Security of Internet of Things

Download as pdf or txt
Download as pdf or txt
You are on page 1of 4

Research Article

iMedPub Journals International


International Journal
Journal of Applied
of Applied Science-Research
Science - Research and Review 2018
www.imedpub.com Vol.5 No.2:8
ISSN
and2394-9988
Review
DOI: 10.21767/2394-9988.100073 ISSN 2394-9988

Security of Internet of Things


Tamanna Siddiqui* and Saif Saffah Badr Alazzawi
Department of Computer Science, Aligarh Muslim University, Aligarh, India
*Corresponding author: Dr. Tamanna Siddiqui, Department of Computer Science, Aligarh Muslim University, Aligarh, India, E-mail:
[email protected]
Received date: April 19, 2018; Accepted date: May 25, 2018; Published date: May 31, 2018
Citation: Siddiqui T, Alazzawi SSB (2018) Security of Internet of Things. Int J Appl Sci Res Rev Vol.5 No.2:8.
Copyright: © 2018 Siddiqui T. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which
permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.

Abstract Many people believe that the cryptographic algorithms


enforcements alone provide the security. Some investigators
Internet of Things is the new age paradigm concerned could implement the Cryptographic protocols as a 2nd kind of
with devices and networks through Internet. The link in Internet of Things. Much the same implementing of
widespread of devices and other objects to be managed technology knows how to minimize the risk of the physical
can be called as things. In this field an advancement is to attacks in IoT will be adequate enough to security in Internet
truly perform the software assisted operations from out
of Things. Implementing UVEEPROM or Flash erasure or Laser
of the way areas controlling. This advanced operations
glitching or Laser Assisted power analysis can be certain of the
needs lots of layers of deterrence. It necessitates to map
security for IoT. As the matter of fact, the implementation of
out the strongest layer of incorporation embedded with
firewalls, authentication/encryption, security protocols
any security measures can’t give most appropriate security to
and instructions detection and intrusion prevention the IoT so much further. The cyber criminals have somehow
systems. broken the security layers and instigating the attacks [1].
Industrial and manufacturing and marketing realms are
In this paper we are trying to cover the possible security using the IoT devices to monitor and control the equipment
measures to put a stop to attacks from cyber-criminals used on a regular basis operation. Furthermore, Healthcare
with add measures. The most likely add measures are well associations is inevitably relying on the IoT connected medical
given approval by the previous research scholars on the
devices to manage remotely from another country by the most
topic of security of Internet of Things. We propose a one
experienced and versatile doctors (Figure 1).
of a kind concept of Three Layered Security to prevent the
malicious activities of Cyber-criminals. In these three
layers we have ponder the device security,
Communication security and server security.

Keywords: Internet of Things; Security; Cyber-attacks;


Three layered Security

Introduction
Firewalls can’t be being embraced within embedded
systems. The appealing targets of hackers and cyber-criminals
are embedded computing devices. The very last lessons and
hacking occurrences in Internet of Things have challenged the
security expert professionals. The PC security ways out could
not provide complete solution for the security to be so long as Figure 1 IoT Security architecture.
for Internet of Things. The significant functionality of Internet
of Things has given much wider scope for the cyber-attacks
Car and truck industry is giving significance value to the
and leaded to catastrophic punishments. duplication is widely
customers by supplying the IoT services to the vehicles
found in embedded devices for the hacker. If the cyber-
purchased. IoT devices used in all industrial sectors are
criminal could find the methodology or cracking mechanism
wireless and treated remotely. At this juncture the crooks or
for one, it can be applied to all replicated devices and leads to
hackers will break the track of connectivity with the end user
great havoc.

© Copyright iMedPub | This article is available from: http://www.imedpub.com/applied-science-research-and-review/


1
International Journal of Applied Science-Research and Review 2018
ISSN 2394-9988 Vol.5 No.2:8

of IoT and took control over the devices. This state of affairs using proven random number generator with the
can leads to unaccountable loss to the owner of the devices authorization of metadata harvesting [4].
that are interrelated. To refrain from these conditions for sure
Tata Consultancy has awarded tamperproof IoT design and
security principles have been indicated with the
implementation in its acknowledge. While they are
implementation of basic security principles of Confidentiality,
implementing the preferred IoT with device enactment and
Integrity and Availability [2]. The major goal of the paper is to
deployment should be implemented. The fitting solution
provide an appropriate solution with elevated security to the
design can be given in unison with the user terms and
devices participating in the operations Internet of things by
conditions of estimating the possible hazards and attacks
integrating the data security, authentication, secure
forecast. The IoT of things must be distinctively guarded with
communication protection against cyber-attacks. The idea of
the possible continuous support against the threats and
desired outcome of the paper is to investigate the achievable
attacks [5] (Figure 3).
security measures for the devices and components involved in
Internet of Things. Getting acquainted with previous research
papers and international journals about the cyber-attacks and
admeasures for Internet of Things. Exploring the contemporary
solutions suggested for the latest attacks on IoT.
To suggest highly a novel security distinguishing with three
layered security for Internet of Things.

Related work
IoT has knowledgeable the Logical attack surface. These
attacks have been successfully picked up by the TCB of devices
involved architecture with wider perspective has given enough
security measures for the attacks. IoT is wealthy with complex
software and rich Operating Systems. The amplified security is
essentially had to have to provide the protection against the
surface attacks. This has been effectively encountered by the
Logical TCB conducting [3] (Figure 2).

Figure 3 Three layered security.

The internet of Things is a virtuousness hacking target for all


widespread cyber-criminals. The motor vehicles and
transportation systems which are working with the Internet of
Things are the pinnacle targets for hackers. They have already
Figure 2 IoT Security provision. call attention to their attacks and did prospective damage to
the automobile segment. Symantec firm has advised a
protecting code embedded in the drives of IoT. This code
GSM society has presented solutions for some critical either makes it possible for the devices to work against the hacking
against IoT security implementation. They offered answer to technology and will not uncover the way for incursion [2].
the problem for wrestle cloning in IoT with the authenticating
an end point identity. The endpoint identity can be responded Proposed security architecture and solution
with carry out the trusted Computing Base, implementing trust
Anchor, carrying out of Tamper Resistant Trust Anchor and Taking advantage of the security for IoT is the aspiration of
implementing an API for using the TCB associated with the the project. The proposed fitting solution is meted out in three
scientifically proven Random Number Generator. The defy levels. The security implementation is at server level is the first
against the Trust Anchor can be efficaciously encountered with juncture. The 2nd level is implementing the vastly level
the consideration of Supply Chain Security, Personalize security in communication layer. Finally, the 3d level security is
endpoint Device prior to accomplishment, exclusively ought to be implemented at device level. The security level at
provision for each endpoint. In anticipation to the question of virtual servers will be conjunct with the cloud computing
reduce the potentiality of Impersonation might be effectively servers. The IoT implementation basically done with cloud
encountered with the implementation of Endpoint computing servers. Each of these servers are operated by the
Communication Security, Fabulous Forward Secrecy and by remote users to control over the devices and gadgets. Above
and beyond the cloud server’s security the increased security

2 This article is available from: http://www.imedpub.com/applied-science-research-and-review/


International Journal of Applied Science-Research and Review 2018
ISSN 2394-9988 Vol.5 No.2:8

needs to be implemented in the server level with formidable security architecture should consist of device manufacturing
authentication and authorization with digital encryption specifications as well as the system specification to have
standards. proper integration and transparency over the devices and
servers [5] (Figure 4).
The second level security must have to be implemented at
communication level. The communication effectively between
the servers and users and the communication between the
servers and devices are predominant. The security
implementation need to be incorporated at communication
layers of the IoT operations. This implementation can be done
with incorporating network security algorithms and strong
admeasures for external attacks.
The proposed solution is stressing on the third level security
at device level. The devices embedded with chips to store the
software should also implement with the anti-virus and
protection against the vulnerabilities and external attacks to
compromise the devices. The devices are same and connected
in multiple number with the servers. If the attacker Figure 4 Three layers of IoT.
compromise one single device can easily compromise other
devices easily. Hence the device level security is equally
important in IoT operations. The three-layer security should be implemented at device
level, communication level and finally the server level. The
The proposed system is enriched with three layered security
security updates against the possible attacks and unknown
implementations of IoT operations of any kind of system. The
vulnerability should be continuously done. The management
proposed security implementation is developed and framed in
should always implement build on proven security practices
a three-layer framework for the IoT security to implement the
needed for IoT implementation for specific device
safe and secure operation of remotely performing controlling
management. The transparency should be maintained
and monitoring operations of the users for the targeted
between the operations of IoT developers, IoT device
devices. The proposed system methodology is described
manufacturers, communication providers and industrial and
below.
business-level consumers [8-11] (Figure 5).

Methodology
IoT implementation would be a great task with the tight
security implementations. IoT is the hot target for all hackers,
Cyber-criminals. A significant vulnerability always trying to
break the communications between the end use and the end
point of the device connected in IoT. The cyber-criminals are
not concentrating the physical accessibility of the devices.
They are always trying to break the communication networks
and take control of the devices remotely and implement the
hacking mechanism [6].
In this paper we suggest three security principles in three-
layer security to prevent the possible security threats and
attacks from cyber criminals. Implementation of robust and
tamper resistant storage of cryptographic keys integrated with
the cryptographic functions should be in the first layer. The
standard and secured communication should be established
between the device and the IoT operator. The hardware used Figure 5 Security integration points in IoT.
in the IoT process should be embedded with the security
focused mechanism. The communication network should be
enriched with the protection rules and shielding techniques
against both virtual and physical attacks [7].
Recommendations
• It is highly recommended to incorporate the security at the
Results and Discussion Design phase of IoT of a specific device.
• It is highly recommended to promote security updates and
Implementation of a security architecture for every devices vulnerability management for the proposed IoT.
connectivity with the internet servers to protect the systems
from possible attacks from Cyber-Criminals or hackers. The
© Copyright iMedPub 3
International Journal of Applied Science-Research and Review 2018
ISSN 2394-9988 Vol.5 No.2:8

• It is highly recommended to apply the TLS and DTLS data


encryption for the data transmitted in IoT management.
References
• Authentication and Key management is a mandatory 1. Dave R (2016) Tackling data security and privacy challenges for
solution to be followed by IoT users. the internet of things. w3c Web of Things IG Meeting in Beijing.
• The strong communication should be established with the 2. Lin H, Bergmann NW (2016) IoT privacy and security challenges
system and the devices that are operated in IoT regardless for smart home environments. Information 7: 44.
of manufacturer of the devices. 3. Dominique B (2016) Proven security for the internet of things.
Embedded World Conference.
Conclusion 4. IoT Security Guidelines Endpoint Ecosystem. Version 1.0, 08
February 2016, Copyright © 2016 GSM Association.
IoT is the hot target for the Cyber-criminals. This paper has
illustrated the possibility of attacks in various levels of Inter of 5. Tata Communications (2017) HPE to work with Tata
Communications to build world’s largest iot network in India to
Things operated remotely by the users to control and monitor enhance resource utilization.
the devices. The aim of the paper is to suggest the three-layer
security implementation for the IoT working mechanism. In 6. Internet Society (2015) The internet of things: An overview.
this paper the possible high-level security implementation has 7. https://iotsecurityfoundation
been suggested at device level, communication level and
8. Dell (2017) Security for the internet of things.
system level. In addition to that the mandatory
implementation of security monitoring and updating the 9. Symantec (2016) An internet of things reference architecture.
security implementations time to time to prevent the attacks 10. US Department of Homeland Security (2016) Strategic principles
in IoT. Finally, the paper has recommended the possible for securing the internet of things (IoT).
precautions to implement strong security in IoT.
11. Embedded Hardware Security for IoT Applications (2016) A
smart card alliance internet of things security council white
Competing and Conflicting Interests paper.

The author declares no conflict of interest related to this


work.

4 This article is available from: http://www.imedpub.com/applied-science-research-and-review/

You might also like