Professional Documents
Culture Documents
1 IOT security:
Introduction
What Is IoT?
The concept of the Internet of Things (IoT) was introduced by Kevin Ashton, a
co-founder of the Auto-ID Center at MIT, in 1998.The vision is that objects (“things”) are
connected to each other and thereby they create IoT in which each object has its distinct identity
and can communicate with other objects. IoT objects can vary dramatically in size from a small
wearable device to a cruise ship.
IoT transforms ordinary products such as cars, buildings, and machines into smart,
connected objects that can communicate with people, applications and each other.
There are various definitions of IoT. The International Telecommunication Union
(ITU) defined the term Internet of Things as "Internet of Things will connect the world's
objects in both a sensory and intelligent manner". In 2014, the Joint Technical Committee of the
International Organization for Standardization (ISO) and the International Electrotechnical
Commission (IEC) defined IoT as “an infrastructure of interconnected objects, people, systems
and information resources together with intelligent services to allow them to process information
of the physical and the virtual world and react”. At the IoT reception layer, sensors placed within
devices, objects, and machinery collect, measure, and record information about the physical
environment, such as temperature, humidity, gas pressure, and motion. This information can be
read, integrated and analyzed at higher IoT layers. NIST uses two acronyms, IoT and NoT
(Network of Things). IoT is considered a subset of NoT, since IoT has its “things” connected to
the Internet. In contrast, some types of NoT use only Local Area Networks (LAN), with none of
their “things” connected to the Internet.
The IoT growth is driven by business needs as part of enterprise digital transformation (Fig. 5.1).
According to Machina Research, the total number of IoT connections will grow from six billion
in 2015 to 27 billion by 2025.
IoT solutions not only involve various technology domains such as mobile
communications, cloud, data, security, telecommunications, and networking but they also lead to
cross-industrial use of data (for example, data generated in smart home and industrial
applications is used in the automotive domain) (Fig. 5.2). This opens a possibility for
establishing business partnerships between horizontal industries, such as
telecommunication operators, and vertical industries, such as car manufacturers, as new business
models.
IoT Architecture:
IoT architecture refers to the tangle of components such as sensors, actuators, cloud services,
Protocols, and layers that make up IoT networking systems. In general, it is divided into layers
that allow administrators to evaluate, monitor, andmaintain the integrity of the system. The
architecture of IoT is a four-step process through which data flows from devices connected to
sensors, through a network, andthen through the cloud for processing, analysis, and storage.
Different Layers of IoT Architecture:
A four-layer architecture is the standard and most widely accepted format.
There are four layers present i.e., the Perception Layer, Network Layer, Processing Layer, and
Application Layer.
Perception/Sensing Layer
The first layer of any IoT system involves “things” or endpoint devices that serve as a conduit
between the physical and the digital worlds. Perception refers to the physical layer, which
includes sensors and actuators that are capable of collecting, accepting, and processing data over
the network. Sensors and actuators can be connected either wirelessly or via wired connections.
The architecture does not limit the scope of its components nor their location.
Network Layer
Network layers provide an overview of how data is moved throughout the application. This layer
contains Data Acquiring Systems (DAS) and Internet/Network gateways. A DAS performs data
aggregation and conversion functions (collecting and aggregating data from sensors, then
converting analog data to digital data, etc.). It is necessary to transmit and process the data
collected by the sensor devices. That’s what the network layer does. It allows these devices to
connect and communicate with other servers, smart devices, and network devices. As well, it
handles all data transmissions for the devices.
Processing Layer
The processing layer is the brain of the IoT ecosystem. Typically, data is analyzed, pre-
processed, and stored here before being sent to the data center, where it is accessed by software
applications that both monitor and manage the data as well as prepare further actions. This is
where Edge IT or edge analytics enters the picture.
Application Layer
User interaction takes place at the application layer, which delivers application- specific services
to the user. An example might be a smart home application where users can turn on a coffee
maker by tapping a button in an app or a dashboard that shows the status of the devices in a
system. There are many ways in which the Internet of Things can be deployed such as smart
cities, smart homes, and smart health.
Scalability: Managing a large number of IoT nodes requires scalable security solutions.
Connectivity: In IoT communications connecting various devices of different capabilities in a
secure manner is another challenge.
End-to-End Security: End-to-end security measures between IoT devices and Internet hosts are
equally important.
Authentication and Trust: Proper identification and authentication capabilities and their
orchestration within a complex IoT environment are not yet mature. This prevents
establishment of trust relationships between IoT components, which is a prerequisite for IoT
applications requiring ad-hoc connectivity between IoT components, such as Smart City
scenarios. Trust management for IoT is needed to ensure that data analytics engines are fed with
valid data. Without authentication it is not possible to ensure that the data flow produced by an
entity contains what it is supposed to contain.
Identity Management: Identity management is an issue as poor security practices are often
implemented. For example, the use of clear text/Base64 encoded IDs/passwords with devices and
machine-to-machine (M2M) is a common mistake. This should be replaced with managed tokens
such as JSON Web Tokens (JWT) used by OAuth/OAuth2 authentication and authorization
framework (the Open Authorization).
Attack-Resistant Security Solutions: Diversity in IoT devices results in a need for attack
resistant and lightweight security solutions. As IoT devices have limited compute resources, they
are vulnerable to resource enervation attacks.
The need for privacy is the core property of self-actualization in IoT. There are several
applications working in many different grounds like patient monitoring system, traffic control,
energy consumption inventory management, smart parking, civil protection any many others.
Privacy should be guaranteed to the end user.
After security, the main aspect occurs is the privacy and with privacy, there is trust, according to
the internet of things, trust is also an important aspect or factor which is developed by the end
user when there is an element of security and privacy in the device
The current issue in IoT security concerns the access IoT has to sensitive data and the movement
of sensitive data overall. With enough time, hackers could theoretically use a connected kettle to
gain your business’ WIFI password.
Therefore, IoT security depends on intra-network data loss prevention. This tool helps
ensure that IoT devices can’t simply access data to which they aren’t entitled. Further, it prevents
malicious actors from moving data through network nodes or out of the network; instead, it
keeps all the data stored securely until an authorized user decides to move it. This can apply to
devices as much as people.
Unnecessary Capabilities
Of course, the future of IoT security depends largely on your own commitment to cybersecurity
and the steps you take to ensure it. For example, many IoT devices come with default
administrator passwords which are easily guessed or cracked. Your security team needs to take
the time to reset these passwords wherever possible. Further, you need to turn off unnecessary
capabilities on each device which could hamper cybersecurity efforts and protections.
Searchable Encryption - Searchable encryption schemes allow a storage provider to search for
keywords or patterns in encrypted data. So it is not possible to gain any knowledge of the
underlying plaintext.
Trust Establishment - mainly focus on establishing trust in public keys and their assignment to
users, s mainly focus on establishing trust in public keys and their assignment to user
Privacy Through Data Usage Control - The key advantage of data usage control is that it
provides users with the ability to control the usage of their data even when it is managed by
others.
Privacy in Multifaceted and Dynamic Contexts - As more data is being stored, transmitted and
processed via shared infrastructure, future IoT platforms will require new advanced services and
technologies to enforce adequate access controls.
Security and risk management experts find it difficult to gain visibility over a complex mix of
devices, networks and clouds. These network security mosaics, fraught with hidden
vulnerabilities, are an invitation for attackers to attempt breaches. Many cloud service providers
do not provide detailed information about their internal environment, and many common internal
security controls cannot be directly converted to a public cloud.
For all these reasons, organizations need to think about cloud security as a new challenge, and
build a cloud security architecture that will help them adequately secure this complex
environment.
The right pattern can help you implement security across your organization. For example, it can
help you protect the CIA (confidentiality, integrity, and availability) of your cloud data assets, as
well as respond to security threats. You can implement security controls directly, or use security
controls as a service offered by your cloud provider or third-party vendors. The cloud security
architecture model is usually expressed in terms of:
• Security controls—which can include technologies and processes. Controls should take into
account the location of each service—company, cloud provider, or third party.
• Trust boundaries—between the different services and components deployed on the Cloud •
Standard interfaces and security protocols—such as SSL, IPSEC, SFTP, LDAPS, SSH,
SCP,SAML, OAuth, etc.)
• Encryption methods including algorithms like 128-bit AES, Triple DES, RSA, Blowfish.
• Security event logging—ensuring all relevant security events are captured, prioritized, and
delivered to security teams.Each security control should be clearly defined using the following
attributes:
Logical location—public cloud service, third party service, or on-premises. Location affects
performance, availability, firewall policies, and service management.
• Protocol—what protocol is used to access the service? For example, REST, HTTPS, SSH.
• Input/Output – what does the service receive and what is it expected to deliver? For example,
input is a JSON feed and output is the same feed with encrypted payload data.
• Control mechanisms—what types of control does the service achieve? For example, data at
rest protection, user authentication, application authentication.
• Users and operators—who operates or benefits from the service? For example, endpoint
devices, end users, business managers, security analysts.
The cloud security architecture model differs depending on the type of cloud service: IaaS
(Infrastructure as a Service), PaaS (Platform as a Service), or SaaS (Software as a Service).
Below we explain different security considerations for each model.
IaaS provides storage and network resources in the cloud. It relies heavily on APIs to help
manage and operate the cloud. However, cloud APIs are often not secure, because they are open
and easily accessible from the web.
The cloud service provider (CSP) is responsible for securing the infrastructure
and abstraction layer used to access the resources. Your organization's security obligations cover
the rest of the layers, mainly containing the business applications. To better visualize cloud
network security issues, deploy a Network Packet Broker (NPB) in an IaaS environment. The
NPB sends traffic and data to a Network Performance Management (NPM) system, and to the
relevant security tools. In addition, establish logging of events occurring on network endpoints.
• Network segmentation
• Intrusion Detection System and Intrusion Prevention System (IDS/IPS)
• Virtual firewalls placed in front of web applications to protect against malicious code, and at
the edge of the cloud network
• Virtual routers
SaaS services provide access to software applications and data through a browser. The specific
terms of security responsibility may vary between services, and are sometimes up for negotiation
with the service provider. Cloud Access Security Brokers (CASB) offers logging, auditing,
access control and encryption capabilities that can be critical when investigating security issues
in a SaaS product. In addition, make sure your SaaS environment has:
• Logging and alerting
• IP whitelists and/or blacklists
• API gateways, in case the service is accessed via API
PaaS platforms enable organizations to build applications without the overhead and complexity
associated with managing hardware and back-end software. In a PaaS model, the CSP protects
most of the environment. However, the company is still responsible for the security of the
applications it is developing. Therefore, a PaaS security architecture is similar to a SaaS model.
Ensure you have CASP, logging and alerting, IP restrictions and an API gateway to ensure
secure internal and external access to your application’s APIs.
A cloud security architecture (also sometimes called a “cloud computing security architecture”)
is defined by the security layers, design, and structure of the platform, tools, software,
infrastructure, and best practices that exist within a cloud security solution. A cloud security
architecture provides the written and visual model to define how to configure and secure
activities and operations within the cloud, including such things as identity and access
management; methods and controls to protect applications and data; approaches to gain and
maintain visibility into compliance, threat posture, and overall security; processes for instilling
security principles into cloud services development and operations; policies and governance to
meet compliance standards; and physical infrastructure security components.
Cloud security, in general, refers to the protection of information, applications, data, platforms,
and infrastructure that operate or exist within the cloud. Cloud security is applicable to all types
of cloud computing infrastructures, including public clouds, private clouds, and hybrid clouds.
Cloud security is a type of cybersecurity.
When developing a cloud security architecture several critical elements should be included:
• Security at Each Layer: Ensure that each layer of the cloud’s security stack is “self-
defending.” There may be multiple components in each layer, so having defense-indepth is
critical. This goes into having things like automatic updates on operating
systems, secure coding and monitoring logs.
• Redundant & Resilient Design: Building out disaster recovery plans and having backups on
hand to re-establish operations. Another aspect of this is making sure you have resiliency built
into all components, or at least the ones that continuously need to be online.
• Elasticity & Scalability: When it comes to elasticity, we have to keep in mind specific design
options. When scaling, should it be a horizontal or vertical scale? In other words, can you make
the server bigger or add more servers/services?
• Appropriate Storage for Deployments: When choosing storage, it comes down to your
organization’s use cases and needs. Take time to look at the options available as they are not
created equal. Each has its security controls and different performance specifications.
• Alerts & Notifications: While designing how the components will talk to each other and how
users interact with those components, you need to ensure that you are being alerted and notified.
This keeps you in the loop on what is happening in your cloud infrastructure.
Cloud security management is the practice of securing your data and operations in the cloud
from theft or damage. As demand for cloud computing expands, cloud security services are
expected to grow as organizations become more aware of the importance of securing their
presence in the cloud. This article tackles what cloud security management means and why it is
important, how to evaluate cloud security management service providers, and the pros and
challenges of cloud security management.
Among several strategies you can adopt to keep your cloud secure are:
• Perform security audits. Analyze your cloud-based products and services for potential
security loopholes on a regular basis.
• Set appropriate levels of protection. Task your IT security team with complete control of the
security settings for your cloud-based applications, setting them to the highest level possible.
• Use data encryption and network security monitoring tools. Add another level of protection
to your data by encrypting them, and only allow legitimate traffic into your network.
• Manage end-user devices. Make sure that only authorized devices are given access toyour
network and data.
• Manager users. Set appropriate user-level controls to limit data access to authorized users
only. Ensure that your users only have access to the data they need in their line of work.
• Monitor user activity. Make use of reports to view user activity in your cloud, and gain better
understanding of security risks surrounding your operations.
• Meeting compliance requirements. Ensure that your cloud services pass compliance
requirements. You may assume that the vendor will take care of compliance. This is a mistake
that can lead to heavy fines from regulators. Since compliance is always your responsibility, you
should have a team ready to handle this for your organization.
• Asset misconfiguration potential. A misconfiguration can leave your network open to attack.
To prevent this from happening, assign a team to review configuration settings and changes.
Have a team ready to plug potential holes when needed.
Cloud Services are not immune to outages (failure/interruption) and the severity and the scope of
impact on the customer can vary based on the situation. As it will depend on the criticality of the
cloud application and its relationship to internal business processes.
1. Impact on business: In the case of business-critical applications where businesses rely on the
continuous availability of service, even a few minutes of service failure can have a serious
impact on the organization’s productivity, revenue, customer satisfaction, and service-level
compliance.
2. Impact on customers: During a cloud service disruption, affected customers will not be able
to access the cloud service and in some cases may suffer degraded performance or user
experience. For Example:- when a storage service is disrupted, it will affect the availability and
performance of a computing service that depends on the storage service.
The cloud service’s ability to recover from an outage situation and availability depends on a few
factors, including the cloud service provider’s data center architecture, application architecture,
hosting location redundancy, diversity of Internet service providers (ISPs), and data storage
architecture.
• PaaS platform service levels: Customers should read and understand the terms and conditions
of the Cloud Service Provider’s Service Level Agreements.
• Third-party web services provider service levels: When your Platform as a Services
application depends on a third-party service it is critical to understand the Service Level
Agreements of that service. Network connectivity parameters with thirdparty service providers.
Example: Bandwidth and latency factors.
ACCESS CONTROL :
Access requirements must be aware to the client users and system administrators (privileged
users) who access network, system, and application resources. The functionalities of access
control management include defining who should have access to what resources (Assignment of
entitlements to users, and also to audit and report to verify entitlement assignments), why should
the users have access to the resource they hold (Assignment of entitlements based on the user’s
job functions and responsibilities), how can the user access the resources which will state the
authentication methods and strength check before granting access to the resources. In a cloud
computing model, network based access control plays a diminishing role. User access control
should be strongly emphasized in the cloud, since it can strongly bind a user’s identity to the
resources in the cloud and will help with fine granular access control, user accounting, support
for compliance, and data protection. User access management controls, including strong
authentication, single sign-on (SSO), privilege management, and logging and monitoring of
cloud resources, play a significant role in protecting the confidentiality and integrity of your
information in the cloud.
In the SaaS delivery model, the CSP is responsible for managing all aspects of the network,
server, and application infrastructure. In that model, since the application is delivered as a
service to end users, usually via a web browser, network-based controls are becoming less
relevant and are augmented or superseded by user access controls, e.g., authentication using a
one-time password. Hence, customers should focus on user access controls (authentication,
federation, privilege management, deprovisioning, etc.) to protect the information hosted by
SaaS. Some SaaS services, such as Salesforce.com, augment network access control (e.g., source
IP address/network-based control) to user access control in which case customers have the option
to enforce access based on network and user policy parameters.
In an IaaS delivery model, access control management falls into one of the following two
categories:
Access control management to your virtual server (virtual machines or VMs), virtual storage,
virtual networks, and applications hosted on virtual servers.
The ability for malware (or a cracker) to remotely exploit vulnerabilities of infrastructure
components, network services, and applications remains a major threat to cloud services. It is an
even greater risk for a public PaaS and IaaS delivery model where vulnerability, patch, and
configuration management responsibilities remain with the customer. Customers should
remember that in cloud computing environments, the lowest or highest common denominator of
security is shared by all tenants in a multitenant virtual environment. Hence, the onus is with the
customers to understand the scope of their security management responsibilities. Customers
should demand that CSPs become more transparent about their cloud security operations to help
customers understand and plan complementary security management functions.
By and large, CSPs are responsible for the vulnerability, patch, and configuration (VPC)
management of the infrastructure (networks, hosts, applications, and storage) that is CSP
managed and operated, as well as third-party services that they may rely on. However, customers
are not spared from their VPC duties and should understand the VPC aspects for which they are
responsible. A VPC management scope should address end-to-end security and should include
customer-managed systems and applications that interface with cloud services. As a standard
practice, CSPs may have instituted these programs within their security management domain, but
typically the process is internal to the CSP and is not apparent to customers. CSPs should assure
their customers of their technical vulnerability management program using ISO/IEC 27002 type
control and assurance frameworks.
Patch management processes follow a change management framework and feeds directly from
the actions directed by your vulnerability management program. Security patch management
mitigates risk to your organization by way of insider and outsider threats. Hence, SaaS providers
should be routinely assessing new vulnerabilities and patching the firmware and software on all
systems that are involved in delivering the *aaS service to customers.
The scope of patch management responsibility for customers will have a low-to high relevance in
the order of SaaS, PaaS, and IaaS services—that is, customers are relieved from patch
management duties in a SaaS environment, whereas they are responsible for managing patches
for the whole stack of software (operating system, applications, and database) installed and
operated on the IaaS platform. Customers are also responsible for patching their applications
deployed on the PaaS platform.
In the SPI service delivery model, configuration management from a customer responsibility
perspective has a low-to-high relevance in the order of SaaS, PaaS, and IaaS services—that is,
SaaS and PaaS service providers are responsible for configuration management of their platform,
whereas IaaS customers are responsible for configuration management of the operating system,
application, and database hosted on the IaaS platform. Customers are also responsible for
configuration management of their applications deployed on the PaaS platform.
SaaS VPC management focuses on managing vulnerabilities, security patching, and system
configuration in the CSP-managed infrastructure, as well as the customer infrastructure
interfacing with the SaaS service. Since the SaaS delivery model is anchored on the premise that
the application service is delivered over the Internet to a web browser running on any computing
device (personal computer, virtual desktop, or mobile device), it is important to secure the
endpoints from which the cloud is accessed. Hence, a VPC management program should include
endpoint VPC management requirements and should be tailored to the corporate environment. It
is standard practice for most companies to institute a standard OS image for personal computers
that include security tools such as antivirus, anti-malware, firewall, and automatic patch
management from a central management station.
SaaS customers are responsible for VPC management of their systems that interface with the
SaaS service. The responsibilities include:
• Personal computers of a SaaS user.
• Applications or services that interface with the SaaS service.
• Security testing of the SaaS service. Although SaaS providers are responsible for vulnerability
management of the software delivered as a service, some enterprise customers can choose to
independently assess the state of application security. Note: The scope of the VPC management
program should include browser security, systems, and applications (on both trusted and
untrusted zones) located at a customer’s premises interfacing with SaaS services.
PaaS customers are responsible for VPC management of the applications implemented and
deployed on the PaaS platform. Vulnerabilities or the configuration weakness of applications
deployed on a PaaS platform should be treated similarly to a standard application operating in
your data center (e.g., private cloud). Software vulnerabilities are introduced by design flaws or
coding errors. Configuration weakness can be introduced by improper configuration of an
application in the area of authentication and privilege management. In addition, PaaS
applications that rely on third-party web services may simply become weak and vulnerable by
way of vulnerabilities in the third-party service, and that is out of your control. PaaS customers
should follow standard practices embedded in the Software Development Life Cycle (SDLC),
which helps to reduce software application vulnerabilities. Following are some of the standard
practices:
• Application white-box testing
• Application black-box testing
• Application penetration testing
• Vulnerability alerts
PaaS customers are also responsible for VPC management of their systems that interface with the
PaaS service. These systems include:
• Personal computers of a PaaS user
• Browsers used for accessing the PaaS service
• Applications located at the customer’s premises that interface with the PaaS service