The following is a guest post by Mark O’Neill, VP Innovation at Axway, a leading provider for data governance and API management.
Welcome to the future, where smart meters monitor your home appliance usage, where fitness devices on your wrist track your heart-rate, and where electric vehicles can take commands from your wristwatch.
What does all of this have in common? These innovations are all part of the Internet of Things (IoT). While the Internet of Things is going through a rosy honeymoon period at the moment, security issues are slowly creeping to the surface. There’s a growing awareness that IoT devices are riddled with vulnerabilities, and securing these weaknesses will soon become one of the major priorities for both manufacturers and the people who use them.
Let’s examine the top 10 things to consider in detail:
Internet of Things devices are often difficult to update. There isn’t an equivalent of a “Patch Tuesday” for a wristband, or a Wi-Fi-enabled smart meter. Rather than patching the device itself, patches will often have to be applied upstream as “virtual patches”.
2. Not just HTTP and SSL anymore
The Internet of Things goes beyond HTTP and SSL to include MQTT, CoAP, XMPP, and other protocols. This means that a strategy of “just throw SSL at the problem,” if this was ever a strategy at all, will not be effective for the Internet of Things.
3. Low power
Security requirements such as encryption and signing require processor power, which is not in large supply in a wearable fitness tracking device, for example. Here, again, security must be layered on, upstream from the device itself.
4. The user, one step away
In the Internet of Things, the user is one step away from the connection itself. Often this involves a delegation model. The user delegates control to a device, such as a smart meter, to act as a sensor and interact with services on their behalf. As such, users may not be present to enter passwords or press “OK.” For delegated security models, technologies such as OAuth 2.0 are key.
5. Key management
Devices in the Internet of Things often require keys for security. These may take the form of cryptographic keys, or simply act as shared secrets. These keys must be managed. In many cases, it makes sense to manage these upstream from the device itself, so that they cannot be compromised.
Internet of Things devices are, by their very nature, in the hands of users. We have already seen examples of APIs for Internet of Things devices being reverse-engineered by curious engineers. Expect this trend to continue. It is another reason not to store confidential information on the “thing” itself.
How does the device act when its power is artificially lowered, or raised? These are not questions which need answering for a server in a co-located data center. But it is a factor when attackers focus on finding weaknesses on Internet of Things devices.
8. Audit trails
With constrained devices, is it going to be possible to write out an audit trail of usage? If not, where can an audit trail be kept? This is another reason to apply security, in the form of monitoring and management, upstream from the device itself.
9. Unexpected interactions
Users will link Internet of Things devices together in ways that cannot always be anticipated. For example, what if a user wants to set up a scenario in their house in which the hall lights activate central heating? How can you ensure these novel interactions do not result in security challenges? The answer lies in ensuring that interoperability is tested for security implications.
Who will certify Internet of Things devices for security compliance? At present, this is a Wild West-type arena. However, expect testing organizations to, over time, develop security certifications for Internet of Things devices.