A mo­ment in Time with Stephen Hawk­ing

PCQuest - - CONTENTS -

It was in the early 90s when the In­ter­net was made pub­lic. It changed the course of hu­man life. Just like the In­ter­net, In­ter­net of Things (IoT) has the po­ten­tial to al­ter the world. More­over, it has started to play its part. Many or­ga­ni­za­tions have and many are adopt­ing and plan­ning their in­fra­struc­ture in or­der to create an IoT ar­chi­tec­ture.

With fur­ther ex­pan­sion of the IoT ar­chi­tec­ture along with Cloud IoT ar­chi­tec­ture comes the ques­tion of its se­cu­rity and safety. As IoT ar­chi­tec­ture is a com­plex body with many lay­ers at­tached. Thus, its safety be­comes cru­cial.

Here we have lead­ers of the in­dus­try on how they plan to se­cure In­ter­net of Things ar­chi­tec­ture and tips to keep it safe to give you a bet­ter per­spec­tive on your own sys­tem.

Girish BVS, Se­nior So­lu­tions Ar­chi­tect, Tech­nol­ogy Group, Sasken Tech­nolo­gies Limited stated, ‘ We be­lieve that a com­pre­hen­sive edge side se­cu­rity is the need of the hour to achieve end-to-end IoT se­cu­rity. Zero-touch pro­vi­sion­ing of IoT de­vice is the first step that can plug a num­ber of se­cu­rity holes and ac­cel­er­ate the speed of de­ploy­ment. The other as­pect to con­sider is ad­dress­ing the se­cu­rity re­quire­ments of con­strained de­vices. We have made sig­nif­i­cant progress on th­ese fronts’.

On sim­i­lar pat­terns, Sel­vaku­mar Nate­san, Of­fice Tech­nol­ogy Prin­ci­pal, ThoughtWorks shared, ‘Se­cu­rity needs to thought through, and im­ple­mented at all lay­ers of the IoT ar­chi­tec­ture i.e right from the sen­sors to hardware to the net­work to soft­ware and fi­nally, the ap­pli­ca­tion. There are many mea­sures that when ap­plied in a con­sis­tent man­ner will en­sure ro­bust se­cu­rity for IoT ar­chi­tec­ture.

‘One can start with threat modelling tech­niques to un­der­stand se­cu­rity risks and pre­pare ac­cord­ingly. An­other great ap­proach is to lever­age ex­ist­ing bat­tle tested cryp­tos and avoid rolling out own im­ple­men­ta­tions. Con­tin­u­ous re­view of the im­ple­men­ta­tion with tools like, owasp web­site for po­ten­tial vul­ner­a­bil­i­ties al­lows sus­tained ac­tion that can fix is­sues as soon as they are iden­ti­fied. An­other mea­sure is to use open source li­braries and tools for whom, se­cu­rity is an im­por­tant pa­ram­e­ter. Ad­di­tion­ally, tech­niques like Se­cure Mi­cro­con­trollers are evolv­ing rapidly and should be lever­aged for en­cryp­tion and in­tegrity ver­i­fi­ca­tion quite early on’.

Also, th­ese pi­o­neers of the in­dus­try shared the tips to keep the ar­chi­tec­ture of In­ter­net of Things safe.

On that Girish re­marked, ‘ The IoT de­vices need to be smart and must have a se­cu­rity mod­ule. Hav­ing lo­cal in­tel­li­gence would pre­vent wider data ex­po­sure and can help thwart se­cu­rity is­sues from man­i­fest­ing and min­i­miz­ing the im­pact if they do oc­cur. De­cen­tral­iza­tion and dis­trib­uted data store would en­sure high data avail­abil­ity. This also ef­fec­tively de­creases the at­tack sur­face by in­creas­ing the num­ber of de­vices needed to be at­tacked si­mul­ta­ne­ously for a suc­cess­ful at­tack’.

While Sel­vaku­mar gave cer­tain points to keep in mind to safe­guard the IoT ar­chi­tec­ture. He said, ‘ While it’s very im­por­tant to think of se­cu­rity right at the be­gin­ning of de­velop- ment, and not wait to 'retro­fit' it at the end — here are some tips that will help keep loT ar­chi­tec­ture safe.

• Avoid de­fault lo­gin cre­den­tials and in­sist on users com-ing up with se­cure pass­words be­cause sim­ple cre­den­tials are the pri­mary rea­son for most ex­ploits

• Al­ways pro­vide soft­ware/firmware up­dates over the air, and in a se­cure fash­ion.

• Vul­ner­a­bil­i­ties are in­evitable in soft­ware and it's not a mat­ter of if, but when they will be dis­cov­ered, and ex­ploited. Over the air up­dates are the only way to avoid such a situa-tion.

• En­crypt all com­mu­ni­ca­tion be­tween smart de­vices and back­end sys­tems/cloud, in­clud­ing the soft­ware up­dates. Don't for­get to val­i­date the in­tegrity of data at both ends.

• En­sure pro­tec­tion of end-user pri­vacy at all cost On the other end, Vasudevan Sunda ra babu, Vice Pres­i­dent, Dig­i­tal and An­a­lyt­ics Ser­vices, CSS Corp dis­pensed his views on the topic un­der discussion. He stated,'The fourth in­dus­trial revo­lu­tion is here. loT is eas­ily one of the fastest grow­ing seg-ments in the tech­nol­ogy in­dus­try to­day. Eric­s­son pre­dicts by 2023, the world will have over 30 bil­lion con­nected de­vices, out of which around 20 bil­lion will be re­lated to the lot In­dus-trial In­ter­net of Things (1IoT) con­nects sen­sor-equipped ma-chines and sys­tems, de­rives in­tel­li­gent in­sights from sen­sor data and an­a­lyt­ics for a bet­ter mar­ket and op­er­a­tional strat-egy, and con­trols oper­a­tion of ma­chines and other as­sets for bet­ter busi­ness out­comes. De­spite the in­creased adop­tion in loT, en­ter­prises face sig­nif­i­cant chal­lenges in man­ag­ing, secur-ing and op­ti­miz­ing their loT ini­tia­tives and in­vest­ments. In this con­text, Al and data-driven de­ci­sions play a vital role in trans-form­ing the op­er­a­tional mod­els of in­dus­tries by op­ti­miz­ing the per­for­mance of sys­tems and pro­cesses sig­nif­i­cantly'.

VASUDEVAN SUNDARABABU, Vice Pres­i­dent, Dig­i­tal and An­a­lyt­ics Ser­vices, CSS Corp

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.