Global Sources
EE Times-India
Stay in touch with EE Times India
EE Times-India > Embedded

Six ways to enhance IoT security

Posted: 01 Jul 2015     Print Version  Bookmark and Share

Keywords:IoT  Internet of Things  security  networks  Trusted Network Connect 

Protect secrets even if a device is infected: Even if complete protection is impossible, you can force hackers to use specialised equipment or limit the damage they can cause with a layered security strategy. This begins with the creation of a secure envelope, such as a TPM. Where a TPM isn't enough, consider a Mandatory Access Control system to provide another larger security envelope.

Data protection: Protect confidential data with encryption, perhaps with self-encrypting storage devices. Consider a write-once or read-only mechanism to prevent tampering with data on the IoT device, or restricting access to secrets (such as encryption keys) only to devices that can prove their software configurations are valid. Note that various governments have different criteria for the types of encryption required within their borders.

Secure legacy hardware such as industrial control systems: For older or proprietary hardware that doesn't support modern networks or security standards, the Trusted Network Connect architecture includes a specification (IF-MAP Metadata for ICS Security) that organises legacy devices into local enclaves that connect to a trusted network using security gateways. The gateways that link these networks provide encrypted communications and security to the interconnected enclaves, and automatically apply access control policies from a centralised provisioning system.

There are plenty of other challenges coming down the road, such as the need to secure devices no longer supported with security patches by their vendors, and to update IoT devices (such as those in vehicles) without the cost and inconvenience of returning them to the dealer or manufacturer. But tackling these basics will give you a good head start as you start developing hardware and software for the IoT.

About the author
Steve Hanna is a senior principal at Infineon Technologies and a member of the technical committee in the Trusted Computing Group. Co-author Stacy Cannady is a technical marketing manager for Cisco and a member of the Trusted Computing Group's Embedded Systems Work Group.

 First Page Previous Page 1 • 2

Comment on "Six ways to enhance IoT security"
*  You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.


Go to top             Connect on Facebook      Follow us on Twitter      Follow us on Orkut

Back to Top