book

Securing the Internet of Things

by Shancang Li, Li Da Xu

January 2017

Intermediate to advanced

154 pages

4h 32m

English

Syngress

Read now

Unlock full access

Abstract1.1 Introduction1.2 Security Requirements in IoT Architecture1.3 Security in Enabling Technologies1.4 Security Concerns in IoT Applications1.5 SummaryReferences
Abstract2.1 Introduction2.2 Security Requirements in IoT2.3 Insufficient Authentication/Authorization2.4 Insecure Access Control2.5 Threats to Access Control, Privacy, and Availability2.6 Attacks Specific to IoTReferences
Abstract3.1 Secrecy and Secret-Key Capacity3.2 Authentication/Authorization for Smart Devices3.3 Transport Encryption3.4 Secure Cloud/Web Interface3.5 Secure Software/Firmware3.6 Physical Layer Security3.7 SummaryReferencesFurther Reading
Abstract4.1 Security Goals in IoT4.2 Public-Key-Based Authentication4.3 Identify-Based Authentication, Encryption, and Digital Signature4.4 IP Connectivity4.5 Lightweight Cryptography4.6 Existing Security Schemes for IoT4.7 SummaryFurther Reading
Abstract5.1 Introduction5.2 Network Layer5.3 Service Layer5.4 Application–Interface Layer5.5 Cross-Layer Threats5.6 Threats Caused in Maintenance of IoTReferences

Abstract6.1 Security in Identification and Tracking Technologies6.2 Security in Integration of Wireless Sensor Network and RFID6.3 Security in Communications6.4 Security Protocols and Privacy Issues into 6LoWPAN Stack6.5 Security in Service ManagementReferencesFurther Reading
Abstract7.1 Data Security and Privacy7.2 Data Confidentiality and Key Management7.3 Literature ReviewReferencesFurther Reading
AbstractReferences
AbstractReferencesFurther Reading

Content preview from Securing the Internet of Things

Chapter 3

Security and Vulnerability in the Internet of Things

Shancang Li

Abstract

This chapter addresses the differences between secrecy and secret-key generation in web applications versus the Internet of Things (IoT). Authentication using OAuth and OpenID is discussed, as well as encryption using secure sockets layer, transport layer security, and HTTPS. The chapter outlines the basic structure of the IoT cloud structure, the machine-to-machine gateway by which systems of smart devices are connected. The vulnerabilities of protecting the IoT using software are discussed, as well as the benefits of implementing a software/firmware update. Types of attacks at the physical layer are discussed, including side channel attack, timing attack, IoT ...