CISCO IoT Security Framework

CISCO has proposed a framework to secure the IoT environment. The framework consists of four components: Authentication, Authorization, Network Enforced Policy, and Secure Analytics (Visibility and Control). The Authentication and Authorization layers build a "trust relationship".

The Authentication layer is used to provide the identity information of an IoT device or verify the identity of the device. A device first identifies itself when it wants to acsess the IoT infrastructure. The identity information can be RFID, shared secret, X.509 certificates, the MAC address of a device etc.

The Authorization layer controls a device's access throughout the IoT network fabric.

The Network Enforced Policy layer includes all components that route and transport endpoint traffic (such as control, management, and actual data) securely over the infrastructure.

The Secure Analytics: Visibility and Control layer defines the services which endpoints and the network infrastructure including data centers participate. These services provide telemetry for gaining visibility and controlling the IoT ecosystem. The components of this layer include the IoT  infrastructure that enables telemetry data collection, data assembly and analysis, and the delivery platform for providing visibility, contextual awareness and control.