y

nl
SECURITY AND

O
PRIVACY

se
CONCERNS IN IOT

rU
Session 4

te
en
C
h
ec
pt
rA
Fo
 OBJECTIVES

y
nl
O
In this session, you will learn to:

se
 Describe the role of IoT in the future

rU
 Explain the Security and Privacy issues and Challenges involved

te
 Explain Subscription based charges

en
 Explain the concept of Trust in IoT

C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 2

 INTRODUCTION 1/3

y
nl
O
se
rU
IoT is an information network connecting virtual and physical
objects

te
Closely linked to sensitive infrastructures and strategic

en
services

C
Enables people and objects to interact with each other

h
ec
Protects the information of users from exposure
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 3

 INTRODUCTION 2/3

y
nl
O
se
rU
Provides integrated services

te
en
The ‘things’ in the IoT environment transmits data

C
Interoperability of things is essential for functioning

h
ec
Fragmented data produce sensitive information
pt
rA
Fo

FUND
F uAnMdEaNmTeAnLtSa lOs FoIfOITo T © A©P TAEpCtHe cLhT DL t d . 4
 INTRODUCTION 3/3

y
nl
O
se
rU
te
en
C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 5

 FUTURE OF IOT 1/3

y
nl
O
se
rU
Major channel for interconnecting devices

te
en
Far-reaching access to all products

C
Applications are independent

h
ec Improve productivity and users’ life
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 6

 FUTURE OF IOT 2/3

y
nl
O
se
rU
te
Monitoring and Utility
Plants and Animals

en
Reporting

C
h
ec Information
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 7

 FUTURE OF IOT 3/3

y
nl
O
se
rU
te
en
C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 8

 SUBSCRIPTION BASED SERVICES 1/2

y
nl
O
se
Allows a customer or organization to purchase or subscribe the IT services

rU
Monitors operational and diagnostic information in real-time

te
en
Provides ‘As-a-Service’ model, which is centered on a pay-per-month/use

C
business

h
ec
Anticipate on-going value and inimitable experiences
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 9

 SUBSCRIPTION BASED SERVICES 2/2

y
nl
O
 ‘Pay-As-You-Go’ Model

se
rU
Payment system for cloud computing that charges based on usage

te
Users can choose CPU, OS, Networking capacity, Memory, and Security

en
C
Executed in cloud computing

h
ec
Enables a user to scale, modify, and set aside computing resources
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 10

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 1/13

y
nl
O
 IoT envisages as a universal network

se
rU
Wearable objects TV Refrigerator Smart phones

te
en
C
h
Inventory Lightings Supply chain items
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 11

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 2/13

y
nl
O
 IoT Infrastructure

se
rU
te
Sensors RFID Mobile technology

en
C
h
ec
Embedded or
Internet technology knowledge
Implanted systems
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 12

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 3/13

y
nl
O
se
rU
te
en
C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 13

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 4/13

y
nl
O
se
 Privacy for IoT

rU
Majority of IoT devices will be sensors

te
Sensors could generate a vast range of information

en
C
Data are gathered in the form of specific sensory states

h
ec
pt New privacy threats
rA
Fo

Fundamentals of IoT © Aptech Ltd. 14

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 5/13

y
nl
O
 Major Privacy Threats

se
Internet-connected Cars,
Unlawful

rU
components fitted wearables,
Surveillance
in various objects and, toys

te
en
Active Poltergeist
Objects that can be
Intrusion in

C
remotely operated phenomenon
Private Life

h
ec
Data
Collecting,
accumulating, and
‘Targeted
pt
Profiling marketing’
organizing the data
rA
Fo

Fundamentals of IoT © Aptech Ltd. 15

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 6/13

y
nl
O
 Privacy Risks Exposed to Users

se
rU
te
en
C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 16

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 7/13

y
nl
O
 Trust in IoT

se
rU
Accessibility

te
en
Privacy

C
h
ec
pt
Integrity
rA
Fo

Fundamentals of IoT © Aptech Ltd. 17

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 8/13

y
nl
O
 Trust in IoT

se
rU
te
en
C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 18

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 9/13

y
nl
O
 Security for IoT

se
rU
Protecting connected devices and networks in the IoT

te
en
Provides unique Identifiers

C
Conventional and unpatched embedded O/S and S/W

h
ec
Advent of Internet Protocol version 6 (IPv6) and Wifi
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 19

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 10/13

y
nl
O
 Security Issues in IoT

se
rU
te
Insufficient
Privacy Concerns Transport Encryption
Authentication

en
C
h
ec
Web Interface Insecure Software
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 20

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 11/13

y
nl
O
 Data for Security Issues

se
rU
te
en
C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 21

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 12/13

y
nl
O
 Nobody is Anonymous

se
Firms implant imperceptible sounds into the Web pages

rU
Uses cookies to communicate the information

te
en
Surveillance is the new business model

C
h
Cross-device tracking for Internet marketers
ec
pt
Internet surveillance economy
rA
Fo

Fundamentals of IoT © Aptech Ltd. 22

 PRIVACY AND SECURITY ISSUES AND CHALLENGE 13/13

y
nl
O
 Keeping Secrets

se
Manages sensitive information

rU
All vital security abilities depends on cryptography

te
en
Cryptography depends on secrets

C
h
Universal systems are hacked
ec
pt
Universal trust would be affected severely
rA
Fo

Fundamentals of IoT © Aptech Ltd. 23

 CRYPTOGRAPHY 1/7

y
nl
O
 Preserve secrets in the IoT

se
 Method of storing and transmitting data communication partners do not change frequently

rU
te
en
C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 24

 CRYPTOGRAPHY 2/7

y
nl
O
 Objectives

se
rU
te
Confidentiality Integrity

en
C
h
ec
Non-repudiation Authentication
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 25

 CRYPTOGRAPHY 3/7

y
nl
O
 Requirements

se
rU
te
en
Data Security Data Privacy

C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 26

 CRYPTOGRAPHY 4/7

y
nl
O
 Role and Assumptions

se
rU
Security and
Deal with
Deal with data privacy Store data

te
sensors
implications

en
C
Transmit data Receive data

h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 27

 CRYPTOGRAPHY 5/7

y
nl
O
 Data Transmission

se
rU
Comes from a reliable and approved source

te
en
The data are not tampered with during transmission

C
Data is secured from unauthorized access

h
ec
The data is harmonious with the requests
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 28

 CRYPTOGRAPHY 6/7

y
nl
O
 Processor Time and Resources

se
rU
More time and resources

te
en
Use of long keys in encryption is related to political or costs constrain

C
Encryption offers on network package

h
ec
Key exchange issues can be: Static and Dynamic
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 29

 CRYPTOGRAPHY 7/7

y
nl
O
 Data Storage

se
rU
Data should be protected when transmitting and storing it

te
en
Permanent, semi-permanent, and volatile

C
h
Capability of the system
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 30

 DIGITAL SIGNATURE 1/4

y
nl
O
se
rU
Validating the authenticity and integrity

te
en
Based on public key cryptography

C
h
Private and Public key algorithm
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 31

 DIGITAL SIGNATURE 2/4

y
nl
O
 Public key cryptography

se
rU
Verifies the reliability and authenticity of digital content

te
en
Reliability - digital content is not altered

C
h
Authenticity - same digital content has been issued by a well-

ec recognized entity
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 32

 DIGITAL SIGNATURE 3/4

y
nl
O
 Public key cryptography

se
 Secure Hash Algorithm

rU
Digests the Message

te
en
Difficult to forge digital content that generates a predefined hash
value

C
h
Two different digital contents generating the same hash value is nil
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 33

 DIGITAL SIGNATURE 4/4

y
nl
O
 Public key cryptography

se
 Digital Signature Process

rU
te
en
C
h
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 34

 CONCLUSION

y
nl
O
Various benefits to users

se
Users technological interaction

rU
te
Fuse the virtual and physical world together

en
Users require privacy

C
h
ec
Additional self-regulatory efforts
Privacy regulation
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 35

 SUMMARY

y
nl
O
 IoT privacy and security issues are the special considerations essential to protect the information of users

se
from exposure in the IoT environment, in which any physical or object can be given a unique identifier and
the ability to communicate freely over the Internet or any other similar network. The ‘things’ in the IoT

rU
environment transmits data autonomously and works in conjunction with ‘other things’ and
communicates with them.

te
 IoT will lead to increased awareness about environmental and social issues, as increasing users will have

en
access to the Internet and thus, will have access to new techniques and solutions for education,
environmental hazards, and health hazards.

C
 The On-going use of IoT devices is currently creating serious issues related to the privacy of users, on the

h
IoT security, and the possible threat of cyber criminals controlling sensors and smart devices connected to
the Internet.
ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 36

 SUMMARY

y
nl
O
 Trust management plays a significant role in IoT for consistent data fusion and data mining, competent

se
services with context-awareness, and improved user privacy and information security. It helps users to
overcome uncertainty and risk and take part in user approval and utilization on IoT services and applications.

rU
 Security concerns for the IoT are developing at a faster pace than the IoT itself. Tackling IoT related concerns
requires identifying the issues related to IoT security. The main issues relating to security of IoT are privacy

te
concerns, insufficient authorization; Web interfaces risks, transport encryption, and insecure software.

en
 Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it

C
is intended can read and process it.
 A digital signature is a mathematical technique used to validate the authenticity and integrity of a message,

h
software or digital document. Digital signatures are based on public key cryptography, also known as
asymmetric cryptography. ec
pt
rA
Fo

Fundamentals of IoT © Aptech Ltd. 37