The Internet of Things, as distinct from the internet of people, requires communication between devices which enable tracking, monitoring and metering etc… This intercommunication is dependent upon semantically structured and shared data for enabling functions such as identification, authentication, authorisation, bootstrapping and provisioning. Standardising both the semantically structured data and the enabling functions across M2M applications and devices would reduce the cost and extend the life of M2M devices. Standardisation for the Internet of Things is the aim of a common service layer for M2M.
The oneM2M group aims to develop technical specifications that address the need for a common M2M Service Layer that can be readily embedded within various hardware and software, and relied upon to connect the myriad of devices in the field with M2M application servers worldwide. The common M2M Service Layer should be agnostic to underlying network technology (yet leveraging the unique features of these underlying networks), and it will use network layer services (such as security (encryption and authentication), QoS, policy, provisioning, etc.) through an adaptation layer/APIs.
In order for an embedded common M2M service layer to operate it must support AAA (authN, authZ & accounting) for smart devices that is agreeable between multiple device manufacturers and network operators. The Telecommunications Industry Association (http://www.tiaonline.org) are defining a functional standard for Authentication, Authorization and Accounting for Smart Device (AAA-SD TIA) The functions proposed by the common M2M service layer that include Policy & Resource Management
- Authentication and Registration (Identity Management)
- Establish communications session (Add/Delete/Modify)
- QoS/SLA for communication session
- Billing, Charging, and Rating rules
- Group Management
- Security Management (Data confidentiality, integrity, abuse prevention, privacy)
TIA TR-50 Functional architecture for M2M Smart Device Communication System Architecture describes AAA-SD as ” provide authentication, authorization and accounting services to other entities in the network to establish and enforce security policies. The services may include generation of keys, generation and validation of certificates, validation of signatures, etc”