Читать книгу Building an Effective Security Program for Distributed Energy Resources and Systems - Mariana Hentea - Страница 70
2.1.1.4 IoT Security and Privacy
ОглавлениеSeveral significant obstacles remain to fulfilling the IoT vision, chief among them security [Roman 2011]. One aspect is that IoT technology is being developed rapidly without appropriate consideration of the profound security challenges involved including the regulatory changes that might be necessary. In particular, as the IoT spreads widely, cyber attacks are likely to become an increasingly physical (rather than simply virtual) threat.
IoT developments point to future threat opportunities and risks that will arise when people can remotely control, locate, and monitor even the most mundane devices and articles to the extent that everyday objects become information security risks. Appliances such as refrigerator may be hacked and used to send spam messages [Starr 2014]. Although email application has not disturbed the power grid, it is wise to think about the danger of using a smart appliance as a platform for launching cyber attacks on Smart Grid systems.
The IoT technology is not only a human tool; instead it should be considered as an active agent because it already influences moral decision making, which in turn affects human agency, privacy, and autonomy. There are concerns regarding the impact of IoT on consumer privacy, because the Big Data focus on collecting everything and keep it around forever will have security impacts.
The IoT devices could distribute those risks far more widely than the Internet has to date. Massively parallel sensor fusion may undermine social cohesion if it proves to be fundamentally incompatible with Fourth Amendment guarantees against unreasonable search [SRI BI 2008].
The IoT and Smart Grid technologies will together be aggressively integrated into the developed world's socio‐economic fabric with little, if any public or governmental oversight [Tracy 2015]. Therefore, the technology needs to gain consumers' trust due to privacy concerns [Bachman 2015]. However, more regulations for the manufacturers may benefit the protection of the consumers.
Perceived as creepy new wave of the Internet [Halpern 2014] or as a disruptive technology [SRI BI 2008], in order to have a widespread adoption of any object identification system, there is a need to have a technically sound solution to guarantee privacy and the security of the customers among some other issues [Ishaq 2013]. The challenge is to prevent the growth of malicious models or at least to mitigate and limit their impact [Roman 2011].
IoT applications are impacted by the security features that should make attacks significantly more difficult or even impossible [EC‐EPoSS 2008]. The selection of security features and mechanisms will continue to be determined by the impact on business processes, and trade‐offs will be made between chip size, cost, functionality, interoperability, security, and privacy.
Some argue that is imperative that companies and governments need to capture these trends to ensure that the IoT is recognized as useful [EC‐EPoSS 2008]. In addition, education and information are critical for the success of the IoT technology because privacy concerns about the misuse of information are high and final users do not clearly see the advantages and disadvantages of the widespread adoption of this technology. IoT security is not only a spectrum of device vulnerability but also unique security and privacy concerns of systems using these devices.
Another recommendation is that effective and appropriate security solutions can be achieved only if the participants involved with these devices apply a collaborative security approach as described in [IntSoc 2015b].