Posted: June 30th, 2022

CBK91087 Internetworking Core Options

Question:

This is a significant assignment in network security.

Each of you will be asked to concentrate on a specific area of network security in greater detail than what was covered in assignment 1.

Topic List

Select one of these:

Discussion of the computation that allows biometrics to prove identity in a digital environment and the vulnerabilities and threats that could hinder its use.

What is PKI?

Discuss the benefits and challenges that come with PKI in-house vs commercial.

Both government and law enforcement have a history in trying to make encryption work arounds and back doors into consumer devices and security infrastructure.

Consider the security implications of such policies for consumers and their success.

Comparing the security requirements for control system networks (such SCADA) with more common general-purpose networks, you can see how they compare in detail.

IoT devices have become more common.

Discuss the security implications of this proliferation.

Answer:

Title: IoT devices are becoming more common: Security implications of their proliferation

Information technology is a field that has seen continuous innovation and growth.

Enterprises adopt the internet of things at a rapid pace to manage cloud computing technology, network resources, and other aspects.

Sensors and actuators are part of the IoT devices.

Smart objects is a new technology that provides on-demand access to information.

Smart objects are objects that have physical characteristics. Incoming signals give back information; computing capabilities and the sensing phenomenon of physical resource are available to them.

Implementing the IoT infrastructure is difficult because there aren’t well-defined interoperability specifications, not well-defined security policy for device communication, uncertainty about ROI, legacy equipment aren’t available, technology is still in its infancy according to IoT infrastructure requirements, loss of privacy, uncapable staff and labour, adverse effect on the environment.

“The need for infrastructure that can organize and manage big data is a result of innovation in cloud computing and autonomous computing” (Shacklett 2014).

It is solved by the IoT infrastructure.

Two components are essential to the IoT infrastructure. They are radio frequency identification reader (RFID) and wireless sensor network (WSN).

The three limitations of IoT infrastructure include IoT infrastructure managing heterogeneous device, sensor nodes implication and object dimensions.

Communication is maintained by RFID readers between various devices.

Many technologies are used to implement IoT infrastructure. These include Bluetooth sensor, interconnection among wearable devices and radio frequency identification reader; integration of smartphones; dependency of low power consumption and other.

For developing IoT reference models, the cloud server side architecture is used.

Security is a critical aspect of IoT technologies.

“The cloud-side server architecture reference model is used to manage resources, devices and operations, as well as services, functions, and processes.” (Miorandi 2012).

Implementing IoT into the company’s working curriculum can increase productivity and make it easier to access data and other resources.

These are the Characteristics of The IoT Infrastructure

It is important to connect devices and resources.

It is important to establish interconnection between devices using the established standards and policies.

It’s the global platform that manages communication between various resources on the internet.

IoT services

The IoT platform should manage consistency, privacy, availability and integrity of data.

Device heterogeneity:

Hardware and software devices can be used together in the IoT environment even though they are heterogeneous.

The network connection allows for the management of connections between embedded systems and smart objects.

Dynamic changes

Dynamic changes can be used to predict the location and speed of resources on the network.

Smart devices can be managed by the IoT platform.

It is a huge scale:

Access data can be accessed according to the requirements of the application. The user also manages communication between devices.

Communication can be managed without interruption by controlling the magnitude.

Traditional networks lack the ability to scale.

Scalability features are useful in managing high-level communication systems by increasing or decreasing their magnitude.

Ubiquitous computing manages ubiquitous data exchange.

Wireless communication technologies can help to distribute the workload among smart objects.

Dynamic radio systems can manage the data spectrum.

A loosely coupled system can also be created by combining the basics of ambient intelligence with ubiquitous computing terminology.

In the loosely connected system, vulnerable and hacked devices can be easily thrown out.

The artificial intelligence and the ambient system are key components of the safeguarding system.

Solution for energy optimization

The IoT infrastructure can optimize the resources by maintaining a continuous flow of information.

Optimizing the tracking and location capability

Wireless communication allows you to track the remote location of your devices.

Use of the Operating system

The specification plan can specify the requirements for the operating system.

Software components are used to handle computational services.

IoT Devices and Technologies

Below are the first IoT technologies and devices that can be used to develop IoT infrastructure.

Technology and devices

Explanation

The IoT application is a combination of resources and devices that are combined to make it work efficiently on the IoT infrastructure.

Software integration technique

Analytical search engines allow you to access the information between middleware and application.

Integration of services is required for the software to work.

Hardware technology

The hardware concepts used in IoT infrastructure include Bluetooth sensor, interconnection of wearable devices, radio frequency ID reader, integration of smartphones, dependence on low power consumption and other.

Innovations in cloud computing and autonomous computing have created the need for infrastructure that can organize and manage big data.

It is possible with the IoT infrastructure.

RFID readers are used to detect radio signals and give responses.

Communication and network management

Satellite network management software is used to manage different resources and devices on the network.

Satellite communication allows for remote tracking of devices.

Analytical solutions

“The predictive data mining tasks and the pattern recognition system are used to manage business intelligence regarding the hardware and software that is used in the system.” (Khalid 2016,).

Artificial intelligence plays an important role in the efficient management of devices, processes and resources to ensure their effective use.

RFID is used to read radio signals and create communication links between devices in order to remote access the information.

It is an essential tool of IoT infrastructure that is used to manage supplier relationships, customer relationships, and remote monitoring of devices.

Sensor network and sensor resources

The IoT is a combination of virtual and physical worlds.

Sensor technology is used to develop compatibility between them.

Sensor networks can efficiently make use of resources.

Radio lights are used to analyse the position of devices in the sensor network.

Microchips that are embedded in smart objects can control the activities of the devices.

The distributed processing system manages the workload across different smart objects.

The microchips can be used to control the entire IoT ecosystem.

Intelligence controlling system is used to control the activities of microchips in order to maximize resource utilization.

Protocols

Protocols are the rules that are used to interconnect the IoT devices.

Protocols such as HTTPS and Zig-bee are used to interconnect the IoT devices.

Biometrics

The biometrics system, which allows remote access to information via the Internet of Things infrastructure, is responsible for authorizing the use of the information.

Technology for actuators

The actuators manage the radio waves that are coming in by controlling the signals.

For the prediction of devices, the mechanical switches can be used to create the illumination.

Ambient devices and technologies

For handling ambient devices, sensitive control measures can be used.

The artificial intelligence and the ambient system are key components of the safeguarding system.

Ambient technologies are built on context-aware program, which is used to develop the profile system, application based upon human centric, as well as techniques of pervasive computing.

IoT Infrastructure Challenges

There are many challenges to IoT infrastructure. For example, there aren’t well-defined interoperability standard, security policies for device communication are unclear, legacy equipment is not available, uncertain ROI, uncertainty of ROI, legacy hardware are not available, technology is not mature according to IoT infrastructure requirements, loss of privacy, incompetent staff and labour, adverse effect on the environment.

Security is the main concern in the IoT environment.

“The IoT architecture relies on decentralised control that can be accessed by hackers to take control of devices.” (Gaiser 2015).

With the increasing complexity of the platform, the risk of an intruder increases.

Security is also about trust and privacy.

With the addition of an attacker, data sensitivity could be compromised.

A high level of security must be provided. This should be based on security policies as well as governance.

Data privacy is also linked to political and social issues.

“The integration of devices requires a set of protocols to establish communication links between them.” (Li 2015).

It is important to attach the appropriate protocols with the devices.

A wrong choice of protocol can lead to problems.

Standard protocols should be used to protect the Open forum of IoT infrastructure.

Through the gaps between smart objects placed in the environment, an intruder could gain access to the IoT infrastructure premises.

An attacker can access confidential information directly via Ethernet connectivity.

Cloud polling is a problem that can be created by the uploading or downloading of data from the cloud.

Unencrypted communication among devices opens the door to the intruder.

For IoT infrastructure that is loosely coupled, the mediator should be used to connect devices.

IoT platform has many vulnerabilities. These include denial of service attacks and overflow and underflowing of request buffer, infection through flaws or errors, direct object reference, sensitivity to data exposure, forgery and others.

To prevent hackers from stealing their credential, users must use strong credentials to log in to their IoT profile.

Infecting the working platform of IoT with malware can cause damage to files and folders, and disrupt the operation and functionality of the devices.

Analyse Of Risks and Probabilities With IoT Architecture

Below is a table that shows the probability of IoT architecture-related risks.

As the platform complexity increases, the risks are greater.

Functional and operational phases

Subject

Risky areas

Semi-Autonomous risk condition

Condition of full autonomy for risks

It is important to analyse all data collected.

There are no data that could be used to identify the existence of potential risks

Probability of mild risks occurring

Probability of mild risks occurring

Phase of data analysis

Analyse of data based upon data collection phase

There are no risks in analysing the data

Cloud analysis of data

Cloud analysis data management on-device

Phase of decision making

There has been no decision taken

Humans have the ability to control decisions

“Performing the Cloud Analysis on Data” (Haller 2014)

Cloud analysis data management on-device

Communication phase

Data flow is fluid and easy to communicate

The operation of reading data from the cloud

Perform the operation of reading and writing data from the cloud

Communication from machine to machine

The devices have a limited effect

Moderate effect on devices

Devices have a high effect

Devices have a critical effect

Users should take steps to reduce vulnerabilities at their level.

Research has shown that strong passwords should be created using alphanumeric.

It is important to associate the creation of resources and devices with policies and encryption methods for restricting remote access.

James (2015) states that validation and verification helps to prevent malware entry and other security issues.

Secure socket layer should be used to establish communication links between devices and resources.

Secure socket layer certification is obtained by using the revocation list.

It is important to develop and upgrade security policies in accordance with the 2018 standards.

Security policies should be included in the API that is associated with an application.

The set of policies and standards should be used to establish interconnection between devices.

For the security of devices’ activities, the boot chain system should be used.

For device management, the security analytics features should be used.

It is important to eliminate unwanted and unneeded technologies and tools in order to secure the system against an intruder.

Predictive data mining tasks and pattern recognition are used to manage business intelligence about the hardware and software in the system.

Wireless protocols are used to manage the network traffic.

Peer to peer connections should provide isolation.

For security purposes, the IoT infrastructure uses protocols like HTTPS, Zigbee, HTTP API and HTTP, ZWave, as well as other protocols.

To ensure that the system is protected against intruders, the user must prepare a chart.

Data leakage should be eliminated by using the M2M connection.

Communication is considered successful when it can manage privacy, availability, security, and security of its system.

Cyber-security solutions play an important part in the management of security for IoT infrastructure.

Layered Security Methods

Below is a table that shows security methods associated with each layer IoT infrastructure.

Layer

Security measures

Description

Process for Secure Booting

The authentication should be done in conjunction with devices that are connected to the IoT infrastructure.

To access the information, the user should have a login credential.

Access control mechanism

Management of access to information between different communication devices is possible using mandatory and role-based access control.

Application data

Data used in an application must be protected from unauthorized access.

Method for protecting against firewalls

Intrusion detection and prevention

The firewall security system is used to prevent intruders from entering the system.

The intrusion detection system detects intrusions in the system.

The intrusion prevention system can be used to prevent the intruder from causing damage.

Layer network

Monitoring system to detect the occurrences of events

For the integration of services, it is important to establish a correlation between products and events.

Wireless protocols are used to manage the network traffic.

Peer to peer connectivity should provide isolation.

Integrity of incoming signals

It is important to maintain high quality signals on the communication platform.

Datagram for confidentiality maintenance

UDP transmission can preserve confidential communications

IoT Device Security and Protection:

Security and safeguarding

Explanation

Device Authorization and Authentication

To access information from the software and hardware platforms without any restrictions, authorization and authentication protocols are used.

The validation process is used to prevent malware entry and other security threats.

The technology of digital signature provides authentication to the user.

Information access control by the user

For managing information sharing between communications devices, mandatory access control and role-based access control can be used.

These methods limit the user’s strength by limiting the area they can access.

According to his role and responsibility, the user is granted permission to access data.

Specification of areas decreases the likelihood of information being disclosed.

Device lifecycle management

Encryption technology should be used to secure all devices that are stored on the internet.

The patching technology is used to prevent intruders from getting into the gaps between hardware and software technology.

Patching can help to maintain the continuity of information.

Policy on encryption and decryption

Vermesan (2013). “The encryption method refers to the process of attaching the bit stream into the data packet sent by the user, which converts the message in encoded form.”

For encrypting data in a packet, the public and private keys are used.

The pair of private and public keys is used to decrypt the data at the receiver end.

Every device placed on an IoT architecture should have the cryptographic modules attached.

Standards for interoperability

Secure communication can be achieved by adhering to the security policies and governance laws that manage interoperability.

Secure communication can be managed using interoperability protocols.

Ads for IoT solutions

It is important to develop the application according to a specific need.

Application should be ads-on to allow for security features to be added as required.

Roles and responsibilities of key players

According to their role, the authority should be given to the user.

This allows for the diversification in information accessing sectors.

These methods limit the user’s strength by limiting the user’s access to specific areas.

“The permission to access data is granted to the user according to his role and responsibility.

“The specification of the areas decreases the likelihood of disclosing information” (Friess 2014).

The baseline for data management

Event monitoring systems can predict the location of devices.

Policies for data governance

For data security and access, a well-defined governance structure must be in place.

Tollens (2016) states that it is important to assign responsibilities so that the right person can be identified for the right resources.

The safeguarding framework is used to manage communication links in order to ensure interoperability.

Architecture built on loosely coupled systems

“The loosely connected system has the advantage over the traditional system for eliminating hacked devices via the internet, which helps in protecting the resources and devices against infection” (Wang 2014).

Privacy framework

“The privacy framework is used to minimize the risk of information being violated” (Choudhary 2014).

PRIS, TROPOS and NFR are just a few of the privacy frameworks that can be used to protect data from the IoT infrastructure.

PRIS is the most popular privacy framework. It is capable of protecting data integrity and confidentiality.

Because it can compromise the confidentiality of applications, the privacy of data is essential to secure the network against attacks of vulnerabilities.

Asset value high

Security measures are dependent on the assets’ capabilities.

How to manage the security of your devices throughout their lifecycle

“The security of devices is the main concern when working in the IOT environment.” (Fang 2016,).

While developing communication links between devices and resources, the devices must be provided with security standards and measures at each layer.

To detect intruders, the hardware components must use the booting process.

To detect the presence of viruses, the software uses anti-malware software.

Secure operation can be achieved by using microcontroller chips and devices.

“The cryptographic module should be attached to every device placed on the IoT architecture.” (Buch, 2016).

Three simple steps can secure your application.

First, generate a pair or shared keys. Second, generate strong passwords using alphanumeric. Third, generate the digital signature and certificate for authorization and authentication.

Z-wave, Zigbee and other security protocols are used to secure communication between devices.

All the devices involved in the scenario are protected by the centralised network.

The network band should be managed by the target device for information access.

Data leakage can occur when the credential is weak.

Application’s resilience and longevity are affected by the security measures that can prevent intruders from entering.

For building resilience networks over IoT infrastructure, the key management program is essential.

An effective security program is dependent on four factors: protocols for key management of public key and private key used to encrypt data, protocols for effective communication, driving event management program and implementation of secure socket layers program.

By using a proactive security plan and patch process, security breaches are prevented from ever happening.

Cyber-security solutions play an important role in the management of security for IoT infrastructure.

The artificial intelligence and the ambient system are key components of the safeguarding system.

Interaction between devices must follow security rules to protect data confidentiality and privacy.

Effective management of the resilience network is key to ensuring data integrity.

Multi-layer protocols are used to preserve the integrity of data during transmission and communication services.

Below is a diagram that shows each layer’s security measures:

The Internet of things is a new technology that allows for on-demand access to information through the use of smart objects.

With increasing complexity, the risk of an intruder increases. This is why it is important to have a high level of security that is based on governance and security policies.

Each layer of the device should have security standards and measures. This is also important when establishing the links between them and the resources.

Security measures are provided by the centralised network to all devices involved in the scenario.

Privacy frameworks are used to minimize the risk of data being stolen.

It is important to develop the application according to a specific requirement.

Application should be ads-on to allow for security features to be added according the IoT architecture.

A well-defined governance structure must be in place to ensure data accessibility and secure transactions.

It is important to include policies and encryption methods in the creation of resources and devices.

It is important to identify the right person for the right resources by dividing responsibility.

Accessing the information from the software and hardware platforms is made possible by authorization and authentication protocols.

These signals must be transmitted with high quality to the communication platform.

Because it can compromise the confidentiality of an application, the privacy of data is a crucial step in protecting the network against attacks of vulnerabilities.

IoT and sustainability.

The internet of things: Safeguarding.

An integrated system for monitoring and managing the regional environment based on internet-of-things (1st edition).

Internet of things – from innovation and research to market deployment (1st edition).

Integration of IoT sensor technology in the enterprise (1st edition).

The internet of things in an enterprise context (first ed.).

Industrial Internet of things.

Internet of things and the research agenda (1st edition).

Building value from visibility (1st edition).

Internet of things: Visions, Aplications, Research Challenge.

The internet of things: reaping the benefits (1st edition).

The internet of things: Today and Tomorrow (1st edition).

Internet of things- Converging technology for smart environment (1st edition).

C. Wang (2014). Internet of Things for Enterprise System of Modern Manufacturing (1st Ed.).

Internet of things: Security threats and automated policies.