Context
Security is already a complex issue in the traditional Internet. It gets even more complex with the advent of the Internet of Things, which includes devices with limited capabilities (CPU, memory, energy). Some devices are deemed incapable of running asymmetric cryptography and some security protocols require multiple message exchanges that induce a lot of energy consumed in transmissions.
The race to market has led some actors to roll out solutions where security is weak or not well thought out.
Some industry alliances have designed security architectures that do not blend well with that of the Internet.
As part of the grand vision of the Internet of Things whereby billions of devices will be connected to the Internet, several groups and Standard Defining Organizations (SDO) have evaluated the use of classical solutions and how to modify them to meet the constraints and requirements of small, embedded devices.
For example, the IETF recently started two Working Groups, ACE (Authentication and Authorization for Constrained Environments) and DICE (DTLS In Constrained Environments). ETSI and 3GPP also work on architecture and networks for the IoT, including their security aspects.
Overall, this work will support the teams at Orange who define the strategy for the security aspects of the IoT.
This work will compare the various security functionalities proposed by SDOs such as IETF, ETSI or industrial alliance such as Wi-SUN. Il will delineate the pre-requisites of each protocol suite and will match them with the various use cases: for example, the way the device is added to the network is very different if done by the non-professional end-user or by a technician.
Smart Cities will be the application domain of choice.
This work will yield recommendations for the IoT networks for various architecture cases (such as star or mesh topologies) and various technologies.
Your role
You’ll be part of an Orange Labs team located in Meylan near Grenoble, France, dedicated to network technologies for the M2M and IoT, from physical to upper protocol layers.
You’ll work in close collaboration with security experts at Orange Labs in Paris.
These two teams publish research papers, contribute to standardization, build proof-of-concepts and evaluate third-party technologies.
The global mission if to define a security architecture for the IoT networks at grand scale, within the application area of Smart Cities.
The vision is that of a telco operating networks for smart constrained devices belonging to multiple clients for multiple applications.
These clients are companies, large or small, that provide IoT services without operating the network. The network could consist of multiple technologies (e.g. 6LoWPAN/15.4, W-Mbus, LoRA or 5G in the future) and could have an heterogeneous architecture. Yet the telco wants to provide a unified secure connectivity to its clients.
You will investigate both data security in relation to the service (authentication, integrity, confidentiality and privacy) and network security in relation to the network architecture (device authentication, security of the protocol stack).
To achieve this, the following steps will be taken:
1. Investigate the security functionalities at link layer (layer 2 of the OSI model) of technologies used to build Smart Cities networks, such as W-Mbus, IEEE 802.15.4 and LoRA.
2. Evaluate existing security mechanisms at other stack layers (layers 3, 4 and 5 of OSI model) that are relevant to the application domain. Identify the limitations of such protocols on devices running the technologies studied in Step 1. For applications and deployment scenarios, Smart Cities will be considered. Realistic threats and attack scenarios will be identified.
3. Match the security requirements of various Smart Cities applications with the capabilities of the mechanisms identified above.
4. Propose a global architecture for multi-application multi-client networks for the IoT
Your profile
• you earned a PhD degree in computer science with an emphasis on security and cryptography (network security, information security or security protocols)
• You understand the computing, memory and bandwidth requirements induced by the use of various cryptography and security mechanisms
• You are familiar with the security mechanisms of modern communication networks and industrial standards dedicated to constrained devices.
• Ideally, you have a hands-on experience at implementing (part of) a protocol stack for constrained device.
• You speak and write fluent english. A working knowledge of French language is not mandatory, although learning the basics will be handy to live in France.
Contract
One-year contract. Includes health plan, retirement and other benefits.
Compensation based on experience.
Place of work
In Meylan close to the city of Grenoble, France.
Anticipate frequent day trips to Paris (3h ride on the high speed train).
Grenoble is a lively town in the Alps, with lots of students and outdoors enthusiasts. Rock climbing, mountain biking, skiing and mountaineering are close by.
How to apply
Send resume and application letter to both dominique.barthel@orange.com and said.gharout@orange.com. |
|