The document discusses the Internet of Things (IoT) and highlights security challenges that hinder its implementation, such as vulnerable devices and flaws in encryption. It outlines potential solutions, including improved access control, end-to-end encryption, and user-friendly setups, to enhance security measures for IoT devices. The conclusion emphasizes the need for cooperation among research communities to address these issues and foster the development of IoT as a sophisticated utility.

1. INTERNET OF THINGS
IoT
Presented By:
15MCA0154: Jinia Bhowmik
15MCA0130: Prantik Das Barman
15MCA0091: Athar Basha S A
Under the supervision of
Assistant Prof. Malathy E.

3. Series
of
Sensors
Network
IoT

4. Automated
Home
Connected
Cars
Smart Devices
Automated
Office
IoT

5. Smart Industries

6. THEN WHYIS IT NOT OUT YET ?
Because...
SECURITY is the #1 challenge to
making the Internet of Things a reality.

7. WHY?
Because,
• In order to be useful, IoT devices must make real-
time bi-directional connections to the internet, and
that type of communication is challenging to
secure.
• Security for IoT devices is nascent and rarely
sufficient.
** Whereas security protocols and best practices
for servers, personal computers, and smart-

8. IoT
Encrypti
on
Data
Retention
& Privacy
Device
Network
Vulnerabilitie
s
Data
Access
Control

9. • “An open and comprehensive network of intelligent objects that have the capacity
to auto-organize, share information, data and resources, reacting and acting in face
of situations and changes in the environment” - Journal of Computer and
Communications, 2015, 3, 164-173 (Published Online May 2015 in SciRes)
• “Despite the immense potential of IoT in the various spheres, the whole
communication infrastructure of the IoT is flawed from the security standpoint and is
susceptible to loss of privacy for the end users.” - Survey of Security and Privacy
Issues of Internet of Things by Tuhin Borgohain, Sugata Sanyal & Uday Kumar
LITERATURE SURVEY

10. •“Due to lack of proper infrastructures and servers to exchange messages among
nodes, authentication is particularly difficult in IoT scenarios. Furthermore, things
have scarcer resources comparing to PCs, cell phones, etc., to carry out complex
computing. Some solutions about authentication have been proposed, but they all
have serious problems and can’t help solve the man-in-the-middle attack problem. ”
-A Survey of the Internet of Things by De-Li Yang Feng Liu Yi-Duo Liang
(School of Management Science and Engineering Dalian University of Technology,
Dalian, 116024, P.R. China)

11. PROBLEMS
• Unprotected devices will be attacked
• Flaws in Encryption & Processing
• Access control

12. POSSIBLE SOLUTIONS
• Offload as much security into the Network as possible.
• Apply AES & proper processing
• Control the access with “TOKENS”

13. REQUIREMENTS

14. 1. DEVICES MUST NOT HAVE OPEN INBOUND PORTS
“Any device on the Internet with an open inbound
port will be attacked. It’s a matter of when, not if.”

15. 2. END-TO-END ENCRYPTION
The message body is encrypted with AES, but the
surrounding envelope, which can contain key
data to be used midstream, is only encrypted at
the endpoints with TLS.”

16. AES & TLS/SSL DATA ENCRYPTION & ACCESS CONTROL
• Secure all communications with multiple
data encryption standards like AES and
TLS/SSL
• Manage permission for your real-time apps
and data, down to the person, device or
channel

17. KEY FEATURES
• Protect your apps with enterprise-grade encryption and
fine-grain access control
• Encryption, including built-in AES encryption for all major
APIs and optional TLS/SSL encryption
• Device Access Manager for fine grain Publish and
Subscribe permissions down to person, device or channel

18. 3. TOKEN-BASED ACCESS CONTROL
The network effectively serves as a traffic cop, both authorizing
device access and managing which devices can speak and
listen on the network based on the tokens the network
distributes.

19. 4. DEVICE STATUS MONITORING
“An offine device could mean local tampering
is taking place, or a broader issue like a power
or Internet outage has occurred”
5. USER-FRIENDLY SETUP & UPGRADES
“A publish/subscribe paradigm makes it
easy to securely set up and provision IoT
devices”

20. SECURE - REMOTE FIRMWARE UPGRADES

21. CONCLUSION
• One vision of the future is that IoT becomes a utility with increased
sophistication in sensing, actuation, communications, control, and in
creating knowledge from vast amounts of data.
• We did not predict the Internet, the Web, social networking, Facebook,
Twitter, millions of apps for smart-phones, etc. New research problems
arise due to the large scale of devices, the connection of the physical
and cyber worlds, the openness of the systems of systems, and
continuing problems of privacy and security.
• It is hoped that there is more cooperation between the research
communities in order to solve the myriad of problems sooner as well as
to avoid re-inventing the wheel when a particular community solves a
problem.