Security Requirements and Security Solutions for IoT

Security Requirements

Five functional components of security are defined in IoT reference architecture:

• Identity Management (IDM)
• Authentication
• Authorisation
• Key Exchange and Management (KEM)
• Trust and Reputation

 

Layer 1 Security Attack Solution

Security depends on the devices and technology used.

 

Security solution for BLE at link-level is AES-CCM 128 authenticated encryption algorithm for confidentiality and authentication.

 

ZigBee at link-level provides AES-CCM 128 bit authentication.

 

Layer 2 Security Attack Solution

Securing the switches prevents internal node attacks during DHCP or Spanning Tree Protocol (STP).

 

Additional control measures include ARP inspection, disabling unused ports, and enforcing effective security using VLANs.

 

Layer 3 Security Attack Solution

Tamper-resistant router.

 

Packet filtering.

 

Controlling routing messages and packet data through a firewall.

 

Layer 4 Security Attack Solution

Securing ports.

 

Configuring firewalls effectively.

 

Using DTLS. DTLS provides three types of security services:

• Integrity
• Authentication
• Confidentiality

 

XMPP provides SASL (Simple Authentication and Security Layer) for security.

 

Layer 5 Security Attack Solution

The application-level attacks are the results of poor coding practices.

 

Example is SQL injection.

 

Web applications/services can use HTTPS.

 

Identity Management

Source of a message needs to send an identity so that the receiver can know who sent the messages. An identity can be specified in a number of ways.

 

ID management and establishment for IoT are the basic requirements. MAC addresses can specify the identity of a computing device platform, but it may have multiple sensors and actuators.

 

Application layer may have multiple applications and services. An URI can be used as an identifier on the Internet. However, many devices do not use the URI.

 

Access Control – Authentication

ID establishment and authentication are essential elements of access control. A hash function gives the same result for a certain input and the result generated is one-way. It is impossible to get the input result from the hash.

 

The sender sends only the hash to the receiver. The receiver can recompute the hash for the data or a secret and check whether it is authentic or not.

 

Hash function characteristics are: pre-image resistance, secondary pre-image resistance and collision resistance.

 

Access Control – Authorisation

Access control allows only authorized devices or applications or services to access a resource. The Authorization model is an essential element of secure access control. 

 

The standard authorisation models are as follows:

Access Control Lists (ACLs)

Role-based Access Control (RBAC)

Attribute-based Access Control (ABAC)

 

An access control server or a data communication gateway can be centrally used to control the access between application and IoT devices. The central server can be hosted on cloud.

 

Access Control – Key Exchange and Management

The sender of a message needs to share his/her key with the receiver. Similarly, the receiver needs to share his/her key with the sender.

 

Therefore, the keys should be communicated before the actual message communication takes place

As every application or service component and devices need keys, a functional component can be used for key management and exchanges.

 

Non-Repudiation

Non-repudiation ensures that the sender cannot deny sending a message. The message is signed by the sender before sending it to the receiver. 

 

Digital signature is a technique which ensures non-repudiation. This service provides proof of message origin and message integrity. A digital certificate asserts the origin using a PKI.

 

A digital signature is certified by a trusted digital certifying service (a Trusted Third Party (TTP)). TTP protects the private key and issues the public key certificates.

 

Availability

Availability means the service should be accessible to the legitimate clients whenever needed. DoS attacks affect the availability of a service. Example of DoS attacks:

• ICMP flood
• SYN flood
• Application layer floods

 

Firewall is one of the methods for preventing attacks on the service availability.