The Fundamentals of IOT Security

IoT, stands for Internet of things, term was first sprouted in the mind of Kevin Ashton at Auto-ID center at Massachusetts Institute of Technology in 1999. IoT is trending at very high pace in the scientist and researcher society. IoT alone holds a market potential of upto $14 trillion. By this fact we can assume what IoT hold inside for humanity.

IoT is not as simple term as it looks. IoT is basically concept of giving a conscious to the things/device all around us. IoT can be seen as Inter-Network of devices/things which are connected to the internet/WWW too. In very simple word, I can say IoT takes data from the surrounding or things around us, do computing, store (both data & result) in the cloud and gives us output as per our requirement. This is only possible by mean of network of sensor commonly referred as WSN. The WSN keep track of the all the activities around it and update it on the cloud. Now if we look at Cloud, it is nothing but an online storage and computing place made up of interconnected servers and devices itself. WSN will be continuously operating and sending the data to the personalized cloud. Based on the user perspective and requirement it will fetch the info to the user. Since all the data is stored and managed at the Cloud, there is high level risk of data hack. The Rate of data transfer is also increased with Cloud computing. To avoid data stealing and maintain optimum solution for individual data, Network Security plays and important role. Since IoT deals with the decentralization of the Entire network we need to provide Security from the bottom level of hierarchy without affecting the power performance.

Fig. 1: Graphical Image Showing IoT Smart City and its Security

The IoT infrastructure consist of mainly 4 basic module: WSN or sensor Hub, wireless connectivity solution, cloud computing and storage solution and finally the user device Network. All these nodes can be PC or laptop, mobile device like phone or tablet or any other PDA or embedded computing device. IoT is a representation of Connected World. And therefore the security must be provided at every node. Mainly there are 4 major security threats exist in the IoT Inter-Network structure and those are: Fake Device, Eavesdropper, Fake communication and Fake Server. Any of these can hack into the system & steal all the information. So we need an authentication mechanism implemented at every stage. So, any failure in authentication will lead to access restriction. The Fake device can be any simple device using the ID of genuine device/user. It communicate on behalf of the genuine device and use his authorization to get the access. An eavesdropper is any genuine or fake device which monitors the flow of the data without changing or tempering the sequence of request to-&-from server or device. Eavesdropping attack cant be checked/verified by simple means because it doesn’t cause any dis-integrity in the data. So the probability of detection of eavesdropping attack or threat is very less. Fake server basically an intermediate server which connects to the device with the same attributes as of main server. It copies the physical aspect of the main server and disguise itself. It process all the request coming from the device and then send to the main server. This way it hacks the data transferring between device and main server. There are very less chances of hack if we safeguard all the nodes and authenticate then at each log-in. Such a Security infrastructure can be achieved using modern cryptographic techniques which provides authentication, data integrity, confidentiality of the data, verification of authorization at all the nodes. Each node having its own digital signature and authentication, help in reducing the probability of possible threat to an IoT network. Having a safe firewall security system provide a better mean of access proofing from unauthorized intrusion attacks from unknown and unsecured devices.

IoT acting as the standard backbone for networking of all the device, it need to be safe from all sort of attacks and insecure accesses. The connection between any 2 device must be associated and secured before transferring any data on it. To do so, we need to mutually authenticate the request at both nodes and then encrypt the data being transfer. Standard asymmetric cryptographic techniques provide better solution for authentication and verification.

Only Securing the nodes is not enough for overall network security. We need to follow standard protocols to transfer the data in order to secure the medium of transfer. There are many protocols standardized by ISO, IEEE, NIST..etc which help in safeguarding the medium of transfer. The protocols provide safety from eavesdropping attack by following standardized method of connections establishment. Utilizing standard protocols help in better compatibility and connectivity with the existing network and resources. IoT mainly utilizes three types of protocols: device to device(D2D) protocol, Device to server (D2S) protocol, Server to server(S2S) protocol. Note that here device can be a sensor node or a user interface. The fig below show the protocol network handled in the IoT

Fig. 2: Graphical Diagram Showing How Protocol Network is Handled in IoT

Since IoT handles the networking between any two device it need to be standardized by the protocol based connectivity and then those connection must be secured using the cryptographic techniques. Here D2D protocol enables device to communicate with each other. D2D can provide data storage, computing and transferring functionality to the user. Since device can be anything, D2D protocols are designed so as to provided adequate solution in case device change from user interface device to sensor node. Same method must be employed in order to establish the connection between device to server and server to server by using D2S and S2S protocol respectively.

Another important aspect of IoT is the Connectivity. Since we have two option of connectivity i.e Wired or Wireless. There are separate protocol standard for both wired and wireless connectivity. For wired connection we need to maintain standard IEEE based high speed LAN bus protocols whereas in case of Wireless we need follow standard IEEE based wireless protocols. Since all these protocols are having backward compatibility and interlinked to other version and platform, all the existing device also can become the part of this IoT inter-network. The device following standard protocol provide better compatibility and security to the IoT.

Every day new application and software deploy new threats, malicious activities and security issues to IoT. One very promising solution to such issues is: Layer Based Designing. This concept allows us to provide better, robust, ready to use network, high secure and faster system. A device’s data is encapsulated in different layer to provide multilevel security and in the same fashion the server DE-encapsulate the received data. With the advancement of the semiconductor industry, the rate of data processing is increased which allow faster data transfer and computing. This leads to faster response and better efficiency. Another very proficient method to avoid unsecured and unwanted access to the secure IoT network implemented in the corporate is firewall and anti-virus software. The security is enhanced by these two as they do not allow any unauthorized access or eavesdropping attack on the network, and if by any mean intruder gained access then that will be detected. Anti-virus and anti Malware software provide very strong solution to the breach in the network. MAC address, IP address and other physical address are blacklisted in the server so as to restrict their access in the future. We can start some specific software for restricting and safeguarding out IoT inter-network.

There are other method which can be employed in order to increase the security of the IoT from the boot time onwards by using secure booting methodologies. Secure Boot is a concept the firmware or device boot up only once it get authenticated and verified for the correct software running over it. If any Malware or malicious software tries to boot the device it will lead to shutdown, and device will not boot. This method reduce the chances of getting unauthorized access in the IoT as only verified and certified code/application will run in the device/server. The firmware and application are digitally signed by the actual authorized user only. Once this signature matches with the stored code in the OTP memory of device, the device boot securely without any malicious access or intrusion attack. Same way digital signature can be used to authenticate the other device or user getting connected to this device. Once they verify there signature it will be authenticated and connection will b established. This method provide access control. If any kind of spoofing is detected then firewall and anti-virus software restrict their access and secure the device.

So, the security in IoT network must be implement from the bottom of the hierarchy using secure cryptographic techniques, which start from the firmware and standard protocols. Hardware must be secured by mean temper security and software must be secured by using Secure Boot. This way we can secure the nodes, and utilizing standard protocol for data transfer, we can secure the connections.