Analyzing IoT Mobile Device Security: Architecture and Threats

Verified

Added on 2023/04/08

AI Summary

This report explores the security challenges and architectural considerations for mobile devices within the Internet of Things (IoT) ecosystem. It addresses management's concerns regarding the detailed documentation of IoT implementation, particularly in the context of asset tracking systems. The report examines key components of an IoT architecture, including generic sensing and actuating devices, IoT applications for data transformation, cloud/server infrastructure for data storage and processing, and gateway capabilities for data acquisition and communication. It further discusses two primary architectural models for securing mobile devices: cloud-based and hybrid. The cloud build architecture leverages cloud services for easy implementation and management, while the hybrid build architecture integrates cloud services with existing on-premises infrastructure, particularly Active Directory (AD) servers. The report concludes that both cloud and hybrid architectures offer viable solutions for ensuring the security of mobile devices within an organization's IoT environment.

Running Head: IoT 0
Internet of Things
Student Details
3/19/2019

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

IoT 1
Contents
Introduction................................................................................................................................2
Security for Mobile Devices......................................................................................................2
Cloud Build Architecture Description...................................................................................3
Hybrid Build Architecture Description..................................................................................3
Conclusion..................................................................................................................................4
References..................................................................................................................................5

IoT 2
Introduction
Development in smart city concept has raised the issue in ICT due to the Internet of
Things (IoT). IoT interconnects various sensors, machines, controllers, things, and people
together through cloud and local or wide area communication technologies. This wide scale
development of IoT is likely to raise many challenges regarding security and privacy for
smart, connected, and mobile IoT devices (Souppaya & Scarfone, 2013). This report
discusses about the IoT devices and related security required for these devices from an
organization’s point.
Security for Mobile Devices
Mobile devices help the users of an organization to access the resources from
wherever and whenever they want to, providing both opportunities and challenges. Due to the
advancement in technologies of mobile devices, users want to use both devices that are issued
by the organization as well as their personal mobile devices to access the data, services, and
other resources of the enterprise. The security guide provided by the NSIT describes about
technologies that provide a secure access to the sensitive contacts, emails, and calendar
information of an organization on users’ mobile devices (Edraw, 2019). The security guide of
NSIT consists of two different builds: out of which one focuses on the cloud-based data,
services, and the management and the second leverages the similar enterprise mobility
management (EMM) infrastructure in-house.
Some of the common threats to the mobile devices are: mobile malware, unauthorized
access, social engineers, electronic eavesdropping, and stolen data due to theft, loss, or
disposal, electronic tracking, and data access by legitimate third party applications (Nardone ,
2016). These threats identify associated risks that an organization may face while

IoT 3
implementing mobile devices. NSIT explains three mobility security principles: isolation,
device integration, and protected storage.
Cloud Build Architecture Description
Cloud build architecture assist the organizations in providing the advantages of
mobile devices to the users and help in managing these devices through cloud. Cloud build is
implemented very easily and quickly in the enterprises without the need of an internal AD
server. This build make use of MDM with Office 365 to diversify the MDMs. It is easy to
configure and operate this solution as a cloud service to include the personal and enterprise’s
mobile devices into the EMM (Franklin, Bowler, Brown, McNab, & Steele, 2015). This
solution enables the users, accessing the enterprise resources and managers to push policies to
mobile devices. Office 365 allows various policies to be included in the mobile devices but
also provides reduced features set as compared to the Microsoft Intune.
Source: (Franklin, Bowler, Brown, McNab, & Steele, 2015)
Hybrid Build Architecture Description
Hybrid build architecture provides the same services to the cloud based but integrates
these services into the network in a different way. This solution includes combination of

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

IoT 4
enterprise assets which are present in the current network of the organization, including
EMM abilities and cloud service for MDM. This build is an initial point for an organization
which has internal AD server dependence (InfoQ, 2017). Existing AD sever consisting user
data and related credentials are the cornerstones of hybrid build. Below is the architecture of
hybrid build:
Source: (Franklin, Bowler, Brown, McNab, & Steele, 2015)
Conclusion
Therefore, from the above discussion it can be concluded that two builds: Cloud and
Hybrid can be used to ensure the security of mobile devices in an organization.

IoT 5
References
Edraw. (2019). Architecture Diagrams. Retrieved from
https://www.edrawsoft.com/architecture-diagram.php
Franklin, J., Bowler, K., Brown, C., McNab, N., & Steele, M. (2015). Mobile Device
Security. Retrieved from
https://www.nccoe.nist.gov/sites/default/files/library/sp1800/mds-nist-sp1800-4b-
draft.pdf
InfoQ. (2017). The Art of Crafting Architectural Diagrams. Retrieved from
https://www.infoq.com/articles/crafting-architectural-diagrams
Nardone , S. (2016). Implement Mobile Device Security. Retrieved from
https://www.cio.com/article/3081591/implement-mobile-device-security.html
Souppaya, M., & Scarfone, K. (2013). Guidelines for Managing the Security of Mobile
Devices in the Enterprise. Retrieved from
https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-124r1.pdf