Internet of things (IoT) is the physical devices that are interconnected. In the technical environment it is very difficult to keep data secure. In such atmosphere privacy and security are the challenge for the person (Olson, 2016). Present paper will critically discus the Internet of things, challenges related to this and solutions will be described in this study.
Main problems of papers
The report is on the topic of internet security. Now in the modern technological era most of the people use internet for buying and selling. But cyber crime and hacking are taking places day by days (Satyanarayanan and et.al, 2015). That creates problem for the organization, data leakages and security are major problems for the corporation. Massive amount of deceives are connected with the internet so it is essential to look upon the security. Otherwise, it may create problem to the person and companies. The main issue of the present paper that some researches are based on certification and labeling, and other is based on the designing. So it reacts confusion in preparing the topic effectively (Vermesan and Friess, 2014). Research methodologies are not been discussed properly so bases of study is not clearly expressed.
These all reports are based on the internet securities, that is wide topic and it requires to spent more time for the research, so that actual problems and solutions can be find out. But researchers were not having sufficient time for preparing this paper so some of topic like security tools and other techniques are not being discussed in broad way (Patton and et.al, 2014). Researcher were not having funds for using the advanced software so that was another limitation of this paper.
Security in Internet of Things: Challenges, Solutions and Future Directions
With the increase in the usage of internet many developments have been seen in Internet of things and now internet is important everywhere. Without internet nothing can be done in industry. It is a medium of interaction with clients, it facilitates the information, etc. When Internet of things comes with so many positives on the other hand it will come with negatives too(Vlacheas and et.al, 2013). Having vast amount of information on internet, security issues arises which is makes people worry about their personal information. Researcher has made an effort to discuss the security features and issues that comes in the security of things on internet.
Internet of Things can be used in various domains including healthcare, transportation, entertainment, power grids and smart buildings, etc. Internet of Things is a means of attaining future technological innovations and its use is expected to rise exponentially over the coming years. With lot of devices connected to it and huge data associated with it, here remains concern for security.
Researcher has discussed in the paper that standard communication protocols needs to be adopted through interconnected and inoperable smart objects. International organizations such as the Internet Engineering Task Force (IETF) and the IPSO Alliance has been promoting the use of the Internet Protocol (IP) to the maximum as a inter operable objects because there a re billions of objects on internet which needs security, so in order to get security Internet protocol has been set as a standard. Internet protocol is a address of the person using internet, any malicious activity can be tracked from the IP address(Yang and et.al, 2015). How a data is secured right from its source station to its destination station is discussed by the researcher and also in addition researcher has given the names of the system that keep securing the data.
Researcher has emphasized on making the internet of things that is how effective internet of things can been created. In order to create internet of things author has given 4 key layers which can play important part in the argument that researcher is arguing. The author has laid his emphasis on application layer which includes smart cities, smart homes, healthcare, etc. Second is perception layer followed by Network layer and physical layer(Vlacheas and et.al, 2013).
Further more researcher has argued about the Security issues that are faced in internet of things. The author has argued issues that comes in application layer, perception layer, network layer, physical layer. The risks are huge. With personal data and IP stored on connected devices, hackers have the very real potential to completely limit an organization's performance(Yang and et.al, 2015). Other authors have two kind of security issues that prevails in the environment of Internet of things. Public perception is some what matters because some people think that their information can be stolen and some may not believe so. this depicts the level of worry which makes them purchase or not purchase connected devices. Hackers have been able to hack into real, on-the-market devices with enough time and energy, which means hackers would likely be able to replicate their efforts. Privacy issues which has been discussed by other offers are: The huge amount of data that Internet of Things devices can generate is staggering. This creates an entry way for hackers and leaves sensitive information open for them(Vlacheas and et.al, 2013). These problems can change consumers' desire to purchase connected products, which would harm the Internet of things from fulfilling its true potential. Researcher has provided a good paper but in addition other authors work has been is also needs to be added in order to have a good understanding over internet of things issue related to securities.
Further the author has discussed the measures through which these above said issues will get reduced and more emphasis can be laid on security measures. other authors have discussed that to make all the information protected in a way the authorities need to plan the strategies. here are some of the strategies they offered: Set up a team of business executives and security specialists, integration of best practice with product development process, educating the consumer about hacking, IP etc(Yang and et.al, 2015). and staff as well, address privacy concerns with transparent policies. Recommendations for future work regarding reduction of hacking and more measures to develop the security features are discussed at the end of this chapter or paper. The author has drafted a good paper laying emphasis on the security features of internet of things which has given a clear view of what internet of things is and what are the issues involved in it.
Analysis and Design of Security in Internet of Things
Researcher has given his view in designing the security protocols to reduce malicious activities from third parties and author has discussed about the measures through which these issues can be sorted out. In the popular technology related to Internet of things, perception and identification technology are more crucial technologies which can be used to collect the data from the environment(Gershenfeld and Vasseur, 2014). This will make people judge and recognize the world. The most basic technology supporting communications is a computer network, which allows the information transmitted to be delivered quickly and accurately. In order to ensure that proper management is followed and support of key technologies, analysis on measurements, network management, system security and privacy protection 5 be taken out.
Completing multiple data mining is the one aspect of internet of things privacy protection needs. Author has discussed about the designing part of internet of things so that hacking is not possible. Privacy protection process rely on a flexible scene which follows: Users will transfer the absolute privacy data stored in user terminal to a secret partition, what this will do is it will give user absolute privacy of its data only user can access that data and if any other person who try to access that page will be caught because a computerized message will be send to the user(Gershenfeld and Vasseur, 2014). After the user judges the legal access, allow to this access otherwise stop the operation.Users often need to separately set privacy protection mode for each scenario reached in the life, listing the roles of particular data in the application data is the key.firstly, it is opening to trusted party in the scene. Secondly, only user can open himself. Thirdly is that the user have to enter the password before he can access the secret page. If the user wants to access the absolute privacy data, the needs to not only get the user permissions, but also know the password for opening the data.
Since designing of security features is important task for the authorities they need to keep in mind the various ways through hacking can be done. Analyzing the hacking ways helps them to get to the strategies they will frame to make the models of security of data on the internet. Author has discussed that user can get anonymous ID and this ID can be used by user to get the private data(Gershenfeld and Vasseur, 2014). Author has discussed various strategies through which internet can be saved and the required information about a particular user can be accessed by the third party only up to that level where user wants. Author through his researches have gown through the conceptual concepts and convention of internet of things theory and now in his paper author has given ways to design the system efficiently so that no malicious software can attack that system.
Other reputed authors also have suggested the theories in relation with designing and analyzing of security of things which has caused them to make necessary judgments about the theory that what are the key issues in relation to theories are and how many malicious software's are prevailing in environment which can affect the users. Taking in combination the work of two authors with the author of this paper it is pretty clear that the author who has written this paper has done very in depth analysis of what internet of things and its issues can deliver. In contrasting with other papers published by researchers designing of security systems have been very key element for all the authors in their papers. Other things remaining constant papers that have been studied for this purpose has given a clear view that this paper was best of them all because this paper holds the major part and relevant part in comparison to other papers.
Security certification and labeling in internet of things
Security and privacy are two important concepts that play a significant role in the organizations an individual's life (Security in Internet of Things: Challenges, Solutions and Future Directions, 2016). Study has discussed the history of security certification, it can be defined as comprehensive assessment of technical security control that can help in maintaining the privacy in the companies (Keoh, Kumar and Tschofenig, 2014). On other hand it can be critically reviewed that it is not only limited to the security controlling system whereas it also related to the management and other operations of the organization. Researcher has defined the certification process in context to Horizon 2020 ARMOUR projects (Analysis and Design of Security in Internet of Things , 2017). This project was aiming to test the security two times so that data can get protected. But it can be critically reviewed that it is not always possible for the person to check the data two times (Vlacheas and et.al, 2013). In the presence of high technical equipment securities can be maintained in the internet things. As it is explained in his study that test s are to be executed on external large scale. But it is not always possible for the organization to test its security two times on border level. Having more than 2000 nodes for testing is very costly for small firms and they can not spend much amount on this process (Yang and et.al, 2015). There are many more technical equipment and tests which can help in securing the data of the organization. Companies have to look upon the maintaining privacy bur they have to ensure the cost over it. Because if they spent much amount on the security then it may create the over budget situation and firms have to face financial crises.
Study has discussed about the labeling scheme in which it has expressed that label is associated with the level of assurance, specific domain and third party certification. But it can be critically reviewed that these are not just dimensions there are many more important aspects which needs to be considers in the point of labeling (Islam and et.al, 2015). Each domain has its own specific features so it is very difficult to work on it. Third party assessment are not always accurate because third party can not identify the security purpose so they can give random answers on labeling.
Bench marking is the other topic which is discussed in this study, researcher has expressed that ARMOUR is the perfect tool that can help in establishing the security benchmark for end to end security . But there are many hackers those who are vast advanced and they know how to break such deep security (Kantarci and Mouftah, 2014). So it can be critically argued that after spending so much amount also individuals have risk of leakage of data. As now a days all things are depended on the internet, people do not have time to go in market so they buy online, do transaction online etc. But after having strong securities they can face the condition of leakage of data. But these data are discussed widely for the software , there are many hardware related bench marking system has been set by the TPC-IoT benchmark committee which needs to be considered by the organization (Gershenfeld and Vasseur, 2014). That can help in maintaining the security in the organization and can help in enhancing protected environment in the corporation. It can be argued that UL security certification is the essential tool that can explain the security certification in the border way. It has three level UL 2900-1,2,3. With the help of this, companies can enhance their security system. Idea of CAP (Cybersecurity assurance program) is authentic and can be used effectively by the organizations so that right system can be used at right time (Zhou and et.al, 2013). This paper has discussed about the methodologies and has suggested the labeling system. On other hand it can be argued that digiCert IoT solution are the best way for the users and can help in maintaining the security without password. It ensures connections with one of the trusted users and devices which can keep secure to the material and information of the companies. It explains that data or configuration setting can not be tampered thus, high controlling over the property exist in this system (Potyrailo, 2016).
ICT has been discussed in this report, but it is not fully explained significantly. Information and communication technology (ICT) is the concept that stress the overall role of the unifo9ed communication (Security certification and labelling in Internet of Things, 2016). It deeply explains about the enterprise software, middle ware and system that can help in making effective communication. As study has defined that limitation and issue of current security certification scheme. It has described that any changes in the product or information can affect the TOE (Ye and et.al, 2014). But time to time firms have to modify their products and all the time it is not necessary they use the system properly. Experts of internet always consider the security certification programs. They suggest that this program can help in improving the security of the IoT system. Testing the Iot device is not sufficient and can not keep the data secure (Razzaque and et.al, 2016). It can secure the data for first time but when it uses in the real life then relationship with the ecosystem can be broken. Report has explained the limitation of the security certification scheme in IoT. But is the useful and can help in improving security. ICSA labs to IoT security can support the organization in reducing the supply chain risk of the firms and can help in improving the market standing (Ning, Liu and Yang, 2015). Certification testing is the great way that can frees up the internal sources of the organization from vulnerability and can help in protecting the information of customers and the firm. Apart from this it is also a beneficial testing tool that can help in avoiding the high cost of remediation (Olson, 2016).
From the above report it can be concluded that Internet has become the essential part of human life. It is necessary to have knowledge about the tools that can help in keeping the data secure. By this way privacy will be maintained and persons will be able to utilize this tool more effectively. ARMOUR, digiCert IoT can help in this respect. Paper has survey about the security methods and security issues. By this way over all drawback of this system has been analyzed in t