We continue our focus on security this month by switching gears from “premises” security to securing the data that continually streams from connected devices in the Internet-of-Things. In fact, security (along with privacy – more on that in a future post) probably stands out as the most active point of discussion when it comes to building out an effective Internet-of-Things. Concerns are well-founded because, candidly, there’s a great deal at stake.
Much of this has to do with the impression that the IoT means hundreds of thousands more physical devices in a given enterprise will be connected to the Internet, with every single one of those devices representing a potential point of vulnerability. As an imaginative exercise, think of what could happen if, once driverless cars have become a bona fide component of everyday life, the connections to those cars were to land in the hands of a nefarious party. Highway mayhem could become an ultimate act of cyber-crime, with cars suddenly acting insanely at the hands of a perpetrator.
The security issue is so pervasive that the “once King of mobile” Blackberry has designs on becoming a “once and future King” around providing non-phone device security. The matter is spurring innovation in areas where one could not be blamed to think innovation had run its course.
That being said, it may be constructive to first look into how the Internet of Things diverges from the “regular” Internet as we know it. Terming it an ‘Internet’ is actually a bit of misnomer, because it largely consists of wirelessly-connected devices or sensors interacting in a client-server, or hub-and-spoke model; the Internet analogy does not, and should not, apply for most real-world applications coming online today. The level of interconnectivity among devices is fairly low, given the dedicated point-to-point communication, and point-to-point service delivery.
Which is to say, the IoT environment is much more closed in the first place than the literature would have us believe. There are architectural differences that go beyond how humans communicate over the Internet.
Moreover, IoT devices generally are not wired down to a network jack. Rather, they’re mostly connected over the air via cellular and fixed wireless technologies. There is an important distinction to make here. As compared to fixed network resources such as WiFi, which are built primarily on a single set of protocols, cellular networks are varied — not only in underlying technology but also in the frequency used. Cellular contains a certain obscurity that works to its advantage.
In addition, 3G cellular networks for example have five different sets of security features built into the architecture:
- Network Access Security, which provides identity confidentiality, user authentication, confidentiality, integrity and mobile equipment authentication.
- Network Domain Security, which allows the provider domain to securely exchange signaling data, and prevent attacks on the wired network.
- User Domain Security, which lets a device securely connect to mobile stations.
- Application Security, which lets applications in the user domain and the provider domain securely exchange messages.
- Visibility and Configurability Security, where users can freely find out which security features are available.
On top of these built-in mechanisms, data streams running over cellular are often subject to more stringent security processes such as encryption or SSL support, depending on the application. And sensitive markets such as energy or payment processing implement additional security overlays that go far beyond simple protection against end-point ingress, such as PCI and NIST. We’ve mentioned these before.
Taken together, it is my contention that as far as security is concerned, the use of cellular as the primary connector for IoT devices, even when fixed wireless technologies could be employed, offers a more significant set of challenges to would-be IoT hacks wreaking havoc inside of device domains. It is not my aim to represent that cellular networks are completely secure by the simple virtue of their being cellular. They are of course open to attacks such as DOS, channel jamming, message forgery, and the like.
There is, however, something to be said for the up-front level of access layering that cellular networks naturally throw into the equation. The idea that these connections have the capacity to impede access at the outset, like border fences in a prison until reinforcement can be called, adds a tangible, if not vital, source of value.