The now, no longer ‘new’, world of Internet of Things (IoT) creates incredible value to the world, because now inanimate objects can talk to the world around them – thus making it possible for us to interact with them.
This will simplify things which have traditionally been very complex, or impossible, to handle. Now our appliances, cars, machines and more can be operated, handled, used and maintained in real time. Their utility has grown exponentially and their cost of maintenance can come down, again exponentially.
But this convenience comes at a cost – threats posed by (and to) a super connected world where billions of devices will be generating data, interacting with the Internet and humans in real time on a 24×7 basis.
And many of these challenges are going to be faced by the computing industry for the first time. Primarily these security challenges are due to:
Many of our existing technologies and services offered by security vendors will just not make the grade.
These factors make IoT driven world a lot more challenging to secure:
All these make it very complicated to secure IoT infrastructure. For example, the large surface area exposes an IoT world to more exploits and threats. Device distribution makes it difficult to keep a physical security process in place. Nature and scale of data in transition and its variety makes it complicated to encrypt it and keep it secure during transition. Simple nature of these devices and basic identification makes it possible for hackers and intruders to fake a device identity and get connected to the network.
Key points are:
Authentication of IoT devices will contain two initiating points for the device to be registered and authenticated before it can be used by an application or allowed to communicate with the network.
In both of the cases, a mechanism for the device to establish that it’s a genuine element and is allowed to be discovered and included in the network is needed.
The device needs to publish its ID and its willingness to be discovered by nodes and applications of a specific network. IoT device can also make an explicit request to a network for registration.
A network and its applications need to be able to discover the IoT devices, which can be registered and then used within the eco system.
For this bi-directional recognition and registration of an IoT device and to stay secure the following are critical:
IoT devices and their sprawl, combined with their need to be installed out in the open, pose a unique challenge for security. The challenge is to protect the device (remember it can be a small sensor that can be pocketed without notice) from being stolen and then subsequently being used by a hacker.
However here are measures which can be taken to ensure that if the device is stolen, it does not give hackers a way to compromise the network and its applications.
1. Tamper Proofing
A device can be made tamper proof in such a way that if a hacker is physically accessing the device, all the communication and all data (if any) on device is automatically deleted. Device can also send a distress signal to network and application, and, network should have the provision of blacklisting that device, so no further communication from the device is entertained.
Frequent self-checks and similar mechanisms can be employed within the device to detect if a tampering effort has taken place and initiate the sequence of protecting itself.
2. Data Destruction
A device should be capable of destroying its own data when it detects that it has (or may have) been compromised. As a precautionary measure no or very limited data should reside on the device, and whatever data is in transit or collection phase, should be destroyed as soon as device detects that it has been compromised
3. Tamper Aware Network and Application
In case of a tampered device, network and application will need to take a series of measures to ensure that no part of network and no application is communicating or exchanging information with that device. These steps are categorized as below.
IoT devices collect and transmit a lot of data, even fetching data from the network. These are classified as:
We need to ensure that none of this information is compromised. How?
1. Keep persisted data limited
The best protection is not to persist any data. Even if there is data which needs to be stored (and there probably will be some), it is good to send that data to the network and have it get persisted there.
2. Encrypt what you need to persist
If you need to store data on the IoT device ensure the right level of encryption – though employing an encryption solution at endpoint is difficult, given the common lack of storage and bandwidth.
3. Config controls from remote server
All IoT devices need some configurational data to define the scope of their working and to control their function. It is a better practice to keep this config data remotely on the network, and fetch it or even better consult it, when the device needs to use it.
4. Device identification data
It is a very poor security practice to embed the device identification into IoT devices. A composite identification scheme should be followed in to identify devices properly.
Device and User Identities for Security and Authentication
Some of the key considerations to ensure authentication of devices and users stays secure:
Because of sprawl and variety of IoT devices in a typical infrastructure, it is a good practice to create zones for devices and define a policy framework with the help of zones. Thousands and millions of devices will be more manageable from a security standpoint if a zoning paradigm is developed.
Some of the ways, this zoning concept can be effective are:
1. Zones for physical location
Devices which are installed within a secure perimeter can be grouped together in one zone and security processes and policies for those devices can be applied based on consideration that they are within that secure perimeter.
2. Device Data Criticality
Another way to create a zone is to group those devices together which carry sensitive data. Data can be categorized based on its sensitivity and multiple sub zones can be created to manage the policy and configuration for those devices.
3. In-Built Security Features
Another way to group the devices is to identify the embedded security features (or sometime vulnerabilities) and create a zone for them.
A single device, on average, transmits a small amount of data per unit of time, but over a long period can send a large quantity of data. A large number of devices can collectively send very large amounts of data.
At the same time:
Following are some key challenges when it comes to monitoring security in real time, due to the above realities:
A completely different approach to events formation and usage is needed in the world of IoT to make real-time monitoring possible and viable. Events need to be trapped from the communication which takes place between IoT devices and network or cloud, and, they need to be stored for aggregation and correlation. Due to the non-real-time nature of communications from many IoT devices (to conserve power and bandwidth) one can at best expect near-real-time monitoring and alerting with an IoT infrastructure and this must be accounted for when designing the overall security system.