Does the data need to be trusted?
In part one of this blog series, we looked at whether the data needs to be private?
In this blog, we tackle the issue of trust in IoT devices and systems.
Data may need to be protected from tampering/modification in transit. This may be a malicious attacker, or simply poorly configured devices mishandling data. Appropriate security considerations may include:
- Integrity of software is verified (e.g. secure boot).
- This helps to ensure that only known software is allowed to run on the device.
- The device or system uses a hardware-rooted trust chain.
- This allows the user to protect against sophisticated low-level software attacks and ensure that all software allowed to run on the device is appropriately authorised.
- Authentication and integrity protection are applied to data.
- Such protections allow users to be confident that received data is correct and from the claimed source.
- Compromised or malfunctioning devices can be identified and revoked.
- Erroneous data from such devices may affect other functionality of the system. Providing a way to identify these devices and then block, filter and revoke them in a secure fashion provides mitigation in this scenario.
- Data is isolated from other systems or services where applicable.
- IoT networks may handle many different types of data. To minimise the risk of data leakage, it should be clear which systems and services have access to which types of data.
- System testing and calibration ensures data is handled correctly.
- Ensuring that the system handles data as designed is crucial in providing security assurance.
- Device metadata is trusted and verifiable.
- Trusted metadata will allow users and devices to have confidence that the device is functioning as intended, and help to identify malfunctioning or compromised devices.
- Re-using existing good security architectures rather than designing brand new ones.
- While some security challenges for IoT are new and different, there are many which are similar to existing problems which have been studied for many years. Consider whether existing security architectures meet your needs.
In part 3 of this blog series, we’ll consider “Is the safe and/or timely arrival of data important?”
Edited by David Rogers, CEO Copper Horse Solutions Ltd., Member of the Executive Steering Board IoTSF.