Some Internet of Things (IoT) secure points you need to know
- Always create a separate network.
- Don't connect your device to internet unless you need
- keep different passwords for each device.
- Make sure your Firmware fully updated.
- Don't Keep your personal IoT devices to work.
1. Secure by Default
- No default passwords shared between devices, or weak out of the box passwords.
- All passwords should be randomly created using high quality random number generators.
- Advanced features utilized by a small percentage of users should be turned off (VPN, Remote Administration, etc.)
2. Secure by Design
- Firmware should be locked down, so serial access is not available.
- Secure Element (SE) or Trusted Protection Modules (TPM) devices should be used to protect access to the firmware and hardware.
NAND or other memory/storage mediums should be protected with epoxy, ball sockets (so the memory cannot be removed and dumped), or other methods to prevent physical attacks.
3. Self-contained security
The devices should not rely on the network to provide security. Rather, the device's security model should assume the network is compromised and still maintain protection methods. This can be done with prompts to the users to accept handshakes between devices trying to access other devices on their networks. Communication between devices should be encrypted to prevent MitM attacks and sniffing/snooping.Challenges:
1. Sensing a complex environment
Innovative ways to sense and deliver information from the physical world to the cloud.
2. Connectivity
Variety of wired and wireless connectivity standards are required to enable different application needs
3. Power is critical
Many IoT applications need to run for years over batteries and reduce the overall energy consumption
4. Security
Protecting users' privacy and manufacturers' IP; detecting and blocking malicious activity.
5. IoT Application
IoT application development needs to be easy for all developers, not just to experts.
6. Complex
IoT solutions encapsulate wireless and Internet communication and make hardware and software design simple.
7. Cloud Service
IoT applications require end-to-end solutions including cloud services.
ليست هناك تعليقات:
إرسال تعليق