Optimal Federation Method for Embedding Internet of Things in Software-Defined Perimeter

In the digital transformation era, the Internet is rapidly evolving, as represented by the Internet of Things (IoT) and artificial intelligence. Accordingly, information security incidents are increasing and diversifying. An example of this diversification is the emergence of internal fraud in telework and other scenarios. As a countermeasure, the software-defined perimeter (SDP), a zero-trust model, is attracting attention. SDP ensures that users are always secure by authenticating and authorizing them each time a service is provided. SDP is expected to be integrated with the IoT in order to expand its application. However, it is difficult to ensure the security of the IoT itself due to the lack of resources, such as CPU power and storage. Therefore, when embedding IoT devices into SDP, the main issue is how to ensure the reliability of the IoT itself, but this has not been sufficiently studied. In this article, we propose a method to compensate for the lack of IoT resources so that it can be securely embedded into SDP. We investigated several federation methods and found through qualitative evaluation that the identity provider is the most effective and can efficiently achieve authentication and authorization in SDP.