nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Devices Can Be Secure and Easy to Install on the Internet of Things

verfasst von : Roger D. Chamberlain, Mike Chambers, Darren Greenwalt, Brett Steinbrueck, Todd Steinbrueck

Erschienen in: Integration, Interconnection, and Interoperability of IoT Systems

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

One of the major issues that must be addressed in the emerging Internet of Things (IoT) is balancing the needs of security and reasonable installation and maintenance efforts. Security is crucial, as evidenced by the fact that IoT devices are frequent targets of attack. However, if the security infrastructure is not relatively easy to use, it will ultimately be compromised by users who are unwilling (or insufficiently motivated) to deal with the complexity of ensuring security. This paper describes the industrial deployment experience of the EZConnect™ security infrastructure implemented by BECS Technology, Inc., a firm that provides water chemistry monitoring and control equipment to the aquatics market.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Transmission Power Control in WSNs: From Deterministic to Cognitive Methods

Nächstes Kapitel A Service-Based Approach for the Uniform Access of Wireless Sensor Networks and Custom Application Tasks Running on Sensor Nodes

Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of 9th Conference on Computer and Communications Security, pp. 217–224. ACM, New York, NY, USA (2002). doi:10.1145/586110.586140

Apvrille, A., Pourzandi, M.: Secure software development by example. IEEE Secur. Priv. 3(4), 10–17 (2005). doi:10.1109/MSP.2005.103 CrossRef

Bardram, E.: The trouble with login: on usability and computer security in ubiquitous computing. Pers. Ubiquitous Comput. 9(6), 357–367 (2005). doi:10.1007/s00779-005-0347-6 CrossRef

BECSys EZConnect™ Application Note. Technical Report ENG-6072-DOC, BECS Technology, Inc., St. Louis, MO, USA (2016)

Binnie, C.: Linux Server Security: Hack and Defend. Wiley Inc, Indianapolis, IN, USA (2016)CrossRef

Braz, C., Seffah, A., M’Raihi, D.: Designing a trade-off between usability and security: a metrics based-model. In: Baranauskas, C., Palanque, P., Abascal, J., Barbosa S.D.J. (eds.) Proceedings of IFIP TC-13 11th International Human-Computer Interaction Conference, Part II, pp. 114–126. Springer, Berlin (2007). doi:10.1007/978-3-540-74800-7_9

Costin, A., Zaddach, J., Francillon, A., Balzarotti, D.: A large-scale analysis of the security of embedded firmwares. In: Proceedings of 23rd USENIX Security Symposium, pp. 95–110. USENIX Association (2014). https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/costin

Cranor, L.F., Garfinkel, S.: Guest editors’ introduction: secure or usable? IEEE Secur. Priv. 2(5), 16–18 (2004). doi:10.1109/MSP.2004.69 CrossRef

Cui, A., Stolfo, S.J.: Reflections on the engineering and operation of a large-scale embedded device vulnerability scanner. In: Proceedings of 1st Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, pp. 8–18. ACM, New York, NY, USA (2011). doi:10.1145/1978672.1978674

10.

Dhamija, R., Dusseault, L.: The seven flaws of identity management: usability and security challenges. IEEE Secur. Priv. 6(2), 24–29 (2008). doi:10.1109/MSP.2008.49 CrossRef

11.

Dierks, T.: The Transport Layer Security (TLS) Protocol Version 1.2 (2008). http://tools.ietf.org/pdf/rfc5246.pdf. Rfc5246

12.

Esposito, R.: Hackers penetrate water system computers. ABC News (2006). http://blogs.abcnews.com/theblotter/2006/10/hackers_penetra.html

13.

Fortino, G., Trunfio, P. (eds.): Internet of Things Based on Smart Objects. Springer, Berlin (2014). doi:10.1007/978-3-319-00491-4

14.

Gaw, S., Felten, E.W., Fernandez-Kelly, P.: Secrecy, flagging, and paranoia: adoption criteria in encrypted email. In: Proceedings of SIGCHI Conference on Human Factors in Computing Systems, pp. 591–600. ACM, New York, NY, USA (2006). doi:10.1145/1124772.1124862

15.

Gefen, D., Straub, D.W.: The relative importance of perceived ease of use in IS adoption: a study of e-commerce adoption. J. Assoc. Inf. Syst. 1(1), 8 (2000). http://aisel.aisnet.org/jais/vol1/iss1/8

16.

Heer, T., Garcia-Morchon, O., Hummen, R., Keoh, S.L., Kumar, S.S., Wehrle, K.: Security challenges in the IP-based internet of things. Wirel. Pers. Commun. 61(3), 527–542 (2011). doi:10.1007/s11277-011-0385-5 CrossRef

17.

Hertzum, M., Jørgensen, N., Nørgaard, M.: Usable security and e-banking: ease of use vis-a-vis security. Australasian J. Inf. Syst. 11(2) (2004). doi:10.3127/ajis.v11i2.124

18.

Herzog, A., Shahmehri, N.: Usability and security of personal firewalls. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds.) New Approaches for Security, Privacy and Trust in Complex Environments: Proceedings of IFIP TC-11 22nd International Information Security Conference, pp. 37–48. Springer, Boston, MA, USA (2007). doi:10.1007/978-0-387-72367-9_4

19.

Just, M., Aspinall, D.: Personal choice and challenge questions: a security and usability assessment. In: Proceedings of 5th Symposium on Usable Privacy and Security, pp. 8:1–8:11. ACM, New York, NY, USA (2009). doi:10.1145/1572532.1572543

20.

Kleidermacher, D., Kleidermacher, M.: Embedded Systems Security: Practical Methods for Safe and Secure Software and Systems Development. Elsevier, Waltham, MA, USA (2012)

21.

Krutz, R.L., Vines, R.D.: Cloud Security: A Comprehensive Guide to Secure Cloud Computing. Wiley Inc, Indianapolis, IN, USA (2010)

22.

Laughlin, J.: Industrial control systems targeted by hackers. Ind. WaterWorld 13(3) (2013). http://www.waterworld.com/articles/iww/print/volume-13/issue-3.html

23.

Leyden, J.: Water treatment plant hacked, chemical mix changed for tap supplies. The Register (2016). http://www.theregister.co.uk/2016/03/24/water_utility_hacked

24.

Li, N., Kinebuchi, Y., Nakajima, T.: Enhancing security of embedded Linux on a multi-core processor. In: IEEE 17th International Conference on Embedded and Real-Time Computing Systems and Applications, vol. 2, pp. 117–121. IEEE, New York (2011). doi:10.1109/RTCSA.2011.36

25.

Luiijf, E.: SCADA Security Good Practices for the Drinking Water Sector. TNO, The Hague, TNO-DV p. C096 (2008). http://m.tno.nl/media/1538/tno-dv-2008-c096_web.pdf

26.

Manadhata, P., Wing, J.: An attack surface metric. IEEE Trans. Softw. Eng. 37(3), 371–386 (2011). doi:10.1109/TSE.2010.60 CrossRef

27.

Medaglia, C., Serbanati, A.: An overview of privacy and security issues in the internet of things. In: Giusto, D., Iera, A., Morabito, G., Atzori, L. (eds.) The Internet of Things, pp. 389–395. Springer, New York (2010). doi:10.1007/978-1-4419-1674-7_38

28.

Müller-Steinhagen, H., Branch, C.: Comparison of indices for the scaling and corrosion tendency of water. Canadian J. Chem. Eng. 66(6), 1005–1007 (1988). doi:10.1002/cjce.5450660617 CrossRef

29.

Nielsen, J.: Finding usability problems through heuristic evaluation. In: Proceedings of SIGCHI Conference on Human Factors in Computing Systems, pp. 373–380. ACM, New York, NY, USA (1992). doi:10.1145/142750.142834

30.

Palensky, P., Sauter, T.: Security considerations for FAN-Internet connections. In: Proceedings of IEEE International Workshop on Factory Communication Systems, pp. 27–35. IEEE, New York (2000). doi:10.1109/WFCS.2000.882530

31.

Riahi, A., Challal, Y., Natalizio, E., Chtourou, Z., Bouabdallah, A.: A systemic approach for IoT security. In: Proceedings of International Conference on Distributed Computing in Sensor Systems, pp. 351–355. IEEE, New York (2013). doi:10.1109/DCOSS.2013.78

32.

Ristić, I.: Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications. Feisty Duck, London, UK (2015)

33.

Schneier, B.: Stop trying to fix the user. IEEE Secur. Priv. 14(5), 96–96 (2016). doi:10.1109/MSP.2016.101 CrossRef

34.

Smith, T.: Hacker jailed for revenge sewage attacks. The Register (2001). http://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage

35.

Yee, K.P.: Aligning security and usability. IEEE Secur. Priv. 2(5), 48–55 (2004). doi:10.1109/MSP.2004.64 CrossRef

36.

Zhang, Z.K., Cho, M.C.Y., Wang, C.W., Hsu, C.W., Chen, C.K., Shieh, S.: IoT security: Ongoing challenges and research opportunities. In: Proceedings of 7th International Conference on Service-Oriented Computing and Applications, pp. 230–234. IEEE, New York (2014). doi:10.1109/SOCA.2014.58

Titel: Devices Can Be Secure and Easy to Install on the Internet of Things
verfasst von: Roger D. Chamberlain
Mike Chambers
Darren Greenwalt
Brett Steinbrueck
Todd Steinbrueck
Verlag: Springer International Publishing
Buch: Integration, Interconnection, and Interoperability of IoT Systems
Print ISBN: 978-3-319-61299-7

Electronic ISBN: 978-3-319-61300-0

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-61300-0_4

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Jonas Klose/© Pine Valley Capital GmbH, Carina Kießling von der Strategieberatung Roland Berger/© Monika Walther Fotografie | ATZ, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.