Internet of Things Security

Authors

  • Sheeba Backia Mary Baskaran NEC Technologies India Pvt. Ltd., India

DOI:

https://doi.org/10.13052/jicts2245-800X.712

Keywords:

Internet of Things, Network security threat, Communication security, LTE, 5G, SENSE

Abstract

The emergence of the Internet of Things (IoT) with its sprawling set of technologies and use cases paves way for diversified and new service providers to develop a plethora of connected products and services for a go-ahead business and enrich lives of individuals. As the new service providers may be unaware of the threats their services face and the emerging categories of first time connected devices, IoT services, use cases and the network types comes along with a new threat landscape there is a huge possibility for even a Zero-day exploits. The provision of wide area connectivity to an ever-widening variety of IoT services will increase the whole ecosystem’s exposure to fraud and attack. As the security issues are a significant inhibitor to the deployment of many new IoT services and attackers are showing ever greater interest in this area, this research article presents an overview of the threat vectors to the IoT ecosystem and the expected security features with Security-as-a-Network Service (SENSE) and other solutions that need to be in place to thwart the evolving security threats.

Downloads

Download data is not yet available.

Author Biography

Sheeba Backia Mary Baskaran, NEC Technologies India Pvt. Ltd., India

Sheeba Backia Mary Baskaran received her Ph.D. in Faculty of Information and Communication Engineering from Anna University, Chennai in 2017. She received her M.E. degree in Computer science and engineering from Anna University, Coimbatore and received the B.Tech. degree in Information Technology from Anna University, Chennai. She was a member of NGNLabs Anna University and was a recipient of University Grants Commissions’ MaulanaAzad National Fellowship from 2013–2016. She is currently working as a Research Engineer with NEC Technologies India Pvt. Ltd., and she has 2 years and 3 months of experience in Research and Development of mobile communication networks and security standardization. She is carrying out her research in Security Solutions for 5G, Vertical Services, Internet of Things, Public Safety network and Common API Framework. Her research interest includes LTE, LTE-Advanced, 5G, IoT Security and MAC layer protocol design. She is a 3GPP SA3 delegate and GISFI member. She contributes to 3GPP SA3 standard Specifications, Global ICT Standardization Forum for India (GISFI) and applied for more than 12 patents in next generation network security. She has authored over 10 publications in international journals (IEEE Access, ACM, Elsevier & Springer) and conferences. She is also a reviewer for IEEE Access and Elsevier journals.

References

The National Security Agency’s review of emerging technologies “The NextWave”, https://www.nsa.gov/Portals/70/documents/resources/ everyone/digital-media-center/publications/the-next-wave/TNW-21-2. pdf, Last accessed: 07 Jan 2019.

GSMA, “Remote Provisioning Architecture for Embedded UICC”, https://www.gsma.com/newsroom/wp-content/uploads/SGP.02 v3.2 up dated.pdf, Last accessed: 07 Jan 2019.

GSMA Whitepaper, “3GPP Low Power Wide Area Technologies”, https://www.gsma.com/iot/wp-content/uploads/2016/10/3GPP-Low-Po wer-Wide-Area-Technologies-GSMA-White-Paper. pdf, Last accessed: 07 Jan 2019.

Migrating an Internet of Things (IoT) Sensor Design to LoRaWAN, https://info.semtech.com/migrating sensor design white paper down load, Last accessed: 07 Jan 2019.

GSMA, “IoT Security Guidelines for Network Operators”, https://www. gsma. com/iot/iot-security-guidelines-for-network-operators/, Last acces sed: 07 Jan 2019.

GSMA, “IoT Security Guidelines for Endpoint Ecosystems”,https://www. gsma. com/iot/iot-security-guidelines-for-endpoint-ecosystem/, Last accessed: 07 Jan 2019.

GSMA, “IoT Security Guidelines for IoT Service Ecosystems”, https://www.gsma. com/iot/iot-security-guidelines-for-iot-service-eco system/, Last accessed: 07 Jan 2019.

3GPP TS 23.122, “Non-Access-Stratum (NAS) functions related to Mobile Station (MS) in idle mode”.

3GPP TR 33.861, “Study on evolution of Cellular IoT security for the 5G System”.

3GPPTS 33.401, “3GPP System Architecture Evolution (SAE); Security architecture”.

3GPP TS 33.501, “Security architecture and procedures for 5G system”.

ENISA, “Baseline Security Recommendations for IoT in the context of Critical Information Infrastructures”, November 2017, https://publications. europa.eu/en/publication-detail/-/publication/c37f81 96-d96f-11e7-a506-01aa75ed71a1, Last accessed: 07 Jan 2019.

William M.S. Stout and Vincent E. Urias (Sandia National Laboratories), “Challenges to Securing the Internet of Things”, 2016 IEEE International Carnahan Conference on Security Technology (ICCST).

NIST – Industrial Internet Consortium, “Industrial Internet of Things Security Framework”, https://www.iiconsortium.org/IISF.htm, Last accessed: 07 Jan 2019.

3GPP TS 33.220, “Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA)”.

ONEM2M TS-0003-V3.8.0, “Security Solutions”, April 2018.

O. Garcia-Morchon (Philips IP&S), S. Kumar (Philips Research), M. Sethi (Ericsson), “State-of-the-Art and Challenges for the Internet of Things Security”, Network Working Group, Dec 2018, https://tools.ietf.org/id/draft-irtf-t2trg-iot-seccons-13.html, Last accessed: 07 Jan 2019.

C. Kaufman (Microsoft), P. Hoffman (VPN Consortium), Y. Nir (Check Point), P. Eronen (Independent), T. Kivinen (INSIDE Secure), RFC7296, “Internet Key Exchange Protocol Version 2”, 2014.

E. Rescorla (Mozilla), RFC8446, “The Transport Layer Security (TLS) Protocol Version 1.3”, 2018.

E. Rescorla (RTFM Inc.), N. Modadugu (Google Inc.), RFC6347, “Datagram Transport Layer Security Version 1.2”, 2012.

R. Moskowitz, Ed. (HTT Consulting), T. Heer (Hirschmann Automation and Control), P. Jokela (Ericsson), T. Henderson (University of Washington), RFC7401, “Host Identity Protocol Version 2 (HIPv2)”, 2015.

D. Forsberg (Nokia), Y. Ohba, Ed. (Toshiba), B. Patil & H. Tschofenig (Nokia Siemens Networks), A. Yegin (Samsung), RFC5191, “Protocol for Carrying Authentication for Network Access (PANA)”, 2008.

C. Neuman (USC-ISI), T. Yu, S. Hartman & K. Raeburn (MIT), RFC4120, “The Kerberos Network Authentication Service (V5)”, 2005.

A. Melnikov, Ed. (Isode Limited), K. Zeilenga, Ed. (OpenLDAP Foundation), RFC4422, “Simple Authentication and Security Layer (SASL)”, 2006.

Downloads

Published

2019-01-20

How to Cite

Baskaran, S. B. M. . (2019). Internet of Things Security. Journal of ICT Standardization, 7(1), 21–40. https://doi.org/10.13052/jicts2245-800X.712

Issue

2019: Vol 7 Iss 1

Section

Articles

Most read articles by the same author(s)