Security is an important function in any digital communications environment, and the role of security is even more critical with machine-to-machine (M2M) communications. In several existing service infrastructures, such as cellular systems, typically the service, network, and device distribution are tightly coupled and managed by a single entity: the network operator. On the other hand, M2M solutions typically involve multiple entities, such as application providers, network operators, and numerous device manufacturers. All of these entities may be related in very diverse ways, while certain entities may not be related at all. In other words, complex trust relationships exist in M2M environments, since certain players may not directly interact to establish formal business relationships (and hence trust). This fundamental issue necessitates novel, scalable, and automated methods for security association establishment. Such methods should be able to deal with a potential explosion in the number of M2M devices and hundreds of applications provided by a few M2M operators utilizing multiple access network technologies.
In this chapter, the complexity of trust relationships among the various M2M players is explained in some detail. Such complexity provides guidelines for designing security strategies and solutions for M2M, as well as for avoiding design pitfalls. ...