SECURITY RELATED CHALLENGES OF INTERNET OF THINGS (IOT)

The Internet of Things (IoT) is swiftly growing, expanding and reaching various domains. Its including personal health care, environmental monitoring, home automation, smart mobility, and Industry.

Thus it emerges a large network of millions of objects interacting with each other, while overcoming various challenges. Although it effectively solves many physical world problems, still its security is under threat. The situation gets worsen as the no. of connected devices are increasing exponentially.

Thus its privacy and security has emerged as major challenge. This paper deals with security challenges faced by IoT. It introduces the status of IoT development, including its policies, R&D plans, applications, and standardization. Also, this paper highlights some challenges related to technologies, applications, and standardization. Finally, discusses the opportunity and prospect of IoT.

INTRODUCTION

The Internet of Things (IoT) is considered as a revolution in the global era of Internet. Basically it is an amalgamation of technological and economical wave that has changed the picture of information industry with the application of Internet. The soaring popularity of the IoT lies in its concept, i.e. by application of current internet framework, wide variety of devices can connect to each other and exchange information.

Thus it may be defined as an intelligent meshed network that bring all the objects to the Internet with the common aim of exchanging information. It is interacting through each other via various sensors according to the existing protocols. This has resulted in integration of real world and digital world as it provides an interactive platform for devices to interact with each other. This implies that these devices have become integral part of our day today experience.

The smooth operation of IoT involves various important factors into consideration such as new communication technologies, protocols, embedded systems, hardware and software etc. A significant growth in the popularity of IoT devices has been observed in past few years and the trend seems to continue. It has been well predicted that by the end of 2020, over 20 billion devices will be connected [1] and the data exchanged would be around 40 zeta bytes [2].

Thus the security of data generated, recorded, transmitted is very crucial. Thus the IoT system must provide security to the data and privacy to the user. This is only possible if security and privacy are built with the system, rather than just adding them to the IoT system.

This paper deal the security issues of IoT systems at different levels. Section II discusses the architecture and the efforts for its standardization. Section III highlight the current security problems faced by it and environment. Section IV discuss about the protocols focused on each layer of its architecture Section V deal with security concerns of IoT Finally Section VI summarize the security challenges with some promising future aspects.

ARCHITECTURE OF IoT SYSTEMS

The intelligence, mobility and dynamic traits of the IoT system has raised the popularity of this technology. The raising popularity and heterogeneous nature of the IoT has made the system vulnerable and quite risky in terms of security and privacy. Moreover the usages of IoT systems in various domain increases the difficulty of the researchers in finding the comprehensive solution to the current security problems.

In order to raise security of wide spread system, it has become very significant to understand the foundation and components of IoT. The foundation of IoT comprises of three important components as [3]:

(a) Hardware,

(b) Middleware, and

© Presentation.

present architechure of IoT

According to Atzori, et.al. and Gubbi et. al. [4–5], three factors contribute to the IoT environment, as shown in figure 1. The IoT architecture, [6] is composed of three layers: Perception, Network, and Application, also depicted in figure 1. The first layer i.e. Perception layer which collects data from environment/ physical world. The second layer i.e. network layer, comprises of various wired or wireless systems, that processes the data and transmits the information received from perception layer via technological platform. The third layer i.e. application layer contains the abstracted solutions that interacts with users as per their requirements. For the effective and efficient functioning of IoT, the architectural solutions is required that can manage its heterogeneous states [6].

In spite of the need for architectural solution, there doesn’t exist any common view for the IoT framework. Several technical bodies, like the Institute of Electrical and Electronics Engineers (IEEE) and the European Telecommunication Standards Institute, have issued specific technical standards for IoT systems with some guidelines for security [5]. These efforts for standardization have led few initiatives for common architecture and modelling of the system such as the Reference Architecture Model Industries 4.0 (RAMI 4.0) [7], the industrial Internet reference architecture [8], and the Internet of Things-Architecture [9]. Various IoT concepts and security approaches from different bodies of standard organizations are shown in figure 2. All of these documents target different audiences and different areas of IoT with their various approaches to make system secure.

IoT framework and standards

The various suggested architecture and model have significantly helped the system developer to focus their efforts according to the requirements of users. These requirements may include connectivity, device management, data collection and analysis, scalability, privacy and security. Also attempts are needed for simplification of the system and taking its security as the main actor and enabler of IoT initiatives. Besides this, the industrial and scientific domain, have been a main contributor in the standardization of IoT protocols and technology. In [10] Weber, initiated the need for a security-based architecture.

This security based architecture must have resiliency, authentication access restriction, privacy considering the requirements for the future. A different perspective, has been proposed by Ning et.al [11] that would promote the necessity of robust and reliable standards to get shielded IoT architectures, for security.

VULNERABLE AREAS OF IoT

The number of incidents concerning security of IoT systems were discovered in past few years, raising question on the security and privacy of the system. For instance In October 2016, the massive distributed denial of service (DDoS) attack on Dyn — a company that controls much of the Internet’s domain name system infrastructure — by a botnet army of IoT infected devices, has turned on the alarms as a result of faulty IoT protections and poor standards (on Security, 2016). This emphasis the need for additional research on the IoT security domain.

However many researchers have addressed security issues and concerns for expanding the IoT ,number of research articles have been published in last five years. Yet the area still seems to be very promising. Apart from the above discussed domains, few important aspects related to the security have drawn the attention of researchers. For instance, according to Borgia [12], IoT devices must fulfill the following set of security requirements

● Secured authentication

● Secured transfer of data

● Security of stored IoT data

● Secured access to data by authorized persons

Similarly, Weber [13], highlights few security requirements for the IoT, which include: (a) Attack resiliency, (b) Data authentication, © Access control and (d) Client privacy. Few other authors, K. Zhao et.al. [5] investigated few factors as security concerns to protect data transfer, which include the following: (a) key management, (b) appropriate secret key algorithms, © secure routing protocols, (d) intrusion detection technology, (e) authentication and access control, and (f) physical security design. In Zafari et.al. [14], proposed the two main security-aspects are data integrity and authentication.

Since the current technologies still struggling to provide feasible and concrete solutions applicable to the heterogeneous nature of IoT, thus the privacy and security aspect still faces serious challenges. Few features of IoT devices such as energy efficiency and low computing are resistant to the necessity of various encryption methods of present security standard, this is termed as the security processing gap [15]. Apart from this the IoT devices are exposed to physical tampering, war driving, malicious software, and side-channel attacks.

Thus, problems related to the security must be understood properly to get an appropriate solution as depicted in figure 3. For this the vulnerability should be viewed based on its architecture. Each layer of security concerns should be scrutinized and efforts should be made to obtain optimal solution.

Security landscape for IoT

As IoT is comprised of various technologies with different properties based on different applications. This mandates the system to address the security issues based on capabilities and constraints of the components used at each layer of IoT.

Read more about the full article originally posted @ jano.fun

1. Perception Layer,
2. Wireless sensor networks,
3. Middleware,
4. Application layer,
5. Message Queue Telemetry Transport (MQTT),
6. SECURITY CONCERNS FOR IOT SYSTEMS,Confidentiality, Integrity, Availability, Privacy,
7. IoT SECURITY CHALLENGES AND SOLUTIONS
8. CONCLUSION !!