PresentationPDF Available

Abstract and Figures

Serviços de cloud estão sempre “ligados,” e são acessíveis globalmente, assim as “coisas” podem ser localizadas em qualquer lugar, podem ser móveis, podem transmitir dados diferentes em momentos diferentes. Serviços de cloud tem escalabilidade, o que é bom em IoT já que muitas “coisas” podem se comunicar com velocidades diferentes em momentos diferentes. Cloud ajuda a gerenciar limitações de recursos. Muitas “coisas” podem ser limitadas no poder computacional, bateria e capacidade de armazenamento.
No caption available
… 
No caption available
… 
No caption available
… 
No caption available
… 
No caption available
… 
Content may be subject to copyright.
!"
!"#$%&'()*+)#',)&-./"$$0'!"#$"'1)#+$)',)&-./"$$0'
2%#3)',)#4)#0''5"46)$'76*"#8%'8%&'9"4-%&'
:4-)#4)-'8"&'!%6&"&0'!$%;80'<%30'
=83)')'9)3;#"4>""
Rio do Sul (SC), 23 de novembro de 2017.
Simpósio InterUni 2017- Instituto Federal Catarinense Campus Rio do Sul
#"
Algumas perguntas
-Conceitue IoT (Internet das Coisas) e Segurança para
IoT.
-Comente sobre o ataque DDoS cuja a vítima foi a
empresa Dyn, segundo divulgado no “theguardian” em
26/10/2016.
-Cite e comente sobre alguns exemplos de aplicações de
IoT.
-Explique a interação entre IoT e Cloud (Fog e Edge).
-Descreva os “OWASP IoT Top 10”.
$"
Outras perguntas
-Quantas coisas (objetos) estão conectados atualmente na
Internet? Quantas teremos em 2020?
-De quantos BILHÕES DE DÓLARES será o potencial
impacto socioeconômico da Internet das Coisas na
produtividade da economia brasileira e no aperfeiçoamento
de serviços públicos até 2025?
-Quanto você ganhará até 2025, destes US$ 200
BILHÕES, se começar a investir agora em Internet das
Coisas?
-Quais são as características das redes que vão dar
suporte à Internet das Coisas, levando ao Low Power
Wide Area (LPWA)?
%&'()*+&"
,"
!68"8)&'64-)$63)4-)&'?smart&cities@'
A'B"3"&'86&.%4CD)6&')E')&-"*6%4"E)4-%'
A'!%43)&-6%4"E)4-%'8)'-#FG)3%'
A'!%4-#%$)'648;&-#6"$'
A'H;-%'86"34I&-6*%'8)')J;6."E)4-%&')'*%4-#%$)'
8)'"-6D%&'*%E%'G#%-"&''
A'1%46-%#"E)4-%'8)'-)E.)#"-;#"'
http://www.libelium.com/resources/top_50_iot_sensor_applications_ranking/
-"
http://www.geekculture.com/joyoftech/joyarchives/2340.html
.&/01/2"
3"
q7)8)&':4G)*-"8"&K'''5B7&'?5636-"$'B68)%'7)*%#8)#@0'
!!LB&'?!$%&)8A*6#*;6-'-)$)D6&6%4@0'#%-)"8%#)&'
8%EM&-6*%&0'NNN'
q1"$O"#)&'4%#E"$E)4-)'.#%."3"E'D6"'L)$4)-'?PQR
L!S@N'H*)&&%'#)E%-%'&)E'*#6.-%3#"T"'
q=U.$%#"'&)4/"&'."8#V%'%;'G#"*"&'
q'56&.%&6-6D%&'"$D%'*%E'D)#&W)&')EX"#*"8"&'8)'
Y64;U'
https://krebsonsecurity.com/tag/mirai-botnet/
4"
https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
5&6"7"50/1801/"&9"6:;0<2"
="
!%E.%&-%'8)'%XZ)-%&'GC&6*%&')EX;-68%&'*%E'
)$)-#[46*"0'&%G-O"#)')'&)4&%#)&'J;)'.)#E6-)E'
&)4&%#6"E)4-%')'*%4-#%$)'#)E%-%'8)'%XZ)-%&'
"-#"DM&'8)';E"')&-#;-;#"'8)'#)8)'
<"*6$6-"'64-)3#">V%'86#)-"')4-#)'E;48%'GC&6*%')'
#)8)&'8)'*%E;46*">V%'
!%E;46*">V%K'"4\'L:1=0'"4\'L]:^_0'"4\'
SYH!='
'
Reference: ZHOU, Jun et al. Security and Privacy for Cloud-Based IoT: Challenges. IEEE
Communications Magazine, v. 55, n. 1, p. 26-33, 2017.
>"
Recommendation ITU -T Y.2060 : Overview of the Internet of things: http://www.itu.int/rec/T-REC-Y.2060-201206-I
5&6"7"50/1801/"&9"6:;0<2"
?1@0;*+&"56AB6"7"6:;0<2"CD&;2)2E"
!F"
Físicas: robôs industriais, suprimentos,
equipamentos elétricos
Virtuais: conteúdo multimídia, software
Recommendation ITU -T Y.2060 : Overview of the Internet of things: http://www.itu.int/rec/T-REC-Y.
2060-201206-I
!!"
?1@0;*+&"56AB6"
Recommendation ITU -T Y.2060 : Overview of the Internet of things: http://www.itu.int/rec/T-REC-Y.2060-201206-I
!#"
Fonte da figura: http://www.participa.br/cpiot/o-que-e
Figura traduzida de:
Recommendation ITU -T Y.2060 : Overview of the Internet of things: http://www.itu.int/rec/T-REC-Y.2060-201206-I
!$"
https://www.postscapes.com/what-exactly-is-the-internet-of-things-infographic/
G102&812"
!,"
https://www.postscapes.com/what-exactly-is-the-internet-of-things-infographic/
D&01H'(;I)I1"
q5%EM&-6*"K'*%4-#%$)'8)'6##63">V%0'"$"#E)'8)'G;E">"'
qS#M86%&K'6$;E64">V%0'"$)#-"&'8)')E)#3`4*6"'
q9"a8)K'E%46-%#"E)4-%'8)'."*6)4-)&')'68%&%&'
!-"
JK1LMN&2"I1")MN;H)*O12"
https://www.postscapes.com/what-exactly-is-the-internet-of-things-infographic/
!3"
http://www.libelium.com/smart-factory-reducing-maintenance-costs-ensuring-quality-manufacturing-
process/
q<FX#6*"&'
64-)$63)4-)&K'
&)4&%#)&')'*$%;8'
."#"'#)8;b6#'
*;&-%&')'E)$/%#"#'
J;"$68"8)'
.#%*)&&%&N'=UNK'
!"&%'S%$6X%$0'
=&."4/"'
Low Rate-WPAN
PN<Q02"0RL18&2"1L"#!SF>S#F!4"
!4"
-A ideia de conectar objetos à internet é quase tão antiga
quanto a própria rede mundial de computadores. O que
mudou nos últimos anos foi o barateamento de
tecnologias de microeletrônica e de sensoriamento e a
gigantesca expansão da conectividade.
-Segundo dados da consultoria Gartner, funcionam hoje no
mundo 8,4 bilhões de objetos conectados, como smart
TVs, automóveis, sistemas inteligentes de iluminação ou
equipamentos industriais, entre vários outros.
-O número é 31% maior do que o de 2016 e, segundo a
Gartner, deve crescer em 2020 para 20 bilhões de “coisas”
ligadas à internet.
http://revistapesquisa.fapesp.br/2017/09/21/o-brasil-da-internet-das-coisas/
5LM)H/&"0)"JH&0&L;)".8)2;1;8)"
!="
http://revistapesquisa.fapesp.br/2017/09/21/o-brasil-da-internet-das-coisas/
-O potencial impacto socioeconômico da Internet das Coisas
na produtividade da economia brasileira e no
aperfeiçoamento de serviços públicos foi estimado pela
consultoria McKinsey em até US$ 200 bilhões o
equivalente a aproximadamente 10% do PIB de 2016 –,
considerando a utilização em diversos segmentos da
economia descritos no plano até 2025.
- No transporte rodoviário, o monitoramento de mercadorias
em tempo real pode reduzir até 25% dos custos e a escolha
inteligente de rotas em até 20%, de acordo com o
levantamento, que enumera outras possibilidades.
?;)<0T2'H&"0)"UQ(1L"
!>"
-Uma empresa de Curitiba, a Exati, desenvolveu uma plataforma
para gestão de iluminação pública que está sendo usada em 200
cidades brasileiras, utiliza sensores e comunicação sem fio e agora
é aperfeiçoada em parceria com o CPqD.
-A Hi Technologies, também de Curitiba, está testando com quatro
clientes um equipamento de diagnóstico, o Hi Lab, que recebe uma
gota de sangue, submete a amostra a reagentes, envia os dados
para uma nuvem computacional que os processa e devolve o
resultado.
-A Stefanini ingressou no mercado da Internet das Coisas com
aplicações na indústria de mineração e na agricultura. Por
exemplo, monitora por meio de sensores 529 quilômetros de dutos
que escoam minérios de Minas Gerais até o Porto Sudeste, em
Itaguaí, na Região Metropolitana do Rio de Janeiro.
http://revistapesquisa.fapesp.br/2017/09/21/o-brasil-da-internet-das-coisas/
J2/8Q/Q8)"M)8)"50/1801/"I)2"D&;2)2"
#F"
http://revistapesquisa.fapesp.br/2017/09/21/o-brasil-da-internet-das-coisas/
-As redes que vão dar suporte à Internet das Coisas no
Brasil utilizam tecnologias e frequências diferentes da
internet comercial. A faixa de frequência reservada nas
Américas para a transmissão de dados em IoT é a de 902
mega-hertz (MHz) a 928 MHz – a nova frequência de
internet 4G no Brasil, por exemplo, é de 700 MHz.
-Os dados captados por sensores são transmitidos em
pacotes na casa de poucas dezenas de bytes, bem mais
leves do que as informações e imagens transmitidas pela
internet convencional. Isso, aliado à necessidade de operar
com custos mais baixos, levou ao desenvolvimento de
padrões tecnológicos específicos para IoT, que são as
redes Low Power Wide Area (LPWA).
#!"
Reference: ZHOU, Jun et al. Security and Privacy for Cloud-Based IoT: Challenges. IEEE
Communications Magazine, v. 55, n. 1, p. 26-33, 2017.
5&6"V)21)I)"1L"DN&QI"
5&6"V)21)I)"1L"DN&QIW"
##"
c@'9)#D6>%&'8)'*$%;8')&-V%'&)E.#)'d$63"8%&0e')'&V%'"*)&&CD)6&'
3$%X"$E)4-)0'"&&6E'"&'d*%6&"&e'.%8)E'&)#'$%*"$6b"8"&')E'
J;"$J;)#'$;3"#0'.%8)E'&)#'EID)6&0'.%8)E'-#"4&E6-6#'
8"8%&'86G)#)4-)&')E'E%E)4-%&'86G)#)4-)&N'
P@'9)#D6>%&'8)'*$%;8'-)E')&*"$"X6$68"8)0'%'J;)'M'X%E')E'
:%L'ZF'J;)'E;6-"&'d*%6&"&e'.%8)E'&)'*%E;46*"#'*%E'
D)$%*68"8)&'86G)#)4-)&')E'E%E)4-%&'86G)#)4-)&N'
Q@'!$%;8'"Z;8"'"'3)#)4*6"#'$6E6-">W)&'8)'#)*;#&%&N'1;6-"&'
d*%6&"&e'.%8)E'&)#'$6E6-"8"&'4%'.%8)#'*%E.;-"*6%4"$0'
X"-)#6"')'*"."*68"8)'8)'"#E"b)4"E)4-%N''
Reference: J. Singh, T. Pasquier, J. Bacon, H. Ko and D. Eyers, "Twenty Security Considerations for Cloud-Supported
Internet of Things," in IEEE Internet of Things Journal, vol. 3, no. 3, pp. 269-284, June 2016.
#$"
5&6X"Y&<X"DN&QI"
q'_#"48)&'D%$;E)&'8)'8"8%&'8)D)E'&)#'.#%*)&&"8%&'
)R%;'"#E"b)4"8%&'4"'dX%#8"e'?)83)@'8%&'
86&.%&6-6D%&':%LK'Fog&computing&
https://www.openfogconsortium.org/resources/#definition-of-fog-computing/
G1<Q8)0*)"I1"5&6""
#,"
q'9)3;#"4>"'8)':%L'4V%'M'".)4"&'&)3;#"4>"'8)'
86&.%&6-6D%&f'
qL%8%&'%&')$)E)4-%&'.#)*6&"E'&)#'*%4&68)#"8%&'
?)*%&&6&-)E"@'
qg'86&.%&6-6D%':%L'
qH'4;D)E'?*$%;8@'R'%'4)D%)6#%'?G%3@'
qH'".$6*">V%'EID)$'
qH&'64-)#G"*)&'8)'#)8)'
qg'&%G-O"#)'
qh&%'8"'*#6.-%3#"T"'
qh&%'8"'";-)4-6*">V%'?7<:50'iNjkl0')48N'1H!@'
q9)3;#"4>"'GC&6*"'
qH;-%#6b">V%'
#-"
Reference: S. Sicari, A. Rizzardi, L.A. Grieco, A. Coen-Porisini, Security, privacy and trust in Internet of Things:
The road ahead, Computer Networks, Volume 76, 15 January 2015, Pages 146-164.
G1<Q8)0*)"I1"5&6""
Autenticação Controle de
acesso
Confidencialidade
Middleware
Seguro
Privacidade
Aplicação
de políticas
Confiança
Segurança
Móvel
#3"
http://www.bbc.com/news/technology-36903274
https://www.cert.br/docs/palestras/certbr-unam2016.pdf
#4"
http://www.pcworld.com/article/2987813/thousands-of-medical-devices-are-vulnerable-
to-hacking-security-researchers-say.html
https://www.cert.br/docs/palestras/certbr-unam2016.pdf
#="
https://www.owasp.org/images/5/51/RSAC2015-OWASP-IoT-Miessler.pdf
G1<Q8)0*)"I1"5&6"
#>"
G1<Q8)0*)"I1"5&6"
https://www.owasp.org/images/5/51/RSAC2015-OWASP-IoT-Miessler.pdf
$F"
Open Web Application Security Project - OWASP
-The OWASP Internet of Things Project is designed to
help manufacturers, developers, and consumers better
understand the security issues associated with the
Internet of Things, and to enable users in any context to
make better security decisions when building,
deploying, or assessing IoT technologies.
-The project looks to define a structure for various IoT
sub-projects such as Attack Surface Areas, Testing
Guides and Top Vulnerabilities.
https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project
Z[PG\"5&6"6&M"!F"
Category)) IoT)Security)
Consideration)) Recommendations))
I1:)Insecure)Web)
Interface''
=4&;#)'-/"-'"4\'O)X'64-)#G"*)'
*%8643'6&'O#6--)4'-%'.#)D)4-'-/)'
;&)'%G'O)"+'."&&O%#8&'m'
,/)4'X;6$8643'"'O)X'64-)#G"*)'
*%4&68)#'6E.$)E)4-643'$)&&%4&'
$)"#4)8'G#%E'O)X'"..$6*"-6%4'
&)*;#6-\N'=E.$%\'"'G#"E)O%#+'-/"-'
;-6$6b)&'&)*;#6-\'m'
I2:)Insufficient)
Authentication/)
Authorization''
=4&;#)'-/"-'"..$6*"-6%4&'"#)'
O#6--)4'-%'#)J;6#)'&-#%43'
."&&O%#8&'O/)#)'";-/)4-6*"-6%4'
6&'4))8)8'm'
7)G)#'-%'-/)'
g,H9S'H;-/)4-6*"-6%4'!/)"-'9/))-''
I3:)Insecure)Network)
Services''
=4&;#)'"..$6*"-6%4&'-/"-';&)'
4)-O%#+'&)#D6*)&'8%4n-'#)&.%48'
.%%#$\'-%'X;o)#'%D)#p%O0'G;bb643'
m'
L#\'-%';-6$6b)'-)&-)80'.#%D)40'
4)-O%#+643'&-"*+&'"48'64-)#G"*)&'-/"-'
/"48$)')U*).-6%4&'3#"*)G;$$\NNN''
I4:)Lack)of)Transport)
Encryption''
=4&;#)'"$$'"..$6*"-6%4&'"#)'
O#6--)4'-%'E"+)';&)'%G')4*#\.-)8'
*%EE;46*"-6%4'X)-O))4'8)D6*)&m'
h-6$6b)')4*#\.-)8'.#%-%*%$&'O/)#)D)#'
.%&&6X$)'-%'.#%-)*-'"$$'8"-"'64'-#"4&6-m'
https://www.owasp.org/images/8/8e/Infographic-v1.jpg
$!"
Category)) IoT)Security)
Consideration)) Recommendations))
I5:)Privacy)Concerns'' =4&;#)'%4$\'-/)'E646E"$'"E%;4-'
%G'.)#&%4"$'64G%#E"-6%4'6&'
*%$$)*-)8'G#%E'*%4&;E)#&'m'
5"-"'*"4'.#)&)4-';464-)48)8'.#6D"*\'
*%4*)#4&'O/)4'"33#)3"-)8m'
I6:)Insecure)Cloud)
Interface''
=4&;#)'"$$'*$%;8'64-)#G"*)&'"#)'
#)D6)O)8'G%#'&)*;#6-\'
D;$4)#"X6$6-6)&'?)N3N'HS:'64-)#G"*)&'
"48'*$%;8AX"&)8'O)X'64-)#G"*)&@m'
!$%;8'&)*;#6-\'.#)&)4-&';46J;)'
&)*;#6-\'*%4&68)#"-6%4&0'"&'O)$$'"&'
*%;4-)#E)"&;#)&N'()'&;#)'-%'*%4&;$-'
\%;#'*$%;8'.#%D68)#'"X%;-'%.-6%4&m'
I7:)Insecure)Mobile)
Interface''
=4&;#)'-/"-'"4\'E%X6$)'
"..$6*"-6%4'*%8643'6&'O#6--)4'-%'
86&"$$%O&'O)"+'."&&O%#8&'m'
1%X6$)'64-)#G"*)&'-%':%L')*%&\&-)E&'
#)J;6#)'-"#3)-)8'&)*;#6-\N'!%4&;$-'-/)'
g,H9S'1%X6$)'m'
I8:)Insufficient)
Security)
Configurability''
=4&;#)'"..$6*"-6%4&'"#)'O#6--)4'
-%'64*$;8)'."&&O%#8'&)*;#6-\'
%.-6%4&'?)N3N'=4"X$643'Pk'
*/"#"*-)#'."&&O%#8&'%#')4"X$643'
-O%AG"*-%#'";-/)4-6*"-6%4@m'
9)*;#6-\'*"4'X)'"'D"$;)'.#%.%&6-6%4N'
5)&634'&/%;$8'-"+)'64-%'*%4&68)#"-6%4'
"'&$68643'&*"$)'%G'&)*;#6-\'
#)J;6#)E)4-&m'
I9:)Insecure)Software/
Firmware''
=4&;#)'"$$'"..$6*"-6%4&'"#)'
O#6--)4'-%'64*$;8)';.8"-)'
*"."X6$6-\'
1"4\':%L'8).$%\E)4-&'"#)')6-/)#'
X#%O4T)$8'"48R%#'/"D)'"4')U-#)E)$\'
$%43'8).$%\E)4-'*\*$)NNN''
I10:)Poor)Physical)
Security''
=4&;#)'"..$6*"-6%4&'"#)'O#6--)4'
-%';-6$6b)'"'E646E"$'4;EX)#'%G'
./\&6*"$')U-)#4"$'.%#-&'?)N3N'h9('
.%#-&@'%4'-/)'8)D6*)m'
S$"4'%4'/"D643':%L')83)'8)D6*)&'G"$$'
64-%'E"$6*6%;&'/"48&NNN''
https://www.owasp.org/images/8/8e/Infographic-v1.jpg
$#"
$$"
Z[PG\"5&6"P])H^"GQ89)H1"P81)2"
https://www.owasp.org/index.php/IoT_Attack_Surface_Areas
$,"
Z[PG\"5&6"P])H^"GQ89)H1"P81)2"
DEF CON 23 - IoT Village - Daniel Miessler - IoT Attack Surface Mapping
https://www.youtube.com/watch?v=RhxHHD790nw
$-"
DEF CON 23 - IoT Village - Daniel Miessler - IoT Attack Surface Mapping
https://www.youtube.com/watch?v=RhxHHD790nw
$3"
§IoT Attack Surface Mapping DEFCON 23 - https://www.owasp.org/images/
3/36/IoTTestingMethodology.pdf
D&02;I18)*O12"
q:E.%#-"4-)K'
q'64*$;6#'&)3;#"4>"'4"'G"&)'8)'.#%Z)-%'
q'.#%E%D)#'"-;"$6b">W)&'8)'&)3;#"4>"')'3)#)4*6"E)4-%'
8)'D;$4)#"X6$68"8)&'?86&-#6X;6#'"-;"$6b">W)&@'
qB)$/%&')##%&K'
q'";-)4-6*">V%'G#"*"'%;'64)U6&-)4-)'
q'8)G";$-'R'&)4/"&'*%86T*"8"&'''
q'6E.$)E)4-">W)&'G"$/"&'
q'G"$-"'8)'D"$68">V%'?64-)3#68"8)'8)'8"8%&0'#)&-#6>W)&@''
q'.#%-%*%$%&'"4-63%&'&)E'*#6.-%3#"T"'
q'X"*+8%%#&''
q'*%4-"&'4V%'8%*;E)4-"8"&0'#)&)-"'."#"'%'."8#V%'' $4"
https://www.cert.br/docs/palestras/certbr-unam2016.pdf
q9%$;>V%'8).)48)'8)'DF#6"&'."#-)&'
qA';&;F#6%&0'"8E646&-#"8%#)&0'8)&)4D%$D)8%#)&'
qA'G"X#6*"4-)&RD)48)8%#)&'
q:E.%#-"4-)'&"X)#'
q'q'.%&&CD)$'8)&"X6$6-"#'"$3;4&'&)#D6>%&'8)&4)*)&&F#6%&'
)'-#%*"#'&)4/"&'."8#V%r'
q'=U6&-)'"$3;E'3)#)4*6"E)4-%'&)3;#%')'#)E%-%r'
q'q'4)*)&&F#6%'6&%$"#'86&.%&6-6D%&r'
q'g'.#%8;-%'-)E'".)4"&'.#%-%*%$%&'"-;"$6b"8%&')';&"'
";-)4-6*">V%')'*#6.-%3#"T"'G%#-)&r'
$="
D&02;I18)*O12"
G1<Q8)0*)"I1"5&6_"`I12)@&2""
$>"
v_)#)4*6"E)4-%'8)'68)4-68"8)&')'8)'"*)&&%')E':%L'
q':8)4-6T*"#'!%6&"&K')&J;)E"'8)'4%E)&'
q'=&-"X)$)*)#'4CD)6&'8)'.#%-)>V%'4"'"#J;6-)-;#"':%L'
q'5)T46#'.#%*)&&%&'8)'";-)4-6*">V%')'";-%#6b">V%'
q'5)T46#'#)J;6&6-%&'8)'.#6D"*68"8)'
q':4-)#">V%'&)3;#"'*%E'<%3')'!$%;8'
v_)#)4*6"#'86&.%&6-6D%&'?"-;"$6b">W)&0'.%$C-6*"&@'
vS#%-)3)#'86&.%&6-6D%&'?X%%-')'#;4-6E)@'
v=4-)48)#'&);'&6&-)E"'?"E)">"&')'D;$4)#"X6$68"8)&@'
vS#%-)3)#'*%E;46*">W)&''
https://www.rsaconference.com/writable/presentations/file_upload/sbx1-r05-tactical-survival-tips-building-and-leveraging-iot-technologies.pdf
G1<Q8)0*)"I1"5&6_"M)I8O12"2Q8<;0I&"
,F"
v50IQ2/8;)N"50/1801/"&9"6:;0<2_"G1HQ8;/a"Y8)L1b&8^"
http://www.iiconsortium.org/pdf/IIC_PUB_G4_V1.00_PB-3.pdf
GJcAdPUeP"\PdP"DfZA?"
DZ%\A65Uc"
Content&at&a&Glance&
50/8&IQH'&0""
DN&QI"D&LMQ'0<"
5I10'/a"%)0)<1L10/"
G:;VV&N1/:"
Y1I18)/1I"%QN'B610)0Ha"PQ/:&8;g)'&0"Ga2/1L"&0"
DN&QI"
GH10)8;&"
5LMN1L10/)'&0"&9"/:1"\8&M&21I"GH10)8;&"
P0)Na2;2")0I"612/"d12QN/2"b;/:;0"GH10)8;&"
D&0HNQ2;&02")0I"YQ/Q81"[&8^2"
,#"
50/8&IQH'&0"
DN&QI"H&LMQ'0<"2a2/1L2_"81IQH1I"QM98&0/"
;0(12/L10/X" 1KM1H/1I" M189&8L)0H1X" :;<:"
)();N)V;N;/aX" ;0@0;/1" 2H)N)V;N;/aX" 9)QN/B
/&N18)0H1h"
5P%" C5I10'/a" )0I" PHH122" %)0)<1L10/E"
MN)a2" )0" ;LM&8/)0/" 8&N1" ;0" H&0/8&NN;0<" )0I"
V;NN;0<" Q218" )HH122" /&" /:1" 2:)81I"812&Q8H12"
;0"/:1"HN&QIh"
,$"
50/8&IQH'&0"
5P%" 2a2/1L2" 011I" /&" V1" M8&/1H/1I" Va"
91I18)'&02h"
G&L1" /1H:0&N&<;12" ;LMN1L10/" 91I18)/1I"
;I10'/aX"2QH:")2"/:1"GP%f"CG1HQ8;/a"P2218'&0"
%)8^QM"f)0<Q)<1E")0I"G:;VV&N1/:"2a2/1Lh"
6:1" );L" &9" /:;2" M)M18" ;2" /&" M8&M&21" )" LQN'B
/10)0Ha" )Q/:&8;g)'&0" 2a2/1L" Q2;0<"
G:;VV&N1/:"9&8"HN&QIBV)21I"10(;8&0L10/2h"
,,"
6:;2"[&8^"
\8&(;I1" ;I10'/a" L)0)<1L10/" )0I" )HH122" H&0/8&N" )0I"
);L2" /&_" C!E" V1" )0" ;0I1M10I10/" /:;8I" M)8/ai" C#E"
)Q/:10'H)/1" HN&QI" 218(;H12" Q2;0<" /:1" Q218j2" M8;()Ha"
M&N;H;12X" M8&(;I;0<" L;0;L)N" ;09&8L)'&0" /&" /:1" G18(;H1"
\8&(;I18" CG\Ei" C$E" 102Q81" LQ/Q)N" M8&/1H'&0" &9" V&/:"
HN;10/2")0I"M8&(;I182h"
6:;2" M)M18" :;<:N;<:/2" /:1" Q21" &9" )" 2M1H;@H" /&&NX"
G:;VV&N1/:X" b:;H:" M8&(;I12" 2QMM&8/" /&" /:1" /)2^2" &9"
)Q/:10'H)'&0X")Q/:&8;g)'&0")0I";I10'/a"91I18)'&0h"
6:1" L);0" H&0/8;VQ'&0" &9" &Q8" b&8^" ;2" /:1"
;LMN1L10/)'&0";0"HN&QI")0I"/:1"2H10)8;&"M81210/1Ih"
"
,-"
6:1"U5G6"DN&QI"?1@0;'&0"Y8)L1b&8^"
Community&
Cloud&
Private&
Cloud& Public&Cloud&
kaV8;I"DN&QI2"
?1MN&aL10/"
%&I1N2"
G18(;H1"
%&I1N2"
J2210')N"
D:)8)H/18;2'H2"
D&LL&0""
D:)8)H/18;2'H2"
G&lb)81")2")"
G18(;H1"CG))GE"
\N)m&8L")2")"
G18(;H1"C\))GE"
5098)2/8QH/Q81")2")"
G18(;H1"C5))GE"
d12&Q8H1"\&&N;0<"
.8&)I"U1/b&8^"PHH122" d)M;I"JN)2'H;/a"
%1)2Q81I"G18(;H1"
Z0"?1L)0I"G1N9BG18(;H1"
f&b"D&2/"G&lb)81"
n;8/Q)N;g)'&0" G18(;H1"Z8;10/)'&0"
PI()0H1I"G1HQ8;/a"
k&L&<101;/a"
%)22;(1"GH)N1" d12;N;10/"D&LMQ'0<"
c1&<8)M:;H"?;2/8;VQ'&0"
.)21I"QM&0"&8;<;0)N"H:)8/"H81)/1I"Va"PN1K"?&bV&8",3"
5I10'/a"%)0)<1L10/"
?;<;/)N" ;I10'/a" ;2" /:1" 81M81210/)'&0" &9" )0"
10'/a";0"/:1"9&8L"&9")]8;VQ/12h"
:]M_SS10hb;^;M1I;)h&8<Sb;^;S5I10'/aoL)0)<1L10/"
,4"
5I10'/a"%)0)<1L10/"
5I10'/a"%)0)<1L10/"C5I%E";2")"21/"&9"9Q0H'&02")0I"
H)M)V;N;'12"Q21I"/&"102Q81";I10'/a";09&8L)'&0X"/:Q2"
)22Q8;0<"21HQ8;/ah"
P0" 5I10'/a" %)0)<1L10/" Ga2/1L" C5%GE" M8&(;I12"
/&&N2"9&8"L)0)<;0<";0I;(;IQ)N";I10''12h"
P0"5%G";0(&N(12_"
A218"
5I10'/a"\8&(;I18"C5I\E"
G18(;H1"\8&(;I18"CG\E"
,="
5%G"
Provisioning:")II812212" /:1" M8&(;2;&0;0<" )0I"
I1M8&(;2;&0;0<"&9"21(18)N"/aM12"&9"Q218")HH&Q0/2h"
Authen/ca/on:"102Q812"/:)/"/:1";0I;(;IQ)N";2"b:&"
:1S2:1"HN);L2"/&"V1h"
Authoriza/on:"M8&(;I1" I;p1810/" )HH122" N1(1N2" 9&8"
I;p1810/"M)8/2"&8"&M18)'&02" b;/:;0")"H&LMQ'0<"
2a2/1Lh"
Federa/on:";/" ;2" )" <8&QM" &9" &8<)0;g)'&02" &8" G\2"
/:)/"12/)VN;2:")"H;8HN1"&9"/8Q2/h"
,>"
6:1" ZPG5G" GP%f" CG1HQ8;/a" P2218'&0" %)8^QM"
f)0<Q)<1E"2/)0I)8I"I1@012"M81H;21"2a0/)K")0I"
8QN12"9&8"81qQ12'0<X"H81)'0<X"H&LLQ0;H)'0<X"
)0I"Q2;0<"GP%f")2218'&02h"
6:1" G:;VV&N1/:" ;2" )0" )Q/:10'H)'&0" )0I"
)Q/:&8;g)'&0" ;098)2/8QH/Q81" V)21I" &0" GP%f"
/:)/" Q212" /:1" H&0H1M/" &9" 91I18)/1I" ;I10'/ah"
6:1" G:;VV&N1/:" 2a2/1L" ;2" I;(;I1I" ;0/&" /b&"
10''12_"/:1"5I\")0I"G\h"
-F"
G:;VV&N1/:"
6:1"5I\";2" /:1" 1N1L10/" 812M&02;VN1" 9&8"
)Q/:10'H)'0<"Q2182_"k)0IN1"G18(;H1"CkGEX" "P]8;VQ/1"
PQ/:&8;/a" CPPEX" ?;81H/&8a" G18(;H1X" PQ/:10'H)'&0"
%1H:)0;2Lh"
6:1" G\" G:;VV&N1/:" ;2" b:181" /:1" 812&Q8H12" )81"
2/&81I_" P2218'&0" D&02QL18" G18(;H1" CPDGEX" " P]8;VQ/1"
d1qQ12/18"CPdEX"d12&Q8H1"%)0)<18"Cd%Eh"
6:1" [PrY" Cs[:181" P81" r&Q" Y8&LsX" )N2&" H)NN1I"
/:1"?;2H&(18a"G18(;H1E";2"812M&02;VN1"9&8")NN&b;0<"
)0")22&H;)'&0"V1/b110")"Q218")0I"&8<)0;g)'&0h"
-!"
-#"
50" G/1M" !X" /:1" Q218" 0)(;<)/12" /&" /:1" G\" /&" )HH122" )" M8&/1H/1I"
812&Q8H1h" 50" G/1M2" #" )0I" $X" G:;VV&N1/:" 81I;81H/2" /:1" Q218" /&" /:1"
[PrY" M)<1X" b:181" :1" 2:&QNI" ;09&8L" :;2" 5I\h" 50" G/1M" ,X" /:1" Q218"
10/182":;2"5I\X")0I"G/1M"-"81I;81H/2"/:1"Q218"/&"/:1"2;/1X"b:;H:";2"/:1"
H&LM&010/" kG" &9" /:1" 5I\h" 50" G/1M2" 3" )0I" 4X" /:1" Q218" 10/182" :;2"
)Q/:10'H)'&0"I)/)")0I";0"G/1M"="/:1"kG")Q/:10'H)/1"/:1"Q218h"6:1"
kG"H81)/12")":)0IN1"/&";I10'9a"/:1"Q218")0I"210I2";/")N2&"/&"/:1"PPh"
G/1M">"210I2"/:)/"Q218")Q/:10'H)'&0":)0IN1"/&"PP")0I"/&"PDGh"6:1"
:)0IN1";2"H:1H^1I"Va"/:1"PDG")0I"/8)0291881I"/&"/:1"PdX")0I";0"G/1M"
!F" )" 2122;&0" ;2" 12/)VN;2:1Ih" 50" G/1M" !!" /:1" Pd" Q212" /:1" :)0IN1" /&"
81qQ12/"Q218")]8;VQ/12" /&"/:1" 5I\h"G/1M"!#"H:1H^2"b:1/:18" /:1"5I\"
H)0"81N1)21"/:1")]8;VQ/12")0I";0"G/1M"!$"/:1"PP"812M&0I2"b;/:"/:1"
)]8;VQ/1"()NQ12h"50"G/1M"!,"/:1"G\"81H1;(12"/:1")]8;VQ/12")0I"M)2212"
/:1L"/&"/:1"d%X"b:;H:"N&)I2"/:1"812&Q8H1";0"G/1M"!-"/&"M81210/"/&"
/:1"Q218h"
-$"
Y1I18)/1I"%QN'B610)0Ha"
PQ/:&8;g)'&0"Ga2/1L"&0"DN&QI"
5I%" H)0" V1" ;LMN1L10/1I" ;0" 21(18)N" I;p1810/"
/aM12"&9"H&0@<Q8)'&0_"
5I%"H)0"V1";LMN1L10/1I";0B:&Q21i"
5I%" ;/21N9" H)0" V1" I1N;(181I" )2" )0" &Q/2&Q8H1I"
218(;H1h"6:;2";2"H)NN1I"5I10'/a")2")"G18(;H1"C5?))GEi"
J)H:"HN&QI"G\"L)a";0I1M10I10/Na";LMN1L10/")"21/"
&9"5I%"9Q0H'&02h""
50" /:;2" b&8^X" ;/" b)2" I1H;I1I" /&" Q21" /:1" @82/"
H)21"H&0@<Q8)'&0_";0B:&Q21h"
-,"
D&0@<Q8)'&02"&9"5?%"2a2/1L2"&0"
HN&QI"H&LMQ'0<"10(;8&0L10/2"
--"
Y1I18)/1I"%QN'B610)0Ha"
PQ/:&8;g)'&0"Ga2/1L"&0"DN&QI"
6:;2" b&8^" M81210/2" )0" )Q/:&8;g)'&0" L1H:)0;2L" /&" V1" Q21I" Va" )0"
)H)I1L;H" ;02'/Q'&0" /&" &p18" )0I" Q21" /:1" 218(;H12" &p181I" ;0" /:1"
HN&QIh"
6:1" M)8/" &9" /:1" L)0)<1L10/" 2a2/1L" 812M&02;VN1" 9&8" /:1"
)Q/:10'H)'&0"&9";I10'/a"b;NN"V1"N&H)/1I";0"/:1"HN;10/"&8<)0;g)'&0h"
6:1" H&LLQ0;H)'&0" b;/:" /:1" G\" ;0" /:1" HN&QI" CDN&QI" G18(;H1"
\8&(;I18X"DG\E"b;NN"V1"L)I1"/:8&Q<:";I10'/a"91I18)'&0h"
6:1")HH122"2a2/1L"M189&8L2" )Q/:&8;g)'&0" &8")HH122" H&0/8&N";0" /:1"
10(;8&0L10/h""
6:1";02'/Q'&0":)2")"812M&02;V;N;/a"/&"M8&(;I1"/:1"Q218")]8;VQ/12"9&8"
/:1"I1MN&a1I")MMN;H)'&0"G\";0"/:1"HN&QIh"
6:1")Q/:&8;g)'&0"2a2/1L"2:&QNI"V1")VN1"/&")HH1M/"LQN'MN1"HN;10/2X"
2QH:")2")"LQN'B/10)0Hah"
-3"
GH10)8;&"
P" 218(;H1" ;2" M8&(;I1I" Va" )0" )H)I1L;H" ;02'/Q'&0"
;0" )" DG\X" )0I" 2:)81I" b;/:" &/:18" ;02'/Q'&02h" 50"
&8I18" /&" 2:)81" 218(;H12" ;2" 01H122)8a" /:)/" )0"
;02'/Q'&0";2")tN;)/1I"/&"/:1"91I18)'&0h"
Y&8" )0" ;02'/Q'&0" /&" u&;0" /:1" 91I18)'&0" ;/" LQ2/"
:)(1" H&0@<Q81I" )0" 5I\"/:)/"L11/2"/:1"
81qQ;81L10/2";LM&21I"Va"/:1"91I18)'&0h""
Z0H1" )tN;)/1I" b;/:" /:1" 91I18)'&0X" /:1"
;02'/Q'&0" b;NN" V1" )VN1" /&" )Q/:10'H)/1" ;/2" &b0"
Q2182X" 2;0H1" )Q/:&8;g)'&0" ;2" /:1" 812M&02;V;N;/a" &9"
/:1"G\h"
-4"
GH10)8;&"B"PH)I1L;H"Y1I18)'&0"
2:)8;0<"218(;H12";0"/:1"HN&QI"
-="
5LMN1L10/)'&0"&9"/:1"\8&M&21I"
GH10)8;&"
P"G\"b)2"M8;L)8;Na";LMN1L10/1I";0"/:1"HN&QI_"
)0" PM)H:1" 218(18" &0" )" (;8/Q)N" L)H:;01" :;81I" Va"
/:1"PL)g&0"[1V"G18(;H12"HN&QIh"
502/)NN)'&0"&9"/:1"G:;VV&N1/:"G\h"
502/)NN)'&0" &9" "?&^Q[;^;X"b:;H:" ;2" )0" )MMN;H)'&0"
/:)/" )NN&b2" /:1" H&NN)V&8)'(1" 1I;'0<" &9"
I&HQL10/2h"
6:1" G\" b)2" H&0@<Q81I" b;/:" )Q/:&8;g)'&0" (;)"
)MMN;H)'&0X" /&" I;p1810')/1" V1/b110" H&LL&0"
Q2182")0I")IL;0;2/8)/&82"&9"?&^Qb;^;h"
->"
5LMN1L10/)'&0"&9"/:1"\8&M&21I"
GH10)8;&"7"DN&QI"G18(;H1"\8&(;I18"
3F"
5LMN1L10/)'&0"&9"/:1"\8&M&21I"
GH10)8;&"7"HN&QI"5I\"
3!"
5LMN1L10/)'&0"&9"/:1"\8&M&21I"
GH10)8;&"
6:1" vPG5c" DPG" G18(18" b)2" Q21I" /&" M189&8L" Q218"
)Q/:10'H)'&0" /:8&Q<:" N&<;0" )0I" M)22b&8IX" )0I" /:10"
M)2212"/:1")Q/:10'H)/1I"Q2182"/&"G:;VV&N1/:h"
6:1" DPG" :)2" V110" H&0@<Q81I" /&" 21)8H:" 9&8" Q2182" ;0" )"
f;<:/b1;<:/" ?;81H/&8a" PHH122" \8&/&H&N" Cf?P\Eh" 6&" Q21"
/:;2" I;81H/&8a" ZM10f?P\" b)2" ;02/)NN1I" ;0" )0&/:18"
(;8/Q)N"L)H:;01X")N2&"8Q00;0<"&0"PL)g&0j2"HN&QIh"
6&"I1L&02/8)/1"/:1"Q21"&9"G\"9&8"L&81"/:)0"&01"HN;10/X"
)0&/:18"5I\"b)2";LMN1L10/1IX")N2&";0"HN&QIX"2;L;N)8"/&"
/:1" @82/h" 6&" 2QMM&8/" /:;2" /)2^" G:;VV&N1/:" M8&(;I12" )"
[PrY"H&LM&010/h"
3#"
P0)Na2;2")0I"612/"d12QN/2"b;/:;0"
GH10)8;&"
50"/:;2"812QN'0<"2/8QH/Q81X"1)H:"5I\";2"81M81210/1I"
;0")"M8;()/1"HN&QIX")0I"/:1"G\";2";0")"MQVN;H"HN&QIh"
6:1"812QN/2":;<:N;<:/1I"/b&"L);0"Q21"H)212_!
Read6access6to6documents6
Access6for6edi/ng6documents6
3$"
D&0HNQ2;&02"
6:1"Q21"&9"91I18)'&02";0"5I%"MN)a2")"(;/)N"8&N1h"
6:;2"b&8^"b)2");L1I")/")0")N/180)'(1"2&NQ'&0"/&"
)"5?))Gh"5?))G";2"H&0/8&NN1I")0I"L);0/);01I"Va")"
/:;8I"M)8/ah"
6:1" ;098)2/8QH/Q81" &V/);01I" );L2" /&_" C!E" V1" )0"
;0I1M10I10/" /:;8I" M)8/aX"C#E")Q/:10'H)/1" HN&QI"
218(;H12" Q2;0<" /:1" Q218j2" M8;()Ha" M&N;H;12X"
M8&(;I;0<" L;0;L)N" ;09&8L)'&0" /&" /:1" G\X" C$E"
102Q81" LQ/Q)N" M8&/1H'&0" &9" V&/:" HN;10/2" )0I"
M8&(;I182h"
3,"
D&0HNQ2;&02"
6:;2" M)M18" :;<:N;<:/2" /:1" Q21" &9" )" 2M1H;@H" /&&NX"
G:;VV&N1/:X" b:;H:" M8&(;I12" 2QMM&8/" /&" /:1" /)2^2"
&9" )Q/:10'H)'&0X" )Q/:&8;g)'&0" )0I" ;I10'/a"
91I18)'&0h"
G:;VV&N1/:"b)2"(18a"w1K;VN1" )0I" ;/";2"H&LM)'VN1"
b;/:";0/180)'&0)N"2/)0I)8I2h"
5/" b)2" M&22;VN1" /&" &p18" )" 218(;H1" )NN&b;0<" MQVN;H"
)HH122" ;0" /:1" H)21" &9" 81)IB&0Na" )HH122X" b:;N1" )/"
/:1" 2)L1" 'L1" 81qQ;8;0<" H81I10')N2" b:181" /:1"
Q218" LQ2/" V1" N&<<1I" ;0" &8I18" /&" H:)0<1"
I&HQL10/2h"
3-"
YQ/Q81"[&8^"
[1"M8&M&21")0")N/180)'(1")Q/:&8;g)'&0"L1/:&IX"
b:181" /:1" Q218X" &0H1" )Q/:10'H)/1IX" H)88;12" /:1"
)HH122" M&N;HaX" )0I" /:1" G\" 2:&QNI" V1" )VN1" /&"
;0/18M81/"/:121"8QN12h"
6:1" )Q/:&8;g)'&0" M8&H122" b;NN" 0&" N&0<18" V1"
M189&8L1I")/"/:1")MMN;H)'&0"N1(1Nh"
JKM)0I;0<" /:1" 2H10)8;&" /&" 81M81210/" 01b" 9&8L2"
&9"H&LLQ0;H)'&0h"
D81)/1"01b"Q21"H)212"9&8"/12'0<h""
A21"M21QI&0aL2";0"/:1"DG\"I&L);0h"
33"
ResearchGate has not been able to resolve any citations for this publication.
Article
Full-text available
To realise the broad vision of pervasive computing, underpinned by the " Internet of Things " (IoT), it is essential to break down application and technology-based silos and support broad connectivity and data sharing; the cloud being a natural enabler. Work in IoT tends towards the subsystem, often focusing on particular technical concerns or application domains, before offloading data to the cloud. As such, there has been little regard given to the security, privacy and personal safety risks that arise beyond these subsystems; that is, from the wide-scale, cross-platform openness that cloud services bring to IoT. In this paper we focus on security considerations for IoT from the perspectives of cloud tenants, end-users and cloud providers, in the context of wide-scale IoT proliferation, working across the range of IoT technologies (be they things or entire IoT subsystems). Our contribution is to analyse the current state of cloud-supported IoT to make explicit the security considerations that require further work.