CBK91087 Internetworking: IoT Devices are Increasingly Common
This assignment is a major assignment in the area of network security. The goal is for each of you to focus on a particular part of network security to a greater depth than was examined in assignment one.
Topic List
Choose one of the following:
- Discuss the computation that enables biometrics to be used for evidence of identity in a digital world and discuss the vulnerabilities and threats that may impede the successful use of biometrics for this purpose.
- What is PKI? Discuss the challenges and benefits which face a company for in-house PKI vs Commercial PKI.
- Government and Law enforcement have a history of attempting to put encryption work arounds, and back doors, into consumer devices and security infrastructure. Discuss the successfulness and security ramifications on consumers of such policy.
- Compare and contrast, in depth, the security requirements in control system networks (such as SCADA) to more typical general purpose networks.
- IoT devices are increasingly common. Describe the security implications of the proliferation of such devices.
Answer:
Title: IoT Devices are increasingly common: The security implications of the proliferation of such devices.
Introduction:
The continuous growth and innovation can be seen in the field of information technology. The internet of thing is adopted by the enterprise at the rapid rate for managing the cloud computing technology, resources on the network, and others. The IoT devices are featured with sensors and actuators. It is the new technology which is capable of providing on-demand access of information by using the concept smart objects. “The objects which are possessing physical characteristics, incoming signals are given response; capabilities of computing, and sensing phenomenon of physical resources are called smart objects” (Xiang, 2012). The IoT infrastructure faces many problems in their implementation such as there are not well-defined interoperability standards, not well-defined security policies for the device communication, uncertainty of ROI, legacy equipment are not available, the technology is immature according to the requirement of IoT infrastructure, loss of data privacy, not capable staff and labour, and adverse impact on environment. “The innovation in the field of cloud computing and autonomous computing generates the requirement of the infrastructure which is capable of organizing and managing of the big data” (Shacklett, 2014). The IoT infrastructure is the solution of it. The IoT infrastructure depends on two major components which are known as radio frequency identification reader and wireless sensor network. There are three limitation of IoT infrastructure are IoT infrastructure managing heterogeneous devices, sensor nodes implication, and the object dimensions. The flow of communication ism maintained through RFID reader between different interacting devices. There are numerous technologies used for implementation of IoT infrastructure are classified as Bluetooth sensor, interconnection between wearable devices, radio frequency identification reader, integration of the smartphones, dependency of using low power consumption, and others. The cloud server side architecture is used for developing IoT reference model. The security is the critical area of the IoT technologies. “The cloud side server architecture reference model is used for managing resources, devices, operations, services, functions, and processes” (Miorandi, 2012). The productivity of the enterprise and availability of data and resources can be increased by the implementation of IoT in the working curriculum of the organization.
Characteristics of the IoT infrastructure:
- Devices and resources should be interconnected:
The interconnection should be developed between devices by using the set of standards and policies. It is the global platform for managing the communication between different resources available on the internet.
- IoT services:
Consistency, privacy, availability, integrity, and confidentiality of the data should be managed on the IoT platform.
- Heterogeneity of devices:
The hardware and software devices are heterogeneous in nature can together use on the IoT environment. The network connection is used for managing connection between embedded system with smart objects.
- Dynamic changes:
The location and speed of the resources available on the network can be predicted through dynamic changes. The IoT platform is capable of managing smart devices.
- Enormous scale:
The user can access data according to the requirement of the application and manages the communication between the interacting devices. The communication can be managed smoothly without any breakdown by managing the increasing and decreasing of the magnitude.
- Scalability:
The traditional network is not having the feature of scalability. The scalability features helps in managing high level communication system by increasing or decreasing the magnitude of the system.
- Ubiquitous computing:
Ubiquitous computing is responsible for managing ubiquitous data exchange. The workload on the smart objects can be distributing by using the wireless communication technologies. The spectrum of the data can be manageable by using the dynamic radio system. Loosely coupled system can be developed by using the terminology of ubiquitous computing along with the fundamentals of ambient intelligence. The hacked and vulnerable devices can be easily dropped out in the loosely coupled system. The safeguarding system depends on the artificial intelligence and ambient system.
- Energy optimization solution:
The resources can be optimised on the IoT infrastructure by maintaining the continuous flow of information.
- Optimizing the tracking and localization capability:
The remote location of the devices can be tracked by using the concept of wireless communication.
- Use of Operating system:
The operating system can be used according to the requirement specified in the specification plan. The software components are used for handling computational services.
IoT devices and technologies:
The lst of IoT devices and technologies is given below which are used for developing IoT infrastructure:
Devices and technologies |
Explanation |
Service integration technique |
The IoT application is the amalgamation of the resources and devices which are integrated together to work efficiently on the IoT infrastructure. |
Software integration technique |
The information can be accessed between application and middleware by using the analytical search engines. The software required point to point integration of services. |
Hardware technology |
Bluetooth sensor, interconnection between wearable devices, radio frequency identification reader, integration of the smartphones, dependency of using low power consumption, and others are some of the hardware concept used in the IoT infrastructure. The innovation in the field of cloud computing and autonomous computing generates the requirement of the infrastructure which is capable of organizing and managing of the big data. The IoT infrastructure is the solution of it. The RFID reader is used for sensing the radio signal for giving response. |
Network management and communication |
The satellite network management system is used for managing different devices and resources on the network. The remote location of the devices can be tracked by using the concept of satellite communication. |
Analytical solutions |
“The pattern recognition system and predictive data mining tasks are used for managing business intelligence on the hardware and software used in the system” (Khalid, 2016). The artificial intelligence plays a major role in managing devices, processes, and resources efficiently for the effective utilization of them. |
Radio frequency identification |
RFID is used for reading the radio signals for tracking the location of devices and creating communication links with the devices for remote access of the information on the demand of user. It is the fundamental tools of IoT infrastructure which is used for managing supplier chain, customer relationship, and the instant monitoring of the devices |
Sensor network and sensor resources |
The IoT is the combination of physical and virtual world. The sensor technology is used for developing compatibility between them. The utilization of the resources can be effectively done on the sensor network. The sensor network make use of radio lights for analysing the position of the devices. |
Microcontrollers devices |
The activities of the devices can be controlled by microchips which are used in the smart objects. The distributed processing system is responsible for managing the workload on different smart objects. The microchips are used for controlling the whole scenario of IoT environment. The intelligence controlling system is used for controlling the activities of the microchips for resource utilization efficiently. |
Protocols |
The protocols are the set of rules which are used for interconnecting the IoT devices. The IoT infrastructure uses the protocols such as HTTPS, Zig-bee, HTTP API, HTTP, Z-Wave, and many more. |
Biometrics |
Biometrics system is the part of the IoT infrastructure which is used for authorization to remotely access the information. |
Technology of actuators |
The actuators are used for managing the incoming signals by using radio waves. The mechanical switches can be used for creating the illumination for the prediction of devices. |
Ambient devices and technologies |
The sensitive control measures are used for handling the ambient devices. The safeguarding system depends on the artificial intelligence and ambient system. The ambient technologies are based on context aware program which is used for developing the profile system, application based on human centric, and techniques of pervasive computing. |
Challenges in the IoT infrastructure:
The IoT infrastructure is equipped with numerous challenges such as there are not well-defined interoperability standards, not well-defined security policies for the device communication, uncertainty of ROI, legacy equipment are not available, the technology is immature according to the requirement of IoT infrastructure, loss of data privacy, not capable staff and labour, and adverse impact on environment. Above all, the security is the concern area of the IoT environment. “The IoT architecture is based on the decentralised control which can be accessed by the hacker for taking control of the devices” (Gaiser, 2015). The emergence of the intruder gets increased with the increasing complexity of the platform. Privacy and trust is the other critical section of security. The data sensitivity can be lost with the inclusion of the attacker. The high shield of security should be prepared which is based on security policies and governance framework. The data privacy is also associated with the social and political issues. “The integration of the devices involves the set of protocols for establishing communication links between them” (Li, 2015). The appropriate protocols should be attached with the devices. The wrong selection of protocol leads to the hindrance. The Open forum of the IoT infrastructure should be kept secured by using the standard protocols. The intruder can get entered into the premises of IoT infrastructure through the gaps between smart object placed on the environment. The attacker can directly access the confidential information from Ethernet connectivity. The uploading and downloading of information from the cloud creates the problem of cloud polling. The unencrypted communication between the devices leads does the door open for the entrance of the intruder. The mediator should be used for connecting the devices on IoT infrastructure which is based on loosely coupled system. There are various vulnerabilities associated with IoT platform which can be categorised as denial of service attacks, overflow and underflow of request buffer, infection though flaws and errors, direct object referencing, sensitivity of data exposure, forgery, and others. While working on the IoT platform user has to use strong credential to get entered into their profile so that their credential cannot be used by the hackers. The injection of malware in the working platform of IoT can infect the file and folders and disturb the functionality and operations of the devices.
Analysis of Risks Probability with IoT architecture:
The table below shows the analysis details of probability of risks associated with IoT architecture. The risks increase with the increase in the platform complexity:
Functional and operational phase |
Subject |
Area associated with risks |
Semi-Autonomous condition of risks |
Fully-Autonomous condition of risks |
Data collection phase |
Data collected should be analysed thoroughly |
No data associated with the presence of risks |
Probability of occurrence of moderate risks |
Probability of occurrence of moderate risks |
Data analysis phase |
Analysis of the data based on data collection phase |
No risks present in the analysed data |
Performing the Cloud analysis on data |
On-device management of data for cloud analysis |
Decision making phase |
No decision undertaken |
Decision are under the control of human |
:Performing the Cloud analysis on data” (Haller, 2014) |
On-device management of data for cloud analysis |
Communication phase |
Smooth communication flow of data |
Performing the operation of reading the data from cloud |
Performing the operation of reading and writing the data from cloud |
Machine to machine flow of communication |
Potential impact on devices |
Limited effect on the devices |
Moderate effect on the devices |
High effect on the devices |
Critical effect on the devices |
Migration Policies:
The user should take step for reducing the vulnerabilities at their level. It has been researched that the alphanumeric should be used for creating the strong password of the user profiles. The setup of devices and resources should be associated with the encryption methods and policies for restricting the access of remote data. “The validation and verification process helps in restricting the entry of the malware and other security concerns” (James, 2015). The communication links between the devices and resources should be developed though the medium of secure socket layer. The revocation list is used for getting secure socket layer certification. The emphasis should be given on developing and upgrading security policies according to the standards of 2018. The API associated with the application should compose of security policies. The interconnection should be developed between devices by using the set of standards and policies. The boot chain system should be used for securing the activities of the devices. The security analytical features should be used for developing the device management strategy. The removal of unused and unwanted tools and technologies helps in securing the system from the attack of the intruder. The pattern recognition system and predictive data mining tasks are used for managing business intelligence on the hardware and software used in the system. The wireless protocols are used for managing the network traffic. The isolation should be provided at peer to peer connection of the machine. The IoT infrastructure uses the protocols such as HTTPS, Zig-bee, HTTP API, HTTP, Z-Wave, and many more for securing the connection. The user should prepare the chart for proactive security methods so as to secure the system before the attack of the intruder. The M2M connection should be used for eliminating the chance of data leakage. The communication is said to be successful if it is capable of managing privacy, availability, and security of the system. The cyber-security solution plays an important role in managing security of IoT infrastructure.
Layered Security Methods:
The table below shows the security methods which are associated with each layer of IoT infrastructure.
Layer |
Security methods |
Description |
Device layer |
Process for Secure booting |
The authentication should be ssocaited with the devices which are integrated together on the IoT infrastructure. |
Devices authentication |
Login credential should be allocated to the user for accessing the information | |
Application layer |
Mechanism used for access control |
Role based access control and mandatory access control are used for managing accessing of information between different communications devices. |
Data for application |
The data used in the application should have characteristics of integrity, privacy, and confidentiality. | |
Firewall protection method Intrusion detection and prevention method |
The firewall security system is used for restricting the entrance of intruder into the system. The intrusion detection system is used for detecting the occurrence of intrusion in the system. The intrusion prevention system is used for taking reactive and proactive methods for preventing the system from the attack of intruder. | |
Network layer |
Monitoring system for the occurrence of events |
The correlation should be developed between events and products for the integration of services. The wireless protocols are used for managing the network traffic. The isolation should be provided at peer to peer connection of the machine. |
Incoming signals integrity |
The signals should be maintained with good quality on the communication platform. | |
Datagram used for maintaining confidentiality |
The confidential communication can be maintained by using UDP transmission |
Safeguarding and security procedures for IoT devices:
Safeguarding and security procedures |
Explanation |
Device Authentication and Authorisation |
The authentication and authorization protocols are used for accessing information from the hardware and software platform without any hindrance. The validation process helps in restricting the entry of the malware and other security concerns. The authentication provided to the user by using the technology of digital signature. |
User access control for information |
Role based access control and mandatory access control are used for managing accessing of information between different communications devices. These methods provide limitation to the strength of the user by specifying the area of the user. The user gets the permission of accessing data according to the role and responsibility provided to him. The specification of the areas reduces the chance of disclosure of information |
Management of device lifecycle |
Every devices stored on internet should be placed with encryption methodology for securing the communication with it. The patching technology is used for restricting the entrance of the intruder into the gaps between the hardware and software technology. The continuity of the information can be maintained by applying the process of patching. |
Policies of encryption and decryption |
“The encryption method is the procedure of attaching the bit of streams into the data packet send by the user which converts the message into encoded form” (Vermesan, 2013). The public and private key is used for encrypting the data on the packet. At the receiver end the data is decrypted by using the pair of public and private key to solve the encryption procedures. The cryptographic modules should be attached with every devices placed on the IoT architecture. |
Interoperability standards |
The secured communication can be developed by following the security policies and governance laws to manage interoperability between them. The interoperability procedures are used for managing secure communication. |
IoT solution Ads-on |
The focus should be given on developing the application based on specific requirement. The application should have ads-on so that security features can be added according to requirement of the application. |
Key players roles and responsibility |
The authority should be provided to the user according to the role played by them. This helps in the diversification of information accessing sector. These methods provide limitation to the strength of the user by specifying the area of the user. “The user gets the permission of accessing data according to the role and responsibility provided to him. The specification of the areas reduces the chance of disclosure of information” (Friess, 2014). |
Baseline of the data management |
The location of the devices can be predicted by event monitoring system. |
Data governance policies |
The well-defined governance structure should be prepared for maintaining the accessibility of data with secure transaction of information. “The responsibilities should be allocated which helps in identifying the right person for right resources” (Tollens, 2016). The safeguarding framework helps in managing communication links for the proper format of interoperability. |
Architecture based on loosely coupled system |
“The loosely coupled system has the advantage over traditional system for elimination of hacked devices from the internet which helps in securing the resources and devices from infection” (Wang, 2014). |
Privacy framework |
“The privacy framework is used for minimizing the risk of violation of information” (Choudhary, 2014). TROPOS, PRIS, NFR are some of the framework which is used for providing privacy to the data on the IoT infrastructure. The most common framework of privacy is PRIS which is capable of maintaining confidentiality and integrity of data. The privacy of data is the most crucial step of securing the network from the attack of vulnerabilities because it can affect the confidentiality of the application. |
High asset value |
The security measures depend on the capabilities of the asset. |
Managing security of the devices throughout their lifecycle:
“The security of devices is the major concern while working on the IOT environment” (Fang, 2016). The devices should be given security standards and measures in each layer while developing the communication links between the devices and the resources. The hardware components should make use of booting process to detect the presence of the intruder. The software make use of anti-malware and anti-virus software to detect the occurrence of viruses on the system. The secured operation can be performed by using the microcontroller devices and chips. “The cryptographic modules should be attached with every devices placed on the IoT architecture” (Buch, 2016). The application can be secured by applying three simple steps. The first step is to generate a pair of shared keys, the second step is to generate strong password using alphanumeric, and the third is to generate the digital signature and certification for authentication and authorization. Z-wave and Zigbee are he security protocols which are used for implementing secure communication between the devices. The centralised network is responsible for providing security measures to all the communicating devices in the scenario. The target device should manage the network band for accessing of information. The weak credential can be the cause of data leakage. The resiliency and longevity services of the application depend on the level of security measures which are capable of restricting the entrance of the viruses, worms, and intruder. The key management program is used for developing resilience network over the IoT infrastructure. The effective security program depends on four factors protocols used for key management of public and private key used for encryption purpose, protocols used for effective communication, driving the event management program, and implementation of secure socket layer program. The entry point of security breaches can be restricted by using patch process and proactive plan for security. The cyber-security solution plays an important role in managing security of IoT infrastructure. The safeguarding system depends on the artificial intelligence and ambient system. The interaction between the devices should follow the security rule for preserving the confidentiality and privacy of data. The integrity of the data depends on the effective management of resilience network. The multi-layer protocol is used for preserving the integrity of the data during the transmission and communication services. The following diagram shows the security measure associated with each layer:
Conclusion:
The Internet of thing is the new technology which is capable of providing on-demand access of information by using the concept smart objects. The emergence of the intruder gets increased with the increasing complexity of the platform.The high shield of security should be prepared which is based on security policies and governance framework. The devices should be given security standards and measures in each layer while developing the communication links between the devices and the resources. The centralised network is responsible for providing security measures to all the communicating devices in the scenario. The privacy framework is used for minimizing the risk of violation of information. The focus should be given on developing the application based on specific requirement. The application should have ads-on so that security features can be added according to requirement of the application in the IoT architecture. The well-defined governance structure should be prepared for maintaining the accessibility of data with secure transaction of information. The setup of devices and resources should be associated with the encryption methods and policies for restricting the access of remote data. The responsibilities should be allocated which helps in identifying the right person for right resources. The authentication and authorization protocols are used for accessing information from the hardware and software platform without any hindrance. The signals should be maintained with good quality on the communication platform. The privacy of data is the most crucial step of securing the network from the attack of vulnerabilities because it can affect the confidentiality of the application
References:
Bruch, M. (2016). IoT and sustainability. 1st ed. [ebook] Available at: https://citris-uc.org/wp-content/uploads/2016/07/CITRIS_IoT-and-Sustainability-White-Paper.pdf [Accessed 29 May. 2017].
Choudhary, P. (2014). Safeguarding the internet of things. 1st ed. [ebook] Available at: https://www.cognizant.com/whitepapers/safeguarding-the-internet-of-things-codex2465.pdf [Accessed 29 May. 2017].
Fang, S. (2016). An integrated system for regional environment monitoring and management based on internet of things (1st ed.). Available at https://ieeexplore.ieee.org/document/6725615/ [Accessed 29 May. 2017].
Friess, P. (2014). Internet of things- from research and innovation to market deployment (1st ed.). Available at https://www.internet-of-things-research.eu/pdf/IoT-From%20Research%20and%20Innovation%20to%20Market%20Deployment_IERC_Cluster_eBook_978-87-93102-95-8_P.pdf [Accessed 29 May. 2017].
Gaiser, K. (2015). Integrating IoT sensor technology into the enterprise (1st ed.). Available at https://www.intel.com/content/dam/www/public/us/en/documents/best-practices/integrating-iot-sensor-technology-into-the-enterprise-paper.pdf [Accessed 29 May. 2017].
Haller, S. (2014). The internet of things in an enterprise context (1st ed.). Available at https://ai2-s2-pdfs.s3.amazonaws.com/1c49/c74521b4c9eae7a352a3b223b4213294c681.pdf [Accessed 29 May. 2017].
James, S. (2015). Industrial Internet of things. 1st ed. [ebook] Available at: https://www3.weforum.org/docs/WEFUSA_IndustrialInternet_Report2015.pdf [Accessed 29 May. 2017].
Khalid, A. (2016). Internet of things and research agenda (1st ed.). Available at https://ijcsmc.com/docs/papers/March2016/V5I3201699a15.pdf [Accessed 29 May. 2017].
Li, D. (2015). Building value from visibility (1st ed.). Available at https://www.zebra.com/content/dam/zebra/white-papers/en-us/zebra-iot-report-en-us.pdf [Accessed 29 May. 2017].
Miorandi, D. (2012). Internet of things: Vision, Aplications, and Research challenge. 1st ed. [ebook] Available at: https://www.dicom.uninsubria.it/~sabrina.sicari/public/documents/journal/2012_IoT_vision.pdf [Accessed 29 May. 2017].
Shacklett, P. (2014). Reaping the benefit of the internet of things (1st ed.). Available at https://www.cognizant.com/InsightsWhitepapers/Reaping-the-Benefits-of-the-Internet-of-Things.pdf [Accessed 29 May. 2017].
Tollens, W. (2016). The internet of things for today and tomorrow (1st ed.). Available at https://www.arubanetworks.com/assets/eo/HPE_Aruba_IoT_Research_Report.pdf [Accessed 29 May. 2017].
Vermesan, O. (2013). Internet of things- Converging technologies for smart environment (1st ed.). Available athttps://www.internet-of-things-research.eu/pdf/Converging_Technologies_for_Smart_Environments_and_Integrated_Ecosystems_IERC_Book_Open_Access_2013.pdf [Accessed 29 May. 2017].
Wang, C. (2014). Internet of things for enterprise system of modern manufacturing (1st ed.). Available at https://pdfs.semanticscholar.org/a504/6b31365733a0bc99a60ed9ca2bf3b7a15690.pdf [Accessed 29 May. 2017].
Xiang, K. (2012). Internet of things: Security risks and automated policies. 1st ed. [ebook] Available at: https://www.cisco.com/c/dam/en_us/solutions/trends/iot/docs/security-risks.pdf [Accessed 29 May. 2017].
Buy CBK91087 Internetworking: IoT Devices are Increasingly Common Answers Online
Talk to our expert to get the help with CBK91087 Internetworking: IoT Devices are Increasingly Common Answers to complete your assessment on time and boost your grades now
The main aim/motive of the management assignment help services is to get connect with a greater number of students, and effectively help, and support them in getting completing their assignments the students also get find this a wonderful opportunity where they could effectively learn more about their topics, as the experts also have the best team members with them in which all the members effectively support each other to get complete their diploma assignments. They complete the assessments of the students in an appropriate manner and deliver them back to the students before the due date of the assignment so that the students could timely submit this, and can score higher marks. The experts of the assignment help services at urgenthomework.com are so much skilled, capable, talented, and experienced in their field of programming homework help writing assignments, so, for this, they can effectively write the best economics assignment help services.