Читать книгу Service Level Management in Emerging Environments - Nader Mbarek - Страница 29

Integrity is a security service that covers two significant concepts in the IoT: the integrity of data and the integrity of objects. The integrity of data aims to ensure that the data exchanged in an IoT environment is not modified or destroyed in an unauthorized manner during transfer. This is necessary in order to provide a reliable service and ensure that the information collected and commands received by the objects are legitimate. Verifying the integrity of data involves two processes, one involving the sender and the other the recipient. The entity that is transmitting the data adds verification information (like the Block Check Character or a cryptographic check value such as a hash value) based on the data transmitted. The recipient generates the same verification information based on the data received and compares this information with the information received in order to determine whether or not the data were modified during transmission in the IoT environment (ITU-T 1991).

The integrity of objects is necessary as the nodes in the IoT may be deployed in an unreliable environment and may be physically attacked to modify the software codes in the objects, for example. This second integrity service in the IoT enables the detection and prevention of any modification to the operating system and the configuration of the objects. The integrity of objects also makes it possible to lock and eliminate non-compliant devices. To implement this type of integrity, a digital fingerprint for the object in question is used to compare data effectively available on the object with the data that should be available.