Internet of Things – Architecture © - 82 -
legitimate clients may access services provided by the IoT infrastructure. The
Security FG is also in charge of protecting private parameters of users. This is
achieved by providing anonymity (ensuring that the user‘s identity remains
confidential when she/he/it accesses a Resource or a Service) and ―unlink-
ability‖ (ensuring that the user may make multiple uses of Resources or
Services without an attacker being able to establish links between those uses).
This privacy support relies on fine-tuned identity management, which is able to
assign various pseudo-random identifiers to a single user.
The Security FG also ensures that legitimate interaction occurs between peers
that are statically authorised to interact with each other, or that are trusted by
each other. This is achieved through the use of dedicated authorisation
functions or through the reliance on a trust–and-reputation model, which is able
to identify trustworthy peers in a privacy-capable and highly mutable
architecture.
Finally, the Security FG enables secure communications between peers by
managing the establishment of integrity and confidentiality features between
two entities lacking initial knowledge of each other.