Wake up people IoT is not IT!
Real IoT does not talk TCP/UDP/IP
IoT edge nodes talk to a IoT hub.
This IoT hub is the only part that talks over TCP/UDP/IP via MQTT & HTTPS
The hub should be based around a secure core like Microchip's SAML11.
The edge nodes should use 508a/608a from Atmel now Microchip!
for public key cryptography to talk over LoRa only.
Not LoRaWAN as it uses fixed symmetric AES keys per device that you need to store in a database. Madness here. No one stores AES keys in a database apart from fools.
These edge nodes can also use NFC/BLE adverts, but do not support the full BLE stack for TCP/IP access.
You must all understand IoT is a subset on the edge of IT.
Yes the venn diagram has a common area the IoT HUB.
Designs that use hardware cryptography in IoT are the same idea as U2F from FIDO is for human access control using the internet. In fact U2F can work over IoT for door access control also.
People really need to go back to school, your all very poorly educated here online.
N.B Personal IoT that does not talk to a IoT HUB but uses peer to peer can use TCP/UDP/IP but then these devices can and are used to attack the internet infrastructure. I don't count peer to peer as real IoT. Please understand this main point. The boundary between IT & IoT has two stages. One close range and the real IoT with long range measured in km.