What is IoT
The Internet of Things (IoT) describes the network of physical objects — “things” — that are embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the internet. These devices range from ordinary household objects to sophisticated industrial tools. With more than 7 billion connected IoT devices today, experts are expecting this number to grow to 22 billion by 2025.
IoT security :
IoT has unique characteristics and constraints when it comes to designing efficient defensive mechanisms against cyber-security threats that can be summarized by the following :
(a) Multiple Technologies: IoT combines multiple technologies such as radio
frequency identification (RFID), wireless sensor networks, cloud computing,
and virtualization. Each of these technologies has its own vulnerabilities. The
problem with the IoT paradigm is that one must secure the chain of all of those
technologies as the security of an IoT application will be judged based on its
weakest point which is usually referred to by Achilles’heel.
(b) Multiple Verticals: The IoT paradigm will have numerous applications (also
called verticals) that span eHealth, industrial, smart home gadgets, smart cities,
etc. The security requirements of each vertical are quite different from the
other verticals.
© Scalability: According to Cisco, 26.3 billion devices will be connected to the
Internet by 2020. This huge number makes scalability an important issue when
it comes to developing efficient defensive mechanisms. None of the previously
proposed centralized defensive frameworks can work anymore with the IoT
paradigm, where the focus must be switched to finding practical decentralized
defensive security mechanisms. An IoT solution needs to scale
cost-effectively, potentially to hundreds of thousands or even millions of
endpoints.
(d) Big Data: Not only the number of smart objects will be huge, but also the data
generated by each object will be enormous as each smart object is expected to
be supplied by numerous sensors, where each sensor generates huge streams
of data over time. This makes it essential to come up with efficient defensive
mechanisms that can secure these large streams of data.
(e) Availability: Availability refers to characteristic of a system or subsystem that
is continuously operational for a desirably long period of time. It is typically
measured relative to “100 % operational”or “never failing.”A widely held
but difficult-to-achieve standard of availability for a system or product is
known as “five 9s”(available 99.999 % of the time in a given year) avail-
ability. Security plays a major rule in high availability as network adminis-
trators often hesitate to use needed threat response technology functions (e.g.,
network discovery as illustrated in Chap. 7) for fear that such functions will
take down critical systems. In some instances, network administrators would
rather have no cyber-security protection rather than risk an outage due to a
false positive. This leaves them blind to threats within their control networks.
Companies often add redundancy to their systems so that failure of a com-
ponent does not impact the entire system.
(f) Resource Limitations: The majority of IoT end devices have limited resource
capabilities such as CPU, memory, storage, battery, and transmission range.
This makes those devices a low-hanging fruit for denial-of-service (DoS)
attacks where the attacker can easily overwhelm the limited resource capa-
bilities of those devices causing a service disruption. In addition to that, the
resource limitations of those devices raise new challenges when it comes to
developing security protocols especially with the fact that the traditional and
mature cryptography techniques are known to be computationally expensive.
(g) Remote Locations: In many IoT verticals (e.g., smart grid, railways, road-
sides), IoT devices, typically sensors, will be installed in unmanned locations
that are difficult to reach. Attackers can interfere with these devices without
being seen. Cyber and physical security monitoring systems must be installed
in safeguarded location, operate in extreme environmental conditions, fitin
small spaces, and operate remotely for routine updates and maintenance
avoiding delayed and expensive visits by network technicians.
(h) Mobility: Smart objects are expected to change their location often in the IoT
paradigm. This adds extra difficulties when developing efficient defensive
mechanisms in such dynamic environments.
(i) Delay-Sensitive Service: The majority of IoT applications are expected to be
delay-sensitive and thus one should protect the different IoT components from
any attack that may degrade their service time or may cause a service
disruption.