Enhancing IoT Security A holistic approach to security for connected platforms (Sharma, VidushiJoshi, Gamini Gamini Joshi) (Z-Library)

📄 File Format: PDF

💾 File Size: 15.5 MB

📖 Read Online ⬇️ Download

Registered users can read the full content for free

Register as a Gaohf Library member to read the complete e-book online for free and enjoy a better reading experience.

📄 Page 1

(This page has no text content)

📄 Page 2

(This page has no text content)

📄 Page 3

Enhancing IoT Security A holistic approach to security for connected platforms Vidushi Sharma Gamini Joshi www.bpbonline.com

📄 Page 4

Copyright © 2024 BPB Online All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor BPB Online or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book. BPB Online has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, BPB Online cannot guarantee the accuracy of this information. First published: 2024 WeWork 119 Marylebone Road London NW1 5PU UK | UAE | INDIA | SINGAPORE ISBN 978-93-55515-506 www.bpbonline.com

📄 Page 5

Dedicated to Lord Shiva and Guru Sai – My Torch Bearer My Son Shouryaa for supporting me and driving me to achieve my goals My Husband Rohit and my Brother Sadashiv – My pillars of strength — Dr. Vidushi Sharma   My beloved: Parents: Mr. Lalit Mohan Joshi and Mrs. Geeta Joshi (For their endless love, support and encouragement to achieve everything in life) & Parents-in-law: Dr. S.P. Lohani and Mrs. Hema Lohani (For their continuous emotional and moral support) & My Husband: Mani Lohani (For his continuous encouragement to improve my

📄 Page 6

knowledge and move ahead in my career) & My Daughter: Mishthi Lohani (For her smile that inspires me to always be positive and give my best) — Gamini Joshi

📄 Page 7

About the Authors ❖ Dr. Vidushi Sharma has received the Ph.D. degree in computer science from Dr. B.R. Ambedkar University, Agra, India, in 2008. She is currently the Head of the Department of Electronics and Communication Engineering, and the Convenor of Centre of Rapid and Alternative Energy Mobility at Gautam Buddha University, Greater Noida, India. She teaches Doctoral, Postgraduate, and Graduate courses; and has authored over 100 research papers for international and national publications. She has also authored a book titled Energy Efficient Wireless Sensor Network (2017, Taylor and Francis). She has supervised nine Ph.D. students and more than 50 Dissertation students in the area of wireless sensor networks and the Internet of Things; mentored two - Department of Science and Technology, India projects. She also has two patents awarded and three patents published. Her research interests include IT applications and performance evaluation of information systems, which includes wireless sensor networks, Internet of Things. She has organized several conferences, workshops, and FDP and is also a reviewer for reputed journals. ❖  Gamini Joshi is pursuing Ph.D. at Gautam Buddha University, Greater Noida, India. She has worked as an assistant professor and has taught graduate-level courses. She has authored as well as co-authored a large number of papers for international and national

📄 Page 8

publications. Her research interests include IT applications, performance evaluation, and security of IoT information systems, which include wireless sensor networks and the Internet of Things.

📄 Page 9

About the Reviewer Anuj Gargeya Malkapuram is an accomplished Security Practitioner known for his leadership in cross-functional teams and enterprise-level security initiatives. With expertise in security detection, incident response, threat intelligence, and security engineering, Anuj evangelizes information security within organizations and beyond. He currently serves as a Principal Security Engineer at Salesforce and has previously worked at reputable companies like Amazon and LendingClub Corporation in FinTech, E-Commerce, and SaaS sectors. Anuj’s contributions extend beyond the corporate realm, as he has filed multiple patents and published his work in international journals. He actively collaborates with non-profit organizations such as World Economic Forum, CENSA, and other recognized internet security entities. Anuj holds a Master’s degree in Electrical Engineering, specializing in Computer Networking and Security, from San Jose State University.

📄 Page 10

Acknowledgements ❖  I want to express my deepest gratitude to the Almighty lord for holding my hand and guiding me on the path destined by him. I express my sincere thanks to my son Shouryaa who has changed my perspective towards life and given it a direction. He is my biggest supporter and critique and because of him I am able to live up to my aspirations. He has been my best buddy in this journey so far. I am indebted to my Parents (K.N. Sharma and Saroj Sharma) for showering unconditional love. My special thanks to my husband Rohit for always encouraging me to attain my professional goals, he is the very essence of my life. My gratitude and love to my brother Sadashiv and my sister-in-law Shipra who have always provided me support in thick and thin. I am also grateful to soul mates Dr. Kriti Priya, Shilpee Sharma and Neetu Gupta for being my life anchor and stabilizer. I am thankful to my students Dr. Arjun Sirohi, Dr. Anuradha Pughat, Dr. Gayatri Sakya, Dr. Gourav Verma, Dr. Neeti Bansal, Dr. Aarti Gautam Dinkar, Gamini Joshi, Monika Kashyap, and Zaineb Naaz for always standing by my side. I am indebted to Dr. Neeta Singh, Dr. Navaid Zafar Rizvi, Dr. Vimlesh, Dr. Rajesh Mishra, Dr. Madhu Jain, and Prof. G.C. Sharma for helping me in my academic journey. I am thankful to BPB Publications for their support and help in framing this book and I hope our readers will

📄 Page 11

use it to further enhance their knowledge and attain their career goals. Thanks & Regards Dr. Vidushi Sharma ❖  I would like to extend my sincere thanks to some people who have generously contributed and supported me in writing and presenting this book. First and foremost, I would like to thank my parents and parents-in-law for continuously encouraging and supporting me. Next, I owe my gratitude to my supervisor Dr. Vidushi Sharma, for her valuable guidance, constructive comments and continuous encouragement throughout my book. I feel overwhelmed to spell some of my guiding force - my brother Gaurav Joshi and his wife Vandana Upadhyaya, my sister-in-law Dr. Meenakshi Lohani, and my friends Sunita Mishra and Sharad Rai. Last but not least, my loving and supporting husband Mr. Mani Lohani and my darling daughter Mishthi. I could have never completed this book without their support. My gratitude also goes to the team at BPB Publications for being supportive enough to provide me enough time to finish and publish the book. At last, I would like to thank God who gave me enough strength and patience to write such a detailed book on IoT security. Hope this book brings wonderful joy and experience to readers worldwide. Thanks & Regards Gamini Joshi

📄 Page 12

Preface Internet of Things is an emerging technology, which has changed our life from smart homes to smart defense to smart industrial applications. Criticality of these applications has led to an intense need to provide security, safety and privacy to these applications and shield them from awful threats and attacks. In connection with this, the book “Enhancing IoT Security” is presented, that aims to introduce the next generation security measure for Internet of Things (IoT) with their permissive security technologies and applications to a wide interdisciplinary readership of engineering and non-engineering graduate students, post- graduate students and researchers. This book aims to reveal the importance of IoT security and introduces the efficient technique that effortlessly recognizes the existing threats and attacks with their impressive solutions of mitigating them. Its ambition is to secure resource constraint sensor enabled IoT networks and devices at minimal cost concerning complexity, energy and power. This book intends to analyze the critical application areas where security and privacy are indispensable. It includes theoretical as well as practical aspect of securing network with empirical IoT products (hardware) and simulators (software). In doing so, this book destines the target readers to move beyond their theoretical knowledge and include features of practicality that triggers new experiments and multidisciplinary project ideas. Moreover, authors in this book have illustrated their teaching and research experience which would assist the academician

📄 Page 13

and researchers in extending their research and studies in right direction. This book fulfills the basic and advanced level need of the readers related to the topic it covers. The book is self- satisfied for the topics it covers and contains the detailed as well as advances knowledge on security issues in IoT networks. Apart from the detailed text, the book includes figures, tables, graphs (real-time and lab results), case studies and examples too. For assessing the knowledge of the readers, Questionnaire including multiple choice questions, short and long answer questions is given at the end of each chapter. Each chapter starts with an introduction of the topic and discusses its related issues and future directions to the work in that specified area. The details of every chapter are listed below: Chapter 1- The Internet of Things and its Security Requirements: It gives the basic architecture of IoT and fulfills the requirement of preliminary knowledge for subsequent chapters. Though IoT is changing everything; yet industries, consumers, and technology owners are under security nightmare since smart devices and infrastructures are giving frenzy opportunity to cyber-criminals. This states that IoT security is clearly an important aspect; diving into it this chapter explores the need of security in IoT and its requirement with respect to architecture, devices, and protocols. This continues with the range of security applications within the specific domain like SCADA system, enterprise system, agriculture system and much more. In the next section of this chapter, the need of securing IoT databases is discussed with advanced technologies like embedded systems, bigdata analytics, cloud, fog and edge computing

📄 Page 14

Chapter 2- IoT Security - Vulnerabilities, Attacks, and Countermeasures: It explores different types of vulnerabilities, attacks and risk against IoT implementations and deployments. This chapter dives into the organization of attack and illustrates how attacks are organized into attack and fault tree. Next, the access control techniques with their different types are investigated and systematic methodology for incorporating countermeasures against attacks is talked about. Thereafter, the chapter provides the tailored approach to threat modeling that demonstrates the method of identifying threats and its sources with their procedure of mitigating them. We have explained it with the help of suitable examples. Chapter 3- Security Engineering for IoT Development: After discussing the IoT security requirements and the threats affecting the security of the system. We now investigate the security engineering for IoT development, where various tools and methodology are discussed that is implemented on IoT system during its designing and development phase. This chapter presents the different phases of designing security into exiting system which involves planning, selection, processing, and development methodology. Chapter 4- IoT Security Lifecycle: In continuation with chapter 3, in this chapter we will present the complete lifecycle of IoT security, which involves secure designing, implementation, integration, operation, maintenance and dispose. Each phase is discussed in detail with every perspective of securing IoT. Chapter 5- IoT as Interconnection of Threats: Next, we present the interconnection of threats in IoT applications and the methods to secure them. This chapter presents various fusion schemes, defense scheme and solution-based

📄 Page 15

analyses of detecting attack vectors like Sybil attack and malwares in smart vehicular and home systems. Chapter 6- Crypto Foundations I: It explores the role of cryptography in engineering IoT security. It includes the cryptographic primitives, modules, principles and fundamentals, which encompasses MAC codes, Hash codes, signature codes and various cipher suites. We have also included various key management algorithms with their fundamental and advanced schemes. Next, the chapter examines transport encryption and cryptographic controls for IoT communication and messaging protocols. Last but not the least, we have also discussed light weighted cryptographic technique for authenticating IoT Node. Chapter 7- Crypto Foundations II: This chapter is in continuation to chapter 6. It extends the concept of cryptography with hash function and digital signature. It also provides an in-depth illustration of how cryptography can be used to protect IoT communications and its messaging protocols. The chapter outlines the cryptographic controls for IoT communication and messaging protocols, along with the IoT node authentication mechanisms. Chapter 8- Privacy Preservation for the Internet of Things: In this chapter, we present the privacy preserving schemes for IoT systems. It explores the Privacy preservation Data Dissemination problem with its spatial privacy graph (SPG) solution. Privacy preservation is further explored with the help of real time example of smart buildings where the concept of IoT in smart building is explained with possible threats and its solution approaches. Chapter 9- Location Privacy Enhancement in the Internet of Vehicles: This chapter further explores the privacy preservation with yet another smart example in Internet of vehicles. Since Vehicles are mobile the focus of this chapter is on location privacy. This chapter explores

📄 Page 16

location privacy requirements with preservation schemes and protocols. Further, the security analysis is presented with performance evaluation. Chapter 10- Privacy Protection in Key Personal IoT Applications: Since IoT devices and systems are resource constraint, there is always a need to have light weighted algorithms. In connection with it, this chapter presents a lightweight and robust scheme for privacy protection in mobile WBSN and Participatory Sensing network. Chapter 11- Trust and Trust Models for the IoT: It presents another aspect of securing IoT system, that is, using Trust as the parameter of protecting IoT network and devices. This chapter explores the concept of trust model and its perspective of securing IoT. It also explores Trust models with the help of example scenarios. Chapter 12- Framework for Privacy and Trust in IoT: This chapter explores trust and its framework in decentralized IoT system. Framework presents user centric as well as device centric framework with Face-to-face enabler as well as Indoor localization enabler tool. Chapter 13- Preventing Unauthorized Access to Sensor Data and Authentication in IoT: Authentication is yet another issue in IoT system. In regard with this, the chapter illustrates the fundamentals of authentication with detailed study of message and entity authentication. It also explores the cooperative authentication scheme using Game modeling where players, strategies and utility function are illustrated with respect to cooperative authorization with experimental results and analysis. Chapter 14- Computational Security for the IoT and Beyond: IoT systems are very complex systems. Considering this, the chapter explores the characteristics of complex IoT systems like wireless networks, biological

📄 Page 17

networks, social networks, economic networks and heavy computer networks. Further, the complexity of these networks is evaluated with the help of computational tools like, signal processing, and network science tools. The controllability and observability of networks is further studied from communication engineering. Chapter 15- Identity and Access Management Solutions for the IoT: This chapter explores the issue of identification and access management of IoT devices and network in different environment and organization. This chapter reviews the identity lifecycle and discusses the infrastructure components needed for provisioning authentication credentials. It focuses on authentication credentials and its approaches of providing authorization and access controls to IoT devices. Chapter 16- Privacy-Preserving Time Series Data Aggregation for IoT: This chapter describes the concept of data aggregation in IoT network for preserving network privacy. System and security models are detailed out and a time-series data aggregation schemes is presented for preserving IoT network and security analysis with performance evaluation is showed in terms of computational and communication cost. Chapter 17- Path Generation Scheme for Real-Time Green IoT: This chapter investigates the issue of secure routing in IoT network. It presents the secure path generation scheme for real-time Green Internet of Things. Network model and problem definitions are deeply discussed and then a framework of path generation is established with all security measures. Chapter 18- Security Protocols for IoT Access Networks and Their Impact on Mobile Networks: This chapter presents the detailed study of existing security protocols and its impact on mobile networks. It also

📄 Page 18

investigates the scalability issue in large cellular network. The chapter presents the unidirectional and bidirectional data transmission security algorithm. Chapter 19- Cloud Security for the IoT: This chapter presents the prospect of cloud security designed for Internet of Things. It addresses cloud services and IoT related internal and external threats. It explores the cloud service providers for IoT and their security-as-a-service. The chapter also examines the security functionality needed from cloud for building an effective IoT architecture. Lastly, it discusses and explores new computing paradigms that cloud could provide to IoT system. Chapter 20- Policy-Based Approaches for Informed Consent in IoT: This chapter gives a detailed description about policy based approaches for Internet of Things. It provides the framework and enforcement policy with their future developments. Chapter 21- Blockchains for Internet of Things: This chapter presents the blockchain technique as next generation technology for securing Internet of Things. It addresses the concept of bitcoin, crypto-currency and other matter of concern for Internet of Things. Chapter 22- Game Theory Foundation: This chapter introduces the concepts and techniques of Game Theory. The mathematical formulations of the game along with its strategy are detailed out. We present different types of games and its strategic approach like repeated games, Bayesian games and coalitional games that will help readers to justify their problems. Chapter 23- Security Products: In this chapter, we have presented the recent trends of securing Internet of Things where existing security products and their test beds are

📄 Page 19

discussed. We have also illustrated the commercialized IoT products and their usage.

📄 Page 20

Coloured Images Please follow the link to download the Coloured Images of the book: https://rebrand.ly/lsyz3qa We have code bundles from our rich catalogue of books and videos available at https://github.com/bpbpublications. Check them out! Errata We take immense pride in our work at BPB Publications and follow best practices to ensure the accuracy of our content to provide with an indulging reading experience to our subscribers. Our readers are our mirrors, and we use their inputs to reflect and improve upon human errors, if any, that may have occurred during the publishing processes involved. To let us maintain the quality and help us reach out to any readers who might be having difficulties due to any unforeseen errors, please write to us at : errata@bpbonline.com Your support, suggestions and feedbacks are highly appreciated by the BPB Publications’ Family. Did you know that BPB offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.bpbonline.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at :