Internet of Things Information Security
VerifiedAdded on 2023/04/08
|8
|1630
|308
AI Summary
This document discusses the security infrastructure needed to establish trust when a device connects to the network in the context of the Internet of Things (IoT). It also explores the security measures required to ensure the privacy and security of personal, sensitive, and financial information, as well as the preservation of device identity. Additionally, the document covers data integrity and encryption security implemented by security professionals. The subject of this document is Internet of Things (IoT) information security.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: INTERNET OF THINGS
Internet of Things Information Security
Name of Student-
Name of University-
Author’s Note-
Internet of Things Information Security
Name of Student-
Name of University-
Author’s Note-
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INTERNET OF THINGS
1. Security infrastructure needed to establish “trust” when a device connects
to the network
The devices of network infrastructure are the ideal targets for the cyber attackers. Many
organizations and the customer traffic observes critical devices such as an attacker may be
present on the gateway of the network of the organization (Kumar, Vealey & Srivastava, 2016).
The attackers can modify, deny the entry of traffic in the organization or from the organization,
modify the data or can access the data. The attacker might also be present in the internal routing
of the organization and in the switching infrastructure can leverage the trust relationship for
conducting the lateral movement to all other hosts.
One standard based security technology is the public key infrastructure (PKI). This PKI is
proven in devices and secures the devices that are connected to the network by delivering high
assurance as well as trust for many years that makes the PKI ready to manage the identities of the
devices for Internet of Things.
When a device gets connected with a network, the network must be authentic as well as
establish the trust between all other devices, users, as well as services (Hong et al., 2018). If the
trust is established, the devices, the users, and the services can communicate securely as well as
transact all encrypted data as well as information.
The organizations should deploy a security defense on the network that is robust that
includes IPS as well as IDS, firewalls, as well as solutions for email filtering for restricting the
malicious code to enter in to internal network. The organization should implement DNS (Domain
Name System) sinkholes for preventing the resolution of the illegitimate domains for restricting
the traffic. Sinkholing is the base of the DNS protocol, and all servers included are configured so
1. Security infrastructure needed to establish “trust” when a device connects
to the network
The devices of network infrastructure are the ideal targets for the cyber attackers. Many
organizations and the customer traffic observes critical devices such as an attacker may be
present on the gateway of the network of the organization (Kumar, Vealey & Srivastava, 2016).
The attackers can modify, deny the entry of traffic in the organization or from the organization,
modify the data or can access the data. The attacker might also be present in the internal routing
of the organization and in the switching infrastructure can leverage the trust relationship for
conducting the lateral movement to all other hosts.
One standard based security technology is the public key infrastructure (PKI). This PKI is
proven in devices and secures the devices that are connected to the network by delivering high
assurance as well as trust for many years that makes the PKI ready to manage the identities of the
devices for Internet of Things.
When a device gets connected with a network, the network must be authentic as well as
establish the trust between all other devices, users, as well as services (Hong et al., 2018). If the
trust is established, the devices, the users, and the services can communicate securely as well as
transact all encrypted data as well as information.
The organizations should deploy a security defense on the network that is robust that
includes IPS as well as IDS, firewalls, as well as solutions for email filtering for restricting the
malicious code to enter in to internal network. The organization should implement DNS (Domain
Name System) sinkholes for preventing the resolution of the illegitimate domains for restricting
the traffic. Sinkholing is the base of the DNS protocol, and all servers included are configured so
2INTERNET OF THINGS
that they provide falsified information that are compromised to the malware running machines
(Alaba et al., 2017). For this reason, the malware does not communicate with control server and
data exfiltration gets stopped. The strategy that is usually opted for implementing detection as
well as preventing the mechanism that subvert communication with malicious servers in Internet.
The sinkholes restricts the infection to occur in silent way. The perimeter defense of sinkholes
helps the organization to provide security posture in the organization.
2. Security needed to ensure personal, sensitive and financial information is
kept private and secure, and device identity is preserved
The IoT (Internet of Things) helps to make the lives much easy, but the security
consideration of the devices are to be thought of or might sacrifice the fast working of the device.
The main aim involved in identity theft is to mass the data (Borgohain, Kumar & Sanyal, 2015).
Only with some study, the user can find a huge amount of data related to identify theft. The data
that are available related to user including the information of social media, data from the smart
watches, and data from the fitness tracker can be prone to data theft by the attackers. These
devices can provide more details of the users and with more amount of data, the attack gets more
sophisticated as well as easy.
There are many ways through which the data can be protected or preserved from the
attackers are stated below:
1. Share minimum amount of data: One of the most important factor in data security is
that the user must know that who are accessed to their data, for what the data is being used and
should also know all the policies of data protection for establishing their data protection. It is
always recommended to share the least possible information while using the service and the
that they provide falsified information that are compromised to the malware running machines
(Alaba et al., 2017). For this reason, the malware does not communicate with control server and
data exfiltration gets stopped. The strategy that is usually opted for implementing detection as
well as preventing the mechanism that subvert communication with malicious servers in Internet.
The sinkholes restricts the infection to occur in silent way. The perimeter defense of sinkholes
helps the organization to provide security posture in the organization.
2. Security needed to ensure personal, sensitive and financial information is
kept private and secure, and device identity is preserved
The IoT (Internet of Things) helps to make the lives much easy, but the security
consideration of the devices are to be thought of or might sacrifice the fast working of the device.
The main aim involved in identity theft is to mass the data (Borgohain, Kumar & Sanyal, 2015).
Only with some study, the user can find a huge amount of data related to identify theft. The data
that are available related to user including the information of social media, data from the smart
watches, and data from the fitness tracker can be prone to data theft by the attackers. These
devices can provide more details of the users and with more amount of data, the attack gets more
sophisticated as well as easy.
There are many ways through which the data can be protected or preserved from the
attackers are stated below:
1. Share minimum amount of data: One of the most important factor in data security is
that the user must know that who are accessed to their data, for what the data is being used and
should also know all the policies of data protection for establishing their data protection. It is
always recommended to share the least possible information while using the service and the
3INTERNET OF THINGS
users should not select the option of remembering details included in personal banking or in
corporate networking.
2. Encryption of data: Ensuring the data should be encrypted is one of the most
important step that makes sure that only the authorized people will be allowed to access the data
that are available.
3. Having strong authentication: The networks that are allowed to be connected with the
device, corporate network or the data, the unwanted people are not included for using the
authentication model (Lin et al., 2017). This is applicable if the devices is stolen or is lost. There
should be multifactor authentication that requires combination of all the elements for gaining
success usually to more than one credentials that are known to the users. For having improved
security, it is important to have multi factor authentication.
4. Changing Passwords: Using of different passwords for all the devices are required the
default password for a device should always be changed.
5. Government hints: The FBI should always give hints about securing the devices or
how to prevent own self from becoming a victim of the identify theft and there should be
security policies that should be included in the theft privacy.
3. Data integrity and encryption security by security professionals
Data integrity is the accuracy or the validity or consistency of the data over the life cycle.
All the compromised data are not much used by the organizations or the enterprises and the
sensitive data that are related in an organization are prone to privacy theft (Farooq et al., 2015).
Loss of sensitive data should result in loss of the enterprise. To maintain the data privacy, data
integrity should be the main focus providing security solutions in the organizations.
users should not select the option of remembering details included in personal banking or in
corporate networking.
2. Encryption of data: Ensuring the data should be encrypted is one of the most
important step that makes sure that only the authorized people will be allowed to access the data
that are available.
3. Having strong authentication: The networks that are allowed to be connected with the
device, corporate network or the data, the unwanted people are not included for using the
authentication model (Lin et al., 2017). This is applicable if the devices is stolen or is lost. There
should be multifactor authentication that requires combination of all the elements for gaining
success usually to more than one credentials that are known to the users. For having improved
security, it is important to have multi factor authentication.
4. Changing Passwords: Using of different passwords for all the devices are required the
default password for a device should always be changed.
5. Government hints: The FBI should always give hints about securing the devices or
how to prevent own self from becoming a victim of the identify theft and there should be
security policies that should be included in the theft privacy.
3. Data integrity and encryption security by security professionals
Data integrity is the accuracy or the validity or consistency of the data over the life cycle.
All the compromised data are not much used by the organizations or the enterprises and the
sensitive data that are related in an organization are prone to privacy theft (Farooq et al., 2015).
Loss of sensitive data should result in loss of the enterprise. To maintain the data privacy, data
integrity should be the main focus providing security solutions in the organizations.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4INTERNET OF THINGS
The data integrity of data can be hampered in several ways. All the time the data is
transferred or is replicated, the data should remain intact and should always be unaltered in
between the updates (Mosenia & Jha, 2017). The methods included in error checking as well as
validation procedures are used for ensuring the data integrity which are transferred or is
reproduced without any alteration or any intention to change them.
Data integrity also results in having confusion because data integrity might be either a
states or processes involved (Whitmore, Agarwal & Da, 2015). The data integrity is a state that
defines set of data that is valid or is accurate. When data integrity is used as process, describes
the measures that are helps in ensuring the validity as well as accuracy of the data set or all the
data that are contained in the database. The security professionals implements some methods
such as error checking methods as well as method validation that can be used as processes of
data integrity.
On the other hand, data encryption mainly translates the data in some other forms or the
codes so that the people who have the secret key only have access to the data. The secret key is
known as the decryption key or the password that are included in it (Sicari et al., 2015). The
encrypted data is commonly referred to the cipher text and the unencrypted data is known as the
plain text. Encryption is the popular as well as effective data included in security methods that
are used by the organizations. There are two different forms of data encryption that are used by
the security professionals that are: asymmetric encryption commonly known as public key
encryption and the other is symmetric encryption.
The security professionals use the data encryption for protecting the confidentiality of
digital data as it can be stored in the computer systems as well as gets transmitted using internet
and by some other computer networks (Sadeghi, Wachsmann & Waidner, 2015). The standard of
The data integrity of data can be hampered in several ways. All the time the data is
transferred or is replicated, the data should remain intact and should always be unaltered in
between the updates (Mosenia & Jha, 2017). The methods included in error checking as well as
validation procedures are used for ensuring the data integrity which are transferred or is
reproduced without any alteration or any intention to change them.
Data integrity also results in having confusion because data integrity might be either a
states or processes involved (Whitmore, Agarwal & Da, 2015). The data integrity is a state that
defines set of data that is valid or is accurate. When data integrity is used as process, describes
the measures that are helps in ensuring the validity as well as accuracy of the data set or all the
data that are contained in the database. The security professionals implements some methods
such as error checking methods as well as method validation that can be used as processes of
data integrity.
On the other hand, data encryption mainly translates the data in some other forms or the
codes so that the people who have the secret key only have access to the data. The secret key is
known as the decryption key or the password that are included in it (Sicari et al., 2015). The
encrypted data is commonly referred to the cipher text and the unencrypted data is known as the
plain text. Encryption is the popular as well as effective data included in security methods that
are used by the organizations. There are two different forms of data encryption that are used by
the security professionals that are: asymmetric encryption commonly known as public key
encryption and the other is symmetric encryption.
The security professionals use the data encryption for protecting the confidentiality of
digital data as it can be stored in the computer systems as well as gets transmitted using internet
and by some other computer networks (Sadeghi, Wachsmann & Waidner, 2015). The standard of
5INTERNET OF THINGS
data encryption that are outdated are generally replaced by the modern day encryption algorithm
that has some critical role for providing security to the IT system or communications. These
algorithms helps the user to have confidentiality as well as driving the initiatives that includes
key security having authentication, non-repudiation as well as has
data encryption that are outdated are generally replaced by the modern day encryption algorithm
that has some critical role for providing security to the IT system or communications. These
algorithms helps the user to have confidentiality as well as driving the initiatives that includes
key security having authentication, non-repudiation as well as has
6INTERNET OF THINGS
References
Alaba, F. A., Othman, M., Hashem, I. A. T., & Alotaibi, F. (2017). Internet of Things security: A
survey. Journal of Network and Computer Applications, 88, 10-28.
Borgohain, T., Kumar, U., & Sanyal, S. (2015). Survey of security and privacy issues of internet
of things. arXiv preprint arXiv:1501.02211.
Farooq, M. U., Waseem, M., Khairi, A., & Mazhar, S. (2015). A critical analysis on the security
concerns of internet of things (IoT). International Journal of Computer
Applications, 111(7).
Hong, S., Park, S., Park, L. W., Jeon, M., & Chang, H. (2018). An analysis of security systems
for electronic information for establishing secure internet of things environments:
Focusing on research trends in the security field in South Korea. Future Generation
Computer Systems, 82, 769-782.
Kumar, S. A., Vealey, T., & Srivastava, H. (2016, January). Security in internet of things:
Challenges, solutions and future directions. In 2016 49th Hawaii International
Conference on System Sciences (HICSS) (pp. 5772-5781). IEEE.
Lin, J., Yu, W., Zhang, N., Yang, X., Zhang, H., & Zhao, W. (2017). A survey on internet of
things: Architecture, enabling technologies, security and privacy, and applications. IEEE
Internet of Things Journal, 4(5), 1125-1142.
Mosenia, A., & Jha, N. K. (2017). A comprehensive study of security of internet-of-things. IEEE
Transactions on Emerging Topics in Computing, 5(4), 586-602.
References
Alaba, F. A., Othman, M., Hashem, I. A. T., & Alotaibi, F. (2017). Internet of Things security: A
survey. Journal of Network and Computer Applications, 88, 10-28.
Borgohain, T., Kumar, U., & Sanyal, S. (2015). Survey of security and privacy issues of internet
of things. arXiv preprint arXiv:1501.02211.
Farooq, M. U., Waseem, M., Khairi, A., & Mazhar, S. (2015). A critical analysis on the security
concerns of internet of things (IoT). International Journal of Computer
Applications, 111(7).
Hong, S., Park, S., Park, L. W., Jeon, M., & Chang, H. (2018). An analysis of security systems
for electronic information for establishing secure internet of things environments:
Focusing on research trends in the security field in South Korea. Future Generation
Computer Systems, 82, 769-782.
Kumar, S. A., Vealey, T., & Srivastava, H. (2016, January). Security in internet of things:
Challenges, solutions and future directions. In 2016 49th Hawaii International
Conference on System Sciences (HICSS) (pp. 5772-5781). IEEE.
Lin, J., Yu, W., Zhang, N., Yang, X., Zhang, H., & Zhao, W. (2017). A survey on internet of
things: Architecture, enabling technologies, security and privacy, and applications. IEEE
Internet of Things Journal, 4(5), 1125-1142.
Mosenia, A., & Jha, N. K. (2017). A comprehensive study of security of internet-of-things. IEEE
Transactions on Emerging Topics in Computing, 5(4), 586-602.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7INTERNET OF THINGS
Sadeghi, A. R., Wachsmann, C., & Waidner, M. (2015, June). Security and privacy challenges in
industrial internet of things. In 2015 52nd ACM/EDAC/IEEE Design Automation
Conference (DAC) (pp. 1-6). IEEE.
Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security, privacy and trust in
Internet of Things: The road ahead. Computer networks, 76, 146-164.
Whitmore, A., Agarwal, A., & Da Xu, L. (2015). The Internet of Things—A survey of topics and
trends. Information Systems Frontiers, 17(2), 261-274.
Sadeghi, A. R., Wachsmann, C., & Waidner, M. (2015, June). Security and privacy challenges in
industrial internet of things. In 2015 52nd ACM/EDAC/IEEE Design Automation
Conference (DAC) (pp. 1-6). IEEE.
Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security, privacy and trust in
Internet of Things: The road ahead. Computer networks, 76, 146-164.
Whitmore, A., Agarwal, A., & Da Xu, L. (2015). The Internet of Things—A survey of topics and
trends. Information Systems Frontiers, 17(2), 261-274.
1 out of 8
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.