Module 4

IoT – Cloud Convergence

Module 4 Content
• Opportunities and Challenges
• Architectures for convergence
• Data offloading and computation
• Dynamic Resource Provisioning
• Security Aspects
SECURITY ASPECTS IN IOT CLOUD
CONVERGENCE
A"ack can be
on any layer of
IoT Arch.

28/03/24 4
Attack can be on any
of these layers –
Attack vectors.
IoT Security Architecture
•User- centric edge- based IoT security
architecture
•Device- centric edge- based IoT security
design
•End- to- end IoT security
•Firewalls implementation at the edge layer
•Intrusion detection system at the edge layer
Security and privacy for
data in motion
MOBILE/
Things
gateway CLOUD Enterprise
Data Data
Data Data

ACCESS ACCESS

Access
Access
Data in Transit
Data Security and Privacy

• Data Privacy - proper handling, processing,

storage and usage of personal information.

• Data Security - integrity of the data, meaning

data is accurate, reliable, and available to
authorized parties.
• Data security is a prerequisite for data
privacy.
28/03/24 8
IoT devices as Botnets

• IoT edge devices infected with

malicious code
• Vulnerable to a8acks and can be
harnessed into large botnets.
• Botnet a(acks on IoT devices
typically target data the7, DDoS
a(acks, and exploi<ng sensi<ve
informa<on.
IoT security challenges
Vulnerability in IoT Through
• Unsecure Communications
• Lack of IoT Security Updates- unable to automate
device patching
• Insufficient Authentication and Password Hygiene-
Weak, Guessable, or Hardcoded Passwords
• Insecure Network Services
• Use of Outdated Components
• Insecure Data Transfer and Storage
• Lack of Device Management
• Insecure Default Settings
• Outdated software
• Mismanagement of IoT
Connectivity
Cyberattacks on IoT devices
Most of these attacks occur due to
• misconfigurations of the devices
• weak passwords
• extensive use of third-party libraries - collections of code that vendors
may use in their devices' software—instead of writing code from
scratch.
• vendors update libraries very infrequently and they use outdated—
and often Vulnerable libraries
 IoT architecture is divided into several zones as
part of the threat modeling – Attack surfaces

•IoT Devices
•Gateway
•Cloud
•Services
Data Security and Privacy

• Data Privacy - proper handling, processing,

storage and usage of personal information.

• Data Security - integrity of the data, meaning

data is accurate, reliable, and available to
authorized parties.
• Data security is a prerequisite for data
privacy.
28/03/24 16
3/28/24 17
ACCESS CONTROL - Data Security
ACL or Access Control List is an implementation of access control, usually
represented as a table of privileges.

28/03/24 19
MFA(multiple Factor authentication)-AWS
Fine grained Permission to users
SafeNet -One-Time Password -Hardware
Tokens for AWS
• Strong Authentication at the
Touch of a Button
• Hand-held device with single
button
• No PIN needed
• Secure remote access
• Zero footprint - no required
software on end-user devices
Security Components in Cloud – IAM – Identity and
Access Management
authentication, authorization and verification

• multifactor authentication ( MFA ) and single sign-

on(SSO)
• Role-based Access Control (RBAC)
• Digital Identities
• Security Tokens, Identity Providers, etc.
IoT Security Framework
CAT- 2 Portions
•Module 3 – ML, Cloud architecture ,services
•Module 4 – IoT – cloud convergence, data off-
loading, security

28/03/24 27