Scribd
Upload
228 views8 pages

Security Management of An Iot Ecosystem

Security Management of an Iot Ecosystem

Uploaded by

S.KAVITHA COMPUTERSCIENCE
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
228 views8 pages

Security Management of An Iot Ecosystem

Security Management of an Iot Ecosystem

Uploaded by

S.KAVITHA COMPUTERSCIENCE
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 8

SECURITY MANAGEMENT OF AN IOT

ECOSYSTEM

S.Kavitha
Head & Assistant Professor
Department of Computer Science
Sri Sarada Niketan College of
Science for Women,Karur.
INTRODUCTION
Information and communication technology
will be the key foundational component for
IoT.
 These information and communication

technological components will be closely


interconnected with one another in order to
facilitate efficient co-ordination among the
various IoT components.
Security Requirements of an
IoT Infrastructure
 Security aspects, which need to be kept in
mind for the security of information
technological components, which are
applicable to an IoT infrastructure, are
discussed in this section.

 Confidentiality
 Integrity
 Availability Triad
Authentication, Authorization,
and Audit Trial (AAA) Framework
Authentication :

 This process checks to ensure that a user’s credentials


are valid, so that users with invalid credentials will not
be allowed to access the underlying information.
 The simplest way to use authentication is with the

help of user names and passwords.


 But as hacking techniques are evolving day by day, it

is very important to ensure that sophisticated


authentication techniques are in place.
 One such authentication mechanism that is used is

called multifactor authentication.


Authorization
 Authorization is a process which ensures that a specific user
has rights to perform specific operations on a specific object.

 For example, a fire station executive will just be able to


read the data pertaining to other city departments like
water; he/she may not be able to edit it.

 Edit permissions may be given only to the city supervisors or


executives who belong to the water department of the city.

 The different types of permissions for different users on


different objects are mapped and stored in a table, which is
called Access Control List (ACL)
Audit trial
 Audit trial is an activity, which is conducted
periodically, to assess the effectiveness of
the security measures that are
implemented in the IoT infrastructure.
 Audit trial is performed with the help of

audit logs, which track the operations that


are performed by different users.
Defense-in-Depth
 This is a mechanism which should be used to
provide high level of security to the IoT
infrastructure.
 This mechanism ensures that multiple levels or
layers of security are present within an IoT
infrastructure to ensure that even if security at
one level gets compromised due to some reason,
security at other levels should be able to
safeguard the underlying IoT infrastructure.
 As multiple levels of security are provided in this
approach, it is also called a layered approach to
security implementation.
Security Concerns of Cloud
Platforms

 Cloud Security architecture has three


different layers: software applications layer,
platform layer, and infrastructure layer.
 Each layer has its own set of security cOne

of the main concerns of cloud is


multitenancy.
 Multitenancy refers to the fact that Cloud

infrastructure, because of the underlying


virtualization platform, provides features to
service multiple independent clients
(tenants) using same set of

You might also like