3                                     Unleashing the potential of the Internet of Things

                    NOTE – By supporting application logic integration, the gateway can process application related
                    functions locally and independently from remote facilities. For example, in some cases, the gateway
                    can perform some processing and analysis of the data captured from the connected devices before
                    transferring the data to applications.

            8.5     Security and management related requirements
            –       Security and privacy
                    For the security of applications, a gateway must control the access to devices and to itself
                    and must protect data security and privacy for the gateway and devices.
                    The security and privacy requirements of the gateway are as follows:

                    1)  The  gateway  is  required  to  support  identification  of  each  access  to  the  connected
                        devices.

                    2)  The gateway is required to support authentication with devices. Based on application
                        requirements  and  device  capabilities,  it  is  required  to  support  mutual  or  one-way
                        authentication with devices.
                    3)  The gateway is required to support mutual authentication with applications.
                    4)  The gateway is required to support the security of the data which are stored in devices
                        and  the  gateway,  or  transferred  between  the  gateway  and  devices,  or  transferred
                        between the gateway and applications. The gateway is required to support the security
                        of these data based on security levels.
                    5)  The gateway is required to support mechanisms to protect privacy for devices and the
                        gateway.

            –       Self-management and remote maintenance
                    The gateway is required to support self-management and remote maintenance.
                    The self-management and remote maintenance requirements of the gateway are as follows:

                    1)  The  gateway  is  required  to  support  self-diagnosis  and  self-repair  as  well  as  remote
                        maintenance.
                    2)  The gateway is required to support firmware and software update.

                    3)  The gateway is required to support auto configuration or configuration by applications.
                        The gateway is required to support multiple configuration modes, e.g., remote and local
                        configuration, automatic and manual configuration and dynamic configuration based on
                        policies.


            9       Common capabilities of a gateway for IoT applications

            9.1     Reference technical framework and typical high-level flows of a gateway for IoT
                    applications
            9.1.1   Reference technical framework

            The reference technical framework of a gateway for IoT applications is composed of the following
            capability groups:
            •       Applications group
            •       Support capabilities group
            •       Adaptation capabilities group

            •       Security and management capabilities group
            The  applications  group  provides  support  for  interacting  with  remote  applications  and  for  local
            processing of application logic. It supports the deployment of multiple IoT applications of different


            106      Rec. ITU-T Y.4101/Y.2067 (06/2014)