or len lew wo 18CS3053 Internet of Things Security ‘Course Objectives: Enable the student to 1. understand the Security requirements in loT. 2. infer the cryptographic fundamentals for loT 3. apply the authentication credentials in Cloud Security. Course Outcomes: ‘The student will be able to: 1. demonstrate knowledge and understanding of the security and ethical issues of the internet of | things conceptually identify vulnerabilities, including recent attacks, involving the internet of things describe countermeasures for intemet of things devices and security threats analyze the societal impact of 1OT security events develop critical thinking skills ‘Module 1: Introduction to 1OT ‘An Architectural Overview~ Building an architecture, Main design principles and needed capabilities, An ToT architecture outline, standards considerations, M2M and IoT Technology Fundamentals- Devices and gateways, Local and wide area networking, Data management, Business processes in oT, Everything as a Service (XaaS), M2M and IoT Analytics, Knowledge Management, Module 2: Securing the Internet of Things Security Requirements in oT Architecture - Security in Enabling Technologies - Security Concer in IoT Applications. Security Architecture in the Intemet of Things - Security Requirements in IoT Insufficient Authentication’ Authorization, ‘Module 3: Insecure Access Control ‘Threats to Access Control, Privacy, and Availablity - Attacks Specific to ToT. Vulnerabilities ~ Secrecy sand Secret-Key Capacity ~ Authentication/Authorization for Smart Devices ~ Transport Encryption — Avtack & Fault trees Module 4- Cryptographic Fundamentals for 1OT Cryptographic primitives and its role in oT ~ Encryption and Decryption ~ Hashes ~ Digital Signatures ~ ‘Random number generation — Cipher suites — key management fundamentals ~ cryptographic controls ‘built into ToT messaging and communication protocols - IoT Node Authentication Module 5: Dentity and Access Management Solutions for 1OT THlentty lifecycle ~ authentication credentials — ToT TAM infiastructure — Authorization with Publish / Subscribe schemes — access control - privacy preservation and trust models for iot -Concems in data dissemination — Lightweight and robust schemes for Privacy protection ~ Trust and Trust models for oT — self-organizing Things - Preventing unauthorized access. Module 6: Cloud Security 1OT Cloud services and IoT - offerings related to ToT from cloud service providers — Cloud IoT security controls - An enterprise IoT cloud security architecture ~ New directions in cloud enabled IoT computing, Reference Books: 1. Vijay Madisetti and Arshdeep Bahga, “Internet of Things (A Hands-on Approach)”, 1* Edition, PT, 2014 2. Jan Holler, Vlasios Tsiatsis, Catherine Mulligan, Stefan Avesand, Tamatis Kamouskos, David. Boyle, “From Machine-to-Machine to the Intemet of Things: Introduction to a New Age of Intelligence", 1* Edition, Academic Press, 2014 3. Brian Russell, Drew Van Duren, Practical Internet of Things Security, Packt Publishing, 2016 Computer Science and Engineering