SECURITY ISSUES IN IoT:-
IoT devices have unique characteristics as far as subscription and deployment is concerned.
Few important and useful information about IoT devices:
IoT devices are typically required to be small, low cost, inexpensive
IoT devices should able to operate unattended by humans for extended periods of time
IoT devices should be able to communicate over the wireless WAN or WLAN
IoT devices are typically deployed without having to require much direct human intervention
After deployment the IoT devices tend to require remote management of their functionality
IoT devices also require flexibility in terms of subscription management.
All these functionalities may lead to threats in IOT Device.
Physical Attacks:
These may include :-
insertion of valid authentication tokens into a manipulated device
inserting and/or booting with fraudulent or modified software (“re-flashing”)
environmental/side-channel attacks
These attacks may happen both before and after in-field deployment. To protect from these attacks the need arises for trusted “validation‟ of the integrity of the IoT device’s software and data, including authentication tokens
Compromise of Credentials:
These attacks are comprising of brute force attacks on tokens and (weak) authentication algorithms. It may also include physical intrusion, or side-channel attacks, as well as malicious cloning of authentication tokens residing on the Machine Communication Identity Module (MCIM)
Configuration Attacks:
These are like fraudulent software update/configuration changes, mis-configuration by the owner, subscriber or user, mis-configuration or compromise of the access control lists.
Protocol Attacks on theDevice
Attacks on the Core Networks
User data and Identity Privacy Attacks
Comments
Post a Comment