Unleashing the potential of the Internet of Things                         3


            MOC applications have the following requirements:
            1)      MOC applications are recommended to be able to set the prioritization of data (within a
                    single application or among different applications).
            2)      MOC applications are recommended to be able to manage different data according to their
                    prioritization.
            3)      MOC applications are recommended to be able to apply data prioritization to MOC devices
                    and  gateways  according  to  the  related  service  level  agreements  (SLA)  between  MOC
                    application customers and MOC application providers.

            8.14    Security

            8.14.1  Authentication and authorization
            The  MOC  end  users  accessing  the  MOC  applications  need  to  be  authenticated  and  authorized.
            Access to applications has to align with the relevant security levels.
            The  MOC  devices  involved  in  the  MOC  applications  and  directly  connected  need  to  be
            authenticated and authorized.

            The MOC devices involved in the MOC applications and connected via an MOC gateway should
            generally be authenticated and authorized.

            Requirements of authentication and authorization are as follows:
            1)      MOC applications are required to support the authentication and authorization of MOC end
                    users to access MOC applications and related data according to the related security levels.
            2)      MOC applications are required to support a mechanism for authentication and authorization
                    of directly connected MOC devices associated with the MOC applications themselves.
            3)      MOC  applications  are  recommended  to  support  a  mechanism  for  authentication  and
                    authorization of MOC devices which are in an MOC local network (connected via an MOC
                    gateway) and which are associated with the MOC applications themselves.

            4)      MOC  applications  are  required  to  support  a  mechanism  for  the  registration  of  directly
                    connected MOC devices associated with the MOC applications themselves.

            8.14.2  Security of data
            In  general,  MOC  applications  require  strong  security,  due  to  very  sensitive  data.  It  has  to  be
            considered that MOC devices cannot provide all security features because they may have system
            limitations. For example, sensed data carried over the network may not be sufficiently protected
            from the security viewpoint.
            MOC applications have the following requirements:
            1)      MOC  applications  are  required  to  provide  security  for  the  connectivity  between  MOC
                    applications  and  MOC  devices  even  when  the  MOC  devices  roam  from  one  network
                    domain to another network domain.
            2)      MOC  applications  are  required  to  support  the  integrity  and  confidentiality  of  the  data
                    exchanged during the application operations.
            3)      MOC applications are recommended to provide mechanisms of data encryption in order to
                    also support MOC devices with limited capabilities.
            8.14.3  Security of MOC device access

            All  data  produced  by  MOC  devices  are  required  to  be  unknown  to  unauthorized  entities.  For
            example, private or sensitive data of an MOC device should not be sent to an unauthenticated end
            user if this end user initiates a communication with that MOC device.




                                                                  Rec. ITU-T Y.4109/Y.2061 (06/2012)     273