Toward secure large-scale machine-to-machine comm unications in 3GPP networks: chall enges and solutions

With trillions of machines connecting to mobile communication networks to provide a wide variety of applications, supporting a massive number of machine-to-machine (M2M) communications devices has been considered an essential requirement for mobile operators. Meanwhile, cyber security is of paramount importance in M2M as all applications involving M2M cannot be widely accepted without security guarantees. In this article we focus on the standardization activities of 3GPP, especially group-based security for largescale M2M communications in 3GPP networks. We first introduce the main components of the machine-type communication (MTC) security architecture. Then we discuss several major challenges for group-oriented secure M2M communications in 3GPP systems, i.e. authentication signalling congestion and overload, and group message protection. Specifically, we identify the performance issues of authentication signalling congestion and overload in no/low mobility scenarios, and propose three group access authentication and key agreement protocols. Moreover, several 3GPP candidate solutions for group message protection are introduced. Finally, we present key issues and research directions related to group-based secure M2M communications, including security, privacy, and efficiency in mobility scenarios of MTC, and flexible and efficient group key management.