Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Practical Internet of Things Security
  • Toc
  • feedback
Practical Internet of Things Security

Practical Internet of Things Security

By : Russell, Van Duren
4 (1)
close
Practical Internet of Things Security

Practical Internet of Things Security

4 (1)
By: Russell, Van Duren

Overview of this book

With the advent of the Internet of Things (IoT), businesses have to defend against new types of threat. The business ecosystem now includes the cloud computing infrastructure, mobile and fixed endpoints that open up new attack surfaces. It therefore becomes critical to ensure that cybersecurity threats are contained to a minimum when implementing new IoT services and solutions. This book shows you how to implement cybersecurity solutions, IoT design best practices, and risk mitigation methodologies to address device and infrastructure threats to IoT solutions. In this second edition, you will go through some typical and unique vulnerabilities seen within various layers of the IoT technology stack and also learn new ways in which IT and physical threats interact. You will then explore the different engineering approaches a developer/manufacturer might take to securely design and deploy IoT devices. Furthermore, you will securely develop your own custom additions for an enterprise IoT implementation. You will also be provided with actionable guidance through setting up a cryptographic infrastructure for your IoT implementations. You will then be guided on the selection and configuration of Identity and Access Management solutions for an IoT implementation. In conclusion, you will explore cloud security architectures and security best practices for operating and managing cross-organizational, multi-domain IoT deployments.
Table of Contents (13 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
A Brave New World
A Brave New World
Defining the IoT
Cybersecurity versus IoT security
The IoT of today
The IoT ecosystem
The IoT of tomorrow
Summary
2
Vulnerabilities, Attacks, and Countermeasures
Vulnerabilities, Attacks, and Countermeasures
Primer on threats, vulnerability, and risks 
Primer on attacks and countermeasures
Today's IoT attacks
Lessons learned and systematic approaches
Summary
3
Approaches to Secure Development
chevron up
Approaches to Secure Development
The Secure Development Life Cycle (SDLC)
Handling non-functional requirements 
The need for software transparency
Summary
4
Secure Design of IoT Devices
Secure Design of IoT Devices
The challenge of secure IoT development
Secure design goals
Summary
5
Operational Security Life Cycle
Operational Security Life Cycle
Defining your security policies
Defining system roles 
Configuring gateway and network security
Bootstrapping and securely configuring devices
Setting up threat intelligence and vulnerability tracking
Managing assets 
Managing keys and certificates
Managing accounts, passwords, and authorizations
Managing firmware and patching updates
Monitoring your system
Training system stakeholders
Performing penetration testing
Managing compliance
Managing incidents
Performing end-of-life maintenance
Summary
6
Cryptographic Fundamentals for IoT Security Engineering
Cryptographic Fundamentals for IoT Security Engineering
Cryptography and its role in securing the IoT
Cryptographic module principles
Cryptographic key management fundamentals
Examining cryptographic controls for IoT protocols
Future-proofing IoT cryptography
Summary
7
Identity and Access Management Solutions for the IoT
Identity and Access Management Solutions for the IoT
An introduction to IAM for the IoT
The identity life cycle
Authentication credentials
IoT IAM infrastructure
Authorization and access control
Summary
8
Mitigating IoT Privacy Concerns
Mitigating IoT Privacy Concerns
Privacy challenges introduced by the IoT
Guide to performing an IoT PIA
Privacy by design
Privacy engineering recommendations
Summary
9
Setting Up an IoT Compliance Monitoring Program
Setting Up an IoT Compliance Monitoring Program
IoT compliance
A complex compliance environment
Summary
10
Cloud Security for the IoT
Cloud Security for the IoT
The role of the cloud in IoT systems 
The concept of the fog
Threats to cloud IoT services
Cloud-based security services for the IoT
Summary
11
IoT Incident Response and Forensic Analysis
IoT Incident Response and Forensic Analysis
Threats to both safety and security
Defining, planning, and executing an IoT incident response
Detection and analysis
IoT forensics
Summary
12
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Handling non-functional requirements 

Non-functional requirements handle the aspects of the system that are not directly related to the functionalities of the system. SEBOK—the systems engineering body of knowledge maintained jointly by INCOSE and the IEEE computer society (https://www.sebokwiki.org/wiki/Non-Functional_Requirements_(glossary))defines them as follows: 

Quality attributes or characteristics that are desired in a system, that define how a system is supposed to be.

Non-functional requirements include security, performance, availability, resilience, safety, reliability, dependability, scalability, sustainability, portability, and interoperability.

IoT systems will require different variations of these requirements, depending on the context in which the system is designed to operate (C. Warren Axelrod, Engineering Safe and Secure Software...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 3
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete