foreword
Today I mainly share with you the perceived security of the Internet of Things
. Thank you for your support
. ! !
IoT Aware Security
The perception layer is the information source of the Internet of Things, and it is also the basis for various expansion applications of the Internet of Things. The security of the perception layer is the primary issue of the entire Internet of Things security! ! !
Perceived security is the most characteristic part of IoT. There are a huge number of sensing nodes, which directly face all "things" in the world. Compared with the traditional communication network, the sensing nodes of the Internet of Things are mostly deployed in an unmanned monitoring environment, and its nodes show multi-source heterogeneity, and because the energy and intelligence held by each node are limited, it is impossible to obtain Complex security protection capabilities.
Obviously, the biggest feature of the perception layer security technology is " lightweight ", no matter whether it is a cryptographic algorithm or various protocols, it is not required to be complicated.
The result of the " lightweight " security technology is that the security level of the perception layer is " weaker " than that of the network layer and the application layer. Therefore, during application, a security aggregation device needs to be deployed between the network layer and the perception layer.
After the security aggregation device enhances the security of the information, it exchanges with the network layer to make up for the lack of security capabilities of the perception layer.
Security Threats at the Perception Layer
According to the functions and application characteristics of the perception layer, the security threats faced by the IoT perception layer can be summarized as follows:
1. Physical capture
Sensing devices exist outdoors and are dispersedly installed, so they are vulnerable to physical attacks, and their information is easily tampered with, resulting in a loss of security.
The embedding of RFID tags, QR codes, etc. enables users connected to the Internet of Things to be scanned, tracked and located uncontrollably, which is likely to cause the leakage of users' private information.
The goal of RFID tag design and application is to reduce costs and improve efficiency. Most of them adopt the "system open" design idea, and the security measures are not strong, so malicious users** (authorized or unauthorized) can pass through legitimate readers Reading the data of the RFID tag will cause the data of the RFID tag to face serious security threats during the process of being acquired and transmitted. In addition, the rewritability of RFID tags may not guarantee the security, validity and integrity of the data in the tags.
2. Refusal of service
In order to save its own energy or prevent being controlled by Trojan horses, IoT nodes refuse to provide the service of forwarding data packets, resulting in a significant drop in network performance.
The perception layer is connected to an external network (such as the Internet, etc.), and will inevitably be attacked by the external network.
At present, the most important attack is denial of service attack except illegal access.
Due to the limited resources and low computing and communication capabilities of sensing nodes, the ability to resist denial of service is relatively weak, which may cause the sensing network to be paralyzed.
3. Trojan virus
Due to the cost of security protection measures, convenience of use and other factors, some sensing nodes may not take security protection measures or very simple information security protection measures, which may lead to counterfeit and unauthorized service access problems.
&esmp; For example, if the operating system or application software of the sensing node of the Internet of Things is outdated, the system vulnerabilities cannot be repaired in time, and the identification, identification, authentication and control of objects are prone to problems.
4. Data leakage
The Internet of Things collects a wide variety of data and rich content through a large number of sensing devices. If it is not properly protected, there will be problems of privacy leakage , data fraud , or theft . If the information perceived by the sensing node does not take security protection measures or the security protection is not strong enough, the information may be illegally obtained by a third party . This kind of information leakage can be very harmful at some point.
Security mechanism of perception layer
In view of the security threats faced by the IoT perception layer, the currently adopted IoT security protection mechanisms mainly include the following five types:
1. Physical security mechanism
Commonly used RFID tags have the characteristics of low price and poor security.
This security mechanism realizes security control mainly by sacrificing the functions of some tags .
The physical security mechanism is the security mechanism of the perception layer of the Internet of Things that is different from other parts of the Internet of Things.
2. Authentication and authorization mechanism
It is mainly used to verify the legitimacy of the identity , as well as the validity and authenticity of the exchanged data .
It mainly includes authentication and authorization management between internal nodes and node-to-user authentication and authorization management.
At the perception layer, RFID tags need to achieve identity authentication through authentication and authorization mechanisms.
3. Access control mechanism
Protection is reflected in the user's access control to the node's own information and the access control to the data information collected by the node, so as to prevent unauthorized users from accessing the perception layer.
Common access control mechanisms are:
Mandatory access control
Discretionary access control
Role-based access control
Attribute-based access control
4. Encryption mechanism and key management
This is the basis of all security mechanisms and one of the important means to realize the privacy protection of perceived information.
Key management needs to realize the generation, distribution, update and dissemination of keys .
The successful operation of the RFID tag identity authentication mechanism requires an encryption mechanism to ensure it.
5. Secure routing mechanism
Ensure that when the network is under attack, routing discovery and construction can still be performed correctly .
mainly include
Data confidentiality and authentication mechanism
Data integrity and freshness verification mechanism
Device and identity authentication mechanism
Routing message broadcast authentication mechanism.
Summarize
Today I mainly talk about two major knowledge points of [Internet of Things Perceived Security]!
Perception layer security is the most distinctive part of the Internet of Things. The task of the perception layer of the Internet of Things is to perceive the external information and complete the information collection, capture and identification of the physical world.
Next time I will share [Security Analysis of RFID] with you
Thanks for reading and supporting! ❤I will make persistent efforts! ! !