Blog Posts Business Management

Part 2: Securing IoT with Public Key Infrastructure (PKI)

Blog: NASSCOM Official Blog

[Note: This is the second part of the Securing IoT Series from Hughes Systique. To view the first part of the 3 part blog series please click here.]

Traditional PKI (Public Key Infrastructure) systems, with their reliability and effectiveness, have been successful in securing the IT ecosystem till date. It also makes them an inevitable candidate for securing the IoT ecosystem as well. Many existing IoT ecosystems are using PKI for achieving the CIA as it enables an organization to establish and maintain a trustworthy digital ecosystem (people, systems, and things) by managing keys and certificates.

The CIA Triad to Security Design

Any effective IoT security solution should meet the requirements put forth by the information security policy, i.e. the CIA triad:

Confidentiality: Prevent information access to unauthorized parties

Integrity: Preserve consistency, accuracy and trustworthiness of the data

Availability: Access to the intended item is ensured at all times

It serves two purposes. First, it can be utilized as a model for building security measures, and second, it warrants that important areas of security are covered.

The CIA security triangle is an important security concept because all security controls, mechanisms, and safeguards are implemented to provide one or more of protection types. All risks, threats, and vulnerabilities are measured for their potential capability to compromise one or all of the CIA triad principles.

Working Towards Hardened Security

Having said that, since PKI has become an integral part of IoT security, we need to be very cautious for situations in IoT where the lifetime of devices maybe for a longer duration, they may be running legacy apps with minimal or no upgrades. Apart from the hardened security and guiding principles, the IoT PKI needs to have some additional qualities while designing IoT security to fully serve the purpose in the IoT landscape:

Flexibility

Customizability

Cost-Effective

Ease-of-use

A good IoT security solution will tend to improve the experience, by giving the appropriate tuning knobs in the hands of the user, at the same time automating the mundane operations. Protecting critical information along network connections is crucial and challenging. PKI did emerge as a viable option when applications were processed on centralized servers. But, as the industry is moving towards distributed processing, the need for a new approach has become evident. The goal is to create an ecosystem where the concept of easy generation and rotation of certificates is encouraged and trust is decentralized through the use of technologies that make it possible for geographically disparate entities to reach consensus on the state of a shared database.

References:

https://www.difenda.com/blog/what-is-the-cia-triangle-and-why-is-it-important-for-cybersecurity-management

https://www.weboftrust.info/downloads/dpki.pdf

{This blog was originally published at here}

The post Part 2: Securing IoT with Public Key Infrastructure (PKI) appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="https://www.businessprocessincubator.com/content/part-2-securing-iot-with-public-key-infrastructure-pki/?feed=html" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples

BPMN.org

XPDL.org

×