This assignment is a major assignment within the field of network security.
This assignment requires that each student focuses on one particular aspect of network security at a deeper level than in assignment 1.
Select one from the following:
The computation that allows biometrics in digital worlds to be used as evidence of identity is discussed. We also discuss vulnerabilities and threats that might hinder the use of biometrics in this context.
What is PKI?
Discuss the advantages and challenges faced by a company when it comes to PKI.
The government and law enforcement have a history trying to implement encryption workarounds, back doors, into consumer devices, and security infrastructure.
Discuss the security implications for consumers of such policies, and how successful they have been.
Compare and contrast the security requirements of control system networks (such SCADA), to more general purpose networks.
IoT devices are becoming more popular.
Define the security implications arising from the proliferation of these devices.
Title: IoT Devices become increasingly common: The security implications associated with the proliferation of these devices.
Information technology can show us the continuous growth and innovation.
The enterprise adopts the internet of thing at an increasing rate to manage the cloud computing technology and resources on the network.
IoT devices have sensors and actuators.
This new technology is capable of providing instant access to information through the use of smart objects.
“Smart objects” are objects with physical characteristics. They respond to incoming signals and have computing and sensing phenomena of physical resources.
There are many issues with the implementation of the IoT infrastructure. These include a lack of well-defined interoperability standards and security policies for device communication. Legacy equipment is not available. The technology is not mature according to the requirements of IoT Infrastructure.
“Infrastructure that is capable of managing and organizing big data is required to support the innovation in the field cloud computing and autonomous computer” (Shacklett (2014)
It’s the IoT infrastructure that is the answer.
The IoT infrastructure is based on two components, known as the radio frequency identification readers and wireless sensor networks.
IoT infrastructure has three limitations. These are IoT infrastructure that manage heterogeneous devices and sensor nodes implication.
Communication between devices can be maintained using RFID readers.
There are many technologies that can be used to implement IoT infrastructure. They include Bluetooth sensor and interconnection between wearable device, radio frequency ID reader, integration of smartphones, dependence of using low-power consumption, and other.
Cloud server side architecture is used to develop IoT reference model.
The IoT technologies are characterized by security.
“The cloud side server architecture refer model is used for managing resources.
The implementation of IoT can improve the productivity of an organization and increase the availability of data.
What are the Key Characteristics of IoT Infrastructure?
Interconnecting devices and resources is a must
By using the policies and standards, interconnection must be established between devices.
It serves as the global platform to manage communication between the different internet resources.
On the IoT platform, data integrity, confidentiality, privacy, availability, integrity, consistency, and privacy should all be maintained.
Software and hardware devices, which are heterogeneous in their nature, can both be used on the IoT ecosystem.
The network connection manages the connection between embedded systems with smart objects.
Dynamic changes allow for the prediction of the location and speed with which resources are available over the network.
The IoT platform can manage smart devices.
The user has the ability to access the data as per the application’s requirements and can manage the communication between all devices.
You can manage the magnitude change and increase to ensure that communication runs smoothly.
The traditional network does not have the capability of scaling.
Scalability is a feature that allows you to manage high-level communication systems, increasing or decreasing its magnitude.
Ubiquitous computing is responsible to manage ubiquitous data exchange.
By using wireless communication technologies, the workload can be distributed to the smart objects.
The dynamic radio system can help manage the data’s spectrum.
You can create a loosely coupled system by combining ubiquitous computing terminology with the basics of ambient Intelligence.
The loosely coupled system can easily be used to remove vulnerable and hackable devices.
The artificial intelligence system and the ambient system provide the safeguarding system.
The energy optimization solution
By maintaining continuous information flow, the IoT infrastructure allows for optimization of resources.
Optimizing the tracking/localization capabilities
By using wireless communication, you can track remote locations of devices.
Use of operating system:
The specifications plan will specify which requirements the operating system must meet.
These software components can be used to manage computational services.
IoT Devices & Technologies
Below is a list of IoT devices, technologies that are used in developing IoT infrastructure.
Devices and technologies
The IoT Application is the combination of all the devices and resources that work together to create an efficient IoT infrastructure.
Software integration technique
The analytical search engines make it possible to find information from both middleware and applications.
Software integration required to connect services from one point to another.
There are many hardware concepts that make up the IoT infrastructure. These include Bluetooth sensor and interconnection between wearable device, radio frequency identification reader integration of smartphones, dependency on using low power consumption, dependability, and other features.
Cloud computing and autonomous computing are generating new requirements for an infrastructure capable of managing and organizing big data.
It’s the IoT infrastructure that is the answer.
RFID readers are used for detecting radio signals to give a response.
Management and communication of networks
For managing various devices and resources within the satellite network management system,
Satellite communication can be used to track the remote location of devices.
“The pattern recognition system, predictive data mining tasks, and other tools are used to manage the business intelligence of the hardware and software in the system” (Khalid 2016).
Artificial intelligence plays a significant role in managing processes and devices efficiently to maximize their effectiveness.
RFID can be used to identify radio signals that track the location of devices, and establish communication links with them for remote access to the information.
It is the foundation of IoT infrastructure that is used to manage the supplier chain and customer relationship as well as the remote monitoring of the devices.
Sensor network and sensor resource
The IoT is the combination between virtual and real world.
It is possible to create compatibility between them using the sensor technology.
The sensor network can help to efficiently use the resources.
Radio lights are used by the sensor network to analyze the location of the devices.
The microchips in the smart objects allow for the control of the device’s activities.
The distributed processing network manages the work load on various smart objects.
The microchips control the entire IoT environment.
The intelligence controlling system controls the activities of microchips to optimize resource utilization.
Protocols are the rules used to connect the IoT devices.
HTTPS, HTTPS, Zigbee, HTTP API and HTTP are some of the protocols used by IoT infrastructure.
Biometrics is the IoT infrastructure that allows remote access to the information.
Technology of actuators
The actuators can be used to manage radio waves and incoming signals.
Mechanical switches are used to predict devices by creating illumination.
Ambient devices, technologies
To handle the ambient devices, sensitive control methods are used.
The ambient system and artificial intelligence are the key elements of the safeguarding system.
The ambient technologies are based in context aware programming, which is used for the development of profile systems, applications based on human-centric, and techniques to pervasive computing.
IoT Infrastructure: Challenges
Many challenges face the IoT infrastructure. There are no well-defined interoperability standards and security policies, no legacy equipment, uncertainty about ROI, non-existent security policies, legacy equipment are not readily available, IoT infrastructure is still in its infancy, data privacy is at risk, staff and labour are incompetent, and there is adverse environmental impact.
The IoT environment is a concern because of its security.
“The IoT architecture is built on decentralised control, which can be accessed to the hacker to take control over the devices” (Gaiser (2015).
As the platform becomes more complex, so does the potential for an intruder.
The other crucial aspect of security is privacy and trust.
Data sensitivity can be affected by the inclusion of an attacker.
It is important to have a high shield of security that is based upon security policies and governance.
Privacy is also connected to social and political issues.
“The integration involves the establishment of communication links between the devices” (Li (2015).
You should attach the protocols to the devices.
An error in selecting the protocol will cause problems.
Use the standard protocols to secure the Open forum for the IoT Infrastructure.
An intruder can gain entry to IoT infrastructure by exploiting the weaknesses between smart objects.
An attacker can gain access to confidential information via Ethernet connectivity.
Cloud polling can occur when information is uploaded and downloaded from the cloud.
The intruder can easily gain access to the device’s communication by using unencrypted means.
This mediator is needed to connect the devices of IoT infrastructure, which relies on loosely coupled systems.
IoT platform is susceptible to several vulnerabilities. These vulnerabilities include overflow or underflow of request buffers, denial-of-service attacks, infection though flaws, errors, direct object references, sensitivity of data exposed, forgery, and other.
The IoT platform requires that users use strong credentials in order to gain access to their profile. This will prevent hackers from using their credential.
The working platform of IoT may be infected with malware and cause problems in operation and functionality.
Analysis of Risks and Probabilities with IoT Architecture
The table below provides details about the probabilities of IoT architecture risks.
With increasing platform complexity, the risk of being exposed increases.
Functional and operational phase
Areas associated with risk
Semi-Autonomous state of risk
Risks in a fully-autonomous state
The data should be thoroughly analysed
No data are associated with the risk of exposure
Probability of moderate risks occurring
Probability of moderate risks occurring
Data analysis phase
Data collection phase: Analysis of the data
The data analysis is free from any risks
Cloud analysis on data
Data management for cloud analysis via on-device
The decision-making phase
No decision has been made
Decisions are within the control of humans
:Cluster analysis of data” (Haller (2014)
Data management for cloud analysis via on-device
Smooth data communication
Perform the operation of reading the data in the cloud
The operation of reading or writing data from cloud
Communication between machines
Devices have limited impact
Moderate effect of the devices
Devices with high effectiveness
Important effect on the devices
It is up to the user to take action to reduce vulnerability at their level.
For strong passwords, the alphanumeric key should be used. This has been proven by research.
Assembling devices and resources should include policies and encryption methods to restrict remote access.
James, 2015. “The validation process and verification process help in restricting entry of malware and other security concerns.”
Secure socket layer is used to create communication links between devices.
For secure socket layer certification, the revocation lists is used.
You should place emphasis on the development and updating of security policies that conform to 2018’s standards.
The security policies should be contained in the API.
These policies and standards will be used to create interconnections between devices.
To secure the activity of the devices, the boot-chain system should be used.
Device management strategies should be developed using security analytical features.
In order to protect the system from an attack by the intruder, it is necessary to remove unwanted or inactive tools and technologies.
For managing business intelligence, the pattern recognition system is used and the predictive data mining tasks.
Wireless protocols are used in managing network traffic.
The peer-to-peer connection should provide isolation.
The IoT infrastructure uses protocols such as HTTPS and Zig-bee for secure connections.
In order to protect the system from an intruder’s attack, the user should prepare a chart.
To eliminate the possibility of data leakage, you should use the M2M link.
If the communication can manage privacy, availability, as well as security of the system, it will be considered successful.
A key role in managing the security of IoT infrastructure is played by cyber-security.
Layered Security Techniques
Below is a table listing the security measures associated with each layer in IoT infrastructure.
The authentication should be performed with all devices that are integrated on the IoT infrastructure.
For access to the information, users should be assigned a login credential
Mechanism for access control
For managing information access between communications devices, mandatory access control and role-based access controls are used.
Information for the application
All data submitted should be treated with integrity, confidentiality, and privacy.
Intrusion detection and prevention
The firewall security system prevents intruders entering the system.
The intrusion detection is used to detect intrusions.
The intrusion detection system can detect and take proactive measures to protect the system against intruders.
System for monitoring the occurrence of events
To integrate services, events and products must be correlated.
The wireless protocols are used to manage network traffic.
The machine should have a peer-to-peer connection to isolate it.
Integrity of incoming signals
Signals should be kept in good quality on the communication channel.
Datagram used to maintain confidentiality
UDP transmissions can keep confidential communications secure
IoT Devices Security and Safety Procedures
Security procedures and protection
Device authentication and authorisation
Accessing data from the hardware or software platform is made possible by authorization and authentication protocols.
The validation process prevents malware from entering the system and other security issues.
The digital signature technology provides the authentication that the user requires.
Access control for information by users
Management of access to information between different communication devices is possible using mandatory and role-based access controls.
These methods restrict the strength of the user and limit their access to information. They also specify the user’s area.
Based on his responsibility and role, the user can access the data.
This reduces the possibility of information being divulged.
Management of the device’s life cycle
To protect the communication between devices on the internet, encryption should be applied to all of them.
The patching technology can be used to limit the entry of an intruder between the software and hardware technology.
By applying patching, the continuity of the information is maintained.
Policies for encryption and decryption
Vermesan, 2013, “The encryption process is the attachment of bits to the data packet by the user that converts the message into encrypted form.”
Encryption of data on a packet is done using the public key and the private key.
The public and private keys are used at the receiver to decrypt the data.
Each device that is part of the IoT architecture must be equipped with cryptographic modules.
You can develop secure communication by following security policies and governance rules to manage interoperability.
For secure communication management, the interoperability procedures can be used.
Ads-on for IoT solution
You should place emphasis on creating applications that meet specific requirements.
Ad-ons should be included in the application so that security features can easily be added to suit application requirements.
The key roles and responsibilities of key players
Users should be granted authority according to their roles.
This facilitates the diversification of information accessing areas.
These methods allow for a limitation on the user’s power by identifying the user’s area.
According to his responsibility and role, the user is allowed to access data.
Specification of areas can reduce the risk of information being disclosed” (Friess (2014)
Baseline for the data management
An event monitoring system can determine the exact location of the devices.
Data Governance Policies
A well-designed governance structure is necessary to ensure data accessibility and secure transactions.
Tollens (2016). “It is essential to allocate the responsibilities in order to identify the right person for the right resources.”
The safeguarding framework assists in the management of communication links to ensure proper interoperability.
Architecture that is loosely coupled
“The loosely-coupled system has the advantage of the traditional system to eliminate hacked devices from internet, which helps with securing resources and devices from infected” (Wang (2014)
“The privacy framework can be used to reduce the risk of data being stolen” (Choudhary (2014).
PRIS and NFR are some examples of privacy mechanisms that are used to provide protection for data in the IoT network.
PRIS, which can protect the integrity and confidentiality of data, is the most commonly used privacy framework.
It is crucial to protect the network from attacks by vulnerabilities as it can impact the confidentiality and integrity of the applications.
Assets with high asset values
Security measures will depend on the asset’s capabilities.
Management of the Devices’ Security Throughout Their Lifecycle
“The security and safety of devices is a major concern in working on the IOT ecosystem” (Fang 2016).
When developing the communications links between devices, resources and each other, it is important that the devices are given security standards.
To detect an intruder, hardware components should use booting.
Software uses anti-malware, anti-virus software to detect viruses in the system.
You can secure the operation by using the microcontrollers and chips.
“The cryptographic modules must be attached to all devices that are part of the IoT architecture.” (Buch 2016,).
There are three steps that can secure an application.
The first step is creating a pair of shared key pairs. The second step is to create strong passwords using alphanumeric. Finally, the third step is to generate the digital signature, certification, and authorization for authentication and authorisation.
Z-wave is a security protocol that allows secure communication between devices. Zigbee is the second.
This centralised network provides security measures for all devices that communicate with it.
The network band must be managed by the target device to allow access to information.
Data leakage could be caused by weak credentials.
The security measures used to prevent viruses, worms and other intruders entering the application will determine the resilience and longevity of the service.
Key management is used to develop resilience network across the IoT infrastructure.
A security program that is effective relies on four elements: protocol used for key management public and private keys used for encryption purpose, protocol used for effective communication and driving the event management plan.
Security breaches can be prevented by using the patch process and a proactive plan for security.
The cyber-security solution is crucial in managing the security of IoT infrastructure.
The artificial intelligence system and the ambient system play a key role in safeguarding systems.
For data privacy and confidentiality, the interaction between devices should be in accordance with the security rule.
The resilience network management is critical to the integrity of data.
For data integrity protection during transmission and communications services, the multi-layer protocol is used.
The following diagram illustrates the security measures associated with each layer.
The Internet of thing, a new technology capable of providing instant access to information via smart objects, is the Internet of thing.
As the platform becomes more complex, so does the potential for intruders. It is essential to prepare a high shield of security that is based upon security policies and governance.
Each layer should have its own security standards. The communication links between devices and resources must be established using these standards.
The centralised network provides security measures for all communicating devices.
To minimize information security risks, the privacy framework is employed.
You should focus on creating the application that meets a particular requirement.
Approval should be granted so that security features can easily be added to the application according to the IoT architecture.
For data security and access, a well-defined governance structure must be in place.
Encryption methods and policies should be used to restrict remote access.
This helps to determine the right person to access the resources.
To access information from the hardware or software platform, authorization protocols and authentication are necessary.
It is important that the signals are maintained in good quality on the communication platform.
It is crucial to protect the network from attacks on vulnerabilities. The confidentiality of data can be a problem.
Protecting the internet of everything.
An integrated system to monitor and manage the region’s environment using internet of things (1st Ed.).
Internet of things: from research and innovation to deployment on the market (1st Ed.).
The 1st Edition of Integrating IoT Sensor Technology into an Enterprise.
The internet of Things in Enterprise Context (1st Ed.).
Industrial Internet of things.
Internet of things, research agenda (1st Ed.).
Building value through visibility (1st Ed.).
Internet of things: Visions and Applications, and the Research Challenge.
Reaping the benefits of the internet-of-things (1st Ed.).
The internet of Things for Today and Tomorrow (1st Ed.).
Internet of things- Connecting technologies for smart environments (1st Ed.).
(1) Internet of things for modern manufacturing enterprise system (1st edition).
Internet of things: Security risks, automated policies and the Internet of things.