Fatshimetrie is a major challenge for infrastructure security. The IoT (Internet of Things) has become a fundamental part of our daily lives, facilitating the way we interact with the world around us. However, despite its undeniable benefits, IoT faces many security risks and challenges.
The risks that IoT faces are varied, ranging from possible leakage of user data to privacy issues. Secure management of IoT devices also poses challenges, as does updating software for billions of these devices. In addition, virtualization of the infrastructure presents security challenges, with potential risks of eavesdropping, hijacking, and manipulation of network communications.
IoT security threats are mainly related to the devices themselves and are mitigated at higher layers. Three aspects contribute to enhancing IoT security at the operator level:
1. Device-level threats and challenges:
– Physical attack: Unattended physical interfaces expose endpoints to risks, which can be exploited to attack the network.
– High energy consumption: Simple network access process and low energy consumption/cost are required.
– Malware injection: Attackers inject malware to take control of the system.
2. Network-level threats:
– Network communication attacks: Man-in-the-middle attacks or theft/tampering of communication content cause device errors.
– Signal storm/Denial of Service (DoS) attack: A large number of devices access the network, which can lead to signal storm/DoS attacks, exhausting network or IoT platform resources.
3. Application-level threats:
– IoT application attack: The application layer has the largest number of external touchpoints and is susceptible to attacks, including unauthorized access by users/devices.
– Privacy theft: Application-level data includes users’ privacy, and any data breach may result in loss of personal property or even security risks.
To enhance IoT security, some governments have passed legislation to strengthen IoT cybersecurity. For example, the Ministry of Industry and Information Technology (MIIT) is developing technical specifications for NB-IoT, including security technical requirements and testing methods.
In the United States, the Department of Homeland Security (DHS) has published strategic principles for securing the Internet of Things. Similarly, in Europe, the Network and Information Security Agency (ENISA) has published a best practices report on intelligent vehicle network security, covering policies/standards, organizations/methods, and technologies.
Furthermore, the National Institute of Standards and Technology (NIST) has published an implementation guide for IoT device security. These initiatives aim to strengthen security and promote best practices in the field of security.
The IoT Security Compliance Framework and the IoT Security Building Blocks published by IoT SF in 2017 play a crucial role in the IoT security ecosystem. Efforts to promote security standards and research on security frameworks contribute to strengthening IoT security.
In conclusion, IoT security is a complex challenge that requires a comprehensive and collaborative approach. Industry giants like Huawei are at the forefront of creating solutions and partnerships to strengthen IoT security. By collaborating with international organizations and supporting the formulation of standards and best practices, Huawei is contributing to building a robust, open, and healthy IoT security ecosystem.