Security of the Internet of Things - Cyber
Download
Report
Transcript Security of the Internet of Things - Cyber
Security of the Internet of
Things: perspectives and
challenges
Qi Jing, Athanasio V. Vasilakos, Jiafu
Wan, Jingwei Lu, and Dechao Qiu
Wireless Networks (2014)
1
Contents
Introduction
Security architecture of IoT
Security issues analysis of IoT
Security issues comparison between IoT
and traditional network
• Open security issues of IoT
•
•
•
•
2
Introduction
• Internet of Things (IoT) is widely applied to
social life applications
- smart grid, intelligent transportation,
smart security, and smart home
• If it cannot ensure the security of personal
privacy, private information may be leaked
• In this paper, they focused on security
problems
3
Security architecture of IoT
4
Security issues analysis of IoT
• Perception layer
- RFID
- WSN
- RSN
• Transportation layer
- access network
- core network
- local area network
• Application layer
- application support layer
- IoT application
5
Perception layer
• Perception node
- sensors or controllers
• Perception network
- communicates with transportation
network
• Security issues
- RFID
- WSN
- RSN
6
RFID security
• Issue: uniform coding
- currently there is no uniform
international encoding standard for RFID
tag
• Solution: uniform encoding
- UID (Universal Identification) by Japan
- EPC (Electronic Product Code) by
European
7
RFID security
• Issue: conflict collision
- tags’ collision
- readers’ collision [32]
• Solution:
- anti-collision algorithm for tags’
collision
- scope-based and physical-based
schemes for readers’ collision [33, 34]
8
RFID security
• Issue: RFID privacy protection
- RFID has limited resources, thus it
requires light-weight solutions for data
privacy and location privacy
• Solution:
- physical-based schemes [36-40]
- password-based schemes [41-45]
- compromising solution
9
RFID security
• Issue: trust management
- trust management exists not only just
between the readers and RFID tags, but
also between the readers and the base
stations
• Complexity of security and limited
resources of RFID tags would be the
focus of ongoing research
10
WSN security
• Issue: cryptographic algorithms
- data security with limited computing
power and storage space
• Solution:
- symmetric encryption: confidentiality
problem of key and inconvenient digital
signatures and message authentication [50]
- public-key encryption: Rabin’s scheme,
NtruEncrypt, and Elliptic Curve
Cryptography
11
WSN security
• Issue: key management
- key distribution, including the distribution
of the public key and the secret key, is to
ensure key to be transported and
distributed securely to legitimate users
• Key distribution schemes
- key broadcast distribution [56-60]
- group key distribution [61-63]
- distribution of node master key
- distribution of the key shared between
nodes [64-68]
12
WSN security
• Issue: secure routing protocol
- attacks towards routing protocol will lead
directly to the collapse of the network
- traditional network routing protocols
cannot be applied in wireless sensor
network
• Secure routing protocols designed
specifically for wireless sensor network [75]
13
WSN security
• Issue: trust management
- limited resources, easy capture of nodes,
and unique communication mode
- need to introduce trust management
mechanism to ensure the security of WSN
• Particularly necessaries
- update of trust
- cooperation of all nodes
- tradeoff between limited resources and
network security
14
RSN security
• Issue: heterogeneous integration
technology
- RSN (RFID sensor network) can solve
the problem caused by heterogeneous
data
• Solution: unified data encoding standard
and item information exchange protocol
for RFID and WSNs
15
RSN security
• Four common integration methods [84]
16
Transportation layer
• Transportation layer mainly provides
ubiquitous access environment for
perception layer
• Transportation layer
- access network
- core network
- local area network
17
Access network
• WiFi security issues: phishing site [88, 89],
access attacks, malicious AP, and
DDos/Dos attack
• Solution: access control and network
encryption technologies
- WPA, encryption, and authentication
technology
18
Access network
• Ad hoc security issues and solutions
- illegal node access security
>> authorization and authentication
- data security
>> authentication and key management
mechanism [87]
- network routing security (DDos/Dos)
>> encryption mechanisms
19
Access network
• 3G network security issues: user
information leakage, data
incompleteness, unlawful attacks, etc
• Solution: key management mechanism,
data origin authentication, and data
encryption
- but the current security mechanisms
are still in the research stage [95-99]
20
Core network
• Issue: large number of nodes to access the
Internet
• Solution: 6LowPAN technology [100-106]
- use IPv6 to provide IP in sensor network
- low power consumption for
heterogeneous integration
- characteristics:
>> PHY and MAC layer: IEEE 802.15.4
>> transportation layer: IPv6 protocol
21
LAN
• Issue: data leakage and server’s
independent protection security
• Solution:
- main strategy
>> network access control
- others
>> denial of malicious code, closing or
deleting unnecessary system services, and
constantly updating the operating system
patches
22
Application layer
• Application support layer
- issue: insecure data, service
interruption, and attack issue
- solution: data isolation/recovery,
supervision capability: enhance
management
23
Application layer
• IoT application
- issue: application layer security is
application related, so its security issues
cannot be solved in other IoT layers
- examples
>> intelligent transportation
>> smart home
24
IoT vs. traditional network
IoT
Traditional network
Composition
RFID and WSN nodes
PC, servers, smart
phones
Resource
Limited
Rich
Connection
Slow, less secure
wireless media
Fast, more secure wire
or wireless
Operating system
No
Window, Unix-like
Data formats
Heterogeneous data
formats
Same
25
Open security issues of IoT
• Overall security architecture for the
entire IoT system
- abstract security architecture
• Lightweight security solutions
- limited resources of IoT
• Efficient solutions for massive
heterogeneous data
- idea from big data
26