Читать книгу The New Advanced Society - Группа авторов - Страница 56

IoT systems, due to their simultaneous and huge amount of data handling among many users, subsystems and devices are becoming lucrative destination for cyber-attack activities. Such attacks are mainly aimed for mischievously stealing and gaining sensitive system information by eavesdropping. Every connected device of the ecosystem could be potentially leading to some kind of sensitive and critical data of interconnected system of the IoT infrastructure. Due to their multidimensional impact, concerns related to data security are very much relevant and important. Risks associated with the IoT could be much higher as automated processing, decision making and interoperability along with security loopholes can show exponential results towards potential vulnerabilities.

A prominent and essential requirement related to IoT ecosystem is that devices are mandatorily required to be interconnected. Upon these interconnected resources various IoT activities like sensing, communicating and processing are facilitated. IoT system generally acquires information from end-nodes or devices. After acquiring, data is transmitted and processed at certain nodes designated for their processing towards accomplishment of associated complex tasks. The inherent capability of the system must provide security related protection for various applications for secured online transaction, as well as for maintaining data integrity. Accordingly, concerns for the need of a comprehensive, robust and a effectively secured mechanism merit its relevance to the constantly evolving IoT ecosystem.

From the above discussion, broadly the following three objectives for security aspects of IoT and the associated networks have been assessed. Firstly, desired mechanism to protect IoT devices and associated networking resources from attacks. Secondly necessary mechanism for protecting IoT related services and applications from unauthorized access and usage. Finally, protection of balance of the IoT resources from cascading effect attacks, as usage of compromised information. Similarly a compromised device may function like an attacking platform itself. To summarize these points, we can comfortably come to a conclusion that full proof identification establishment of devices and strict access control are principal factors for securing an IoT ecosystem.

At a broad level, security requirement aspects of IoT are classified into several categories which are discussed below:

1 (i) Availability: This signifies that IoT assets of the system under consideration are made available for usage when request by entities which are authorized to do so and also by the genuine users. This factor allows desired data collection as well as prevents interruptions in the desired service. A fully functional Internet connected environment is essentially required to provide IoT availability in the true sense. Distributed Denial of Service attack (DDOS), Denial of Service (DOS) and flooding attacks generally regarded as threats to availability. However IoT service disruption can also arise from hardware and software failures which could affect service availability.

2 (ii) Authentication: Things in IoT are essentially required to be made identifiable and also to be authenticated. Due to the complex nature of the IoT system, such process sometimes becomes extremely critical with respect to authentication. Since several entity types are associated like type of device, kind of services, specific service provider, corresponding unit for processing, etc., initial service session establishment is required among the IoT devices. Accordingly, desired mechanism for mutual authentication of entities in IoT system in all interactions is essentially required.

3 (iii) Confidentiality: In any IoT ecosystem where there is a complex topological and logical networking of various sensors and data aquation devices, there is a need for exchanging certain enciphered data for having confidentiality. Various standardized and established key management technique are in use. In an IoT ecosystem, a specific type of key management systems requiring lesser processing loads needs to be followed for establishing trust among entities. Similarly lessor resources utilization is also a requirement for key distribution among them. Hence less processor, memory and network bandwidth requiring key management procedure is required to be adopted.

4 (iv) Integrity: This implies to mechanism to ascertain that received information which is temporarily or permanently stored in IoT system has not been compromised in any way. Infrastructure of IoT ecosystem holds a number of sensitive information. Any attempt or successfully manipulated information may result in severe damage to the usage of the system. Data integrity is a critical factor for IoT ecosystem. A malicious user may use offensive means for manipulating critical information using a wrongly configured resource. Software vulnerability associated with the IoT application may even be explored for this purpose. Virus infections and other malicious programs could potentially be used for altering source of data. Hence it could adversely impact system integrity. With respect to authentication of devices, integrity aspect ensures genuineness. It also encompasses the identity of the systems. Also a non-compromised user is a vital aspect for facilitating desired service in the IoT system reliably. Certain service instances like mission critical military applications must maintain high integrity level over an IoT system.

5 (v) Lightweight Protocols: This requirement is one of its kind for security. The specific requirement was visualized due to the inherent limitation regarding computing and power handling capabilities of the devices of the IoT system. Such thing is an indirect requirement, but a constraint which is required to be considered for design and implementation of various protocols for IoT networks. This is applicable both for encryption and authentication of data as well as device attached to IoT system. Underneath algorithms are essentially required to work with constraint capacities of the associated devices.

6 (vi) Standardization and Policies: IoT ecosystem usually comprise of various devices of heterogenous characteristics. From the networking point of view the system may be of dynamic nature, where various IoT devices be put to active use depending on the dynamics of its utilization requirements. At the same time, it is also required for ensuring protection of acquired data, management and transmission of such data using a secured manner. Above all formalized means for enforcing desired set of regulations are required to meet the defined standards of the ecosystem. Service Level Agreements (SLAs) is required to unambiguously spell out all details of the services planned for being provided. Commonly followed network security protocols and standards may not be applicable such a system having dynamic characteristics. Implementing standardized set of regulations coupled with SLAs would be able to enhance mutual trust among users and devices leads to effective usage, remarkable growth to result in high scalability of the system.