Abstract
IoT installations can be complex distributed systems with many geographically dispersed heterogeneous nodes with different capabilities, connected via separate physical networks. They can span multiple operational and security domains managed by different entities. Securing such systems poses challenging problems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bumiller, E., Shanker, T. (2012) ‘Panetta warns of dire threat of cyberattack in US’, The New York Times, 12 Oct [Online] Available at: https://www.nytimes.com/2012/10/12/world/panetta-warns-of-dire-threat-of-cyberattack.html (Accessed Dec 15, 2019)
Garcia-Morchon, O., Kumar, S., Sethi, M. (2019) ‘Internet of things (IoT) security: state of the art and challenges, IETF RFC 8576, [Online] Available at: https://tools.ietf.org/pdf/rfc8576.pdf (Accessed Dec 15, 2019)
Schrecker, S. et al, (2016) ‘Industrial internet of things volume G4: security framework’, [Online] Available at: https://www.iiconsortium.org/pdf/IIC_PUB_G4_V1.00_PB-3.pdf (Accessed Dec 15, 2019)
Kushner, D. (2013) ‘The real story of stuxnet’, IEEE Spectrum, vol. 50, no. 3, pp. 48–53.
Musil, S. (2012) ‘Crippling Stuxnet virus infected Chevron’s network too’, CNET, 8 Nov, [Online] Available at: https://www.cnet.com/news/crippling-stuxnet-virus-infected-chevrons-network-too/ (Accessed Dec 15, 2019)
SIMATIC WinnCC – System Overview [Online] Available at: https://new.siemens.com/uk/en/products/automation/hmi/wincc-unified.html (Accessed Dec 15, 2019)
Antonakis, M. et al. (2017) ‘Understanding the Mirai botnet’, 26th Usenix Symposium, Vancouver BC, Canada [Online] Available at: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-antonakakis.pdf (Accessed Dec 15, 2019)
Microsoft (2018) ‘Internet of things (IoT) security architecture’ [Online] Available at: https://docs.microsoft.com/en-us/azure/iot-fundamentals/iot-security-architecture (Accessed Dec 15, 2019)
Diffie, D., Hellman, M. (1976) ‘New directions in cryptography’, IEEE Transactions on Information Theory, 22 (6), p 644–654.
Rivest, R. L., Shamir, A., Adleman, L. (1978) ‘A method for obtaining digital signatures and public-key cryptosystems’, Communications of the ACM, 21(2), p 120–126.
Cooper, D. et al. (2008) ‘Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile’ IETF RFC 5280 [Online] Available at: https://tools.ietf.org/pdf/rfc5280.pdf (Accessed Dec 15, 2019)
National Institute of Standards (2001) ‘Advanced encryption standard (AES)’ FIPS 197, [Online] Available at: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf (Accessed Dec 15, 2019)
National Institute of Standards (2015) ‘SHA-3 standard: permutation-based hash and extendable-output functions’ FIPS 202, [Online] Available at: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf (Accessed Dec 15, 2019)
National Institute of Standards (2015) ‘Secure hash standard (SHS)’ FIPS 180–4, [Online] Available at: https://www.nist.gov/publications/secure-hash-standard (Accessed Dec 15, 2019)
Saltzer, J. H., Schroeder, M. D. (1975) ‘The protection of information in computer systems’, Proceedings of the IEEE, 63(9), p 1278–1308.
Trusted Computing Group (2007) ‘Architecture overview’ [Online] Available at: https://trustedcomputinggroup.org/wp-content/uploads/TCG_1_4_Architecture_Overview.pdf (Accessed Dec 15, 2019)
Trusted Computing Group (2016) ‘Trusted platform module library part1: architecture’ [Online] Available at: https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.38.pdf (Accessed Dec 15, 2019)
Unified extensible firmware interface (UEFI) specification version 2.8 (2019) [Online] Available at: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8_final.pdf (Accessed Dec 15, 2019)
Global Platform (2018) ‘TEE system architecture v1.2’ [Online] Available at: https://globalplatform.org/specs-library/tee-system-architecture-v1-2/ (Accessed Dec 15, 2019)
ARM (2017) ‘Trust zone technology for the ARMv8-M architecture’ [Online] Available at: https://static.docs.arm.com/100690/0200/armv8m_trustzone_technology_100690_0200.pdf (Accessed Dec 15, 2019)
Open TEE [Online] Available at: https://open-tee.github.io/ (Accessed Dec 15, 2019)
Trusty TEE [Online] Available at: https://source.android.com/security/trusty (Accessed Dec 15, 2019)
Anati, I. et al. (2013) ‘Innovative technology for CPU based attestation and sealing’ [Online] Available at: https://software.intel.com/sites/default/files/article/413939/hasp-2013-innovative-technology-for-attestation-and-sealing.pdf (Accessed Dec 15, 2019)
Greene, J., ‘Intel trusted execution technology’ [Online] Available at: https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/trusted-execution-technology-security-paper.pdf (Accessed Dec 15, 2019)
Rescorla, E. (2018) ‘The transport layer security (TLS) protocol version 1.3’, IETF RFC 8446, [Online] Available at: https://tools.ietf.org/pdf/rfc8446.pdf (Accessed Dec 15, 2019)
Tschofenig, H., Fossati, T. (2016) ‘Transport layer security (TLS)/ datagram transport layer security (DTLS) profiles for the internet of things’ [Online] Available at: https://tools.ietf.org/pdf/rfc7925.pdf (Accessed Dec 15, 2019)
EU Data Protection Rules (2018) [Online] Available at: https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en (Accessed Dec 15, 2019)
Hunt, G., Letey, G., Nightingale, E. B. (2018) ‘The seven properties of highly secure devices’, [Online] Available at: https://www.microsoft.com/en-us/research/wp-content/uploads/2017/03/SevenPropertiesofHighlySecureDevices.pdf (Accessed Dec 15, 2019)
Stallings, W. (1995) Cryptography and network security, Prentice-Hall New Jersey.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Milenkovic, M. (2020). Chapter 5: Security and Management. In: Internet of Things: Concepts and System Design. Springer, Cham. https://doi.org/10.1007/978-3-030-41346-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-41346-0_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-41345-3
Online ISBN: 978-3-030-41346-0
eBook Packages: Computer ScienceComputer Science (R0)