Advances of IoT Technology

Discuss about the Security Concerns of Internet of Things.

As an advancement in information technology, Internet of Things has attracted a lot of attention in recent years. In itself, IoT aims to enhance the application of connectivity across all digital objects through the use of the internet medium. Originally, the idea was proposed back in 1999 by Kevin Ashton, who proposed the widespread interconnection of devices to enhance communication. Therefore, as a technology, it represents a revolution in the existing internet infrastructure where advanced computer networks are used to connect devices while they are uniquely identified. Moreover, these objects are ubiquitously connected to continuously produce data for their management and user control.

As a result of its implementation, everything in the world from television sets to vehicles will collect data using various technologies for communication. This connection will then allow the automatic flow of data across the system thus provide the basis for automated actions. Now, recent advances in the fields of mobile technologies, wireless sensors, cloud computing and radio frequency identification (RFID) among others have facilitated the growth of IoT. Essentially, these technologies through the advances of smart systems enable the rapid transfer of data across different devices, both homogeneous and heterogeneous (Razzaq et al., 2017). While convenient, this technology also defines several security concerns which this paper defines in details from a research perspective. In all, the elements affiliated with IoT are analyzed together with the security considerations.

It takes time for technology to change and a similar outcome is seen with the advent of IoT. In fact, its initial implementation can be traced back to the 1980s where the earliest networking infrastructures were first developed. Through these networks different devices, predominantly computers connected to each other to facilitate sharing of data and other resources. As digital system become popular with time so did IoT as it gave promise for better connectivity, a fact that was illustrated in the 1990s as telecommunication institutes strived to study its impact (Maple, 2017). Fast forward to today and the advances in technology such as embedded systems and automation have accelerated its growth, a process that will continue to be experienced in the years to come.

Today, IoT is applied in all major fields from healthcare to the transportation industry generally playing a pivotal role in communication. This application through its various functional systems has led to its proliferation as it is used in all aspects of life. Thus, a form of overreliance may be expected in years to come which both promises convenience and widespread limitations. In its recent studies, the Federal Trade Commission (FTC) has stated that IoT devices outnumber the number of people in the workplace environment. Furthermore, through their projections, the number of wireless devices in IoT will surpass the 20 billion mark by 2020 (Liu et al., 2017). A milestone that will also see IoT devices outnumber most hub objects such as smartphones, PCs, and tablets. Therefore, while today’s smart systems are popular, their popularity is set to meet a new competition in the form of IoT components.

Security Challenges of IoT

Recent technology trends that have pushed the boundaries of the internet have facilitated the connection of the real environment to the virtual world. This adaptability of the various operating system although advantageous is also associated with many challenges more so, those of security, privacy and inter-operability (Poudel, 2016). Therefore, while traditional security measures may address some of the problems experienced in IoT, a new approach in securing digital system is needed. A concept outlined in the later sections of this paper.

Current technological estimations have 20 billion devices connected to IoT in the next two years. A projection that lays a lot of pressure on the conventional networking model that sees the internet and the TCP/IP protocols in charge of communication. While feasible, these technologies may not meet the demands of the new systems which necessitates a new and open architecture to address the requirements of security and Quality of Service (QoS). Furthermore, without privacy assurance, IoT is not likely to be adopted worldwide, an outcome that would delay its objectives (Ara, Shah & Prabhakar, 2016). As such, the protection of user data and privacy denotes the biggest challenges of IoT with regards to its implementation.

To further the development of IoT, a number of multilayered architectures are proposed with security in mind. These models although different in ideologies serve the common purpose of enhancing connectivity through the best features of the internet and other telecommunication systems such as TCP/IP (Xiao, 2017). A five structured layered system is considered for IoT in this instance.

1. Coding Layer: The foundation layer that identifies objects through the unique IDs assigned to them.
2. Perception Layer: The device layer where physical meaning is given to all objects. Evaluation elements such as sensors (RFID and IR sensors) are found in this section. These components gather information from the environment and convert it into digital data that is used in the next layer (Fuller, 2018).
3. Network Layer: This layer receives digital data and transmits it to the Middleware layer for processing. This transmission is done using technologies such as Wi-Fi, Bluetooth, and WiMAX among many others while operating with protocols like IPv4, IPv6, and DDS.
4. Middleware Layer: This layer processes the data collected thus converts it into useful information for the IoT system. This layer’s functions are facilitated by technologies such as cloud solutions and ubiquitous computing which enable a direct access to database systems (Gerber, 2017).
5. Application Layer: The final layer that realizes the implementation of IoT in all the existing industries. Applications boost the development of IoT thus this layer facilitates the large-scale deployment of the technology. These applications include smart homes, smart planets and smart transportation (Farooq, 2015).

By large IoT extends internet connectivity to the physical world which by itself possess many security and privacy issues. Some of these problems arise from the intrinsic nature of IoT as compared to the traditional networking models, while others come from the collaboration of IoT technologies with those of the internet (Ge et al., 2017). Therefore, in the future, the widespread connectivity may have various adversaries which may attack the system at different points. As such, to protect IoT against the various attacks that may be experienced it is important to analyze security problems based on the flow of information and the potential areas of attack.

This analysis could follow the implementation model identified earlier, where security could be devised using the layers of IoT. Furthermore, unlike the conventional approach, a differentiated control system would be used to avoid data leakages/breaches that target holistic systems (Farooq, 2015). Finally, the technology would require the developers to continuously reinvent its cautionary procedures to meet the existing security demands. In all, security should be adaptable, similar to the technology itself.

Multilayered Architectures for IoT Security

Two major security goals are defined by IoT; proper identification or authentication mechanisms and confidentiality of data. To meet these objectives the CIA model is used which applies the three essential elements of security: Confidentiality, integrity, and availability. The IoT model must ensure these components are protected and are never breached as this outcome would introduce serious operational issues to the technology. As such, the security goals of IoT are analyzed based on these crucial facilities.

Data Confidentiality: A crucial factor that is equated to providing users with freedom and independence from external interferences. It also includes the confidence given to users about their privacy as they have sensitive information across the multiple digital devices connected online. Thus the disclosure of this intellectual property to third party members should be prohibited and only authorized members should access the IoT framework (Microsoft, 2018). To meet this goal, the security protocols of data encryption, authentication and authorization must be used to secure data.

Data Integrity: IoT consists of many devices that share information across a global network. This network is also open to the public which outlines one common challenge that of interference or information interception. Data integrity, therefore, in this case, defines the protection of data from human intervention or other external forces during the transmission process. Some tracking methods can be used to affirm this objective by evaluating information from its source to its point of reception (Gaillard, 2018). These methods thus maintain the accuracy and originality of data by regularly catching the threats that affect networks. Examples include Checksum and Cyclic Redundancy Check (CRC). Moreover, syncing of data for backup options also maintains the integrity of IoT system.

Data Availability: Accessibility is a primary goal of IoT where information is made readily available to all users. This goal, therefore, ensures that the authorized members access IoT resources when needed. This availability does not only include the efficient function of the networking model but also the prevalence of security measures such as firewalls and access control systems. Essentially, certain attacks such as Denial of Service (DOS) target the availability of data to the end users. Furthermore, this goal also ensures the prevention of bottleneck problems that also inhibit network functionality (Cloudian, 2018). In all, the objective of this element is to provide a reliable network that readily avails the resources of IoT to the end users.

Through the goals outlined above, IoT has developed revolutionary ideas to combat the various security issues it faces. For one, the implementation model is primarily designed to meet the security challenges of networking more so, those of the internet. Furthermore, through advanced protocols such as IPsec, IoT has a foundational resource to base all its future security functions. Nevertheless, despite this progress, some limitations still exist, which are now analyzed in this section.

Limitations and Challenges of IoT Technology

Unauthorized access to tags: RFID system still lack proper authentication mechanisms which limit their security functions. RFID tags therefore as a connection element of IoT gives access to unauthorized members, who on certain occasions are able to read, modify and even delete data. Furthermore, in other instances, these tags can be cloned to trick the end users who can then use the hacker’s tools to access their sensitive information. In the end, compromising the objectives of IoT security.

Eavesdropping: Although wireless technology is convenient in mobile system and thus IoT, its attributes make it easier for attackers to access confidential information. For one, it lacks the physical security that wired technologies have against intruders. Furthermore, it is readily available hence can be continuously tested by attackers to reveal its weaknesses. Therefore, wireless system exposes IoT to a myriad of attacks most of which are facilitated by sniffing confidential information (Gerber, 2017).

Spoofing: A security problem that is facilitated by the intrinsic characteristics of IoT. Essentially, the widespread connectivity of devices makes it easier to access different systems across various networks. This access is then used to send falsified data to assume the role of the original information. Unsuspectingly, the end users through their devices allow access to these false components which then perform their malicious activities. From this point, attackers can change the state of connection by either stealing or deleting data.

RF jamming: Data availability is one of the critical goals of IoT and this security problem affects this objective. Although not limited to RF tags, jamming can be used to limit the users’ access to networked resources. An example is given by DOS attacks that fill systems with unnecessary requests that prevent genuine processes from being executed. Similarly, in this case, excessive noise signals are used to inhibit the functions of RF tags.

Phishing: A common form of attack used today where users are lured to open emails which then grant intruders access to confidential information. This security problem stands as a major issue in IoT as its extensive connection give attackers more victims to target. Therefore, IoT must deal with the security challenges that affect the internet which is a major resource for its development.

Conclusion

Internet of Things is set to revolutionize the digital world by extending the availability of information. Through its functions, electronic devices will become fully automated having the capabilities to govern themselves. Now, although this outcome will give the end users many conveniences, it will also introduce many security challenges. Some of these challenges will come from the conventional networking systems such as the internet while others will arise from its general characteristics. Therefore, in its current states, IoT’s main implementation hurdles are its security and privacy. To solve these problems better authentication, intrusion detection systems and assessment techniques among many others are needed. Generally, these measures should be incorporated into the technologies architecture to enforce its operational objectives. Nevertheless, despite the limitations, IoT has a bright future based on its existing functional systems.

References

Ara, T., Shah, P & Prabhakar, M. (2016). Internet of Things Architecture and Applications: A Survey. Indian Journal of Science & Technology. Retrieved 19 may, 2018, from: https://www.indjst.org/index.php/indjst/article/view/106507/0

Cloudian. (2018). Data Availability & Data Protection for the IoT World. Retrieved 19 May, 2018, from: https://cloudian.com/blog/data-availability-data-protection-iot-world/

Farooq, M., Waseem, M., Mazhar, S., Khairi, A & Kamal, T. (2015). A Critical Analysis on the Security Concerns of Internet of Things (IoT). International Journal of Computer Applications, 111(7). Retrieved 18 May, 2018, from: https://pdfs.semanticscholar.org/35f0/899d941e9e34ff1225448c21662d5ccca74c.pdf

Farooq, M., Waseem, M., Mazhar, S., Khairi, A & Kamal, T. (2015). A Review on Internet of Things (IoT). International Journal of Computer Applications, 113(1). Retrieved 18 May, 2018, from: https://pdfs.semanticscholar.org/2006/d0fca0546bdeb7c3f0527ffd299cff7c7ea7.pdf.

Fuller, J. (2018). The 4 stages of an IoT architecture. The IoT liftoff. Retrieved 19 May, 2018, from: https://techbeacon.com/4-stages-iot-architecture.

Gaillard, J. (2018). Internet Of Things: Data Integrity – Not Confidentiality – Is Paramount. Innovation Enterprise. Retrieved 19 May, 2018, from: https://channels.theinnovationenterprise.com/articles/internet-of-things-data-integrity-not-confidentiality-is-paramount

Ge, M., Hong, J., Guttman, W & Kim, D. (2017). A framework for automating security analysis of the internet of things. Journal of Network and Computer Applications, 83, pp. 12-27. Retrieved 19 May, 2018, from: https://www.sciencedirect.com/science/article/pii/S1084804517300541

Gerber, A. (2017). Simplify the development of your IoT solutions with IoT architectures. IBM Developers Work. Retrieved 19 May, 2018, from: https://www.ibm.com/developerworks/library/iot-lp201-iot-architectures/index.html

Gerber, A. (2017). Top 10 IoT security challenges. IBM Developers Works. Retrieved 19 May, 2018, from: https://developer.ibm.com/dwblog/2017/iot-security-challenges/

Liu, X., Zhao, M., Li, S., Zhang, F. & Trappe, W. (2017). A Security Framework for the Internet of Things in the Future Internet Architecture. Future Internet. Retrieved 18 May, 2018, from: https://www.mdpi.com/1999-5903/9/3/27/pdf.

Maple, C. (2017). Security and privacy in the internet of things. Journal of Cyber Policy, pp. 155-184. Retrieved 18 May, 2018, from: https://www.tandfonline.com/doi/full/10.1080/23738871.2017.1366536

Microsoft. (2018). Data Confidentiality. Developer Network. Retrieved 19 May, 2018, from: https://msdn.microsoft.com/en-us/library/ff650720.aspx

Poudel, S. (2016). Internet of Things: Underlying Technologies, Interoperability, and Threats to Privacy and Security. Berkeley Technology Law Journal, 13(2). Retrieved 19 May, 2018, from: https://scholarship.law.berkeley.edu/cgi/viewcontent.cgi?article=2131&context=btlj

Razzaq, M., Qureshi, M., Gill, S & Ullah, S. (2017). Security Issues in the Internet of Things (IoT): A Comprehensive Study. International Journal of Advanced Computer Science and Applications, 8(6). Retrieved 18 May, 2018, from: https://thesai.org/Downloads/Volume8No6/Paper_50-Security_Issues_in_the_Internet_of_Things.pdf.

Xiao, Z. (2017). A Comparative Study on the Architecture Internet of Things and its’ Implementation method. IOP Conf. Series: Earth and Environmental Science. Retrieved 19 May, 2018, from: https://www.tandfonline.com/doi/full/10.1080/23738871.2017.1366536