вход по аккаунту



код для вставкиСкачать
Engineering Secure Internet
of Things Systems
Scott Davidson
 For the past thirty years, we have all suffered from poor security on our PCs, the Internet,
and the World Wide Web. This has happened despite
there being a relatively small number of reasonably
expensive machines to protect—no more than a few
per household. Our bank accounts and reputations
may be at risk today, but seldom our lives.
It is going to get much worse as Internet of Things
(IoT) devices interact with our real lives. Hacking
our email is bad; hacking our cars or the locks on
our front doors is much worse. Thus, we should all
be concerned about the IoT security, the subject of
the book under review.
This book is a collection of papers, some providing background on IoT security and some proposing tools which could be part of a solution. All have
been implemented in a laboratory environment and
tested using simulation, which is an advantage. The
book is targeted toward the workers in the IoT field.
The first chapter states that it is a survey of
middleware for the IoT, but is actually a lot more.
It includes an ontology of threats, and notes that
security must be considered for the device, for
communication between the device and the rest of
the world, and for the cloud where data from the
device are stored. The chapter uses a grid of security
characteristics versus location, and describes what
is changed in IoT. For instance, most of the cloud
security issues are the same whether the IoT data are
involved or not.
Chapter 2 is on privacy. The IoT increases the likelihood and aggravates the impact of data breaches.
Digital Object Identifier 10.1109/MDAT.2017.2720720
Date of current version: 13 September 2017.
September/October 2017
The chapter presents privacy-protection principles,
and then proposes a privacy development life cycle
that integrates privacy with the development cycle,
as opposed to adding it to an almost completed
The title of the third chapter is “Privacy and
Consumer IoT: A Sensemaking Perspective.” Sensemaking denotes making sense of a situation or condition. In this context, it means making new sense
of old appliances with new functionality. Today,
most refrigerators keep food cold and perhaps make
ice. An IoT refrigerator will broadcast the state of its
contents, to order milk when you are running out, or
worse, when the old milk has spoiled. How do we
act in front of machines that used to be dumb but
which are watching and listening to us now? How
long will it take to realize that our home privacy
might be compromised? A man’s home is his castle,
but our castles are getting a bit leaky these days.
The rest of the book describes methods and tools
to solve some of the security problems described
earlier and presents experiments with them. They
would be of greatest interest to a worker in this area.
­Chapter 4 describes SMArter ciTIEs data management
(SMARTIE), a secure IoT platform for Smart Cities.
A Smart City represents the integration of information
and communications technology with IoT devices
on a citywide basis. Information on city residents
collected in this process must be secured, and
SMARTIE tries to build in security from the beginning.
The chapter describes the functionality of SMARTIE,
and gives some usage scenarios and pilot projects.
Chapter 5, “Model-Based Security Engineering for
the Internet of Things,” is one of the most interesting chapters in the book. It describes how models
Copublished by the IEEE CEDA, IEEE CASS, IEEE SSCS, and TTTC
2168-2356/17 © 2017 IEEE
Book Review
can be constructed to quantify how hard to quantify things like trust. This helps to define security and
privacy policies more precisely. Threats can also be
defined and policy tested to see if they are blocked.
Quantification of security quality would allow proposals to be compared to the minimum standards
of security required for IoT products. But how likely
is it that low cost suppliers will be able to develop
complex models like those proposed here?
Another issue with IoT systems is identity and
access management, which is covered in Chapter 6.
Users, not providers, should own their data, and be
able to specify how and where it is shared. Centralized models for access management are not suitable,
since they must be flexible and work across many
manufacturers’ products. A federated identity and
access management system is proposed, where federated means having links across distinct systems.
Chapter 7 is “On the Security of the MQTT Protocol.” MQTT stands for Message Queueing Telemetry
Transport, a communications protocol. The purpose of
the chapter is to report on formal modeling of MQTT,
and then performing a static analysis of the model.
Such formal methods can find problems with a protocol which are unlikely to be found by simply testing it.
The description of an example is presented well,
and they give a model of an attacker. As in Chapter 5,
modeling seems to be a good approach to security
verification. The authors here suggest that verification to be done by a standards organization, not by
individual users of a protocol. This would be safer
and also allow expertise to be built up in verification. This is as close to a practical solution to IoT
security issues as I’ve seen in this book.
Chapter 8 proposes the REliable, Resilient and
secUre IoT for sMart city applications (RERUM) secure
communications framework, designed to be light
enough for IoT devices. One interesting feature is the
support for capabilities for post-incidence analysis of
an attack. Chapter 9 deals with the use of physically
unclonable functions to generate unique identifiers
that cannot be spoofed.
The final chapter is “A Reputation Model for the
IoT.” You’ve already used reputation models in EBay
or AirBnB. Reputation here is based on the level of
satisfaction that was measured by a number of factors, and seems more to measure reliable IoT devices
against the trustworthy ones. The authors realize that
a bad actor might be very reliable in communicating
and thus get a high reputation score, so I don’t see a
solution to the broader problem here.
Is this book useful for you? If you work in this
area, or are planning to, definitely yes. There are
some good background chapters and some proposed solutions.
But the book doesn’t cover the broader practical
problem of IoT security. Vint Cerf said “The biggest
worry I have is that people building [IoT] devices will
grab a piece of open source software or operating
system and just jam it into the device and send it out
into the wild without giving adequate thought and
effort to securing the system and providing convenient user access to those devices.” A full IoT security
solution is going to require certification, cooperation
among vendors in identity management, and probably some technical advances not yet imagined.
So, this book is good as a window into some
academic work on this issue, but don’t expect a
solution. This is not a reflection on the quality of the
book, since the work here seems very good. As for
me, I’m keeping my thermostat off the net.
 Direct questions and comments about this
department to Scott Davidson; Davidson.scott687@
IEEE Design&Test
Без категории
Размер файла
69 Кб
2017, 2720720, mdat
Пожаловаться на содержимое документа