1 / 9

Chapter 24: Internet of Things ( IoT ): Growth, Challenges and Security

Chapter 24: Internet of Things ( IoT ): Growth, Challenges and Security. Guide to Computer Network Security. Introduction

thelmareed
Download Presentation

Chapter 24: Internet of Things ( IoT ): Growth, Challenges and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 24: Internet of Things (IoT): Growth, Challenges and Security Guide to Computer Network Security

  2. Introduction • Internet of Things (IoT) is a smart environments that is made up of an interconnection of sensing and actuating devices providing the ability to share information across platforms through a unified framework, developing a common operating picture for enabling innovative applications. • This smart environment is achieved by seamless ubiquitous sensing, data analytics and information representation with Cloud computing as the unifying framework. • Then we have the issue of privacy and data sharing. • This is a hot-button topic will escalate when we talk about many billions of devices being connected. • Another issue may be the massive amounts of data that all of these devices are likely to produce. Kizza - Guide to Computer Network Security

  3. Overview and Growth of Internet of Things • In its current meaning, each node of the IoT, may it be a sensor, an actuator or a communicating device, is interconnected to other nodes in the mess that include the existing Internet, and all are able to intercommunicate, seamlessly passing and getting information to provide services for information transfer, analytics, applications, and communications using existing Internet protocols. • Several technologies have converged to create the Internet of Things technologies. These technologies include those which has led to ubiquitous sensing enabled by Wireless Sensor Network (WSN) technologies, ubiquitous computing, enabled by miniature, mobile and high powered computing and communication devices and the existing Internet protocols to provide services for information transfer, analytics, applications, and communications. • By 2020 there are likely to be 34 billion devices connected to the internet, up from 10 billion in 2015. IoT devices will account for 24 billion, while traditional computing devices (e.g. smartphones, tablets, smartwatches, etc.) will comprise 10 billion. Kizza - Guide to Computer Network Security

  4. Architecture and Networking of IoT • For the IoT ecosystem to function and support intended applications and accommodate the heterogeneity of devices and applications in the ecosystem, the IoT had to adopt the open standards of TCP/IP protocol suite. • However, the open standards of TCP/IP protocol suite was initially developed for the wired global Internet several decades ago, as the networking solution. • Hence, there are fundamental differences between the traditional wired computer networks and the heterogeneous combination of wired and wireless devices ecosystem • The networking technology standard currently being used in the IoT fall into three categories: (i)point-to-point, for example a an end device to a gateway; (ii) star - with a gateway connected to several end- devices by one hop links and (iii) a mesh – with one or more gateways connecting to several end-devices one or more hop links away – Figure 2. • Based on these three topologies, we can cascade end-devices and gateways to get a real model of the IoT communication network architecture as shown in figure 3. Kizza - Guide to Computer Network Security

  5. Architecture and Protocol Stack of IoTs • A typical TCP/IP IPv6 has a maximum transmission unit (MTU) size of 1500 bytes or higher and a near infinite address space covering up to 2128 unique addresses, while IoT constrained low-energy links have very small MTUs averaging around 127 bytes • Even with the two IPv6 design specifications that include (a) IPv6 of 40-byte fixed length header with optional extension headers, which causes big protocol overheads for small packets and (b) IPv6 specification requiring all IPv6-capable networks to support a minimum MTU size of 1280 bytes, typical IPv6 packets cannot be carried over the constrained IoT links. • So a new 6LoWPAN protocol was defined to enable IPv6 packets to be carried on top of low-powered and lossy personal area networks (LLNs). Kizza - Guide to Computer Network Security

  6. A draft architecture for a gateway or middleware that provides interoperability between 6LoWPAN and external IPv6 networks has been defined. • Other protocols have been defined to support the smooth transmission between IPv6 and low-powered IoT devices and these include: • Constrained Application Protocol (CoAP) – this was developed by the IETF Constrained RESTful Environments (CoRE) workgroup is working. The protocol includes several HTTP functionalities although it has modified to work with low processing power and energy consumption constraints of IoT devices. Because CoAP is similar to HTTP, it also uses a universal resource identifier (URI) to identifies resources and allow the resource to be affected using similar methods such as GET, PUT, POST, and DELETE. • Infrastructure (ex: 6LowPAN, IPv4/IPv6, RPL) • Identification (ex: EPC, uCode, IPv6, URIs) • Comms / Transport (ex: Wifi, Bluetooth, LPWAN) • Discovery (ex: Physical Web, mDNS, DNS-SD) • Data Protocols (ex: MQTT, CoAP, AMQP, Websocket, Node) • Device Management (ex: TR-069, OMA-DM) • Semantic (ex: JSON-LD, Web Thing Model) • Multi-layer Frameworks (ex: Alljoyn, IoTivity, Weave, Homekit Kizza - Guide to Computer Network Security

  7. Challenges of using TCP/IP Architecture over the IoT • The IoT ecosystem of heterogeneous devices, wired, wireless and restricted , using the traditional TCP/IP ( though IPv6) meant for wired devices, presents a growing number of challenges in IoT networking that are likely to grow as the IoT ecosystem grows. • Most of the challenges are brought about by the IoT inherent heterogeneous low-battery powered wireless devices, the multi-link subnet model and the mesh network nature of the ecosystem that requires new scalable routing mechanisms. • These challenges include: • Maximum transmission unit (MTU) size – While a typical TCP/IP IPv6 MTU has a minimum size of 1500 bytes or higher, the IoT constrained low-energy links have very small MTUs averaging around 127 bytes • Multi-link subnet model - the current subnet model of both IPv4 and IPv6 considers two types of Layer-2 networks: multi-access link, where multiple nodes share the same access medium, and point-to-point link, where there are exactly two nodes on the same link Kizza - Guide to Computer Network Security

  8. Mesh network routing - The topologies of typical IoT networks fall into three categories: star topology, mesh (peer-to-peer) and point-to-point. The routing configuration is straightforward on a star and point-to-point networks where the hub node in a star topology and one of the two nodes in a point-to-point topology can act as the default gateway for the peripheral nodes. However, this limits the signal coverage of a single hub node in these two deployment topologies , making them unsuitable for applications that need wider coverage. • Resource discovery - The resource-oriented communication model usually requires a resource discovery mechanism, whereby the applications can request or invoke operations on the resources. The solution for resource discovery in traditional IP networks is DNS-based Service Discovery (DNS-SD) [6]. However, this solution has several limitations in supporting IoT applications. First of all, DNS-SD aims to support service discovery, where the service usually refers to a running program. In contrast, the resources in the context of IoT covers a broader scope: besides services, it may also refer to IoT devices, sensor data, etc.. Therefore, the IoT resource discovery requires a more general approach to identify heterogeneous resources • Caching - The TCP/IP communication model requires that both the client (resource requester) and the server (resource holder) are online at the same time. However, in IoT scenarios, the constrained devices may frequently go into sleeping mode for energy saving Kizza - Guide to Computer Network Security

  9. IoT Governance, Privacy and Security Challenges • The IoT’s diversity in devices, service and protocols, present challenges unseen and unprecedented in the modern communication • Governance and Privacy Concerns • Security Challenges • Autonomy • Computational Constraints • Discovery • Trust Relationships Kizza - Guide to Computer Network Security

More Related