internet of things –
TRANSCRIPT
Internet of Things - Security Challenges
Mathews Job
Contents IoT- Internet of Things Essential Components Security Challenges with IoT Security recommendation for IoT manufacturers Business challenges for Insecure IoT Solutions to make IoT Secure IoT Risks IoT Safeguards
Internet of Things Internet
Network of interconnected computer networks
Thing An object not precisely identifiable.
Internet of Things network of interconnected objects uniquely
addressable
Examples of IoT devices. Automatic security systems like fire alarms , Wi-Fi cameras Automatic device which controls your electrical systems Medical equipment like Wi-Fi enabled heart monitors or insulin
dispensers Smart watches or human wearable devices Automated lighting or air conditioning systems Smart refrigerators, TVs, Printers , scanners Cell phone controls systems like music systems , microwaves ,
Air conditioners Utility monitoring systems like energy , water , food supply and
Fuel systems
What do you think ? Is IoT Safe ?
Intruders can analyse dynamic data
Track data belongs to individual or organization
Greater the volume of sensitive data, greater is the risk of data
Essential ComponentsMainly Three
Categories
Wireless Sensor Network
IoT Gateway
Storage , Analysis and Presentation
Security Challenges with IoT
Denial of service attacks (Dos / DDos) Resources are not available to users
Sensor cloning , Substitution and firmware replacement Identical copy of sensors Replacement of sensors
Network attacks Eavesdropping Data tampering Traffic Analysis
Impersonation and camouflage
Security recommendation for IOT Manufactures
Remote Management System (RMS) Security Service Framework (SSF) Key Management Server (KMS) PKI Servers Security Service App Security Service Agent Security Service API Security Cardlet for Secure Elements
Business Challenges for Insecure IoT
Distributed Denial of Service Attacks Lacking effective device security mechanism Knowing possibilities of vulnerabilities Identifying and Implementing security controls Insecure device software Wi-Fi enabled device connected to LAN without proper
security Replication Protection of data Lack of Long Term Support
Secured IoT – Solutions to make IoT Secure
Enforce security from beginning
Long-term support/updates
Secure access control and device authentication
Know your enemy
Prepare for security breaches
Secured IoT – Solutions to make IoT Secure
Secure channel and reliable data
Access control and authorization schemes
Authentication schemes and Cryptographic data protection
IoT Risks
Vulnerabity of Universal Plug and Play (UPnP) protocol. Use of default vendor password by users which normally
users do not change. Denial of service attack on these devices and making
them in operable. Compromising IoT device to harm the user Compromising the integrity of business operational
processes Unsecured or unhardened IoT device
IoT safeguards Isolate IoT devices from secured network Disable UPnP on routers Choose appropriate IoT device based on its purpose Purchase IoT devices from well-known manufactures Keep the IoT devices patched up to date Change default passwords and have strong passwords Use current best practices while connecting IoT devices to
network User awareness on IoT devices and related threats
Thank you
References1. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/
02/24/securing-internet-things2. https://securitycommunity.tcs.com/infosecsoapbox/articles/2015/
09/14/iot-%E2%80%93-handle-care3. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/
02/22/how-secure-internet-things4. https://www.toptal.com/it/are-we-creating-an-insecure-internet-of
-things
5. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/07/06/internet-things-iot-%E2%80%93-security-challenges
6. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/02/22/internet-things-more-we-connect-more-we-grow