Skip to main content
SpringerLink
Log in

Chapter 5: Security and Management

  • Chapter
  • First Online:
Internet of Things: Concepts and System Design

  • 1642 Accesses

Abstract

IoT installations can be complex distributed systems with many geographically dispersed heterogeneous nodes with different capabilities, connected via separate physical networks. They can span multiple operational and security domains managed by different entities. Securing such systems poses challenging problems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 84.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Bumiller, E., Shanker, T. (2012) ‘Panetta warns of dire threat of cyberattack in US’, The New York Times, 12 Oct [Online] Available at: https://www.nytimes.com/2012/10/12/world/panetta-warns-of-dire-threat-of-cyberattack.html (Accessed Dec 15, 2019)

  2. Garcia-Morchon, O., Kumar, S., Sethi, M. (2019) ‘Internet of things (IoT) security: state of the art and challenges, IETF RFC 8576, [Online] Available at: https://tools.ietf.org/pdf/rfc8576.pdf (Accessed Dec 15, 2019)

  3. Schrecker, S. et al, (2016) ‘Industrial internet of things volume G4: security framework’, [Online] Available at: https://www.iiconsortium.org/pdf/IIC_PUB_G4_V1.00_PB-3.pdf (Accessed Dec 15, 2019)

  4. Kushner, D. (2013) ‘The real story of stuxnet’, IEEE Spectrum, vol. 50, no. 3, pp. 48–53.

    Article  Google Scholar 

  5. Musil, S. (2012) ‘Crippling Stuxnet virus infected Chevron’s network too’, CNET, 8 Nov, [Online] Available at: https://www.cnet.com/news/crippling-stuxnet-virus-infected-chevrons-network-too/ (Accessed Dec 15, 2019)

  6. SIMATIC WinnCC – System Overview [Online] Available at: https://new.siemens.com/uk/en/products/automation/hmi/wincc-unified.html (Accessed Dec 15, 2019)

  7. Antonakis, M. et al. (2017) ‘Understanding the Mirai botnet’, 26th Usenix Symposium, Vancouver BC, Canada [Online] Available at: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-antonakakis.pdf (Accessed Dec 15, 2019)

  8. Microsoft (2018) ‘Internet of things (IoT) security architecture’ [Online] Available at: https://docs.microsoft.com/en-us/azure/iot-fundamentals/iot-security-architecture (Accessed Dec 15, 2019)

  9. Diffie, D., Hellman, M. (1976) ‘New directions in cryptography’, IEEE Transactions on Information Theory, 22 (6), p 644–654.

    Article  MathSciNet  Google Scholar 

  10. Rivest, R. L., Shamir, A., Adleman, L. (1978) ‘A method for obtaining digital signatures and public-key cryptosystems’, Communications of the ACM, 21(2), p 120–126.

    Article  MathSciNet  Google Scholar 

  11. Cooper, D. et al. (2008) ‘Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile’ IETF RFC 5280 [Online] Available at: https://tools.ietf.org/pdf/rfc5280.pdf (Accessed Dec 15, 2019)

  12. National Institute of Standards (2001) ‘Advanced encryption standard (AES)’ FIPS 197, [Online] Available at: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf (Accessed Dec 15, 2019)

  13. National Institute of Standards (2015) ‘SHA-3 standard: permutation-based hash and extendable-output functions’ FIPS 202, [Online] Available at: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf (Accessed Dec 15, 2019)

  14. National Institute of Standards (2015) ‘Secure hash standard (SHS)’ FIPS 180–4, [Online] Available at: https://www.nist.gov/publications/secure-hash-standard (Accessed Dec 15, 2019)

  15. Saltzer, J. H., Schroeder, M. D. (1975) ‘The protection of information in computer systems’, Proceedings of the IEEE, 63(9), p 1278–1308.

    Article  Google Scholar 

  16. Trusted Computing Group (2007) ‘Architecture overview’ [Online] Available at: https://trustedcomputinggroup.org/wp-content/uploads/TCG_1_4_Architecture_Overview.pdf (Accessed Dec 15, 2019)

  17. Trusted Computing Group (2016) ‘Trusted platform module library part1: architecture’ [Online] Available at: https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.38.pdf (Accessed Dec 15, 2019)

  18. Unified extensible firmware interface (UEFI) specification version 2.8 (2019) [Online] Available at: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8_final.pdf (Accessed Dec 15, 2019)

  19. Global Platform (2018) ‘TEE system architecture v1.2’ [Online] Available at: https://globalplatform.org/specs-library/tee-system-architecture-v1-2/ (Accessed Dec 15, 2019)

  20. ARM (2017) ‘Trust zone technology for the ARMv8-M architecture’ [Online] Available at: https://static.docs.arm.com/100690/0200/armv8m_trustzone_technology_100690_0200.pdf (Accessed Dec 15, 2019)

  21. Open TEE [Online] Available at: https://open-tee.github.io/ (Accessed Dec 15, 2019)

  22. Trusty TEE [Online] Available at: https://source.android.com/security/trusty (Accessed Dec 15, 2019)

  23. Anati, I. et al. (2013) ‘Innovative technology for CPU based attestation and sealing’ [Online] Available at: https://software.intel.com/sites/default/files/article/413939/hasp-2013-innovative-technology-for-attestation-and-sealing.pdf (Accessed Dec 15, 2019)

  24. Greene, J., ‘Intel trusted execution technology’ [Online] Available at: https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/trusted-execution-technology-security-paper.pdf (Accessed Dec 15, 2019)

  25. Rescorla, E. (2018) ‘The transport layer security (TLS) protocol version 1.3’, IETF RFC 8446, [Online] Available at: https://tools.ietf.org/pdf/rfc8446.pdf (Accessed Dec 15, 2019)

  26. Tschofenig, H., Fossati, T. (2016) ‘Transport layer security (TLS)/ datagram transport layer security (DTLS) profiles for the internet of things’ [Online] Available at: https://tools.ietf.org/pdf/rfc7925.pdf (Accessed Dec 15, 2019)

  27. EU Data Protection Rules (2018) [Online] Available at: https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en (Accessed Dec 15, 2019)

  28. Hunt, G., Letey, G., Nightingale, E. B. (2018) ‘The seven properties of highly secure devices’, [Online] Available at: https://www.microsoft.com/en-us/research/wp-content/uploads/2017/03/SevenPropertiesofHighlySecureDevices.pdf (Accessed Dec 15, 2019)

  29. Stallings, W. (1995) Cryptography and network security, Prentice-Hall New Jersey.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IoTsense, Dublin, CA, USA

    Milan Milenkovic

Authors
  1. Milan Milenkovic
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Milenkovic, M. (2020). Chapter 5: Security and Management. In: Internet of Things: Concepts and System Design. Springer, Cham. https://doi.org/10.1007/978-3-030-41346-0_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-41346-0_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-41345-3

  • Online ISBN: 978-3-030-41346-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation