|Home||Internet of Things||Aerospace||Apparel||Energy||Defense||Health Care||Logistics||Manufacturing||Retail|
The Limit Does Not Exist: Why Defending the Perimeter Is Not Feasible in the IoT
Perimeter defense technologies can help in blocking external attacks, but often fail to prevent attacks by inside devices or apps.
Security is a negative goal—we design and test for things we don't want to happen. This, however, is a logically impossible task since we don't know how much we don't know. When such test coverage is insufficient, the system will have unknown vulnerabilities. An increase in complexity means more unknown vulnerabilities. As the IoT system complexity is unraveled, its vulnerability is also impacted. This means that the perimeter is harder to defend with preventive security controls.
Therefore, such data can become infected, as the information is not bounded. This can be done even if the edge is secured in such a way that it is undetectable at the perimeter firewall. For example, an IoT system which controls an air-conditioning unit in an art museum can be subverted by manipulating the physical temperature around the critical sensors. This type of manipulated data can only be detected by analyzing the emergent behavior and state of the system. For this, we require prospective deliberation, which evaluates possible outcomes with respect to current system-wide state before an action is taken.
In other words, even if we define the perimeter around the cloud, we cannot trust the behavior of components within the perimeter because they are vulnerable to infected data, which may be impossible to detect at the perimeter. This means we cannot use perimeter defense to protect an IoT system. The only way we can secure such a system using current techniques is to encrypt everything using TLS or similar protocols, authenticate everything using crypto keys and validate every transaction.
Security for the IoT-Driven World
We have found that it is feasible to build a distributed security system, using generic, trustless transactional platforms, such as distributed ledger technology combined with multi-agent reasoning.
As Albert Einstein famously said, "Once we accept our limits, we go beyond them." We have to accept the limits of perimeter defense and accept that IoT security requires new thinking. Once we do that, we will see new opportunities and means to meet new challenges.
Chirag Pathak is the senior solution architect at Mobiliya. He is responsible for developing architecture for solutions in the domains of security, the IoT, enterprise cloud services, augmented reality and cloud-based additive manufacturing. Chirag has more than 20 years of experience in embedded systems, telecommunication systems and software engineering. His research activities involve multi-agent systems using blockchain and artificial intelligence for managing IoT systems.
Login and post your comment!
Not a member?
Signup for an account now to access all of the features of RFIDJournal.com!
SEND IT YOUR WAY
RFID JOURNAL EVENTS
ASK THE EXPERTS
Simply enter a question for our experts.
|RFID Journal LIVE!||RFID in Health Care||LIVE! LatAm||LIVE! Brasil||LIVE! Europe||RFID Connect||Virtual Events||RFID Journal Awards||Webinars||Presentations|