Section B

a. Several Attacks Specifically Targeted at IoT

1. Distributed Denial of Service (DDoS):

IoT devices, often with limited processing capabilities and weak security, can be
exploited to form botnets. Attackers use these botnets to flood a network or service with
traffic, overwhelming it and causing it to become unavailable. For instance, the Mirai
botnet famously exploited unsecured IoT devices to launch massive DDoS attacks.
2. Man-in-the-Middle (MitM):
This attack occurs when a malicious actor intercepts communication between IoT devices
or between a device and the server. The attacker can eavesdrop or alter the transmitted
data, leading to potential breaches in sensitive information like passwords or commands.
3. Ransomware:
Hackers take over IoT devices and render them unusable until a ransom is paid. For
example, smart home systems could be locked, preventing the owner from controlling
their devices unless payment is made to the attacker.
4. Physical Attacks:
Since IoT devices are often deployed in remote or unsecured locations, attackers can
physically tamper with the hardware to steal data, alter device configurations, or
introduce malicious firmware.
5. Firmware Exploits:
Many IoT devices lack regular firmware updates, making them vulnerable to attacks
exploiting known software vulnerabilities.
6. Cross-Site Scripting (XSS):
IoT management interfaces that lack proper input validation can be exploited to inject
malicious scripts, compromising device operation and potentially exposing user data.

b. Definition of Cryptographic Controls Integrated into IoT Messaging and

Communication Protocols

Cryptographic controls in IoT involve the application of encryption, authentication, and integrity
mechanisms to secure communication between devices and networks. These controls aim to
prevent unauthorized access, ensure data confidentiality, and verify authenticity during data
exchange.

1. Symmetric Cryptography:
Involves using a shared secret key for encryption and decryption of messages. While
efficient, it requires secure key distribution, which can be challenging in IoT ecosystems
with numerous devices.
2. Asymmetric Cryptography:
Public-private key pairs are used for secure communication. A device uses a public key
to encrypt data, which the recipient decrypts with a private key. This ensures secure
communication even if the public key is exposed.
 3. Secure Communication Protocols:
Protocols like TLS/SSL (Transport Layer Security) and DTLS (Datagram Transport
Layer Security) encrypt data transmitted between IoT devices and servers, protecting it
from eavesdropping and MitM attacks.
4. Message Authentication Codes (MACs):
MACs verify the authenticity and integrity of messages exchanged between IoT devices,
ensuring that the data has not been tampered with during transmission.
5. Key Management:
Efficient key generation, distribution, and storage are critical to maintaining the integrity
of cryptographic systems in IoT. Public Key Infrastructure (PKI) is often used to manage
digital certificates and keys securely.

c. Access Management Solutions for IoT

Access management in IoT systems involves implementing mechanisms to ensure only

authorized users or devices can access IoT networks, devices, or data. Common solutions
include:

1. Role-Based Access Control (RBAC):

Permissions are assigned to users or devices based on their roles within the system. For
example, an administrator may have full access to an IoT device, while a regular user
might only be able to monitor its data.
2. Identity and Access Management (IAM):
IAM frameworks authenticate and authorize users and devices, providing a centralized
system to control access across a wide range of IoT endpoints.
3. Attribute-Based Access Control (ABAC):
Access decisions are based on multiple attributes, such as user location, time of request,
or the type of device making the request. This provides granular control over access
permissions.
4. Multi-Factor Authentication (MFA):
MFA requires users or devices to provide multiple forms of verification, such as a
password, a physical token, or biometric authentication. This greatly enhances security in
IoT systems.
5. Zero Trust Security Model:
This approach assumes no user or device is inherently trustworthy. Every access request
is thoroughly verified before granting permissions.
6. OAuth and OpenID Connect:
These frameworks enable secure access delegation, allowing users to grant access to their
IoT devices without sharing credentials.
7. Public Key Infrastructure (PKI):
PKI provides a foundation for securing communications and verifying device identities
using digital certificates.
 8. Access Tokens:
Used in lightweight IoT communication protocols like MQTT, access tokens facilitate
secure and efficient access control in resource-constrained devices.

d. Measures to Improve Privacy in WBSNs and Participatory Sensing

Applications

1. Data Encryption:
Encrypting data collected by wireless body sensors ensures its confidentiality during
transmission and storage. Modern encryption algorithms like AES-256 or RSA can
safeguard sensitive health information from unauthorized access.
2. Access Control and Anonymization:
Implementing strict access control policies ensures that only authorized individuals or
systems can view or use data. Anonymization techniques can further protect user identity
by removing or obfuscating personally identifiable information from datasets.

Additional measures include ensuring secure device pairing and minimizing unnecessary data
collection.

e. Interconnection Between Cloud and IoT Architecture

The cloud and IoT are deeply interconnected, forming a collaborative relationship that drives
modern IoT applications.

1. Data Storage and Processing:

IoT devices generate vast amounts of data, which are transmitted to the cloud for storage
and advanced processing. The cloud provides the computational power and storage
capacity that resource-constrained IoT devices lack.
2. Scalability:
Cloud platforms offer the flexibility to scale IoT deployments as needed, accommodating
increasing numbers of devices and data traffic without significant infrastructure changes.
3. Real-Time Analytics:
Cloud-based analytics tools process IoT data in real-time, providing actionable insights
for decision-making, such as monitoring industrial systems or tracking health metrics.
4. Centralized Management:
IoT devices can be remotely monitored, configured, and updated through cloud-based
management platforms, reducing operational complexity.
5. Interoperability and Integration:
Cloud services offer APIs and middleware that facilitate the integration of heterogeneous
IoT devices and systems, enabling seamless communication.
 6. Enhanced Security:
The cloud provides advanced security features, including threat detection, encrypted
storage, and access management, ensuring the integrity of IoT systems.

This symbiotic relationship allows IoT systems to leverage the cloud’s strengths in scalability,
processing power, and storage while enabling innovative applications across industries.

Section C
Q.3

a. What is Internet of Things (IoT)?

The Internet of Things (IoT) refers to a network of interconnected physical objects or devices
embedded with sensors, software, and other technologies that enable them to collect and
exchange data over the internet. These devices can communicate with each other, analyze data,
and make decisions without requiring significant human intervention. IoT is widely used across
industries such as healthcare, agriculture, transportation, and smart homes to automate processes
and improve efficiency.

Essential Components for Designing an IoT Device

To create a functional IoT device, the following components are necessary:

1. Sensors/Actuators:
Sensors collect data from the environment, such as temperature, motion, or humidity.
Actuators perform actions, such as adjusting a thermostat or turning lights on/off.
2. Connectivity:
IoT devices must connect to the internet or local networks using protocols like Wi-Fi,
Bluetooth, Zigbee, LoRaWAN, or cellular networks (e.g., 4G/5G).
3. Microcontroller/Microprocessor:
A processing unit, such as a microcontroller (e.g., Arduino) or a microprocessor (e.g.,
Raspberry Pi), is required to control the device and process data.
4. Power Supply:
Devices need a reliable power source, which could be batteries, solar power, or a direct
electrical connection. Energy efficiency is critical for battery-powered IoT devices.
5. Data Storage:
Data collected by IoT devices can be stored locally (on the device) or transmitted to
cloud storage for further analysis.
6. Communication Protocols:
Protocols like MQTT, HTTP, or CoAP ensure secure and efficient data transmission
between devices and the cloud.
 7. User Interface:
A user interface, such as a mobile app or a web dashboard, allows users to monitor and
control the IoT device.

Example of an IoT Device

A smart thermostat like Nest is an example of an IoT device. It uses temperature sensors,
connects to Wi-Fi, and allows users to control their home's heating and cooling systems remotely
through a smartphone app. It can also learn user preferences and optimize energy usage
automatically.

b. Why is Security Essential for IoT, and Methods to Ensure It

Importance of Security in IoT

Security is critical for IoT because these devices handle sensitive data, interact with critical
systems, and are often deployed in various environments, making them vulnerable to attacks.
Weak security can lead to:

 Privacy Breaches: Unauthorized access to personal or confidential data.

 System Disruption: Attacks like DDoS can render systems unusable.
 Physical Harm: In healthcare or industrial applications, compromised IoT devices can cause
physical harm.
 Economic Losses: Security incidents can result in financial damage due to downtime, theft, or
recovery costs.

Methods to Ensure IoT Security

1. Device Authentication and Authorization:

o Implement strong identity management to verify device authenticity before allowing
access to the network.
o Use protocols like OAuth or mutual TLS for secure authentication.
2. Data Encryption:
o Use encryption protocols (e.g., AES, RSA) to protect data both in transit and at rest.
o Employ end-to-end encryption to ensure data integrity and confidentiality.
3. Regular Software Updates:
o Keep device firmware up-to-date to patch vulnerabilities and enhance security.
o Enable over-the-air (OTA) updates for efficient firmware distribution.
4. Network Security:
o Use firewalls, intrusion detection systems (IDS), and virtual private networks (VPNs) to
secure communication channels.
o Implement secure Wi-Fi standards (e.g., WPA3) and isolate IoT devices on separate
network segments.
5. Access Control:
 o Enforce role-based or attribute-based access control to limit unauthorized use of IoT
systems.
o Use multi-factor authentication (MFA) for administrative access.
6. Secure Boot and Hardware Root of Trust:
o Ensure that IoT devices boot only authorized and verified software using secure boot
mechanisms.
o Employ hardware-based security features like Trusted Platform Modules (TPM).
7. Data Anonymization:
o Mask or anonymize sensitive user data to reduce the impact of breaches.
8. Monitoring and Incident Response:
o Continuously monitor IoT systems for anomalies and potential threats.
o Develop and test incident response plans to mitigate attacks promptly.

By implementing these methods, IoT systems can operate securely, ensuring the privacy and
safety of users while maintaining system integrity.

Q.4

a. Encryption Techniques Used for Ensuring Security in IoT

1. Advanced Encryption Standard (AES):

AES is a widely used symmetric encryption algorithm that provides strong data
protection. It encrypts data using a single key shared between the sender and receiver.
AES is efficient and suitable for IoT devices with limited processing power, especially
when implemented in lightweight variants (e.g., AES-128).
2. Rivest-Shamir-Adleman (RSA):
RSA is an asymmetric encryption technique that uses a pair of public and private keys.
The public key encrypts data, and the private key decrypts it. RSA is commonly used in
IoT for secure key exchange and digital signatures, ensuring data authenticity and
confidentiality.
3. Elliptic Curve Cryptography (ECC):
ECC is another asymmetric encryption method that provides similar security to RSA but
with shorter key lengths, making it ideal for resource-constrained IoT devices. ECC is
used in secure communication protocols like TLS for IoT.
4. Lightweight Encryption Algorithms:
Specialized encryption algorithms, such as PRESENT and SPECK, are designed for IoT
environments. They offer strong security while requiring minimal computational
resources, making them suitable for low-power devices like sensors.
5. Transport Layer Security (TLS):
TLS secures communication channels by encrypting data during transit. It ensures end-to-
end encryption between IoT devices and cloud servers, protecting against eavesdropping
and man-in-the-middle attacks.
6. Homomorphic Encryption:
This technique allows computations on encrypted data without decrypting it. It’s useful
for IoT systems that process sensitive data in the cloud, ensuring data privacy throughout
processing.
 7. Quantum-Resistant Cryptography:
Emerging encryption methods, such as lattice-based cryptography, are being developed to
withstand potential threats from quantum computers, ensuring future-proof security for
IoT systems.
8. Key Management Protocols:
Secure key management is critical for encryption. Protocols like Diffie-Hellman enable
secure key exchanges between IoT devices, ensuring that encryption keys remain
confidential.

b.

a) Digital Signature:

A digital signature is a cryptographic technique used to verify the authenticity and integrity of
digital messages or documents. It ensures that the message:

 Originates from a trusted source (authentication).

 Has not been altered during transmission (integrity).

How It Works:

1. A sender generates a hash of the message.

2. The hash is encrypted using the sender’s private key, creating the digital signature.
3. The receiver decrypts the signature using the sender’s public key and compares the hash with
one they independently generate from the received message.

Use in IoT:

Digital signatures authenticate IoT devices and ensure secure firmware updates by verifying the
source and integrity of the transmitted data.

b) Hash:

A hash is a fixed-size string of characters generated by applying a hash function to input data. It
is a one-way process, meaning the original data cannot be reconstructed from the hash.

Characteristics of a Hash:

 Deterministic: The same input always produces the same hash.

 Fast Computation: Hashes are computed quickly.
 Pre-Image Resistance: It’s computationally infeasible to deduce the original input from its hash.
 Collision Resistance: No two different inputs should produce the same hash.
Common Hash Functions:

 SHA-256: Used widely in security applications, including IoT, for ensuring data integrity.
 MD5: Though less secure, it’s occasionally used in non-critical IoT applications.

Use in IoT:

Hashes verify data integrity in IoT systems, ensuring that transmitted data hasn’t been tampered
with. For example, a hash might verify the integrity of firmware before installation.

c) IoT Node Authentication:

IoT node authentication is the process of verifying the identity of an IoT device (node) to ensure
it is authorized to access the network or communicate with other devices.

Methods of IoT Node Authentication:

1. Device Certificates (PKI):

IoT nodes are equipped with digital certificates issued by a trusted Certificate Authority
(CA). During authentication, the certificate is verified to ensure the device’s legitimacy.
2. Pre-Shared Keys (PSK):
Each IoT node is pre-configured with a shared secret key that is used for mutual
authentication with other devices or the network.
3. Challenge-Response Protocols:
The IoT node must respond to a challenge (e.g., a random string) by encrypting it with its
private key. The server verifies the response using the node’s public key.
4. Biometric or Physical Identification:
Some IoT nodes, particularly in healthcare, may use biometric data (e.g., fingerprints) or
unique physical identifiers (e.g., MAC addresses) for authentication.

Importance:

Node authentication prevents unauthorized devices from joining the IoT network, protecting
against spoofing and impersonation attacks. For example, it ensures that only verified sensors
contribute data to a smart home system or an industrial IoT network.

Q.5

a. Definition of Authorization in Publish and Subscribe Schemes

In Publish and Subscribe (Pub/Sub) schemes, authorization is the process of granting or

denying permission to a publisher or subscriber to perform specific actions, such as publishing
messages to a topic or subscribing to a topic.
Authorization ensures that only trusted and authenticated entities can interact with the messaging
system, protecting the data and the system from unauthorized access or misuse.

Key Aspects of Authorization in Pub/Sub Schemes:

1. Access Control Policies:

Define which publishers and subscribers are allowed to interact with specific topics.
Policies may specify roles, identities, or attributes for granting access.
2. Role-Based Access Control (RBAC):
Permissions are assigned based on roles, such as "publisher," "subscriber," or "admin,"
ensuring role-specific access.
3. Attribute-Based Access Control (ABAC):
Permissions are determined by attributes, such as device type, location, or time of access,
providing granular control.
4. Broker Enforcement:
The broker (e.g., MQTT or Kafka server) enforces authorization rules, ensuring that only
authorized actions occur within the system.

Example:

In an IoT system using MQTT, a smart thermostat (publisher) might only have permission to
publish temperature data to a specific topic (e.g., home/livingroom/temp), while a user’s
mobile app (subscriber) is authorized to subscribe to this topic for real-time temperature updates.
Unauthorized devices or users attempting to publish or subscribe would be denied access by the
broker.

b. Components of an IoT Identity and Access Management (IAM) Infrastructure

An IoT IAM infrastructure ensures secure management of device and user identities, along with
control over access to IoT resources. Its components include:

1. Identity Provider (IdP):

o Manages and authenticates the identities of IoT devices and users.
o Issues digital credentials, such as certificates or tokens, to verified identities.
o Examples: OAuth providers, PKI systems.
2. Access Control Engine:
o Implements access control policies to determine who or what is allowed to perform
specific actions on IoT resources.
o Supports methods like Role-Based Access Control (RBAC) or Attribute-Based Access
Control (ABAC).
3. Authentication Mechanisms:
o Verify the identity of devices and users before granting access.
o Methods include passwords, digital certificates, biometrics, or token-based
authentication.
 4. Authorization Policies:
o Define rules specifying what actions authenticated entities are permitted to perform.
o These policies are enforced by the system to restrict unauthorized activities.
5. Key Management System (KMS):
o Securely generates, stores, and distributes cryptographic keys for authentication and
data protection in IoT systems.
o Supports secure communication and encryption between devices.
6. Directory Services:
o Act as a centralized repository for managing identities, attributes, and relationships
within the IoT system.
o Examples: LDAP directories or custom IoT-specific directories.
7. Monitoring and Audit Logs:
o Track access attempts and activities to identify unauthorized actions or potential
security breaches.
o Provides a record for compliance and forensic analysis.
8. Provisioning and Deprovisioning Tools:
o Automate the onboarding of new IoT devices or users and the removal of those no
longer authorized.
9. IoT Gateway Integration:
o Gateways often serve as intermediaries between IoT devices and the IAM system,
enforcing security policies and managing device authentication.
10. User and Device Management Interfaces:

 Provide tools for administrators to create, modify, and manage user and device identities, roles,
and access rights.

Example in Action:

In a smart home setup, an IoT IAM system might:

 Authenticate devices like cameras, thermostats, and door locks using digital certificates.
 Assign specific roles to users (e.g., the homeowner has full access, while a guest has restricted
access).
 Enforce policies that ensure the door lock can only be controlled by the homeowner’s
smartphone or voice assistant.

Q.6

a. How Lightweight Privacy Protection Schemes Secure Data in Smart Buildings

Lightweight privacy protection schemes are essential for securing data in smart buildings
because these environments often involve resource-constrained devices, such as sensors and
controllers, which cannot support heavy cryptographic operations. These schemes balance
privacy, security, and system efficiency, ensuring the protection of sensitive data while
maintaining the operational integrity of smart building systems.
Contributions of Lightweight Privacy Protection Schemes:

1. Data Anonymization:
Sensitive information, such as energy usage patterns, is anonymized to prevent tracing it
back to specific occupants.
o Example: Aggregating data from multiple devices before sending it to the cloud.
2. Encryption with Low Overhead:
Lightweight encryption algorithms (e.g., PRESENT, SPECK) ensure data confidentiality
without taxing device resources.
o Example: Encrypting HVAC sensor data before transmission.
3. Access Control Mechanisms:
Role-based or attribute-based access ensures that only authorized entities can access
specific data or systems.
o Example: Only facility managers can adjust security cameras.
4. Minimization of Data Collection:
Devices collect and transmit only the data essential for operations, reducing the risk of
exposing unnecessary sensitive information.
5. Secure Communication Protocols:
Protocols like MQTT-SN and CoAP with lightweight security layers (e.g., DTLS) protect
data exchanges between devices and servers.

Steps to Address Vulnerabilities in Smart Buildings:

1. Device Authentication and Authorization:

o Ensure that all devices are authenticated before joining the network to prevent
unauthorized access.
o Use device certificates or secure tokens for authentication.
2. Regular Updates and Patching:
o Update device firmware regularly to address vulnerabilities.
o Enable over-the-air (OTA) updates for efficient patch management.
3. Segregated Networks:
o Segment IoT devices from critical building management systems to limit the impact of
potential breaches.
4. Data Masking:
o Replace sensitive data with placeholders to protect privacy during analytics or data
sharing.
5. Intrusion Detection Systems (IDS):
o Deploy IDS to monitor network traffic for anomalies and potential attacks.
6. User Education and Awareness:
o Train building occupants and administrators on best practices for security and privacy.

By implementing these schemes and measures, smart buildings can achieve robust privacy and
security without compromising operational efficiency.
b. Incorporating Social Features to Enhance Location Privacy in IoV

Enhancing Location Privacy in IoV with Social Features:

In the Internet of Vehicles (IoV), incorporating social features can enhance location privacy by
using collaborative and decentralized methods to obscure individual vehicle locations:

1. Group-Based Communication:
Vehicles form temporary groups or "clusters" for exchanging information, making it
harder to track individual vehicles. This approach leverages anonymity within the group.
2. Pseudonym Sharing:
Vehicles use frequently changing pseudonyms (temporary IDs) and can swap
pseudonyms within a social group of trusted vehicles, preventing long-term tracking by
adversaries.
3. Collaborative Obfuscation:
Vehicles in proximity share and mix location data, creating uncertainty for third parties
trying to identify individual vehicle paths.
4. Decentralized Data Sharing:
Social features facilitate direct, peer-to-peer communication between vehicles without
relying on centralized servers, reducing the risk of privacy breaches.

Ethical Considerations:

1. Transparency:
Drivers must be informed about how their data is used, shared, and protected within the
IoV system.
2. Consent:
Ensure that users consent to participating in data-sharing schemes that involve location
obfuscation or pseudonym exchanges.
3. Data Integrity:
Prevent malicious actors within social groups from injecting false data that could
compromise traffic systems or safety.
4. Bias and Inclusion:
Ensure that social features are designed inclusively, preventing discrimination against
certain groups of vehicles or regions.
5. Accountability:
Establish mechanisms for identifying and addressing misuse of privacy features or ethical
violations.

By carefully designing privacy-preserving social features and addressing ethical concerns, IoV
systems can enhance location privacy without compromising trust or safety.

Q.7

a. Security Architecture for Enterprise IoT in the Cloud

The security architecture for enterprise IoT in the cloud focuses on ensuring data integrity,
confidentiality, availability, and proper access control throughout the IoT ecosystem. This
architecture integrates multiple layers of security, addressing the needs of IoT devices, networks,
and cloud platforms.

Key Components of Security Architecture:

1. Device Security:
o Authentication: Devices are securely authenticated using digital certificates, PKI, or
token-based methods.
o Secure Boot: Ensures that devices only run verified and authorized firmware.
o Data Encryption: Data collected by devices is encrypted before being transmitted to
prevent unauthorized access.
2. Network Security:
o Secure Communication Protocols: Use of TLS, DTLS, or VPNs to encrypt data in transit
between devices and the cloud.
o Firewalls and Gateways: IoT gateways act as intermediaries, enforcing security policies,
filtering traffic, and preventing unauthorized access to the cloud.
o Segmentation: IoT networks are segmented from enterprise networks to limit the
spread of attacks.
3. Cloud Security:
o Access Control: Role-based access control (RBAC) and identity and access management
(IAM) ensure that only authorized users and devices can access cloud resources.
o Data Encryption: Data is encrypted both in transit and at rest using protocols like AES-
256.
o Threat Detection: The cloud platform integrates tools like intrusion detection systems
(IDS), anomaly detection, and monitoring for real-time threat identification.
4. Application Security:
o IoT applications hosted in the cloud undergo security hardening and regular
vulnerability assessments. APIs used by IoT applications are secured to prevent
unauthorized access or data breaches.
5. Data Management and Privacy:
o Data anonymization techniques and compliance with privacy regulations (e.g., GDPR,
HIPAA) protect user and device data.
6. Incident Response and Recovery:
o Enterprise IoT architecture includes backup and recovery mechanisms, ensuring
business continuity in case of cyberattacks or failures.

Example in Action:

In a smart factory, IoT devices (e.g., sensors, robots) securely transmit data to the cloud. The
architecture ensures that data flows are encrypted, unauthorized devices are blocked by IoT
gateways, and cloud resources are monitored for anomalies. RBAC ensures that only authorized
personnel can access operational dashboards or adjust device settings.
b. On-Device Security and Privacy of IoT Cloud

On-device security and privacy focus on protecting IoT devices that interact with cloud
systems, ensuring they are secure from physical and digital threats. These measures aim to
prevent unauthorized access, tampering, and data leakage directly at the device level.

Key Aspects of On-Device Security and Privacy:

1. Device Authentication:
o IoT devices authenticate themselves to the cloud using unique credentials, such as
certificates or pre-shared keys (PSKs). This ensures that only legitimate devices
communicate with the cloud.
2. Secure Firmware:
o Secure Boot: Prevents devices from running unauthorized or malicious firmware.
o Firmware Updates: Devices support over-the-air (OTA) updates, ensuring they receive
patches for vulnerabilities without compromising security.
3. Data Encryption:
o Sensitive data collected by devices is encrypted locally before transmission to the cloud.
Algorithms like AES-128/256 are commonly used for resource-constrained IoT devices.
4. Access Control:
o IoT devices enforce strict access control policies, allowing only authorized users or
applications to interact with their functions.
5. Hardware-Based Security:
o Secure elements, such as Trusted Platform Modules (TPMs) or Hardware Security
Modules (HSMs), store cryptographic keys and perform secure operations on the device.
6. Data Minimization:
o Devices collect and transmit only the data essential for their functionality, reducing
exposure to sensitive information.
7. Privacy by Design:
o Devices are designed to anonymize or obfuscate sensitive data before sharing it with the
cloud, enhancing user privacy.
8. Resilience Against Physical Attacks:
o Anti-tampering mechanisms, such as secure enclosures or self-destructing data storage,
protect devices against physical attacks.

Privacy in Cloud-Connected Devices:

1. End-to-End Encryption:
o Ensures that data remains secure during transmission and storage in the cloud.
2. User Control Over Data:
o Devices provide users with options to control what data is collected, stored, and shared
with the cloud.
3. Edge Processing:
o Where possible, devices process data locally to reduce the volume of sensitive data
transmitted to the cloud.
Example in Action:

A smart thermostat collects temperature data and sends it to the cloud.

 On-device security ensures that the thermostat firmware is authentic and updated.
 Data is encrypted before transmission, protecting it from interception.
 Users have control over privacy settings, deciding how much data the thermostat shares with
the cloud platform.

These measures collectively ensure a secure, privacy-preserving interaction between IoT devices
and the cloud.