based on cloud
computing and data mining technologies, the data information
Information on processing layer can ensure interoperability and scalability.
application security Meanwhile, the data information provide a safe environment
and efficient services.
4) Application layer
Information
processing security The information processed by the processing layer is
transmitted to the application layer. This information is
heterogeneous. When a large amount of heterogeneous data are
Information processed on the cloud platform, a unified system and system
transmission
platform must be established to improve the cloud computing
security
security on application-layer. In particular, data information
must strengthen access and authorization management.
Through these above measures, we can strengthen the
Information protection of various types of data information.
collection security
B. Security needs of the IOT
The IOT can realize objects connection through the human-
machine interfaces. The IOT often faces with a variety of
security threats, such as equipment is damaged or stolen,
unauthorized access, illegal intrusion, hacking and so on.
Sometimes, in order to deal with serious hazards, related
companies need to spend a lot of manpower, material and
financial resources.
The IOT accelerates integration with various industries. In
the process of providing services, it also collects, transmits,
processes, and manages data. When we use various platforms
and software, it often registers a large amount of user personal
information, such as name and mobile phone number, home
address, bank account number, even daily life trajectory and
location information. The disclosure of users' personal
information inevitably cause adverse effects on individuals.
And this issue should be given sufficient attention in the
development of the IOT [6].
Therefore, the main requirement for building a security
architecture for the IOT is to guarantee the security,
confidentiality, validity, and integrity of data information. With
the promotion and popularization of the IOT, network security
1278
technologies, such as firewalls, intrusion detection systems,
and PKIs, play a protective role. Protecting user privacy and
public interest is the fundamental goal of information
confidentiality mechanism in the IOT. For example, mining
data firstly requires access control mechanisms on perceptual
layer. Due to illegal disclosure of user information or public
secrets, no loss is caused. In addition, illegal invasion, denial of
services attack, Sybil attacks, route attacks and so on. These
attacks also affect the integrity and validity of data information.
The security features of the IOT reflect the diversity of
perceptual information, network environments, and application
requirements. Massive and complex network data transmission
and control also pose new challenges to the security
architecture of the IOT.
III. PRIMARY TECHNOLOGIES OF IOT SECURITY SYSTEM
ARCHITECTURE
As a multi-network convergence security technology. In
these independent networks, a variety of security technologies
have been actually applied. Due to the limitations of the
resources in the perceptual network of the IOT, it is difficult to
study its security. The overall security requirements of the IOT
include the security of the physical node, the security of
information collection, the security of information transmission,
and the security of information process. These above security
requirements can achieve the correctness, confidentiality and
integrity of information. The following section discusses the
security issues on each layer of the IOT architecture.
A. Physical hardware security policy
The perceptual layer is the lowest layer of the IOT
architecture. The main function of perceptual is responsible for
the information acquisition of the IOT network. In this layer,
the most important security issue is how to ensure the security
of information collection and the security of physical hardware.
The physical hardware include sensor devices, RFID nodes,
and sensor terminals and so on.
1) RFID security policy
RFID technology is the key technology in the IOT. And
RFID technology allows items to “talk”. The RFID tag stores
information on specifications and interoperability. Through the
RFID data communication network, it can automatically
collect information to the central information system for
identifying item. The basic components of RFID are Tag,
Reader and Antenna. Tag is composed of coupling elements
and chips. Each tag has a unique electronic code and is
attached to the object to identify the target object. If electronic
tag information is obtained by hackers, the results lead to
information leakage, information tampering, man-in-the-
middle attacks and replay attacks [7]. Therefore, we must
design a reasonable security strategy. The asymmetric
encryption algorithm is used for label information. The sender
encrypts the information with the public key and the receiver
decrypts the cryptographic information with his private key.
This method can guarantee the security of the label information
to some extent.
1279
In addition, radio signals can be used to interfere with the
operation of nearby RFID readers. The advantage of doing this
is that the hackers' attack behavior can be detected as quickly
as possible. And we can take some certain security measures.
2) Wireless sensor network(WSN) security policy
WSN forms a multi-hop self-organizing network system.
Through wireless communication, WSN consist of a large
number of sensor nodes. Its purpose is to cooperatively
perceive, collect and process the information of the perceptual
objects in the network coverage area. It can realize data
collection, quantization, processing fusion and transmission
applications. Sensor network technology-related information
security policies include sensor nodes and gateway nodes.
These nodes can physically capture integrity attacks,
congestion attacks, DOS attacks, and node replication attacks.
Building a security framework for a sensor network involves
integrated security policies, such as encryption algorithms, key
distribution strategies, intrusion detection mechanisms, and
secure routing strategies [7]. Among them, the role of the
security routing policy is the most important. The multi-path
routing policy can prevent forwarding attacks to improve the
security of the entire network.
B. Information collection security policy
The function of the perceptual layer not only needs to solve
the physical security problem, but also needs to solve the
problem of information collection security. The security
problems of information collection include eavesdropping,
tampering, and replay attacks. During the data collection phase,
the correctness, confidentiality, and integrity of the data must
be ensured. First, the sensor node adopts an authentication
strategy. This strategy can prevent unauthorized and malicious
users to access database. This is the first line of defense for
information security. Then, we adopt a secure routing strategy
to ensure true route discovery and effective network security
protection policy. Finally, the key management protocols in the
perceptual layer need to be strengthened, including symmetric
and asymmetric key management strategies.
C. Information processing security policy
In the architecture of the IOT, the main function of the
processing layer is responsible for the information processing
mechanism. The processing layer provides an interface for
communication between the network layer and the application
layer. The information transmission process has high
requirements for data confidentiality and authenticity.
Combined with the security of the communications network,
the information transmission process can guarantee the security
of the IOT's transmission layer [8-9].
D. Information transmission security policy
In the architecture of the IOT, the main task of the network
layer is to transmit information in the network. The IOT
architecture is the implemented basic communication
framework. The information transmission still faces numerous
security risks, such as denial of service attacks, unauthorized
access, man-in-the-middle attacks, and virus attacks [10]. Since
data is collected by multiple devices in the IOT, security
policies need to maintain the confidentiality, integrity, and
availability of data at the network layer. This practice requires
various authentication, filtering, and detection mechanisms to
ensure data security.
IV. CONCLUSION
As a new industry, the IOT will encounter various security
challenges in further development and application. How to
build a scientific and rational security architecture play an
important role. Currently, the development and application of
the IOT still in its infancy. There is no standardized unified
IOT architecture and technical specifications. Based on the
analysis of the current development status of the IOT and the
security threats, this paper proposed a new model of IOT
security system architecture combined with RFID, WSN, and
primary technology. We proposed respective security
protection strategies to promote the development and
application of the IOT for different layers of the IOT.
1280
REFERENCES
[1] Li Xianmin,Han Xiao. On the Security Architecture of Internet of
Things[J].Enterprise Technology Development,2015,34(18):80-81.
[2] Li Zhongnan. Research on Security Architecture for Application Layer
of Internet of Things[D]. Dalian Maritime University, 2013.
[3] Li Panlong. Research on Security Architecture for Application Layer of
Internet of Things[J].Computer Disc Software and
Applications,2014,17(16):41-42.
[4] Wu Chuankun. A preliminary discussion on the security architecture of
Internet of Things[J]. Proceedings of the Chinese Academy of Sciences,
2010, 25(04):411-419.
[5] Wang Boshi.Discussion on Security Architecture of Internet of
Things[J].Information Network Security,2016(S1):137-140.
[6] Wang Huan.Research on Security Architecture and Key Technologies of
Internet of Things[J].Automation and Instrumentation,2016(08):80-81.
[7] Ma Yalei. Research on Security Architecture and Key Technologies of
Internet of Things[J].Electronics Production,2017(11):84-85.
[8] Li Zhiqing. Security Architecture and Key Technologies of Internet of
Things[J].Microcomputers & Applications,2011,30(09):54-56.
[9] Gao Chong. Security Architecture and Technology Route of Internet of
Things[J].Information and Computer(Theory),2017(15):149-151.
[10] Ren Wei.Research on Security Architecture and Technology Route of
Internet of Things[J].Information Network Security,2012(05):70-73.