The Internet of Things is the idea that everything around us from cars to ovens can be connected. If everything around us is linked and collecting information, these networks must be able to provide security and privacy to the end-user particularly in low-power lossy networks.
10. Lifecycle of a "thing"
Security Issues
Identify
device
cloning
11. Lifecycle of a "thing"
Manufacturing
• Devices tailored towards very specific tasks.
• Network will contain nodes created by the different
manufacturer.
• An attack that could occur during this phase would
involve an untrustworthy manufacturer that clones
the device.
Best-case scenario: Cloned device is sold for a cheaper price but functions the same as a genuine device.
Worst-case scenario: Software may be changed to implement harmful features such as a backdoor.
Result: Exists an implicit user trust of vendors and their manufacturers.
12. Lifecycle of a "thing"
Installation
• Commissioning and installation phase for a thing
entails providing device identity and secret keys
which will be used for communication during the
operational phase.
• Untrustworthy installer may substitute a device
for a lower quality one.
• This attack would save the installer money and
can be profitable if the genuine device is resold.
• Obtaining the secret keys when the installer
provides them to the device, then the network
communications are compromised
Result: Exists an implicit user trust of the installers.
13. Lifecycle of a "thing"
Operational
• Attacks can vary from eavesdropping to
active routing attacks to denial-of-service
attacks.
• Attacks can be separated into a few
categories, physical capture, disrupt,
degrade, deny, or destroy a part of the
network, manipulation attacks, and
eavesdropping attacks.
15. Security Framework
Secure IoT Framework
• Authentication
• Provide and verify the identify information of an IoT
entity.
• Authorization
• Controls a device's access throughout the network fabric.
• Network Enforced Policy
• Encompasses all elements that route and transport
endpoint traffic securely over the infrastructure, whether
control, management or actual data traffic.
16. Conclusion
Network Services
• Ensure only necessary ports are open.
• Ensure services are not vulnerable to buffer overflow and
fuzzing attacks.
• Ensure services are not vulnerable to DoS attacks.
17. Conclusion
Transport Encryption
• Ensure data & credentials are encrypted while in transit.
• Use secure encrypted channels.
• Use good key lengths & good algorithms.
• Protect against replay attacks.
18. Conclusion
Privacy as part of design
• Collect only the minimum necessary data for the
functionality of the device
• Ensure any sensitive data collected is properly protected
with encryption.
• Ensure the device properly protects personal data.
19. Conclusion
Software / Firmware
• Ensure your firmware does not contain hardcoded
credentials or sensitive data.
• Use a secure channel to transmit the firmware during
upgrades.
• Ensure the update is signed and verified before allowing
the update.
• Do not send the public key with the firmware, use a hash.
• Ensure your SVN/GIT repositories do not contain the
private keys.
20. Conclusion
Physical Security
• Ensure physical access to your device is controlled.
• Accessible USB or SD ports can be a weakness.
• Can it be easily disassembled to access the internal storage
(RAM/ROM).
• If local data is sensitive, consider encrypting the data.