By assigning IP address to all sorts of devices, ranging from household
appliances, machines, medical devices and sensors to other day-to-day
objects, and putting them all together on a standardised network is a
common Internet of Things (IoT) practice.
Is Internet of Things Secure?
In my previous articles, I gave you a glance of the most vulnerable smart cities that are increasingly adopting devices connected to the Internet in an attempt to add convenience and ease to daily activities.
By 2020, there will be more than 45 Billion Internet-connected devices that will transform the way we live and work.
The bottom line:
As the number of IoT enabled systems increases, the complexity of
handling them increases; leading to an introduction of new risk and
vulnerabilities associated with them.
Security of Internet of Things (IoT) Can’t Be Ignored
The risks can be mitigated by more robust authentication methods at the time when the ‘Internet-connected devices’ initiate communication with each other, hence developing secure identification management.
For secure communication among the IoT devices, many security mechanisms and protocols have been implemented, including:
- Public Key Infrastructure (PKI) system for securing communications between the Internet-connected devices.
- Secure Socket Layer (SSL) protocol implementation for IoTs to encrypt their communication over the network.
As it is evident, Security solutions for embedded devices connected to
the Internet is also necessary. The devices also need to be secured from
attacks like eavesdropping, DDoS and tampering of network traffic.
SSL Encryption for Internet of Things (IoT)
For SSL/TLS implementation in IoT devices, INSIDE Secure has introduced a new open source embedded SSL called MatrixSSL Tiny as an extension to MatrixSSL - a source for web servers to implement encryption layer for secure management of remote devices.
MatrixSSL Tiny is going to be demonstrated this week at Black Hat
conference in Las Vegas, where the security researchers will be
representing its full suite of security products and will talk about its
solution for cyber attacks focussed at IoT.
MatrixSSL Tiny is a lightweight TLS software implementation for IoT
devices with limited memory to make secure communications among them,
yet demand more robust security to prevent eavesdropping and tampering
of network traffic.
The software also performs real time functions that nulls the memory on
completion of a particular session. According to researchers, MatrixSSL
Tiny is the world’s smallest, yet powerful IoT security solution.
Why SSL is Not Sufficient?
Despite developments for enhancing the security, IoT infrastructure is
still massively prone to cyber attacks that lead to offer open gateways
for people with malicious intents.
Any command initiated on a smart device, be it an application or a firmware, must be verified through a chain of trust.
If we consider a situation, where communication is taking place on a
traditional IT system and an IoT smart device, we see that IT systems
follow a layered security procedure; whereas in IoT smart devices
authenticity and confidentiality can be tampered with.
Therefore, multi-layer security measures are needed for IoT devices too
so that the IoT devices could differentiate that the information
received or sent is by an authorized user or an intruder.
To sum up, I would say…
The security of IoT enabled devices are becoming critical and a thing of
concern for the security enablers. The point to be worried about is its
future developments where, it is seen as a boon and not a ban.
Post a Comment
Post a Comment