Ahmedali answered on
May 21 2020
IoT Security and Privacy challenges
Internet of Things allow organizations to main significant functional and operational advantages as they have the capacity to perform a variety of functions and make the actual devices work together in tandem to
ing results. However, at the same time as these IOT devices that make all the systems smart are always connected to the internet, they are likely to face certain major challenges. IOT facilitates exchange of information over a whole supply chain of an organization through devices connected to internet making the exchange look seamless. Because of this connectivity of the critical infrastructure of an organization to the internet through IOT systems, the infrastructure becomes vulnerable to the privacy and security concerns. Measures have to be taken to protect these networks from attacks and other privacy concerns with measures like data authentication and access control. This can be exercised with a legal framework defining rights of device users, which is supplemented by private organizations. In this research, various challenges that are faced by IOT networks concerning their privacy and security would are explored and methods available for combating them have been discussed.
Executive Summary 1
Problems and Challenges 1
Literature Review 1
Enabling Technologies 2
Applications of IOT 3
Privacy in IOT 4
Addressing Privacy in IOT 6
Problems and Challenges
IOT devices are connected to each other intelligently such that a common interface can be used for accessing all connected devices. IOT creates a value for a customer by connecting multiple devices so that the data can be gathered and analysed from these devices in a unified way. IOT serves the end consumers but it has wider application in business domains. It is serving the needs of various sectors like healthcare, retail, transportation, military, and defence. IOT
ings new and advanced capabilities and several business benefits through process optimization and real time consolidated data reporting. However, as it makes all the devices connect to the internet, it is also exposed to security and privacy challenges. Many IOT networks connect to critical infrastructure of an organization exposing its systems to these challenges and thus, understanding and addressing challenges of security and privacy in the IOT connected world is of prime importance. Common applications of IoT are in sectors like automotive, healthcare, transportation, and power (CityPulse, 2014).
IoT can be defined as a wireless network of infrastructure devices that can configure themselves and generate intelligent interactions based on certain communication protocols that are exchangeable and creates an integrated information network. The first introduction of an IOT device was done in 1990 with Sunbeam Deluxe Automatic Radiant Control toaster that could be connected to internet. IOT architecture has things or devices connected to each other through internet. These devices are attached with sensors through which they can gather real time data about su
oundings. Based on the capabilities of this sensor and their processing power, IoT devices can be classified into small 8-bit devices, 32-bit devices and capable 32 or 64-bit devices. Small devices like Adruino Boards have 8-bit SOC (System on the Chip) controllers. 32-bit devices have a 32bit architecture based on ARM or Artheros chips. These devices also have an embedded Linux based operating system such as OpenWRT. Highest level devices are either 32-bit or 64-bit such as Raspbe
y Pi or BeagleBone. These devices run on a full fledge OS system such as Linux or Android. Mobile phones and other telephony devices are the examples of these IoT devices (Fujitsu, 2016).
IoT devices are connected to each other and to internet with several technologies and protocols such as Ethernet, Wi-Fi, Bluetooth, Near Field Communication and Zigbee. The connection between the internet and IoT devices does through an intermediate interface that is called a gateway. Gateway provides these devices support in manageability and security. Not all devices need gateways to connect but those not designed for a direct internet connection would use a gateway for connection. In such a situation, these devise would connect using a network protocol (Kolozali, 2014).
A network consists of interconnected Protocol systems such as gateways, repeaters, and routers that are used for controlling the flow of data and connecting to the telecommunication networks like 3G, LTE, and 4G. IoT devices generate a huge amount of data that is obtained through sensors. Cloud infrastructure is often used to process this data. The processing of data is done by the service creation layer which acts as the middleware and has components like applications, web servers, ETL load, and transform. The processed data delivers the output through different interfaced channels such as desktop
owser or web application (E, et al., 2012).
IoT network generally has connected devices that are distinguished through the use of exceptional communication technology that provide them sensing, communicating, networking, and data processing capabilities. Intelligent sensors have become a common part of an IoT system. IoT systems have evolved through a number stages that began with introduction of RFID technologies in logistics and pharma production. Since then the sensory capacities of the devices have been enhanced to a great extent resulting into emergence of devices like NFC, Wireless sensor networks, bar codes, and cloud computing. The communication, data processing and modification done by devices in an IoT network follow some predesigned techniques. These techniques allow them to exchange data with each other simultaneously. When billions of such IoT devices get connected to each other, new technologies emerge providing ways for new and advanced applications of IoT (WIND , 2015).
Applications of IOT
Some common applications of IoT networks include healthcare, retailing travel, logistics, manufacturing, restaurants, food services, li
ary services, and environmental monitoring. Increase in adoption of IoT in multiple application areas is dependent on the growth of the IT sector which forms the backbone of IoT. It has been predicted that with the growth of ICT in near future, IoT would begin to solve many problems of public and social concerns. Cu
ently, the areas where IoT components have been deployed include RFID stages, social networks, mobile phone apps. Several products have been made and the IoT technologies like RFID help in monitoring and tracking the life cycle of these products. Old industries have seen enhancement in their efficiencies with the processing power of IoT devices (Li, et al., 2016). Some of the major application areas of IoT have been discussed here:
Industrial Applications: Industries make use of smart networks for processing real time data and managing business transactions through applications like critical data storage, aggregated QoS, and online payment systems. New inter-organisational business models would be created with the use of real time information that is processed by IoT devices. This has benefited manufacturers as they enable integration of their resources to make the optimum use of their capacities (Lin, 2017).
Social IoT (SIoT): Humans can also be sensed using intelligent sensors such that their activities can be tracked. The sensors that help in such tracking of human activities come under the category of Social Internet of Things. SlOT has also helped scientists come up with advances in fields like electronic learning, psychology, and social networking. With the use of such technologies, social networking platforms can improve their capacities and confidentiality (Folk, et al., 2015).
Healthcare Applications: With the use of IoT in healthcare, the quality of services have improved and the operating costs have reduced for service providers. Sensors are being used for measuring medical parameters such as blood glucose, body temperature, and blood pressure. Advances in sensor technologies and their processing capacities have become the growth drivers leading to wider adoption of IoT in the healthcare sector. Wearable Body Sensor networks (WBSNs) are used for monitoring activities of the patients so that their living conditions can be improved. These devices can collect information on their daily activities and monitor their health conditions such that any assign of medical condition that needs intervention can be identified and the patients can be prevented from getting into any severe medical problem by taking proactive actions. Advances in the technology have resulted into production of low cost medical sensors that can be connected wirelessly such that practical solutions for patient health tracking could be implemented (Mohammadi, et al., 2017).
Privacy in IOT
Privacy is a
oad term that has several definitions and perspectives on it. The concept of privacy has been shifting over the yeas from media, communication, to human privacy. With increased usage of electronic data, information privacy has taken a dominant place in most researches. Information privacy was first defined by Westin in 1968 as ”the right to select what personal information about me is known to what people”. This definition however, refer more to the non-electronic environments. It can still be adapted to the electronic environments like IOT systems. With this adoption, the privacy of internet of things can be defined as a guarantee of three things that include awareness of risks to the things and services, individual control over data collection, processing and dissemination, and control of outside entities over data collection, processing and dissemination (Bi, et al., 2014).
Figure 1: IOT Reference Model (Li, et al., 2016)
With the IOT reference model for data, entities and flow of data between them can be understood and new definition of privacy can be formed. In essence, the concept of privacy can capture assessment of personal privacy risks, protection of this privacy, and assurance of implementing a control sphere. The reference model can be used here for exploring entities and information flows. There can be four types of entities in an IOT network and these include smart things embedded with communication technologies, hosting services at the backend, recipients of the data that is transfe
ed over the network, and infrastructure to which the IOT network is connected. As per the reference mode, data flow can be of five types including interaction which can be active or passive, collection through gateways, processing involving analysis that can provide a trigger for a service, dissemination of information to subject, and presentation of the service to the data subject. In the IOT network, the flow of the information can be vertical such a in a central backend, horizontal such as across locally distributed things or hy
id of the two. This model keeps on evolving and has several updates as IOT is an evolutionary process (Li, et al., 2016).
An individual connecting with the internet as a subject through the smart devices can have a personal sphere of control that is influenced by the boundaries of the system the person operates in which can be a workplace or a public space. Privacy is more of social concept and thus, it is subject to requirements and perceptions of...