Securing Mobile IoT Deployment Using Embedded SIM: Concerns and Solutions

Although the Internet of Things (IoT) has gained ground in recent years, it still does not feel as mature as promised. The main reasons are the security concerns and the intelligent deployment of IoT device's connectivity. But, with the upcoming 5G and the 6th generation of Wi-Fi, if the security aspects will be considered rigorously, this has direct impact on the IoT success. Thus, many standardization works to ensure IoT security have already published and recent researches have open new tracks to satisfy the IoT security concerns. In this paper, we address a new track that we believe is crucial to fulfilling the IoT security needs. It is about the use of the embedded SIM (eSIM) for IoT device secured identification. The idea is to distinguish eSIMs used for IoT services from those used for traditional services. As a result, MNO's subscriptions associated to IoT services are managed in a more secure and efficient way. We study the eSIM's security mechanisms and we arise the observed potential vulnerabilities. We propose solutions to avoid such potential vulnerabilities so that the most appropriate level of security for an IoT service will be satisfied.