How securing the IoT relies on the edge

IoT and Edge ComputingIt is widely agreed by experts that the Internet of Things (IoT) needs better security. We are now in a present-time where a simple password solution is no longer a strong enough way to securely protect your accounts. Listed below are a few ways to properly secure IoT at the network level:

Improving IoT Device Communications

A way to improve IoT is to have a new framework that opens up the security of IoT. Maintaining the confidentiality of message exchanges between IoT devices is the first step in security. By putting authentication requirements in place to fight malicious IoT devices and overly curious security agents (SAs), organizations are not only ensuring discreet communications but also protecting against malicious devices being able to identify and trace a certain IoT device. Through such authentication, IoT devices are unable to abuse computations or organizational security.

Changing the IoT Security Framework

Researchers say existing IoT security protections explain general authentication of access control and key exchange for communications. Coupled with this authenticated key exchange and access control for communications, researchers at the IEEE say that, “Anonymous protection and fine-grained secure access control” should also be included in protection techniques against spiteful IoT devices. The problem with this is that oftentimes, small IoT sensors and radios cannot handle the cryptographic processes required for custom security and anonymization. As data continues to grow and people become more conscious of protecting their data, it is imperative that the IoT adopt the security measures mentioned above.

Due to the size and power limitations of smaller IoT sensors and radios, base stations, routers and other edge boxes may play a key factor in IoT security and cryptographic processes. Researchers say that this will not only be more secure, but will also help simplify managing the cryptographic keys as the increase of more keys and passwords required by applications, increases security risks. Such a solution would also provide scalability for these applications.

There would be no need to modify the IoT device by adding costs to handle security. All that is needed to accomplish this is the management of the Security Agent box, which operates remotely located sensors that are not easily accessible.

Researchers explain, “Even the low-end devices will be able to be protected by advanced security algorithms requiring high computation costs.”

Also, there would be some edge-gained savings in comparison to an in-cloud key management solution. IoT applications will fail if the now intensive authentication is not completed quick enough, making it clear that something will have to be done.

IoT and Edge Computing 

Edge computing is the new computing model where near-user devices with stronger computing power provide necessary resources for applications of other limited-resourced IoT devices. A security framework in IoT (ReSIoT) can overcome security challenges without shifting infrastructure or redesigning standard protocol flows of IoT applications.

A security agent (SA) utilizes a new component from the IEEE framework, which is a near-user-edge- device like a wireless router, service router or base station. By doing it this way, key management can simplify low-end device protection by advancing security algorithms. Near-user edge devices deliver more usability and availability compared to the cloud-based solutions.

The introduction of IoT devices will not require a change in system architectures, standards and original protocols. Instead, researchers believe cloud-based computing might help offload computation overhead of security protection.

Users can then give their security keys to servers for the cloud, where reconfigurable security systems will retain the confidentiality of the users’ security keys.

To learn more about the Pros and Cons of the IoT, check out our blog HERE.

 

Brandon Apelian
Marketing Coordinator
Key Information Systems