internet of things –

19
Internet of Things - Security Challenges Mathews Job

Upload: mathews-job

Post on 20-Feb-2017

41 views

Category:

Technology


1 download

TRANSCRIPT

Page 1: Internet of things –

Internet of Things - Security Challenges

Mathews Job

Page 2: Internet of things –

Contents IoT- Internet of Things Essential Components Security Challenges with IoT Security recommendation for IoT manufacturers Business challenges for Insecure IoT Solutions to make IoT Secure IoT Risks IoT Safeguards

Page 3: Internet of things –

Internet of Things Internet

Network of interconnected computer networks

Thing An object not precisely identifiable.

Internet of Things network of interconnected objects uniquely

addressable

Page 4: Internet of things –

Examples of IoT devices. Automatic security systems like fire alarms , Wi-Fi cameras Automatic device which controls your electrical systems Medical equipment like Wi-Fi enabled heart monitors or insulin

dispensers Smart watches or human wearable devices Automated lighting or air conditioning systems Smart refrigerators, TVs, Printers , scanners Cell phone controls systems like music systems , microwaves ,

Air conditioners Utility monitoring systems like energy , water , food supply and

Fuel systems

Page 5: Internet of things –
Page 6: Internet of things –
Page 7: Internet of things –

What do you think ? Is IoT Safe ?

Intruders can analyse dynamic data

Track data belongs to individual or organization

Greater the volume of sensitive data, greater is the risk of data

Page 8: Internet of things –

Essential ComponentsMainly Three

Categories

Wireless Sensor Network

IoT Gateway

Storage , Analysis and Presentation

Page 9: Internet of things –

Security Challenges with IoT

Denial of service attacks (Dos / DDos) Resources are not available to users

Sensor cloning , Substitution and firmware replacement Identical copy of sensors Replacement of sensors

Network attacks Eavesdropping Data tampering Traffic Analysis

Impersonation and camouflage

Page 10: Internet of things –
Page 11: Internet of things –

Security recommendation for IOT Manufactures

Remote Management System (RMS) Security Service Framework (SSF) Key Management Server (KMS) PKI Servers Security Service App Security Service Agent Security Service API Security Cardlet for Secure Elements

Page 12: Internet of things –

Business Challenges for Insecure IoT

Distributed Denial of Service Attacks Lacking effective device security mechanism Knowing possibilities of vulnerabilities Identifying and Implementing security controls Insecure device software Wi-Fi enabled device connected to LAN without proper

security Replication Protection of data Lack of Long Term Support

Page 13: Internet of things –

Secured IoT – Solutions to make IoT Secure

Enforce security from beginning

Long-term support/updates

Secure access control and device authentication

Know your enemy

Prepare for security breaches

Page 14: Internet of things –

Secured IoT – Solutions to make IoT Secure

Secure channel and reliable data

Access control and authorization schemes

Authentication schemes and Cryptographic data protection

Page 15: Internet of things –

IoT Risks

Vulnerabity of Universal Plug and Play (UPnP) protocol. Use of default vendor password by users which normally

users do not change. Denial of service attack on these devices and making

them in operable. Compromising IoT device to harm the user Compromising the integrity of business operational

processes Unsecured or unhardened IoT device

Page 16: Internet of things –
Page 17: Internet of things –

IoT safeguards Isolate IoT devices from secured network Disable UPnP on routers Choose appropriate IoT device based on its purpose Purchase IoT devices from well-known manufactures Keep the IoT devices patched up to date Change default passwords and have strong passwords Use current best practices while connecting IoT devices to

network User awareness on IoT devices and related threats

Page 18: Internet of things –

Thank you

Page 19: Internet of things –

References1. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/

02/24/securing-internet-things2. https://securitycommunity.tcs.com/infosecsoapbox/articles/2015/

09/14/iot-%E2%80%93-handle-care3. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/

02/22/how-secure-internet-things4. https://www.toptal.com/it/are-we-creating-an-insecure-internet-of

-things

5. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/07/06/internet-things-iot-%E2%80%93-security-challenges

6. https://securitycommunity.tcs.com/infosecsoapbox/articles/2016/02/22/internet-things-more-we-connect-more-we-grow