Data Security

Why Security?
Cyberspace (internet, work environment, intranet) is becoming a dangerous place for all
organizations and individuals to protect their sensitive data or reputation. This is because of the
numerous people and machines accessing it. Another internal threat is that information material
can be easy accessible over the intranet.
One important indicator is the IT skills of a person that wants to hack or to breach your security
has decreased but the success rate of it has increased, this is because of three main factors −
 Hacking tools that can be found very easily by everyone just by googling and they are
endless.
 Technology with the end-users has increased rapidly within these years, like internet
bandwidth and computer processing speeds.
 Access to hacking information manuals.

Potential Losses due to Security Attacks

 Losing you data − If your computer has been hacked or infected, there is a big chance
that all your stored data might be taken by the attacker.
 Bad usage of your computer resources − This means that your network or computer
can go in overload so you cannot access your genuine services or in a worst case
scenario, it can be used by the hacker to attack another machine or network.
 Reputation loss − Just think if your Facebook account or business email has been owned
by a social engineering attack and it sends fake information to your friends, business
partners. You will need time to gain back your reputation.
 Identity theft − This is a case where your identity is stolen (photo, name surname,
address, and credit card) and can be used for a crime like making false identity
documents.

Basic Computer Security Checklist

 Check if the user is password protected.
 Check if the operating system is being updated.

 Check if the antivirus or antimalware is installed and updated. In my case, I have a

Kaspersky antivirus being updated.
 Check for the unusual services running that consumes resources.
 Check if your monitor is using a screen saver.
 Check if the computer firewall is on or not.
 Check if you are doing backups regularly.
 Check if there are shares that are not useful.
 Check if your account has full rights or is restricted.
 Update other third party software’s.

Computer Security - Elements

Confidentiality
Confidentiality is the concealment of information or resources. Also, there is a need to keep
information secret from other third parties that want to have access to it, so just the right people
can access it.
Integrity
Integrity is the trustworthiness of data in the systems or resources by the point of view of
preventing unauthorized and improper changes.
Availability
Availability refers to the ability to access data of a resource when it is needed, as such the
information has value only if the authorized people can access at right time. Denying access to
data nowadays has become a common attack

Computer Security - Terminologies

 Unauthorized access − An unauthorized access is when someone gains access to a
server, website, or other sensitive data using someone else's account details.
 Hacker − Is a Person who tries and exploits a computer system for a reason which can
be money, a social cause, fun etc.
 Threat − Is an action or event that might compromise the security.
 Vulnerability − It is a weakness, a design problem or implementation error in a system
that can lead to an unexpected and undesirable event regarding security system.
 Attack − Is an assault on the system security that is delivered by a person or a machine
to a system. It violates security.
 Antivirus or Antimalware − Is a software that operates on different OS which is used
to prevent from malicious software.
 Social Engineering − Is a technique that a hacker uses to stole data by a person for
different for purposes by psychological manipulation combined with social scenes.
 Virus − It is a malicious software that installs on your computer without your consent
for a bad purpose.
 Firewall − It is a software or hardware which is used to filter network traffic based on
rules.

Computer Security - Layers

Layer type of Security −
 Computer Application Whitelistening − The idea is to install just a restricted number
of applications in your computers, which are useful as well as are genuine.
 Computer System Restore Solution − In case your computer is hacked and your files
are damaged, you should have the possibility to again have access to your files. An
example is Windows System Restore or Backup.
 Computer and Network Authentication − The data that is accessed over the network is
best to be provided only to the authorized users. Use usernames and passwords!!!
 File, Disk and Removable Media Encryption − Generally a good practice is to encrypt
hard disks or removable devices, the idea behind this is in case your laptop or your
removable USB is stolen and it is plugged in another machine it cannot be read. A good
tool for this is Truecrypt.
 Remote Access Authentication − Systems which are accessed over the network is best
to be provided only to the authorized users. Use usernames and passwords!!!
 Network Folder Encryption − Again like the case of Network Authentication, if you
have a network storage or a network folder shared, it is good to be encrypted to prevent
any unauthorized user who is listening to the network to read the information.
  Secure Boundary and End-To-End Messaging − Nowadays email or instant
messaging is widely spread and it is the number one tool to communicate. It is better
that the communication to be encrypted between the end users, a good tool for this
is PGP Encryption Tool.

Computer Security - Antiviruses

Basic Functions of Antivirus Engines
All antivirus engines have three components to function accordingly. It is important to have a
look at these functions because it will help us for better manual cleaning of viruses in case we
need.
 Scanning − When a new virus is detected in the cyberspace, antivirus producers start
writing programs (updates) that scans for similar signature strings.
 Integrity Checking − This method generally checks for manipulated files in OS from
the viruses.
 Interception − This method is used basically to detect Trojans and it checks the request
made by the operating system for network access.

Some of its prominent features are −

 Recover files encrypted by ransomware
 Uses tiny amount of disk space
 Very fast scan
 Handles unknown malware
 Includes firewall

Computer Security - Malwares

They are self-replication programs that reproduce their own codes by attaching themselves to
other executable codes. They operate without the permissions or knowledge of the computer
users. Viruses or malwares like in real-life, in computers they contaminate other healthy files.
We categorize malwares in three types −
 Trojans and Rootkits
 Viruses
 Worms
Characteristics of a Virus
 They reside in a computer’s memory and activates themselves while the program that is
attached starts running.
For example − They attach themselves in general to the explorer.exe in windows OS
because it is the process that is running all the time, so you should be cautious when this
process starts to consume too much of your computer capacities.
 They modify themselves after the infection phase like they source codes, extensions, new
files, etc. so it is harder for an antivirus to detect them.
This virus can cause the following to your computer −
 It may delete important data from your computer to gain space for their processes.
 It may avoid detection by redirection of disk data.
 It may perform tasks by triggering an event with itself. For example, this happens when
in an infected computer pop-up tables etc., show up automatically on the screen.
  They are common in Windows and Mac OS because these operation systems do not have
multiple file permissions and are more spread out.
Detecting a Computer Error from a Virus Infection
The following events are most likely not caused by a malware −
 Error while the system is booting in bios stage, like Bios’s battery cell display, timer error
display.
 Hardware errors, like beeps RAM burn, HDD, etc.
 If a document fails to start normally like a corrupted file, but the other files can be opened
accordingly.
 Keyboard or mouse doesn’t answer to your commands, you have to check the plug-ins.
 Monitor switching on and off too often, like blinking or vibrating, this is a hardware fault.
On the other hand, if you have the following signs in your system, you should check for
malware.
 Your computer shows a pop-up or error tables.
 Freezes frequently.
 It slows down when a program or process starts.
 Third parties complain that they are receiving invitation in social media or via email by
you.
 Files extensions changes appear or files are added to your system without your consent.
 Internet Explorer freezes too often even though your internet speed is very good.
 Your hard disk is accessed most of the time as you can see from the LED light on your
computer case.
 OS files are either corrupted or missing.
 If your computer is consuming too much bandwidth or network resources this is the case
of a computer worm.
 Hard disk space is occupied all the time, even when you are not taking any action, for
example installing a new program.
 Files and program sizes changes comparing to its original version.
Some Practical Recommendations to Avoid Viruses −
 Don’t open any email attachment coming from unknown people or from known people that
contain suspicious text.
 Don’t accept invitation from unknown people on social media.
 Don’t open URL sent by unknown people or known people that are in any weird form.

Computer Security - Encryption

What is Encryption?
Encryption is a transformed type of genuine information where only the authorized parties
know how to read it, so in the worst case scenario if somebody has access to these files they
would still not be able to understand the message in it.

Computer Security - Data Backup

Why is Backup Needed?
The main purpose is to recover the lost data from an unpredictable event like deletion by
mistake or file corruption which in many cases is caused by a virus. An example
is Ransomware, which encrypts all your data when your computer gets infected and the second
is to roll back the data at a specific time you want. This is a scenario that happens often in
companies which have applications and databases and they want to test their applications with a
specific version of data.
How is this Process Managed at Big Companies?
It is suggested that in bigger companies which have a large volume of data, it is necessary to
have a backup administrator, which is one of the most trusted persons in the company because
he has access to all the data of that organization and generally deals with the backup routine
check and the health of the backup.
Backup Devices
In this section we will see the backup devices from smaller to enterprise solutions. For a
personal computer, they are −
CD and DVD, Blue-Rays − They are used for home/personal usage where people can store
their documents, mainly personal or office related documents because they have small
capacities
Removable Devices − They are again for home usage (data, documents, music, photos, movies)
which can be a Removable USB or external hard disks.
Network attached storage (NAS) − They are generally devices that are used in small
businesses for backup purposes because they offer a centralized manner of backup. All the users
can connect through the network to access this device and save data.
Storage Area Network (SAN) − These are generally devices that are used for big businesses
for backup purposes. They offer a high speed of network for storage the biggest producers
are EMC Corporation, DELL.

Types of Backups Based on Location

The types of backup can vary on the size of the business, budget and the data importance.
They are divided in two types −
 Local Backups
 Online Backups

Computer Security - Disaster Recovery

Disaster recovery is generally a planning process and it produces a document which ensures
businesses to solve critical events that affect their activities. Such events can be a natural
disaster (earthquakes, flood, etc.), cyber–attack or hardware failure like servers or routers.
Requirements to Have a Disaster Recovery Plan
Disaster recovery starts with an inventory of all assets like computers, network equipment,
server, etc. and it is recommended to register by serial numbers too. We should make an
inventory of all the software and prioritize them according to business importance.

Computer Security - Policies

Role of the Security Policy in Setting up Protocols
Following are some pointers which help in setting u protocols for the security policy of an
organization.
 Who should have access to the system?
  How it should be configured?
 How to communicate with third parties or systems?
Policies are divided in two categories −
 User policies
 IT policies.
User policies generally define the limit of the users towards the computer resources in a
workplace. For example, what are they allowed to install in their computer, if they can use
removable storages.
Whereas, IT policies are designed for IT department, to secure the procedures and functions of
IT fields.
 General Policies − This is the policy which defines the rights of the staff and access
level to the systems. Generally, it is included even in the communication protocol as a
preventive measure in case there are any disasters.
 Server Policies − This defines who should have access to the specific server and with
what rights. Which software’s should be installed, level of access to internet, how they
should be updated.
 Firewall Access and Configuration Policies − It defines who should have access to the
firewall and what type of access, like monitoring, rules change. Which ports and
services should be allowed and if it should be inbound or outbound.
 Backup Policies − It defines who is the responsible person for backup, what should be
the backup, where it should be backed up, how long it should be kept and the frequency
of the backup.
 VPN Policies − These policies generally go with the firewall policy, it defines those
users who should have a VPN access and with what rights. For site-to-site connections
with partners, it defines the access level of the partner to your network, type of
encryption to be set.
Structure of a Security Policy
When you compile a security policy you should have in mind a basic structure in order to make
something practical. Some of the main points which have to be taken into consideration are −
 Description of the Policy and what is the usage for?
 Where this policy should be applied?
 Functions and responsibilities of the employees that are affected by this policy.
 Procedures that are involved in this policy.
 Consequences if the policy is not compatible with company standards.
Types of Policies
In this section we will see the most important types of policies.
 Permissive Policy − It is a medium restriction policy where we as an administrator block
just some well-known ports of malware regarding internet access and just some exploits
are taken in consideration.
 Prudent Policy − This is a high restriction policy where everything is blocked regarding
the internet access, just a small list of websites are allowed, and now extra services are
allowed in computers to be installed and logs are maintained for every user.
 Acceptance User Policy − This policy regulates the behavior of the users towards a
system or network or even a webpage, so it is explicitly said what a user can do and
cannot in a system. Like are they allowed to share access codes, can they share
resources, etc.
  User Account Policy − This policy defines what a user should do in order to have or
maintain another user in a specific system.
 Information Protection Policy − This policy is to regulate access to information, hot to
process information, how to store and how it should be transferred.
 Remote Access Policy − This policy is mainly for big companies where the user and
their branches are outside their headquarters. It tells what should the users access, when
they can work and on which software like SSH, VPN, RDP.
 Firewall Management Policy − This policy has explicitly to do with its management,
which ports should be blocked, what updates should be taken, how to make changes in
the firewall, how long should be the logs be kept.
 Special Access Policy − This policy is intended to keep people under control and
monitor the special privileges in their systems and the purpose as to why they have it.
These employees can be team leaders, managers, senior managers, system
administrators, and such high designation based people.
 Network Policy − This policy is to restrict the access of anyone towards the network
resource and make clear who all will access the network. It will also ensure whether that
person should be authenticated or not.
 Email Usage Policy − This is one of the most important policies that should be done
because many users use the work email for personal purposes as well. As a result
information can leak outside.
 Software Security Policy − This policy has to do with the software’s installed in the
user computer and what they should have.

Cloud Computing
Cloud Computing provides us means of accessing the applications as utilities over the Internet.
It allows us to create, configure, and customize the applications online.
What is Cloud?
The term Cloud refers to a Network or Internet. In other words, we can say that Cloud is
something, which is present at remote location. Cloud can provide services over public and
private networks, i.e., WAN, LAN or VPN.
Applications such as e-mail, web conferencing, customer relationship management (CRM)
execute on cloud.
What is Cloud Computing?
Cloud Computing refers to manipulating, configuring, and accessing the hardware and
software resources remotely. It offers online data storage, infrastructure, and application.
Cloud computing offers platform independency, as the software is not required to be installed
locally on the PC. Hence, the Cloud Computing is making our business
applications mobile and collaborative.
Basic Concepts
There are certain services and models working behind the scene making the cloud computing
feasible and accessible to end users. Following are the working models for cloud computing:
 Deployment Models
 Service Models
Deployment Models
Deployment models define the type of access to the cloud, i.e., how the cloud is located? Cloud
can have any of the four types of access: Public, Private, Hybrid, and Community.

Public Cloud
The public cloud allows systems and services to be easily accessible to the general public.
Public cloud may be less secure because of its openness.
Private Cloud
The private cloud allows systems and services to be accessible within an organization. It is
more secured because of its private nature.
Community Cloud
The community cloud allows systems and services to be accessible by a group of
organizations.
Hybrid Cloud
The hybrid cloud is a mixture of public and private cloud, in which the critical activities are
performed using private cloud while the non-critical activities are performed using public cloud.
Service Models
Cloud computing is based on service models. These are categorized into three basic service
models which are -
 Infrastructure-as–a-Service (IaaS)
 Platform-as-a-Service (PaaS)
 Software-as-a-Service (SaaS)
Anything-as-a-Service (XaaS) is yet another service model, which includes Network-as-a-
Service, Business-as-a-Service, Identity-as-a-Service, Database-as-a-Service or Strategy-as-a-
Service.
The Infrastructure-as-a-Service (IaaS) is the most basic level of service. Each of the service
models inherit the security and management mechanism from the underlying model, as shown
in the following diagram:

Infrastructure-as-a-Service (IaaS)
IaaS provides access to fundamental resources such as physical machines, virtual machines,
virtual storage, etc.
Platform-as-a-Service (PaaS)
PaaS provides the runtime environment for applications, development and deployment tools,
etc.
Software-as-a-Service (SaaS)
SaaS model allows to use software applications as a service to end-users.
What is Cloud?
The term Cloud refers to a Network or Internet. In other words, we can say that Cloud is
something which is present at remote location. Cloud can provide services over network i.e. on
public networks or on private networks i.e. WAN, LAN or VPN.
Applications such as e-mail, web conferencing, customer relationship management (CRM), all run in
cloud.
What is Cloud Computing?
Cloud Computing refers to manipulating, configuring, and accessing the applications online.
It offers online data storage, infrastructure and application.

Cloud Computing Technologies

There are certain technologies that are working behind the cloud computing platforms making
cloud computing flexible, reliable, usable. These technologies are listed below:
 Virtualization
 Service-Oriented Architecture (SOA)
 Grid Computing
 Utility Computing
Virtualization
Virtualization is a technique which allows to share single physical instance of an application or
resource among multiple organizations or tenants(customers). It does so by assigning a logical
name to a physical resource and providing a pointer to that physical resource when demanded.
Service-Oriented Architecture(SOA)
Service-Oriented Architecture helps to use applications as a service for other applications
regardless type of vendor, product or technology. Therefore it is possible to exchange of data
between applications of different vendors without additional programming or making changes
to services.
Grid Computing
Grid Computing refers to distributed computing in which a group computers from multiple
locations are connected with each other to achieve common objective. These computer
resources are heterogeneous and geographically dispersed.
Utility Computing
Utility computing is based on Pay per Use model. It offers computational resources on
demand as a metered service. Cloud computing, grid computing, and managed IT services are
based on the concept of Utility computing
Cloud Computing Architecture
The Cloud Computing architecture comprises of many cloud components, each of them are
loosely coupled. we can broadly divide the cloud architecture into two parts:
 Front End
 Back End
Front End
Front End refers to the client part of cloud computing system. It consist of interfaces and
applications that are required to access the cloud computing platforms. Eg. Web Browser
Back End
Back End refers to the cloud itself. It consist of all the resources required to provide cloud
computing services. It comprises of huge data storage, virtual machines, security
mechanism, services, deployment models, servers etc.

Cloud Infrastructure Components

Cloud infrastructure consist of servers, storage, network, management software, and
deployment software and platform virtualization.
Hypervisor
Hypervisor is a firmware or low level program that acts as a Virtual Machine Manager. It
allows to share the single physical instance of cloud resources between several tenants.
Management Software
Management Software helps to maintain and configure the infrastructure.
Deployment Software
Deployment software helps to deploy and integrate the application on the cloud.
Network
Network is the key component of cloud infrastructure. It allows to connect cloud services over
the internet. It is also possible to deliver network as a utility over the internet i.e. the consumer
can customize the network route and protocol.
Server
Server helps to compute the resource sharing and offer other services such as resource
allocation and de allocation, monitoring resources, security etc.
Storage
Cloud uses distributed file system for storage purpose. If one of the storage resource fails then it
can be extracted from another one, which makes cloud computing more reliable.
Cloud Deployment Models
Foloowing are the cloud deployment models:
 Public Cloud Model
 Private Cloud Model
 Hybrid Cloud Model
 Community Cloud Model
Public Cloud Model
The Public Cloud Model allows systems and services to be easily accessible to general public.
e.g. Google, Amazon, Microsoft offers cloud services via internet.
Benefits
 Cost Effective
 Reliability
 Flexibility
 Location Independence
 Utility Style Costing
 High Scalability
Disadvantages
 Low Security
  Less customizable
Private Cloud Model
The Private Cloud allows systems and services to be accessible with in an organization. The
Private Cloud is operated only within a single organization. However, It may be managed
internally or by third-party.
Benefits
Here are the benefits of deploying cloud as private cloud model.
 Higher Security and Privacy
 More Control
 Cost and energy efficiency
Disadvantages
Here are the disadvantages of using private cloud model:
 Restricted Area
 Inflexible Pricing
 Limited Scalability
 Additional Skills
Hybrid Cloud Model
The Hybrid Cloud is mixture of public and private cloud. Non Critical activities are
performed using public cloud while the critical activities are performed using private cloud.
Benefits
Here are the benefits of deploying cloud as hybrid cloud model:
 Scalability
 Flexibility
 Cost Efficiencies
Disadvantages
Here are the disadvantages of Hybrid Cloud Model:
 Networking Issues
 Security Compliance
 Infrastructural Dependency
Community Cloud Model
The Community Cloud allows system and services to be accessible by group of organizations.
It shares the infrastructure between several organizations from a specific community. It may be
managed internally or by the third-party.

Benefits
Here are the benefits of deploying cloud as community cloud model:
 Cost effective
 Sharing Between Organizations
 Security
Issues
 Since all data is housed at one location, therefore one must be careful in storing data in
community cloud because it might be accessible by others.
 It is also challenging to allocate responsibilities of governance, security and cost.

Cloud Service Models

Following are the cloud service models:
 Infrastructure as a Service(IaaS) Model
  Platform as a Service(PaaS) Model
 Software as a Service(SaaS) Model
 Identity as a Service(IDaaS) Model
 Network as a Service(NaaS) Model
Infrastructure as a Service(IaaS)
IaaS provides access to fundamental resources such as physical machines, virtual machines,
virtual storage etc. Apart from these resource the IaaS also offers:
 Virtual machine disk storage
 Virtual local area network (VLANs)
 Load balancers
 IP addresses
 Software bundles
All of the above resources are made available to end user via server virtualization. Moreover,
these resources are accessed by the customers as if they own them.
Benefits
IaaS allows the cloud provider to freely locate the infrastructure over the internet in cost-
effective manner. Some of the key benefits of IaaS are listed below:
 Full Control of the computing resources through Administrative Access to VMs.
 Flexible and Efficient renting of Computer Hardware.
 Portability, Interoperability with Legacy Applications.
Issues
Here are the issues associated with IaaS:
 Compatibility with Legacy Security Vulnerabilities
 Virtual Machine Sprawl
 Robustness of VM-level Isolation
 Data Erase Practices
Characteristics
Here are the characteristics of IaaS service model:
 Virtual machines with pre-installed software.
 Virtual machines with pre-installed Operating Systems such as windows, Linux, and
Solaris.
 On-demand availability of resources.
 Allows to store copies of particular data in different locations.
 The computing resources can be easily scaled up and down.
Platform as a Service(PaaS)
PaaS offers the run time environment for applications. It also offers development &
deployment tools, required to develop applications. PaaS has a feature of point-and-click tools
that enables non-developers to create web applications.
The following diagram shows how PaaS offers an API and development tools to the developers
and how it helps the end user to access business applications.
Benefits
Following are the benefits of PaaS model:
 Lower administrative overhead
 Lower total cost of ownership
 Scalable Solutions
 More current system software
Issues
Like SaaS, PaaS also place significant burdens on consumer's browsers to maintain reliable and
secure connections to the provider systems. Therefore, PaaS shares many of the issues of SaaS.
However, there are some specific issues associated with PaaS as listed below:
 Lack of portability between PaaS clouds
 Event Based Processor Scheduling
 Security Engineering of PaaS applications
Software as a Service (SaaS)
Software as a Service(SaaS) model allows to provide software applications as a service to the
end users. It refers to a software that is deployed on a hosted service and is accessible via
internet. There are several SaaS applications. Some of them are listed below:
 Billing and Invoicing System
 Customer Relationship Management (CRM) applications
 Help Desk Applications
 Human Resource (HR) Solutions
Characteristics
Here are the characteristics of SaaS service model:
 SaaS makes the software available over the internet.
 The Software are maintained by the vendor rather than where they are running.
 The license to the software may be subscription based or usage based. And it is billed on
recurring basis.
 SaaS applications are cost effective since they do not require any maintenance at end
user side.
 They are available on demand.
 They can be scaled up or down on demand.
 They are automatically upgraded and updated.
 SaaS offers share data model. Therefore multiple users can share single instance of
infrastructure. It is not required to hard code the functionality for individual users.
 All users are running same version of the software.
Benefits
Using SaaS has proved to be beneficial in term of scalability, efficiency, performance and much
more. Some of the benefits are listed below:
 Modest Software Tools
 Efficient use of Software Licenses
 Centralized Management & Data
 Platfrom responsibilities managed by provider
 Multitenant solutions.
Issues
There are several issues associated with SaaS. Some of them are listed below:
 Browser based risks
 Network dependence
 Lack of portability between SaaS clouds
Identity as a Service(IDaaS)
Overview
Employees in a company require to login to system to perform various tasks. These systems
may be based on local server or cloud based. Following are the problems that an employee
might face:
 Remembering different username and password combinations for accessing multiple
servers.
 If an employee leaves the company, It's required to ensure that each of the user's account
has been disabled. This increases workload on IT staff.
To solve above problems, a new technique emerged which is known as Identity as a Service
(IDaaS).
IDaaS offers management of identity (information) as a digital entity. This identity can be used
during electronic transactions.
Identity
Identity refers to set of attributes associated with something and make it recognizable. All
objects may have some same attributes but their identity can not be the same. This unique
identity is assigned through unique identification attribute.
There are several identity services that have been deployed to validate services such as validating web
sites, transactions, transaction participants, client etc. Identity as a Service may include the following:
 Directory Services
 Federated Services
 Registration
 Authentication Services
 Risk and Event monitoring
 Single sign-on services
 Identity and Profile management
Single Sign-On (SSO)
To solve the problem of using different username & password combination for different servers,
companies now employ Single Sign-On software, which allows the user to login only one time
and manages the user's access to other systems.
SSO has single authentication server, managing multiple access to other systems, as shown in
the following diagram:
Federated Identity Management(FIDM)
FIDM describes the technologies and protocols that enable a user to package security
credentials across security domains. It uses Security Markup Language (SAML) to package a
user's security credentials as shown in the following diagram:

OpenID
It offers users to login multiple websites with single account. Google, Yahoo!, Flickr, MySpace,
WordPress.com are some of the companies that support OpenID.
Benefits
 Increased site conversation rates.
 Access to greater user profile content.
 Fewer problems with lost passwords.
 Ease of content integration into social networking sites.
Network as a Service(NaaS)
Overview
Networks as a Service allows us to access to network infrastructure directly and securely.
NaaS makes it possible to deploy custom routing protocols.
NaaS uses virtualized network infrastructure to provide network services to the consumer. It
is the responsibility of NaaS provider to maintain and manage the network resources, which
decreases the workload from the consumer. Moreover, NaaS offers network as a utility.
Mobile NaaS
Mobile NaaS offers more efficient and flexible control over mobile devices. It uses
virtualization to simplify the architecture to create more efficient processes.
NaaS Benefits
NaaS offers a number of benefits, some of the are discussed below:
 Independence
 Analytics
 Resilience
 Ease of Adding new Service Elements
 Isolation of customer traffic
 Support Models

Cloud Management Tasks

Cloud Management involves a number of tasks to be performed by the cloud provider to ensure
efficient use of cloud resources. Here, we will discuss some of these tasks:
 Audit System Backups
 System's Data Flow Management
 Ensuring no Vendor Lock-in
 Provider's security procedures
 Monitor Capacity Planning and Scaling Capabilities
 Monitor Audit-Log Use
 Solution testing and Validation

Cloud Data Storage

Cloud Storage is a service that allows to save data on offsite storage system managed by third
party and is made accessible by a web services API.
Storage Devices
Storage devices can be broadly classified into two categories:
 Block Storage Devices
 File Storage Devices
Block Storage Devices
Block Storage Devices offers the raw storage to the clients. This raw storage can be partitioned
to create volumes.
File Storage Devices
File Storage Devices offers storage to clients in form of files, maintaining its own file system.
This storage is in the form of Network Attached Storage (NAS).
Cloud Storage Classes
Cloud Storage can be broadly classified into two categories:
 Unmanaged Cloud Storage
 Managed Cloud Storage
Unmanaged Cloud Storage
Unmanaged Cloud Storage means that the storage is preconfigured for the consumer. The
consumer can not format nor the consumer can install own file system or change drive
properties.
Managed Cloud Storage
Managed Cloud Storage offers online storage space on demand. Managed cloud storage system
presents what appears to the user to be a raw disk that the user can partition and format.

Virtual Storage Containers

Virtual storage containers offer high performance cloud storage systems. Logical Unit
Number (LNU) of device, files and other objects are created in virtual storage containers.
Following diagram shows a virtual storage container, defining a cloud storage domain:

Challenges
Storing the data in cloud is not that simple task. Apart from its flexibility and convenience, it
also has several challenges faced by the consumers. The consumers require ability to:
 Provision additional storage on demand.
 Know and restrict the physical location of the stored data.
 Verify how data was erased?
 Have access to a documented process for surely disposing of data storage hardware.
 Administrator access control over data.

Virtualization Concept
Creating a virtual machine over existing operating system and hardware is referred as Hardware
Virtualization. Virtual Machines provide an environment that is logically separated from the
underlying hardware.
Types of Hardware Virtualization
Here are the three types of hardware virtualization:
1. Full Virtualization
2. Emulation Virtualization
3. Paravirtualization
Full Virtualization
In Full Virtualization, the underlying hardware is completely simulated. Guest software do not
require any modification to run.

Emulation Virtualization
In Emulation, the virtual machine simulates the hardware and hence become independent of the
it. In this, the guest operating system does not require modification.
Securing the Cloud
Security in cloud computing is a major concern. Data in cloud should be stored in encrypted
form. To restrict client from direct accessing the shared data, proxy and brokerage services
should be employed.
Encryption
Encryption helps to protect data from being compromised. It protects data that is being
transferred as well as data stored in the cloud. Although encryption helps to protect data from
any unauthorized access, it does not prevent from data loss.
Cloud Computing Operations
Overview
Cloud computing operation refers to delivering superior cloud service. Today cloud computing
operations have become very popular and widely employed by many of the organizations just
because, it allows to perform all business operations over the internet.
These operations can be performed using a web application or mobile based applications. There
are a number of operations that are performed in cloud, some of them are shown in the
following diagram:

Managing Cloud Operations

There are several ways to manage day to day cloud operations,
 Always employ right tools and resources to perform any function in the cloud.
 Things should be done at right time and at right cost.
 Selecting an appropriate resource is mandatory for operation management.
 The process should be standardized and automated to avoid repetitive tasks.
 Using efficient process will eliminate the waste and redundancy.
 One should maintain the quality of service to avoid re-work later.

Cloud Applications
Cloud Computing has its applications in almost all the fields such as business, entertainment,
data storage, social networking, management, entertainment, education, art and global
positioning system etc. Some of the widely famous cloud computing applications are discusses
here in this tutorial:
Business Applications
Cloud computing has made business more collaborative and easy by incorporating various apps
such as MailChimp, Chatter, Google Apps for business, and Quickbooks.
Social Applications
There are several social networking services providing websites such as Facebook, Twitter etc.
SN Application Description
Facebook
1
Facebook offer social networking service. One can share photos, videos, files, status and much more.
Twitter
2 Twitter helps to interact directly with the public. Once can follow any celebrity, organization and any person
who is on twitter and can have latest updates regarding the same.

Entertainment Applications
Cloud Computing Challenges
Cloud computing, an emergence technology, have placed many challenges in different aspects.
Some of these are shown in the following diagram:
Security & Privacy
Security and Privacy of information is the biggest challenge to cloud computing. To get out of
security and privacy issues can be over come by employing encryption, security hardware and
security applications.
Portability
This is another challenge to cloud computing that applications should easily be migrated form
one cloud provider to another. There should not be vendor-lock in. However, it is not yet made
possible because each of the cloud provider use different standard languages for their platforms.
Interoperability
Application on one platform should be able to incorporate services from other platfrom. It is
made possible via web services. But this writing such web services is very complex.
Computing Performance
To deliver data intensive applications on cloud requires high network bandwidth which result in
high cost. If done at low bandwidth, then it does not meet the required computing performance
of cloud application.
Reliability and Availability
It is necessary for cloud systems to be reliable and robust because most of the business are now
becoming dependent on services provided by third party.
Mobile Cloud Computing
Cloud Computing offers such smartphones that have rich internet media experience and require
less processing, less power. In term of Mobile Cloud Computing, processing is done in cloud,
data is stored in cloud. And the mobile devices serve as a media for display.
Today smartphones are employed with rich cloud services by integrating applications that
consume web services. These web services are deployed in cloud.
There are several Smartphone operating systems available such as Google's Android, Apple's
iOS, RIM BlackBerry, Symbian, and Windows Mobile Phone. Each of these platform
support third party applications that are deployed in cloud.
Architecture
MCC includes four types of cloud resources:
 Distant mobile cloud
 Distant immobile cloud
 Proximate mobile computing entities
 Proximate immobile computing entities
 Hybrid

Issues
Despite of having significant development in field of mobile computing, there still exists many
issues:
Emergency efficient transmission
There should be a frequent transmission of information between cloud and the mobile devices.
Architectural Issues
Mobile cloud computing is required to make architectural neutral because of heterogeneous
environment.
Live VM migration
It is challenging to migrate an application which is resource-intensive to cloud and to execute it
via. Virtual Machine .
Mobile Communication Congestion
Due to continuous increase demand for mobile cloud services, the workload to enable smooth
communication between cloud and mobile devices has been increased.
Security and Privacy
This is one of the major issue because mobile users share their personal information over the
cloud.

Internet of Things - Overview

IoT systems allow users to achieve deeper automation, analysis, and integration within a
system. They improve the reach of these areas and their accuracy. IoT utilizes existing and
emerging technology for sensing, networking, and robotics.
IoT exploits recent advances in software, falling hardware prices, and modern attitudes towards
technology. Its new and advanced elements bring major changes in the delivery of products,
goods, and services; and the social, economic, and political impact of those changes.
IoT − Key Features
The most important features of IoT include artificial intelligence, connectivity, sensors, active
engagement, and small device use. A brief review of these features is given below −
 AI − IoT essentially makes virtually anything “smart”, meaning it enhances every aspect
of life with the power of data collection, artificial intelligence algorithms, and networks.
This can mean something as simple as enhancing your refrigerator and cabinets to detect
 when milk and your favorite cereal run low, and to then place an order with your
preferred grocer.
 Connectivity − New enabling technologies for networking, and specifically IoT
networking, mean networks are no longer exclusively tied to major providers. Networks
can exist on a much smaller and cheaper scale while still being practical. IoT creates
these small networks between its system devices.
 Sensors − IoT loses its distinction without sensors. They act as defining instruments
which transform IoT from a standard passive network of devices into an active system
capable of real-world integration.
 Active Engagement − Much of today's interaction with connected technology happens
through passive engagement. IoT introduces a new paradigm for active content, product,
or service engagement.
 Small Devices − Devices, as predicted, have become smaller, cheaper, and more
powerful over time. IoT exploits purpose-built small devices to deliver its precision,
scalability, and versatility.
IoT − Advantages
The advantages of IoT span across every area of lifestyle and business. Here is a list of some of
the advantages that IoT has to offer −
 Improved Customer Engagement − Current analytics suffer from blind-spots and
significant flaws in accuracy; and as noted, engagement remains passive. IoT completely
transforms this to achieve richer and more effective engagement with audiences.
 Technology Optimization − The same technologies and data which improve the
customer experience also improve device use, and aid in more potent improvements to
technology. IoT unlocks a world of critical functional and field data.
 Reduced Waste − IoT makes areas of improvement clear. Current analytics give us
superficial insight, but IoT provides real-world information leading to more effective
management of resources.
 Enhanced Data Collection − Modern data collection suffers from its limitations and its
design for passive use. IoT breaks it out of those spaces, and places it exactly where
humans really want to go to analyze our world. It allows an accurate picture of
everything.
IoT − Disadvantages
Though IoT delivers an impressive set of benefits, it also presents a significant set of
challenges. Here is a list of some its major issues −
 Security − IoT creates an ecosystem of constantly connected devices communicating
over networks. The system offers little control despite any security measures. This
leaves users exposed to various kinds of attackers.
 Privacy − The sophistication of IoT provides substantial personal data in extreme detail
without the user's active participation.
 Complexity − Some find IoT systems complicated in terms of design, deployment, and
maintenance given their use of multiple technologies and a large set of new enabling
technologies.
 Flexibility − Many are concerned about the flexibility of an IoT system to integrate
easily with another. They worry about finding themselves with several conflicting or
locked systems.
  Compliance − IoT, like any other technology in the realm of business, must comply with
regulations. Its complexity makes the issue of compliance seem incredibly challenging
when many consider standard software compliance a battle.

Internet of Things - Hardware

The hardware utilized in IoT systems includes devices for a remote dashboard, devices for
control, servers, a routing or bridge device, and sensors. These devices manage key tasks and
functions such as system activation, action specifications, security, communication, and
detection to support-specific goals and actions.
IoT − Sensors
The most important hardware in IoT might be its sensors. These devices consist of energy
modules, power management modules, RF modules, and sensing modules. RF modules manage
communications through their signal processing, WiFi, ZigBee, Bluetooth, radio transceiver,
duplexer, and BAW.
Wearable Electronics
Wearable electronic devices are small devices worn on the head, neck, arms, torso, and feet.
Current smart wearable devices include −
 Head − Helmets, glasses
 Neck − Jewelry, collars
 Arm − Watches, wristbands, rings
 Torso − Clothing, backpacks
 Feet − Socks, shoes
Standard Devices
The desktop, tablet, and cellphone remain integral parts of IoT as the command center and
remotes.
 The desktop provides the user with the highest level of control over the system and its
settings.
 The tablet provides access to the key features of the system in a way resembling the
desktop, and also acts as a remote.
 The cellphone allows some essential settings modification and also provides remote
functionality.
Other key connected devices include standard network devices like routers and switches.

Internet of Things - Software

IoT software addresses its key areas of networking and action through platforms, embedded
systems, partner systems, and middleware. These individual and master applications are
responsible for data collection, device integration, real-time analytics, and application and
process extension within the IoT network. They exploit integration with critical business
systems (e.g., ordering systems, robotics, scheduling, and more) in the execution of related
tasks.
Data Collection
This software manages sensing, measurements, light data filtering, light data security, and
aggregation of data. It uses certain protocols to aid sensors in connecting with real-time,
machine-to-machine networks. Then it collects data from multiple devices and distributes it in
accordance with settings. It also works in reverse by distributing data over devices. The system
eventually transmits all collected data to a central server.
Device Integration
Software supporting integration binds (dependent relationships) all system devices to create the
body of the IoT system. It ensures the necessary cooperation and stable networking between
devices. These applications are the defining software technology of the IoT network because
without them, it is not an IoT system. They manage the various applications, protocols, and
limitations of each device to allow communication.
Real-Time Analytics
These applications take data or input from various devices and convert it into viable actions or
clear patterns for human analysis. They analyze information based on various settings and
designs in order to perform automation-related tasks or provide the data required by industry.
Application and Process Extension
These applications extend the reach of existing systems and software to allow a wider, more
effective system. They integrate predefined devices for specific purposes such as allowing
certain mobile devices or engineering instruments access. It supports improved productivity and
more accurate data collection.

Internet of Things - Technology and Protocols

IoT primarily exploits standard protocols and networking technologies. However, the major
enabling technologies and protocols of IoT are RFID, NFC, low-energy Bluetooth, low-energy
wireless, low-energy radio protocols, LTE-A, and WiFi-Direct. These technologies support the
specific networking functionality needed in an IoT system in contrast to a standard uniform
network of common systems.
NFC and RFID
RFID (radio-frequency identification) and NFC (near-field communication) provide simple,
lowenergy, and versatile options for identity and access tokens, connection bootstrapping, and
payments.
 RFID technology employs 2-way radio transmitter-receivers to identify and track tags
associated with objects.
 NFC consists of communication protocols for electronic devices, typically a mobile
device and a standard device.
Low-Energy Bluetooth
This technology supports the low-power, long-use need of IoT function while exploiting a
standard technology with native support across systems.
Low-Energy Wireless
This technology replaces the most power hungry aspect of an IoT system. Though sensors and
other elements can power down over long periods, communication links (i.e., wireless) must
remain in listening mode. Low-energy wireless not only reduces consumption, but also extends
the life of the device through less use.
Radio Protocols
ZigBee, Z-Wave, and Thread are radio protocols for creating low-rate private area networks.
These technologies are low-power, but offer high throughput unlike many similar options. This
increases the power of small local device networks without the typical costs.
LTE-A
LTE-A, or LTE Advanced, delivers an important upgrade to LTE technology by increasing not
only its coverage, but also reducing its latency and raising its throughput. It gives IoT a
tremendous power through expanding its range, with its most significant applications being
vehicle, UAV, and similar communication.
WiFi-Direct
WiFi-Direct eliminates the need for an access point. It allows P2P (peer-to-peer) connections
with the speed of WiFi, but with lower latency. WiFi-Direct eliminates an element of a network
that often bogs it down, and it does not compromise on speed or throughput.

Internet of Things - Common Uses

IoT has applications across all industries and markets. It spans user groups from those who want
to reduce energy use in their home to large organizations who want to streamline their
operations. It proves not just useful, but nearly critical in many industries as technology
advances and we move towards the advanced automation imagined in the distant future.
Engineering, Industry, and Infrastructure
Applications of IoT in these areas include improving production, marketing, service delivery,
and safety. IoT provides a strong means of monitoring various processes; and real transparency
creates greater visibility for improvement opportunities.
Government and Safety
IoT applied to government and safety allows improved law enforcement, defense, city planning,
and economic management. The technology fills in the current gaps, corrects many current
flaws, and expands the reach of these efforts.
Home and Office
In our daily lives, IoT provides a personalized experience from the home to the office to the
organizations we frequently do business with. This improves our overall satisfaction, enhances
productivity, and improves our health and safety. For example, IoT can help us customize our
office space to optimize our work.
Health and Medicine
IoT pushes us towards our imagined future of medicine which exploits a highly integrated
network of sophisticated medical devices. Today, IoT can dramatically enhance medical
research, devices, care, and emergency care. The integration of all elements provides more
accuracy, more attention to detail, faster reactions to events, and constant improvement while
reducing the typical overhead of medical research and organizations.

IoT - Media, Marketing, & Advertising

The applications of IoT in media and advertising involve a customized experience in which the
system analyzes and responds to the needs and interests of each customer. This includes their
general behavior patterns, buying habits, preferences, culture, and other characteristics.
Marketing and Content Delivery
IoT functions in a similar and deeper way to current technology, analytics, and big data.
Existing technology collects specific data to produce related metrics and patterns over time,
however, that data often lacks depth and accuracy.
Improved Advertising
Current advertising suffers from excess and poor targeting. Even with today's analytics, modern
advertising fails. IoT promises different and personalized advertising rather than one-size-fitsall
strategies. It transforms advertising from noise to a practical part of life because consumers
interact with advertising through IoT rather than simply receiving it. This makes advertising
more functional and useful to people searching the marketplace for solutions or wondering if
those solutions exist.

IoT - Environmental Monitoring

The applications of IoT in environmental monitoring are broad − environmental protection,
extreme weather monitoring, water safety, endangered species protection, commercial farming,
and more. In these applications, sensors detect and measure every type of environmental
change.
Air and Water Pollution
Current monitoring technology for air and water safety primarily uses manual labor along with
advanced instruments, and lab processing. IoT improves on this technology by reducing the
need for human labor, allowing frequent sampling, increasing the range of sampling and
monitoring, allowing sophisticated testing on-site, and binding response efforts to detection
systems. This allows us to prevent substantial contamination and related disasters.
Extreme Weather
Though powerful, advanced systems currently in use allow deep monitoring, they suffer from
using broad instruments, such as radar and satellites, rather than more granular solutions. Their
instruments for smaller details lack the same accurate targeting of stronger technology.
Commercial Farming
Today's sophisticated commercial farms have exploited advanced technology and biotechnology
for quite some time, however, IoT introduces more access to deeper automation and
analysis.Much of commercial farming, like weather monitoring, suffers from a lack of precision
and requires human labor in the area of monitoring. Its automation also remains limited.

IoT - Manufacturing Applications

Manufacturing technology currently in use exploits standard technology along with modern
distribution and analytics. IoT introduces deeper integration and more powerful analytics. This
opens the world of manufacturing in a way never seen before, as organizations become
fullydeveloped for product delivery rather than a global network of suppliers, makers, and
distributors loosely tied together.
Intelligent Product Enhancements
Much like IoT in content delivery, IoT in manufacturing allows richer insight in real-time. This
dramatically reduces the time and resources devoted to this one area, which traditionally
requires heavy market research before, during, and well after the products hit the market.
Dynamic Response to Market Demands
Supplying the market requires maintaining a certain balance impacted by a number of factors
such as economy state, sales performance, season, supplier status, manufacturing facility status,
distribution status, and more. The expenses associated with supply present unique challenges
given today's global partners. The associated potential or real losses can dramatically impact
business and future decisions.
Lower Costs, Optimized Resource Use, and Waste Reduction
IoT offers a replacement for traditional labor and tools in a production facility and in the overall
chain which cuts many previously unavoidable costs; for example, maintenance checks or tests
traditionally requiring human labor can be performed remotely with instruments and sensors of
an IoT system.
Improved Facility Safety
A typical facility suffers from a number of health and safety hazards due to risks posed by
processes, equipment, and product handling. IoT aids in better control and visibility. Its
monitoring extends throughout the network of devices for not only performance, but for
dangerous malfunctions and usage. It aids (or performs) analysis and repair, or correction, of
critical flaws.
Product Safety
Even the most sophisticated system cannot avoid malfunctions, nonconforming product, and
other hazards finding their way to market. Sometimes these incidents have nothing to do with
the manufacturing process, and result from unknown conflicts.

Internet of Things - Energy Applications

The optimization qualities of IoT in manufacturing also apply to energy consumption. IoT
allows a wide variety of energy control and monitoring functions, with applications in devices,
commercial and residential energy use, and the energy source. Optimization results from the
detailed analysis previously unavailable to most organizations and individuals.
Residential Energy
The rise of technology has driven energy costs up. Consumers search for ways to reduce or
control consumption. IoT offers a sophisticated way to analyze and optimize use not only at
device level, but throughout the entire system of the home. This can mean simple switching off
or dimming of lights, or changing device settings and modifying multiple home settings to
optimize energy use.
Commercial Energy
Energy waste can easily and quietly impact business in a major way, given the tremendous
energy needs of even small organizations. Smaller organizations wrestle with balancing costs of
business while delivering a product with typically smaller margins, and working with limited
funding and technology. Larger organizations must monitor a massive, complex ecosystem of
energy use that offers few simple, effective solutions for energy use management.
Reliability
The analytics and action delivered by IoT also help to ensure system reliability. Beyond
consumption, IoT prevents system overloads or throttling. It also detects threats to system
performance and stability, which protects against losses such as downtime, damaged equipment,
and injuries.

Internet of Things - Healthcare Applications

IoT systems applied to healthcare enhance existing technology, and the general practice of
medicine. They expand the reach of professionals within a facility and far beyond it. They
increase both the accuracy and size of medical data through diverse data collection from large
sets of real-world cases. They also improve the precision of medical care delivery through more
sophisticated integration of the healthcare system.
Research
Much of current medical research relies on resources lacking critical real-world information. It
uses controlled environments, volunteers, and essentially leftovers for medical examination. IoT
opens the door to a wealth of valuable information through real-time field data, analysis, and
testing.
Care
Perhaps the greatest improvement IoT brings to healthcare is in the actual practice of medicine
because it empowers healthcare professionals to better use their training and knowledge to solve
problems. They utilize far better data and equipment, which gives them a window into blind
spots and supports more swift, precise actions. Their decision-making is no longer limited by
the disconnects of current systems, and bad data.
Medical Information Distribution
One of the challenges of medical care is the distribution of accurate and current information to
patients. Healthcare also struggles with guidance given the complexity of following guidance.
IoT devices not only improve facilities and professional practice, but also health in the daily
lives of individuals.
Emergency Care
The advanced automation and analytics of IoT allows more powerful emergency support
services, which typically suffer from their limited resources and disconnect with the base
facility. It provides a way to analyze an emergency in a more complete way from miles away. It
also gives more providers access to the patient prior to their arrival. IoT gives providers critical
information for delivering essential care on arrival. It also raises the level of care available to a
patient received by emergency professionals. This reduces the associated losses, and improves
emergency healthcare.

IoT - Building/Housing Applications

IoT applied to buildings and various structures allows us to automate routine residential and
commercial tasks and needs in a way that dramatically improves living and working
environments. This, as seen with manufacturing and energy applications, reduces costs,
enhances safety, improves individual productivity, and enhances quality of life.
Environment and Conditioning
One of the greatest challenges in the engineering of buildings remains management of
environment and conditions due to many factors at work. These factors include building
materials, climate, building use, and more. Managing energy costs receives the most attention,
but conditioning also impacts the durability and state of the structure.
Health and Safety
Buildings, even when constructed with care, can suffer from certain health and safety issues.
These issues include poor performing materials, flaws that leave the building vulnerable to
extreme weather, poor foundations, and more.
Productivity and Quality of Life
Beyond safety or energy concerns, most people desire certain comforts from housing or
commercial spaces like specific lighting and temperature. IoT enhances these comforts by
allowing faster and easier customizing.
Adjustments also apply to the area of productivity. They personalize spaces to create an
optimized environment such as a smart office or kitchen prepared for a specific individual.

IoT - Transportation Applications

At every layer of transportation, IoT provides improved communication, control, and data
distribution. These applications include personal vehicles, commercial vehicles, trains, UAVs,
and other equipment. It extends throughout the entire system of all transportation elements such
as traffic control, parking, fuel consumption, and more.
Rails and Mass Transit
Current systems deliver sophisticated integration and performance, however, they employ older
technology and approaches to MRT. The improvements brought by IoT deliver more complete
control and monitoring. This results in better management of overall performance, maintenance
issues, maintenance, and improvements.
Road
The primary concerns of traffic are managing congestion, reducing accidents, and parking. IoT
allows us to better observe and analyze the flow of traffic through devices at all traffic
observation points. It aids in parking by making storage flow transparent when current methods
offer little if any data.

Automobile
Many in the automotive industry envision a future for cars in which IoT technology makes cars
“smart,” attractive options equal to MRT. IoT offers few significant improvements to personal
vehicles. Most benefits come from better control over related infrastructure and the inherent
flaws in automobile transport; however, IoT does improve personal vehicles as personal spaces.
IoT brings the same improvements and customization to a vehicle as those in the home.
Commercial Transportation
Transportation benefits extend to business and manufacturing by optimizing the transport arm
of organizations. It reduces and eliminates problems related to poor fleet management through
better analytics and control such as monitoring idling, fuel consumption, travel conditions, and
travel time between points. This results in product transportation operating more like an aligned
service and less like a collection of contracted services.

Internet of Things - Education Applications

IoT in the classroom combines the benefits of IoT in content delivery, business, and healthcare.
It customizes and enhances education by allowing optimization of all content and forms of
delivery. It enables educators to give focus to individuals and their method. It also reduces costs
and labor of education through automation of common tasks outside of the actual education
process.
Education Organizations
Education organizations typically suffer from limited funding, labor issues, and poor attention
to actual education. They, unlike other organizations, commonly lack or avoid analytics due to
their funding issues and the belief that analytics do not apply to their industry.
IoT not only provides valuable insight, but it also democratizes that information through
lowcost, low-power small devices, which still offer high performance. This technology aids in
managing costs, improving the quality of education, professional development, and facility
management improvement through rich examinations
Personalized Education
IoT facilitates the customization of education to give every student access to what they need.
Each student can control their experience and participate in instructional design, and much of
this happens passively. The student simply utilizes the system, and performance data primarily
shapes their design. This combined with organizational and educator optimization delivers
highly effective education while reducing costs.

Internet of Things - Government Applications

IoT supports the development of smart nations and smart cities. This includes enhancement of
infrastructure previously discussed (e.g., healthcare, energy, transportation, etc.), defense, and
also the engineering and maintenance of communities.
City Planning and Management
Governing bodies and engineers can use IoT to analyze the often complex aspects of city
planning and management. IoT simplifies examining various factors such as population growth,
zoning, mapping, water supply, transportation patterns, food supply, social services, and land
use.
Creating Jobs
IoT offers thorough economic analysis. It makes previous blind spots visible and supports better
economic monitoring and modeling. It analyzes industry and the marketplace to spot
opportunities for growth and barriers.
National Defense
National threats prove diverse and complicated. IoT augments armed forces systems and
services, and offers the sophistication necessary to manage the landscape of national defense. It
supports better protection of borders through inexpensive, high performance devices for rich
control and observation.

IoT - Law Enforcement Applications

IoT enhances law enforcement organizations and practice, and improves the justice system. The
technology boosts transparency, distributes critical data, and removes human intervention where
it proves unnecessary.
Policing
Law enforcement can be challenging. IoT acts as an instrument of law enforcement which
reduces manual labor and subjective decisions through better data, information sharing, and
advanced automation. IoT systems shave costs by reducing human labor in certain areas such as
certain traffic violations.
Court System
Current court systems utilize traditional technology and resources. They generally do not
exploit modern analytics or automation outside of minor legal tasks. IoT brings superior
analytics, better evidence, and optimized processes to court systems which accelerate processes,
eliminate excessive procedures, manage corruption, reduce costs, and improve satisfaction.

Internet of Things - Consumer Applications

Consumers benefit personally and professionally from the optimization and data analysis of
IoT. IoT technology behaves like a team of personal assistants, advisors, and security. It
enhances the way we live, work, and play.
Work
A smart office or other workspace combines customization of the work environment with smart
tools. IoT learns about you, your job, and the way you work to deliver an optimized
environment. This results in practical accommodations like adjusting the room temperature, but
also more advanced benefits like modifying your schedule and the tools you use to increase
your output and reduce your work time. IoT acts as a manager and consultant capable of seeing
what you cannot.

Internet of Things - Security

Every connected device creates opportunities for attackers. These vulnerabilities are broad, even
for a single small device. The risks posed include data transfer, device access, malfunctioning
devices, and always-on/always-connected devices.
The main challenges in security remain the security limitations associated with producing
lowcost devices, and the growing number of devices which creates more opportunities for
attacks.

Security Spectrum
The definition of a secured device spans from the most simple measures to sophisticated
designs. Security should be thought of as a spectrum of vulnerability which changes over time
as threats evolve.
Security must be assessed based on user needs and implementation. Users must recognize the
impact of security measures because poorly designed security creates more problems than it
solves.
Cyber Attacks
IoT devices expose an entire network and anything directly impacted to the risk of attacks.
Though those connections deliver powerful integration and productivity, they also create the
perfect opportunity for mayhem like a hacked stove or fire safety sprinkler system. The best
measures against this address the most vulnerable points, and provide custom protections such
as monitoring and access privileges.
Some of the most effective measures against attacks prove simple −
 Built-in Security − Individuals and organizations should seek hardened devices,
meaning those with security integrated in the hardware and firmware.
 Encryption − This must be implemented by the manufacturer and through user systems.
 Risk Analysis − Organizations and individuals must analyze possible threats in
designing their systems or choosing them.
 Authorization − Devices, whenever possible, must be subject to privilege policies and
access methods.
Data Theft
Data, IoT's strength and weakness, proves irresistible to many. These individuals have a number
of reasons for their interest − the value of personal data to marketing/advertising, identity theft,
framing individuals for crimes, stalking, and a bizarre sense of satisfaction. Measures used to
fight attacks are also effective in managing this threat.