An end-to-end approach is needed for IoT device security

May 22, 2015

An end-to-end approach is needed for IoT device security

As IoT devices proliferate, the vulnerabilities scale linearly. Most of the "things" connected to the Internet of Things (IoT) are produced companies...

As IoT devices proliferate, the vulnerabilities scale linearly.

Most of the “things” connected to the Internet of Things (IoT) are produced companies not accustomed to thinking in terms of connectivity. These manufacturers are experts in water heaters or door locks or coffee makers, but they probably don’t know what a really good connected water heater or door lock or coffee maker should be. And they certainly haven’t had to worry about the kinds of security threats that come with IoT connectivity.

In the IoT, the same connectivity pathways that enable all the benefits – homeowners controlling or receiving alerts about their heating, lighting, and home security systems even from a distance; people tracking various biometric values to optimize their health and fitness; manufacturers gathering invaluable data on where, how, and how often their products are being used – also introduce security risks that unconnected products never faced.

Without proper security mechanisms in place, data traversing the public Internet is vulnerable to hackers. Manufacturers of connected “things” must think about the security not only of the products themselves, but also of the entire connected pathway. In other words, data must be secured from the time it leaves the end device or appliance, throughout its journey to and from the cloud, until it reaches the end user’s mobile app or browser-based application – and back again, as control instructions go from the user’s app back to the device, via the Internet.

Device, cloud, and app security

An end-to-end approach to device security in the IoT means extending security mechanisms from the device to the cloud to the application, in a seamless and fully integrated manner. Each of these levels uses different protocols and standards to achieve security.

Click to enlarge.

Chip-level security starts with encryption to prevent spoofing, also known as IP address forgery, in which an attacker masquerades as a trusted host for the purpose of hijacking a browser or gaining access to a network. Chip-level security also includes encryption-key transmission protocols such as SSL (Secure Sockets Layer) designed to get data safely to its destination.

Cloud security is a fast-evolving area of expertise that includes both computer and network security protocols and measures. Cloud security must take into account private-, public-, and hybrid-cloud deployment models, as well as issues of virtualization.

Application security includes measures taken during the software development process to ensure that the application is free of design flaws that will render it vulnerable to security breaches. It also encompasses access security once the application is deployed.

AAA security

The AAA approach to security – authentication, authorization, and accounting – arose in IP-based networking in relation to computing systems connected to the Internet. It enables security for mobile devices and varied network access methods without relying on fixed IP addresses.

  • Authentication determines who or what you are. It’s the process of identifying an individual person, usually based on a username and password. It’s based on the principle that each user has unique information that can distinguish him or her from all other users.
  • Authorization determines what you are allowed to do and see. It’s the process of granting or denying a user access to network resources after the user has been authenticated with a username and password. The types of information and services the user has access to depend on the authorization level.
  • Accounting determines what you did. It’s the process of tracking a user’s activity while he is accessing the network’s resources. It can include the amount of time spent on the network, the services accessed, and the amount of data transferred during a given session. Accounting data can be used for trend analysis, capacity planning, billing, auditing, and cost allocation, as well as for security reasons.

In the IoT, this AAA approach must be applied and coordinated across all the levels, from device to cloud to end-user application. The most comprehensive and cohesive way to do that is through an IoT platform. Manufacturers of IoT devices have two main options when it comes to security: designing it into the connected devices they create themselves or purchasing an IoT solution that includes enterprise grade security.

Click to enlarge.

As mentioned earlier, most manufacturers of newly connected products haven’t traditionally needed to be experts in the networking- and computer-level connectivity issues required for the IoT. Building that expertise in-house can be time-consuming and expensive.

A more likely decision would be to purchase an IoT platform that has the technologies and capabilities needed to design, deliver, and maintain secure connected products. And providing AAA security measures in the IoT can best be handled by an IoT platform in which security permeates all aspects of data collection and transmission, from device to cloud to app.

An ideal IoT platform would let manufacturers:

  • Protect the privacy of their end-user customers’ data, which in turn protects the manufacturer’s brand reputation.
  • Manage who has access to their products and the data generated by sensors or other means.
  • Manage the authorization of access to specific resources or types of data through two-factor authentication.
  • Prevent distributed denial of service (DDoS) attacks.
  • Handle lost or stolen devices, such as the ability to remotely wipe out all or some data or disable devices’ connectivity.
  • Encrypt all user-identifiable information to protect data in transit to or from the cloud.
  • Prevent devices from other manufacturers from accessing their products’ data, so that only properly authenticated products – confirmed to belong to the manufacturer – are authorized to have access to the device or its data.

It takes considerable experience and expertise simply to think through the potential scenarios for end-user data security. Say a manufacturer makes a smart home thermostat. Some potential scenarios and questions include:

  • How is access control handled if the thermostat is sold or installed by a dealer or other organization not owned by the manufacturer?
  • How much privacy control should end users have over data such as when they leave for work and return home?
  • What are the processes for access control if service is required for the thermostat or one of the systems it controls?
  • If the home is sold, what happens to the previous owners’ data, and how will access control and privacy settings be modified for the new owners?
  • What happens if the thermostat is in a vacation home, with users passing in and out every few days or weeks?

By their nature, IoT platforms must support multi-tenancy, meaning that multiple manufacturers’ data is supported but isolated from one another through a multi-tenant data architecture. Multi-tenancy is enforced by using a tenant (i.e., specific manufacturer) ID associated with every piece of data, along with a data access mechanism that enforces the separation of data by manufacturer.

An end-to-end IoT platform will provide the appropriate security technologies at the device, cloud and app levels, for data at rest, in transit, and in the cloud. As a result, manufacturers who take advantage of an IoT platform don’t have to think about and solve every piece of the IoT security puzzle themselves.

Future-proofing IoT security

Providing IoT security is an ongoing effort, not a one-time process. New threats will emerge, as will new technologies to combat those threats. In addition to all the other characteristics mentioned, an ideal IoT platform will have sufficient built-in flexibility to allow manufacturers to not only improve the level of security they offer with new products, but also update the security of products in the field.

As both new IoT solutions come to market and new security threats proliferate, IoT platforms must keep pace. Properly designed end-to-end IoT platforms can help ensure that users continue to feel confident that the IoT devices and applications they use won’t jeopardize their privacy.

Even beyond the security implications, a flexible IoT platform enables manufacturers to experiment and explore the new connected world. They can learn quickly from their successes and mistakes, and iterate toward better – and therefore more competitively successful – versions of their products.

Vish Pai is responsible for platform strategy, roadmaps, and products at Ayla Networks, based in Sunnyvale, Calif. He holds a M.S. degree in computer engineering from North Carolina State University.

Vish Pai, Ayla Networks