Читать книгу Urban and suburban transport intelligent management. Textbook - Vadim Shmal - Страница 5
1 INTERNET OF THINGS
1.1 Internet of Things in modern society
1.1.2 Internet of Things potential threats
ОглавлениеThe problem of building IoT in different countries and systems using different protocols may increase in the future when all devices are incompatible and it will not be possible to link them together and collect the necessary data due to the presence of two or more different IoT protocols.
Currently, the most competitive are two approaches to unifying open source platforms to increase the interconnectedness of products and devices – Open Interconnect Consortium (OIC) and AllSeen Alliance.
To understand the necessary technical support for IoT, it is worth considering several factors when approaching IoT security:
– IoT is a developing and rapidly changing area. Adding new features also leads to new vulnerabilities;
– IoT systems include not only sensors, but also software, as well as devices, platforms and infrastructure elements necessary for data transmission over the network, as well as data storage and analysis in the cloud; [30]
– IoT systems must be protected from threats to other networks and users (external security), as well as from threats to their users and property (internal security); [30]
– the Internet is an interconnected network of networks in which the security of each of them affects the security of the others. [30]
Let’s look at some IoT security threats:
– Malware distribution botnets can be used to attack IoT devices connected to the global network;
– Denial of service DoS attack to slow down services and discredit businesses;
– social engineering attacks aimed at illegally obtaining confidential information about users can also be exposed to devices connected to IoT;
– targeted cyber attacks in order to gain illegal control and access to the network while remaining unnoticed for a long period of time;
– ransomware virus;
– remote recording of Internet of Things users in order to obtain confidential data;
– physical damage to equipment controlled by the Internet of Things by obtaining control;
– falsification of data in order to make wrong decisions;
– digital espionage.
As you can see, information in the modern world plays a very important role, especially when it is possible to remotely control various devices or predict the implementation and manage business or technological processes, so cybersecurity issues come to the fore.
Some methods of IoT risk reduction:
– Management and control of Internet of Things endpoints by identifying and adding to the inventory of resources to reduce the likelihood of cyber attacks;
– identify the IT security vulnerability zone;
– detection of abnormal deviations in data during the interaction of devices and servers;
– using a good data encryption system and protocols;
– management control at the identity level to identify users and their actions. Authentication helps companies better understand how users access devices, which increases the level of protection against vulnerabilities and misuse.
It is worth noting that with the development of IoT, it is necessary to guarantee sufficient security of solutions, since they operate with a large amount of confidential data that directly affects the most important production processes. For this purpose, measures are carried out aimed at:
– Security of devices and sensors. Device security is implemented through device authentication, partial message encryption, and sensor firmware updates.;
– Connection protection. Ensuring the confidentiality of data and their protection from unauthorized modification is necessary when transferring data between the device and the IoT platform. Here the protection is based on Transport Layer Security (TLS) technology. At the same time, the data is encrypted to prevent unauthorized listening and understanding of the content.