Internet Of Things : Connection and Security Part 2

Image Credit: forestgraphic/Bigstockphoto.com

This article will continue the previous part and discuss about security in Internet of Things system. Nowadays, there is thousand of services or platform needs to be secure since it correspond with vital data such as payment card, identity, address, phone number, etc. Then, security system becomes the most important part of any services and every community try to develop their security system to match their services. Since, there are many kind of things to concern in security system including internet of things project, I will share my research about security system in internet of things.

Architecture

Before design security system in IoT, we have to understand the IoT architecture to make sure where the security system take place. There are 3 main layers inside the IoT architecture :

1. Perception Layer
2. Network Layer
3. Application layer

The perception layer is the lowest layer which has responsibility to collect data from “things” or the environment such as sensor. The second layer is network layer which has responsibility with networking such as determine IP address also called logical addressing and transport data. The application layer contains various services that IoT provides such as smart cities, smart home, smart farming, healthcare, etc.

Vulnerabilities

After knowing the IoT architecture design, we can classified IoT security issues in every layer and find the best solutions to maintain security. These are some common issues and security risks classified by the three layer of IoT architecture.

1. Perception layer

In this layer, the target of attackers is to utilize the sensors or devices and replace the device software or sensor data and configuration with their own. As the example of attacking the perception layer is through the communication between devices, if there is no data encryption or secure communication protocol, hacker can sniff the communication protocol. After they get in, they will manipulate the devices so they can collect user’s private data or destroy all device functions. Another scenario is replace a device with their own malware installed device, when the device is connected to system they can do anything with the system.

2. Network layer

This layer is handle all configuration about the “internet” part such as IP addressing, build stable network for request and response and so on. The network layer is highly susceptible to attacks because of the large amount of data that it carries, this causes a large amount of “network congestion”. The common security issues are integrity and authentication of the data that is being transported. There are some ways to attacks network layer such as DoS attack, Gateway attack, Unauthorized access, Storage and sessions attack, and inject fake data. The main purpose of of those technique is to disconnect the devices with internet or any IoT services and destroy the flow of transported data so attackers can control devices with their own system or change some data to destroy the services.

3. Application layer

This layer has responsibility to run any programmed services to be provided such as algorithms for smart cities, smart agriculture, smart car, etc. Application layer consists of many codes and program and build a services which is needed to make IoT system. There are some security issues in this layer such as Malicious code attack, virus injection, hacking, cracking, etc. With those technique, attackers will try to make error in the system to it can’t provide services to other layers. Some of them hack the system, so they can gather information in the perception layer such as knowing when someone’s home is empty and they can get to the house and stealing things.

Secure our IoT System

The main security requirements for IoT are categorized into six domains :

• Confidentiality

Confidentiality is about securing our data to authorized parties or services, this domain contains encrypt data, use complex hashing method to encrypt our data so only the system can read the data. We can hash our data with end-to-end encryption and put a random string or code to make sure the security.

• Integrity

Integrity has responsibility to make sure that the data which being transported or send is trusted, it can be transported with token, credentials, secret key, or certificates instead of send the data only without any header or addition information.

• Availability

Availability is make sure our data are accessible, it can be access anytime and anywhere. It is important to analyze to predict and catch fraud or rare data.

• Nonrepudiation

Nonrepudiation is about the audit trail or history of changing data, so our system will make sure the data is trusted based on the audit trail including changing key, devices, api, or any variable that is used.

• Authenticity

Authenticity is concept of trusted identity, it means that our devices have to prove their identity so they can access or connect to the systems. In this part, we can use third party to check our data’s credential or access token in our services.

• Privacy

Privacy means our services does not directly or automatically see and access customer data especially sensitive data such as address, card number, phone number, etc.

Conclusion

In order to secure our IoT system, there six domains that has to be concerned. After we know the common security risk in IoT system, we must define many security methods that is suitable to our system. There are many methods to secure our system such as choose a secure network connection, encrypting data, build programs for authorization and authentication checking, API gateway, messaging, etc. Apart of those methods, we also have to test our security design with some penetration testing, data injection, network failure, and any others. I hope I can share the detail of all the methods in other separated articles. Thank you.