Overview of IoT and Cloud Architecture

1897 words (8 pages) Essay

23rd Sep 2019 Information Systems Reference this


Disclaimer: This work has been submitted by a university student. This is not an example of the work produced by our Essay Writing Service. You can view samples of our professional work here.

Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UKEssays.com.

Table of Contents

Assignment 1 questions

IoT architecture

Cloud architecture

Trusted Computing Base

Mobile Architecture


Assignment 1 questions

Study the following topics and write no less than 100 words for each of the following topics:

-trusted computing base, mobile architecture, IoT architecture, and cloud architecture.

IoT architecture


At a high level IoT can be pictured as [1] “a unified network of smart objects and human beings responsible for operating them (if needed), who are capable of universally and ubiquitously communicating with each other.” Furthermore [1] the building blocks are “are sensory devices, remote service invocation, communication networks, and context-aware processing of events”.

Two important IoT architectures are: SOA-based IoT architecture and API-oriented IoT architecture. SOA involves more complexity and overhead than API since its conventional implementation usually involves SOAP (using XML) and RMI.

Specifically, per the text book [1] “SOA has the potential to augment the level of interoperability and scalability among the objects in IoT. Moreover, from the user’s perspective, all services are abstracted into common sets, removing extra complexity for the user to deal with different layers and protocols”. On the other hand, API-oriented IoT architecture involves Web APIs and REST that typically use lightweight data-exchange format like JSON to reduce network overhead. In addition, by having APIs, a service provider can boost its commercialization because functionality is easily accessible by the outside (customers) and security is easily setup thru mechanisms such as OAuth, etc. The above trends makes sense since in my non-IoT work experience as a software developer, API oriented technology is being used more than SOA based architectures because of similar reasons.

The four layers of SOA-based IoT architecture are [1]:

• Sensing layer is integrated with available hardware objects to sense the status of things

• Network layer is the infrastructure to support over wireless or wired connections among things

• Service layer is to create and manage services required by users or applications

• Interfaces layer consists of the interaction methods with users or applications

IoT systems should offer the following important features [2]:


Requirement Description


Managing the variety of devices/technologies/services/environments


Avoiding the explosion of resources/exchanged data/operations

Cost minimization

Optimization of development/maintenance costs and energy consumption


Self-configuration, self-organization, self-adaptation, self-reaction to events

and stimuli, self-discovering of entities and services, self-processing of Big Data


Dynamic management/reprogramming of devices or group of devices


Observance of QoS guarantees (e.g., bandwidth, delay) to services/applications

Secure environment

Robustness to communication attacks, authentication, data transfer confidentiality,

data/device integrity, privacy, trusted secure environment

Unfortunately there are some security issues that arise during deployment of IoT systems. For instance, since the aim of IoT systems is that everything can be connected that also means that hackers have many different ways (objects) to steal information. For example, currently most people use computers and phones as part of their daily lives and hackers can steal information true various means by using the internet or similar networks that connects computers and phones for instance. However, with IoT, if we have other objects (say a fridge or similar) interconnected then hackers can perhaps find ways to steal information that were inconceivable in the past by going thru objects that users perhaps would not even think might be compromise.

Per the text book [1], security threats can be divided in three broad categories: Capture, Disrupt, and Manipulate.

  • Capture: focused on capturing the system or information
  • Disrupt: focused on denying, destroying, and disrupting the system
  • Manipulate: focused on manipulating the data, identity, time-series data, etc.

There are a variety of attacks that can be found within the above categories such as: eavesdropping, Masquerading, Man-in-the-middle, Replay attacks, Denial-of-Service (DoS), etc.

As a guideline, Cisco created an Iot reference model which has seven layers [1]:

Per the text book [1] “The fundamental idea is to present a level of abstraction and appropriate functional interfaces to provide a complete system of IoT. It is the coherence of an end-to-end IoT architecture that allows one to process volume of context specific data points, make meaningful information, manage intrinsic feature of large scale, and ultimately design insightful responses.”


Cloud architecture

At a high level cloud computing provides different service categories (Software as a service (SaaS), Platform as a service (PaaS), Infrastructure as a service (IaaS), Public Cloud, Private Cloud, Hybrid Cloud) that can be used by companies to solve a particular business need. In other words, cloud computing [3] “… is a new business model for the consumption and provisioning of information technology software, infrastructures, and related services.” Moreover, based on the US National Institute of Standards and Technology cloud computing is [3]  “… a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (for example, networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.“

Five essential [3] characteristics of cloud computing are:

Trusted Computing Base

Trusted Computing Base (TCB) [4] is an important basic security concept within security architectures. Per the text book [4] “A Trusted Computing Base (TCB) is the entire complement of protection mechanisms within a computer system (including hardware, firmware, and software) that’s responsible for enforcing a security policy. A security perimeter is the boundary that separates the TCB from the rest of the system.” In other words [4] “A Trusted Computing Base (TCB) is the total combination of protection mechanisms within a computer system (including hardware, firmware, and software) that’s responsible for enforcing a security policy.” An important implication per the book [4] is that: “A trusted computer system is a system with a Trusted Computing Base (TCB).”

Another related concept is a reference monitor which [4] “is a system component that enforces access controls on an object.” On the other hand, also related to TCB is the security kernel which [4] “… is the combination of hardware, firmware, and software elements in a Trusted Computing Base that implements the reference monitor concept”.

IBM provides a great diagram [5] to picture TCB at a high level:

Mobile Architecture

At the user level, everything starts with a mobile handset (i.e. mobile device) that uses several hardware components [5] “:

  • Microprocessor
  • ROM
  • RAM
  • Digital signal processor
  • Radio module
  • Microphone and speaker
  • Hardware interfaces
  • LCD display

Furthermore, within the microprocessor category, Intel and ARM architectures dominate [5]. Furthermore, mobile handsets use a variety of operating systems [5] such as: “Symbian OS, iPhone OS (an embedded version of OS X), Windows Mobile, BlackBerry OS, Google Android Platform (based on Linux)”. However, [7] “ARM processors dominate cell phones and tablets today just as x86 processors dominated PCs”. ARM processors are based on RISC (Reduced Instruction Set Computer) [7].


  1. Internet of Things: Principles and Paradigms, 1st Edition Authors: Rajkumar Buyya,‎ Amir Vahid Dastjerdi
  2. https://pdfs.semanticscholar.org/2e59/24dbb26cf9c3b5533bdf1c96885befbb265d.pdf
  3. Architecting Cloud Computing Solutions Authors: Kevin L. Jackson; Scott Goessling
  4. CISSP For Dummies, 4th Edition Authors: Lawrence Miller; Peter Gregory
  5. https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.3.0/com.ibm.zos.v2r3.apsb000/tcbc.htm
  6. web.cse.ohio-state.edu/~xuan.3/courses/788/788_overview_xuan.ppt
  7. Computer Architecture and Security – Fundamentals of Designing Secure Computer Systems Authors: Shuangbao Paul Wang, Robert S. Ledley

Cite This Work

To export a reference to this article please select a referencing stye below:

Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.

Related Services

View all

DMCA / Removal Request

If you are the original writer of this essay and no longer wish to have your work published on the UKDiss.com website then please: