Demystifying Internet of Things Security : : Successful IoT Device/Edge and Platform Security Deployment.
Saved in:
: | |
---|---|
TeilnehmendeR: | |
Place / Publishing House: | Berkeley, CA : : Apress L. P.,, 2019. ©2020. |
Year of Publication: | 2019 |
Edition: | 1st ed. |
Language: | English |
Online Access: | |
Physical Description: | 1 online resource (515 pages) |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
5005940957 |
---|---|
ctrlnum |
(MiAaPQ)5005940957 (Au-PeEL)EBL5940957 (OCoLC)1132428035 |
collection |
bib_alma |
record_format |
marc |
spelling |
Cheruvu, Sunil. Demystifying Internet of Things Security : Successful IoT Device/Edge and Platform Security Deployment. 1st ed. Berkeley, CA : Apress L. P., 2019. ©2020. 1 online resource (515 pages) text txt rdacontent computer c rdamedia online resource cr rdacarrier Intro -- Table of Contents -- About the Authors -- Acknowledgments -- Foreword -- Introduction -- Chapter 1: Conceptualizing the Secure Internet of Things -- The BadUSB Thumb Drive -- Air-Gap Security -- Stuxnet -- Designing Safe and Secure Cyber-Physical Systems -- Constrained Computing and Moore's Law -- Trusted IoT Networks and the Network Edge -- Conclusion -- Chapter 2: IoT Frameworks and Complexity -- Introduction -- Historical Background to IoT -- IoT Ecosystem -- Connectivity Technology -- Messaging Technology -- Platform Technology -- Elements of an IoT System -- IoT Device -- IoT Device Architectural Goals -- Interoperability -- Security -- IoT Network -- IoT System Management -- Device Lifecycle -- Manufacturing -- Supply Chain -- Deployment -- Normal Operation and Monitoring -- Manage -- Update -- Decommissioning -- IoT Framework -- IoT Framework Design Goals -- IoT Data Model and System Abstractions -- IoT Node -- IoT Operations Abstraction -- Connectivity Elements -- Manageability Elements -- Security Elements -- Consider the Cost of Cryptography -- Summary IoT Framework Considerations -- IoT Framework Architecture -- Data Object Layer -- Node Interaction Layer -- Platform Abstraction Layer -- Platform Layer -- Security Challenges with IoT Frameworks -- Consumer IoT Framework Standards -- Open Connectivity Foundation (OCF) -- OCF Core Framework Layer -- OCF Profiles Framework Layer -- The OCF Device Abstraction -- OCF Security -- AllSeen Alliance/AllJoyn -- AllJoyn Security -- Universal Plug and Play -- UPnP Security -- Lightweight Machine 2 Machine (LWM2M) -- LWM2M Architecture -- LWM2M Device Management -- LWM2M Security -- One Machine to Machine (OneM2M) -- OneM2M Security -- Industrial IoT Framework Standards -- Industrial Internet of Things Consortium (IIC) and OpenFog Consortium. Open Platform Communications-Unified Architecture (OPC-UA) -- OPC-UA Framework Architecture -- OPC-UA Security -- Data Distribution Service (DDS) -- DDS Framework Architecture -- DDS Security -- Security Enveloping -- Security Tokens -- Security Plugin Modules -- Framework Gateways -- Framework Gateway Architecture -- Type I Framework Gateway -- Type II Framework Gateway -- Type III Framework Gateway -- Type IV Framework Gateway -- Security Considerations for Framework Gateways -- Security Endpoints Within the Gateway -- Security Endpoints in Type I Gateways -- Security Endpoints in Type II Gateways -- Security Endpoints in Type III Gateways -- Security Endpoints in Type IV Gateways -- Security Framework Gateway Architecture -- Summary -- Chapter 3: Base Platform Security Hardware Building Blocks -- Background and Terminology -- Assets, Threats, and Threat Pyramid -- Inverted Threat Pyramid -- Sample IoT Device Lifecycle -- End-to-End (E2E) Security -- Security Essentials -- Device Identity -- Protected Boot -- Protected Storage -- Trusted Execution Environment (TEE) -- Built-In Security -- Base Platform Security Features Overview -- CPU Hosted Crypto Implementations -- Malware Protection (OS Guard) -- OS Guard (SMEP) -- OS Guard (SMAP) -- Encryption/Decryption Using AES-NI -- Sign/Verify Using Intel® SHA Extensions -- Intel® Data Protection Technology with Secure Key (DRNG) -- Converged Security and Manageability Engine (CSME) -- Secure/Verified, Measured Boot and Boot Guard -- Trusted Execution Technology (TXT) -- Platform Trust Technology (PTT) -- Enhanced Privacy ID (EPID) -- Memory Encryption Technologies -- TME -- MKTME -- Dynamic Application Loader (DAL) -- Software Guard Extensions (SGX) - IA CPU Instructions -- Identity Crisis -- Enhanced Privacy Identifier (EPID) -- Anonymity -- PTT/TPM -- Device Boot Integrity - Trust But Verify. Secure Boot Mechanisms -- Secure Boot Terminology Overview -- Overview of BIOS/UEFI Secure Boot Using Boot Guard Version 1.0 (BtG) -- Data Protection - Securing Keys, Data at Rest and in Transit -- Intel Platform Trust Technology (PTT) -- Windows PTT Architecture -- Linux PTT Software Stack -- Runtime Protection - Ever Vigilant -- Intel Virtualization Technology (Intel VT) -- Software Guard Extensions (SGX) -- Intel CSE/CSME - DAL -- Isolation from Rich Execution Environment -- Authenticity and Security -- Portability -- Intel Trusted Execution Technology (TXT) -- Threats Mitigated -- Zero-Day Attacks -- Other Attacks -- Conclusion -- References -- Chapter 4: IoT Software Security Building Blocks -- Understanding the Fundamentals of Our Architectural Model -- Operating Systems -- Threats to Operating Systems -- Zephyr: Real-Time Operating System for Devices -- Zephyr Execution Separation -- Zephyr Memory Separation -- Zephyr Privilege Levels and System Authorization -- Zephyr Programming Error Protections -- Zephyr's Other Security Features -- Zephyr Summary -- Linux Operating Systems -- Pulsar: Wind River Linux -- Ubuntu IoT Core -- Intel® Clear Linux -- Linux Summary -- Hypervisors and Virtualization -- Threats to Hypervisors -- Intel® ACRN -- Real-Time and Power Management Guarantees in ACRN -- ACRN Summary -- Software Separation and Containment -- Containment Security Principles -- Threats to Extended Application Containment -- Containers -- Kata Containers -- Kata Containers Summary -- Trusted Execution Environments -- Software Guard Extensions -- SGX Security Summary -- Android Trusty -- Trusty TEE Security Summary -- Containment Summary -- Network Stack and Security Management -- Intel Data Plane Development Kit -- Security Management -- Secure Device Onboarding -- Platform Integrity -- Network Defense -- Platform Monitoring. McAfee Embedded Control -- Network Stack and Security Summary -- Device Management -- Mesh Central -- Wind River Helix Device Cloud -- Device Management Summary -- System Firmware and Root-of-Trust Update Service -- Threats to Firmware and RoT Update -- Turtle Creek System Update and Manageability Service -- System Firmware and RoT Summary -- Application-Level Language Frameworks -- JavaScript and Node.js or Sails -- Java and Android -- EdgeX Foundry -- Application-Level Framework Summary -- Message Orchestration -- Message Queuing Telemetry Transport -- OPC Unified Architecture -- Constrained Application Protocol -- Message Orchestration Summary -- Applications -- Summary -- Chapter 5: Connectivity Technologies for IoT -- Ethernet Time-Sensitive Networking -- Legacy Ethernet-Based Connectivity in Industrial Applications -- Key Benefits of TSN -- TSN Standards -- TSN Profiles -- 802.1AS/AS-Rev -- 802.1Qbv -- 802.1Qbu -- 802.1CB -- 802.1Qcc -- 802.1Qci -- 802.1Qch -- 802.1Qcr -- TSN and Security -- OPC-UA Over TSN -- Overview of Wireless Connectivity Technologies -- Considerations for Choosing Wireless Technologies for IoT -- Spectrum -- Range and Capacity -- Network Topology -- Quality of Service -- Network Management -- Security -- Wi-Fi -- Bluetooth -- Zigbee -- NFC -- GPS/GNSS -- Cellular -- 5G Cellular -- Key Standards, Regulatory, and Industry Bodies Involved in 5G -- New Use Cases Enabled by 5G -- Key Technology Enablers for 5G -- LPWAN - Low-Power Wide Area Networks -- LoRa -- Sigfox -- Weightless -- Comparison of Low-Power LTE and Other LPWAN Technologies -- A Case Study - Smart Homes -- Summary -- References -- Chapter 6: IoT Vertical Applications and Associated Security Requirements -- Common Domain Requirements and the Security MVP -- Some Common Threats -- Retail Solutions -- Security Objectives and Requirements -- Threats. Standards - Regulatory and Industry -- Transportation Solutions14 -- Connected Vehicle Infrastructure -- Security Objectives and Requirements -- Threats -- Mitigations -- Standards - Regulatory and Industry -- Industrial Control System (ICS) and Industrial IoT (IIoT) -- Security Objectives and Requirements -- Threats -- Standards - Regulatory and Industry -- Digital Surveillance System -- Security Objectives and Requirements -- Threats -- Standards - Regulatory and Industry -- Summary -- Appendix: Conclusion -- Economics of Constrained Roots-of-Trust -- IoT Frameworks - Necessary Complexity -- Hardware Security - More Than a Toolbox -- IOT Software - Building Blocks with Glue -- Ethernet TSN - Everybody's Common Choice? -- Security MVP - The Champion Within a Fractured IoT Ecosystem -- The Way Forward -- Index. Description based on publisher supplied metadata and other sources. Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. Electronic books. Kumar, Anil. Smith, Ned. Wheeler, David M. Print version: Cheruvu, Sunil Demystifying Internet of Things Security Berkeley, CA : Apress L. P.,c2019 9781484228951 ProQuest (Firm) https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=5940957 Click to View |
language |
English |
format |
eBook |
author |
Cheruvu, Sunil. |
spellingShingle |
Cheruvu, Sunil. Demystifying Internet of Things Security : Successful IoT Device/Edge and Platform Security Deployment. Intro -- Table of Contents -- About the Authors -- Acknowledgments -- Foreword -- Introduction -- Chapter 1: Conceptualizing the Secure Internet of Things -- The BadUSB Thumb Drive -- Air-Gap Security -- Stuxnet -- Designing Safe and Secure Cyber-Physical Systems -- Constrained Computing and Moore's Law -- Trusted IoT Networks and the Network Edge -- Conclusion -- Chapter 2: IoT Frameworks and Complexity -- Introduction -- Historical Background to IoT -- IoT Ecosystem -- Connectivity Technology -- Messaging Technology -- Platform Technology -- Elements of an IoT System -- IoT Device -- IoT Device Architectural Goals -- Interoperability -- Security -- IoT Network -- IoT System Management -- Device Lifecycle -- Manufacturing -- Supply Chain -- Deployment -- Normal Operation and Monitoring -- Manage -- Update -- Decommissioning -- IoT Framework -- IoT Framework Design Goals -- IoT Data Model and System Abstractions -- IoT Node -- IoT Operations Abstraction -- Connectivity Elements -- Manageability Elements -- Security Elements -- Consider the Cost of Cryptography -- Summary IoT Framework Considerations -- IoT Framework Architecture -- Data Object Layer -- Node Interaction Layer -- Platform Abstraction Layer -- Platform Layer -- Security Challenges with IoT Frameworks -- Consumer IoT Framework Standards -- Open Connectivity Foundation (OCF) -- OCF Core Framework Layer -- OCF Profiles Framework Layer -- The OCF Device Abstraction -- OCF Security -- AllSeen Alliance/AllJoyn -- AllJoyn Security -- Universal Plug and Play -- UPnP Security -- Lightweight Machine 2 Machine (LWM2M) -- LWM2M Architecture -- LWM2M Device Management -- LWM2M Security -- One Machine to Machine (OneM2M) -- OneM2M Security -- Industrial IoT Framework Standards -- Industrial Internet of Things Consortium (IIC) and OpenFog Consortium. Open Platform Communications-Unified Architecture (OPC-UA) -- OPC-UA Framework Architecture -- OPC-UA Security -- Data Distribution Service (DDS) -- DDS Framework Architecture -- DDS Security -- Security Enveloping -- Security Tokens -- Security Plugin Modules -- Framework Gateways -- Framework Gateway Architecture -- Type I Framework Gateway -- Type II Framework Gateway -- Type III Framework Gateway -- Type IV Framework Gateway -- Security Considerations for Framework Gateways -- Security Endpoints Within the Gateway -- Security Endpoints in Type I Gateways -- Security Endpoints in Type II Gateways -- Security Endpoints in Type III Gateways -- Security Endpoints in Type IV Gateways -- Security Framework Gateway Architecture -- Summary -- Chapter 3: Base Platform Security Hardware Building Blocks -- Background and Terminology -- Assets, Threats, and Threat Pyramid -- Inverted Threat Pyramid -- Sample IoT Device Lifecycle -- End-to-End (E2E) Security -- Security Essentials -- Device Identity -- Protected Boot -- Protected Storage -- Trusted Execution Environment (TEE) -- Built-In Security -- Base Platform Security Features Overview -- CPU Hosted Crypto Implementations -- Malware Protection (OS Guard) -- OS Guard (SMEP) -- OS Guard (SMAP) -- Encryption/Decryption Using AES-NI -- Sign/Verify Using Intel® SHA Extensions -- Intel® Data Protection Technology with Secure Key (DRNG) -- Converged Security and Manageability Engine (CSME) -- Secure/Verified, Measured Boot and Boot Guard -- Trusted Execution Technology (TXT) -- Platform Trust Technology (PTT) -- Enhanced Privacy ID (EPID) -- Memory Encryption Technologies -- TME -- MKTME -- Dynamic Application Loader (DAL) -- Software Guard Extensions (SGX) - IA CPU Instructions -- Identity Crisis -- Enhanced Privacy Identifier (EPID) -- Anonymity -- PTT/TPM -- Device Boot Integrity - Trust But Verify. Secure Boot Mechanisms -- Secure Boot Terminology Overview -- Overview of BIOS/UEFI Secure Boot Using Boot Guard Version 1.0 (BtG) -- Data Protection - Securing Keys, Data at Rest and in Transit -- Intel Platform Trust Technology (PTT) -- Windows PTT Architecture -- Linux PTT Software Stack -- Runtime Protection - Ever Vigilant -- Intel Virtualization Technology (Intel VT) -- Software Guard Extensions (SGX) -- Intel CSE/CSME - DAL -- Isolation from Rich Execution Environment -- Authenticity and Security -- Portability -- Intel Trusted Execution Technology (TXT) -- Threats Mitigated -- Zero-Day Attacks -- Other Attacks -- Conclusion -- References -- Chapter 4: IoT Software Security Building Blocks -- Understanding the Fundamentals of Our Architectural Model -- Operating Systems -- Threats to Operating Systems -- Zephyr: Real-Time Operating System for Devices -- Zephyr Execution Separation -- Zephyr Memory Separation -- Zephyr Privilege Levels and System Authorization -- Zephyr Programming Error Protections -- Zephyr's Other Security Features -- Zephyr Summary -- Linux Operating Systems -- Pulsar: Wind River Linux -- Ubuntu IoT Core -- Intel® Clear Linux -- Linux Summary -- Hypervisors and Virtualization -- Threats to Hypervisors -- Intel® ACRN -- Real-Time and Power Management Guarantees in ACRN -- ACRN Summary -- Software Separation and Containment -- Containment Security Principles -- Threats to Extended Application Containment -- Containers -- Kata Containers -- Kata Containers Summary -- Trusted Execution Environments -- Software Guard Extensions -- SGX Security Summary -- Android Trusty -- Trusty TEE Security Summary -- Containment Summary -- Network Stack and Security Management -- Intel Data Plane Development Kit -- Security Management -- Secure Device Onboarding -- Platform Integrity -- Network Defense -- Platform Monitoring. McAfee Embedded Control -- Network Stack and Security Summary -- Device Management -- Mesh Central -- Wind River Helix Device Cloud -- Device Management Summary -- System Firmware and Root-of-Trust Update Service -- Threats to Firmware and RoT Update -- Turtle Creek System Update and Manageability Service -- System Firmware and RoT Summary -- Application-Level Language Frameworks -- JavaScript and Node.js or Sails -- Java and Android -- EdgeX Foundry -- Application-Level Framework Summary -- Message Orchestration -- Message Queuing Telemetry Transport -- OPC Unified Architecture -- Constrained Application Protocol -- Message Orchestration Summary -- Applications -- Summary -- Chapter 5: Connectivity Technologies for IoT -- Ethernet Time-Sensitive Networking -- Legacy Ethernet-Based Connectivity in Industrial Applications -- Key Benefits of TSN -- TSN Standards -- TSN Profiles -- 802.1AS/AS-Rev -- 802.1Qbv -- 802.1Qbu -- 802.1CB -- 802.1Qcc -- 802.1Qci -- 802.1Qch -- 802.1Qcr -- TSN and Security -- OPC-UA Over TSN -- Overview of Wireless Connectivity Technologies -- Considerations for Choosing Wireless Technologies for IoT -- Spectrum -- Range and Capacity -- Network Topology -- Quality of Service -- Network Management -- Security -- Wi-Fi -- Bluetooth -- Zigbee -- NFC -- GPS/GNSS -- Cellular -- 5G Cellular -- Key Standards, Regulatory, and Industry Bodies Involved in 5G -- New Use Cases Enabled by 5G -- Key Technology Enablers for 5G -- LPWAN - Low-Power Wide Area Networks -- LoRa -- Sigfox -- Weightless -- Comparison of Low-Power LTE and Other LPWAN Technologies -- A Case Study - Smart Homes -- Summary -- References -- Chapter 6: IoT Vertical Applications and Associated Security Requirements -- Common Domain Requirements and the Security MVP -- Some Common Threats -- Retail Solutions -- Security Objectives and Requirements -- Threats. Standards - Regulatory and Industry -- Transportation Solutions14 -- Connected Vehicle Infrastructure -- Security Objectives and Requirements -- Threats -- Mitigations -- Standards - Regulatory and Industry -- Industrial Control System (ICS) and Industrial IoT (IIoT) -- Security Objectives and Requirements -- Threats -- Standards - Regulatory and Industry -- Digital Surveillance System -- Security Objectives and Requirements -- Threats -- Standards - Regulatory and Industry -- Summary -- Appendix: Conclusion -- Economics of Constrained Roots-of-Trust -- IoT Frameworks - Necessary Complexity -- Hardware Security - More Than a Toolbox -- IOT Software - Building Blocks with Glue -- Ethernet TSN - Everybody's Common Choice? -- Security MVP - The Champion Within a Fractured IoT Ecosystem -- The Way Forward -- Index. |
author_facet |
Cheruvu, Sunil. Kumar, Anil. Smith, Ned. Wheeler, David M. |
author_variant |
s c sc |
author2 |
Kumar, Anil. Smith, Ned. Wheeler, David M. |
author2_variant |
a k ak n s ns d m w dm dmw |
author2_role |
TeilnehmendeR TeilnehmendeR TeilnehmendeR |
author_sort |
Cheruvu, Sunil. |
title |
Demystifying Internet of Things Security : Successful IoT Device/Edge and Platform Security Deployment. |
title_sub |
Successful IoT Device/Edge and Platform Security Deployment. |
title_full |
Demystifying Internet of Things Security : Successful IoT Device/Edge and Platform Security Deployment. |
title_fullStr |
Demystifying Internet of Things Security : Successful IoT Device/Edge and Platform Security Deployment. |
title_full_unstemmed |
Demystifying Internet of Things Security : Successful IoT Device/Edge and Platform Security Deployment. |
title_auth |
Demystifying Internet of Things Security : Successful IoT Device/Edge and Platform Security Deployment. |
title_new |
Demystifying Internet of Things Security : |
title_sort |
demystifying internet of things security : successful iot device/edge and platform security deployment. |
publisher |
Apress L. P., |
publishDate |
2019 |
physical |
1 online resource (515 pages) |
edition |
1st ed. |
contents |
Intro -- Table of Contents -- About the Authors -- Acknowledgments -- Foreword -- Introduction -- Chapter 1: Conceptualizing the Secure Internet of Things -- The BadUSB Thumb Drive -- Air-Gap Security -- Stuxnet -- Designing Safe and Secure Cyber-Physical Systems -- Constrained Computing and Moore's Law -- Trusted IoT Networks and the Network Edge -- Conclusion -- Chapter 2: IoT Frameworks and Complexity -- Introduction -- Historical Background to IoT -- IoT Ecosystem -- Connectivity Technology -- Messaging Technology -- Platform Technology -- Elements of an IoT System -- IoT Device -- IoT Device Architectural Goals -- Interoperability -- Security -- IoT Network -- IoT System Management -- Device Lifecycle -- Manufacturing -- Supply Chain -- Deployment -- Normal Operation and Monitoring -- Manage -- Update -- Decommissioning -- IoT Framework -- IoT Framework Design Goals -- IoT Data Model and System Abstractions -- IoT Node -- IoT Operations Abstraction -- Connectivity Elements -- Manageability Elements -- Security Elements -- Consider the Cost of Cryptography -- Summary IoT Framework Considerations -- IoT Framework Architecture -- Data Object Layer -- Node Interaction Layer -- Platform Abstraction Layer -- Platform Layer -- Security Challenges with IoT Frameworks -- Consumer IoT Framework Standards -- Open Connectivity Foundation (OCF) -- OCF Core Framework Layer -- OCF Profiles Framework Layer -- The OCF Device Abstraction -- OCF Security -- AllSeen Alliance/AllJoyn -- AllJoyn Security -- Universal Plug and Play -- UPnP Security -- Lightweight Machine 2 Machine (LWM2M) -- LWM2M Architecture -- LWM2M Device Management -- LWM2M Security -- One Machine to Machine (OneM2M) -- OneM2M Security -- Industrial IoT Framework Standards -- Industrial Internet of Things Consortium (IIC) and OpenFog Consortium. Open Platform Communications-Unified Architecture (OPC-UA) -- OPC-UA Framework Architecture -- OPC-UA Security -- Data Distribution Service (DDS) -- DDS Framework Architecture -- DDS Security -- Security Enveloping -- Security Tokens -- Security Plugin Modules -- Framework Gateways -- Framework Gateway Architecture -- Type I Framework Gateway -- Type II Framework Gateway -- Type III Framework Gateway -- Type IV Framework Gateway -- Security Considerations for Framework Gateways -- Security Endpoints Within the Gateway -- Security Endpoints in Type I Gateways -- Security Endpoints in Type II Gateways -- Security Endpoints in Type III Gateways -- Security Endpoints in Type IV Gateways -- Security Framework Gateway Architecture -- Summary -- Chapter 3: Base Platform Security Hardware Building Blocks -- Background and Terminology -- Assets, Threats, and Threat Pyramid -- Inverted Threat Pyramid -- Sample IoT Device Lifecycle -- End-to-End (E2E) Security -- Security Essentials -- Device Identity -- Protected Boot -- Protected Storage -- Trusted Execution Environment (TEE) -- Built-In Security -- Base Platform Security Features Overview -- CPU Hosted Crypto Implementations -- Malware Protection (OS Guard) -- OS Guard (SMEP) -- OS Guard (SMAP) -- Encryption/Decryption Using AES-NI -- Sign/Verify Using Intel® SHA Extensions -- Intel® Data Protection Technology with Secure Key (DRNG) -- Converged Security and Manageability Engine (CSME) -- Secure/Verified, Measured Boot and Boot Guard -- Trusted Execution Technology (TXT) -- Platform Trust Technology (PTT) -- Enhanced Privacy ID (EPID) -- Memory Encryption Technologies -- TME -- MKTME -- Dynamic Application Loader (DAL) -- Software Guard Extensions (SGX) - IA CPU Instructions -- Identity Crisis -- Enhanced Privacy Identifier (EPID) -- Anonymity -- PTT/TPM -- Device Boot Integrity - Trust But Verify. Secure Boot Mechanisms -- Secure Boot Terminology Overview -- Overview of BIOS/UEFI Secure Boot Using Boot Guard Version 1.0 (BtG) -- Data Protection - Securing Keys, Data at Rest and in Transit -- Intel Platform Trust Technology (PTT) -- Windows PTT Architecture -- Linux PTT Software Stack -- Runtime Protection - Ever Vigilant -- Intel Virtualization Technology (Intel VT) -- Software Guard Extensions (SGX) -- Intel CSE/CSME - DAL -- Isolation from Rich Execution Environment -- Authenticity and Security -- Portability -- Intel Trusted Execution Technology (TXT) -- Threats Mitigated -- Zero-Day Attacks -- Other Attacks -- Conclusion -- References -- Chapter 4: IoT Software Security Building Blocks -- Understanding the Fundamentals of Our Architectural Model -- Operating Systems -- Threats to Operating Systems -- Zephyr: Real-Time Operating System for Devices -- Zephyr Execution Separation -- Zephyr Memory Separation -- Zephyr Privilege Levels and System Authorization -- Zephyr Programming Error Protections -- Zephyr's Other Security Features -- Zephyr Summary -- Linux Operating Systems -- Pulsar: Wind River Linux -- Ubuntu IoT Core -- Intel® Clear Linux -- Linux Summary -- Hypervisors and Virtualization -- Threats to Hypervisors -- Intel® ACRN -- Real-Time and Power Management Guarantees in ACRN -- ACRN Summary -- Software Separation and Containment -- Containment Security Principles -- Threats to Extended Application Containment -- Containers -- Kata Containers -- Kata Containers Summary -- Trusted Execution Environments -- Software Guard Extensions -- SGX Security Summary -- Android Trusty -- Trusty TEE Security Summary -- Containment Summary -- Network Stack and Security Management -- Intel Data Plane Development Kit -- Security Management -- Secure Device Onboarding -- Platform Integrity -- Network Defense -- Platform Monitoring. McAfee Embedded Control -- Network Stack and Security Summary -- Device Management -- Mesh Central -- Wind River Helix Device Cloud -- Device Management Summary -- System Firmware and Root-of-Trust Update Service -- Threats to Firmware and RoT Update -- Turtle Creek System Update and Manageability Service -- System Firmware and RoT Summary -- Application-Level Language Frameworks -- JavaScript and Node.js or Sails -- Java and Android -- EdgeX Foundry -- Application-Level Framework Summary -- Message Orchestration -- Message Queuing Telemetry Transport -- OPC Unified Architecture -- Constrained Application Protocol -- Message Orchestration Summary -- Applications -- Summary -- Chapter 5: Connectivity Technologies for IoT -- Ethernet Time-Sensitive Networking -- Legacy Ethernet-Based Connectivity in Industrial Applications -- Key Benefits of TSN -- TSN Standards -- TSN Profiles -- 802.1AS/AS-Rev -- 802.1Qbv -- 802.1Qbu -- 802.1CB -- 802.1Qcc -- 802.1Qci -- 802.1Qch -- 802.1Qcr -- TSN and Security -- OPC-UA Over TSN -- Overview of Wireless Connectivity Technologies -- Considerations for Choosing Wireless Technologies for IoT -- Spectrum -- Range and Capacity -- Network Topology -- Quality of Service -- Network Management -- Security -- Wi-Fi -- Bluetooth -- Zigbee -- NFC -- GPS/GNSS -- Cellular -- 5G Cellular -- Key Standards, Regulatory, and Industry Bodies Involved in 5G -- New Use Cases Enabled by 5G -- Key Technology Enablers for 5G -- LPWAN - Low-Power Wide Area Networks -- LoRa -- Sigfox -- Weightless -- Comparison of Low-Power LTE and Other LPWAN Technologies -- A Case Study - Smart Homes -- Summary -- References -- Chapter 6: IoT Vertical Applications and Associated Security Requirements -- Common Domain Requirements and the Security MVP -- Some Common Threats -- Retail Solutions -- Security Objectives and Requirements -- Threats. Standards - Regulatory and Industry -- Transportation Solutions14 -- Connected Vehicle Infrastructure -- Security Objectives and Requirements -- Threats -- Mitigations -- Standards - Regulatory and Industry -- Industrial Control System (ICS) and Industrial IoT (IIoT) -- Security Objectives and Requirements -- Threats -- Standards - Regulatory and Industry -- Digital Surveillance System -- Security Objectives and Requirements -- Threats -- Standards - Regulatory and Industry -- Summary -- Appendix: Conclusion -- Economics of Constrained Roots-of-Trust -- IoT Frameworks - Necessary Complexity -- Hardware Security - More Than a Toolbox -- IOT Software - Building Blocks with Glue -- Ethernet TSN - Everybody's Common Choice? -- Security MVP - The Champion Within a Fractured IoT Ecosystem -- The Way Forward -- Index. |
isbn |
9781484228968 9781484228951 |
callnumber-first |
T - Technology |
callnumber-subject |
TK - Electrical and Nuclear Engineering |
callnumber-label |
TK5105 |
callnumber-sort |
TK 45105.5 45105.9 |
genre |
Electronic books. |
genre_facet |
Electronic books. |
url |
https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=5940957 |
illustrated |
Not Illustrated |
dewey-hundreds |
000 - Computer science, information & general works |
dewey-tens |
000 - Computer science, knowledge & systems |
dewey-ones |
005 - Computer programming, programs & data |
dewey-full |
005.8 |
dewey-sort |
15.8 |
dewey-raw |
005.8 |
dewey-search |
005.8 |
oclc_num |
1132428035 |
work_keys_str_mv |
AT cheruvusunil demystifyinginternetofthingssecuritysuccessfuliotdeviceedgeandplatformsecuritydeployment AT kumaranil demystifyinginternetofthingssecuritysuccessfuliotdeviceedgeandplatformsecuritydeployment AT smithned demystifyinginternetofthingssecuritysuccessfuliotdeviceedgeandplatformsecuritydeployment AT wheelerdavidm demystifyinginternetofthingssecuritysuccessfuliotdeviceedgeandplatformsecuritydeployment |
status_str |
n |
ids_txt_mv |
(MiAaPQ)5005940957 (Au-PeEL)EBL5940957 (OCoLC)1132428035 |
carrierType_str_mv |
cr |
is_hierarchy_title |
Demystifying Internet of Things Security : Successful IoT Device/Edge and Platform Security Deployment. |
author2_original_writing_str_mv |
noLinkedField noLinkedField noLinkedField |
marc_error |
Info : MARC8 translation shorter than ISO-8859-1, choosing MARC8. --- [ 856 : z ] |
_version_ |
1792331056764944384 |
fullrecord |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>10449nam a22004693i 4500</leader><controlfield tag="001">5005940957</controlfield><controlfield tag="003">MiAaPQ</controlfield><controlfield tag="005">20240229073833.0</controlfield><controlfield tag="006">m o d | </controlfield><controlfield tag="007">cr cnu||||||||</controlfield><controlfield tag="008">240229s2019 xx o ||||0 eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781484228968</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781484228951</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(MiAaPQ)5005940957</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(Au-PeEL)EBL5940957</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1132428035</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">MiAaPQ</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">MiAaPQ</subfield><subfield code="d">MiAaPQ</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">TK5105.5-5105.9</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Cheruvu, Sunil.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Demystifying Internet of Things Security :</subfield><subfield code="b">Successful IoT Device/Edge and Platform Security Deployment.</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">1st ed.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Berkeley, CA :</subfield><subfield code="b">Apress L. P.,</subfield><subfield code="c">2019.</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">©2020.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (515 pages)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Intro -- Table of Contents -- About the Authors -- Acknowledgments -- Foreword -- Introduction -- Chapter 1: Conceptualizing the Secure Internet of Things -- The BadUSB Thumb Drive -- Air-Gap Security -- Stuxnet -- Designing Safe and Secure Cyber-Physical Systems -- Constrained Computing and Moore's Law -- Trusted IoT Networks and the Network Edge -- Conclusion -- Chapter 2: IoT Frameworks and Complexity -- Introduction -- Historical Background to IoT -- IoT Ecosystem -- Connectivity Technology -- Messaging Technology -- Platform Technology -- Elements of an IoT System -- IoT Device -- IoT Device Architectural Goals -- Interoperability -- Security -- IoT Network -- IoT System Management -- Device Lifecycle -- Manufacturing -- Supply Chain -- Deployment -- Normal Operation and Monitoring -- Manage -- Update -- Decommissioning -- IoT Framework -- IoT Framework Design Goals -- IoT Data Model and System Abstractions -- IoT Node -- IoT Operations Abstraction -- Connectivity Elements -- Manageability Elements -- Security Elements -- Consider the Cost of Cryptography -- Summary IoT Framework Considerations -- IoT Framework Architecture -- Data Object Layer -- Node Interaction Layer -- Platform Abstraction Layer -- Platform Layer -- Security Challenges with IoT Frameworks -- Consumer IoT Framework Standards -- Open Connectivity Foundation (OCF) -- OCF Core Framework Layer -- OCF Profiles Framework Layer -- The OCF Device Abstraction -- OCF Security -- AllSeen Alliance/AllJoyn -- AllJoyn Security -- Universal Plug and Play -- UPnP Security -- Lightweight Machine 2 Machine (LWM2M) -- LWM2M Architecture -- LWM2M Device Management -- LWM2M Security -- One Machine to Machine (OneM2M) -- OneM2M Security -- Industrial IoT Framework Standards -- Industrial Internet of Things Consortium (IIC) and OpenFog Consortium.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Open Platform Communications-Unified Architecture (OPC-UA) -- OPC-UA Framework Architecture -- OPC-UA Security -- Data Distribution Service (DDS) -- DDS Framework Architecture -- DDS Security -- Security Enveloping -- Security Tokens -- Security Plugin Modules -- Framework Gateways -- Framework Gateway Architecture -- Type I Framework Gateway -- Type II Framework Gateway -- Type III Framework Gateway -- Type IV Framework Gateway -- Security Considerations for Framework Gateways -- Security Endpoints Within the Gateway -- Security Endpoints in Type I Gateways -- Security Endpoints in Type II Gateways -- Security Endpoints in Type III Gateways -- Security Endpoints in Type IV Gateways -- Security Framework Gateway Architecture -- Summary -- Chapter 3: Base Platform Security Hardware Building Blocks -- Background and Terminology -- Assets, Threats, and Threat Pyramid -- Inverted Threat Pyramid -- Sample IoT Device Lifecycle -- End-to-End (E2E) Security -- Security Essentials -- Device Identity -- Protected Boot -- Protected Storage -- Trusted Execution Environment (TEE) -- Built-In Security -- Base Platform Security Features Overview -- CPU Hosted Crypto Implementations -- Malware Protection (OS Guard) -- OS Guard (SMEP) -- OS Guard (SMAP) -- Encryption/Decryption Using AES-NI -- Sign/Verify Using Intel® SHA Extensions -- Intel® Data Protection Technology with Secure Key (DRNG) -- Converged Security and Manageability Engine (CSME) -- Secure/Verified, Measured Boot and Boot Guard -- Trusted Execution Technology (TXT) -- Platform Trust Technology (PTT) -- Enhanced Privacy ID (EPID) -- Memory Encryption Technologies -- TME -- MKTME -- Dynamic Application Loader (DAL) -- Software Guard Extensions (SGX) - IA CPU Instructions -- Identity Crisis -- Enhanced Privacy Identifier (EPID) -- Anonymity -- PTT/TPM -- Device Boot Integrity - Trust But Verify.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Secure Boot Mechanisms -- Secure Boot Terminology Overview -- Overview of BIOS/UEFI Secure Boot Using Boot Guard Version 1.0 (BtG) -- Data Protection - Securing Keys, Data at Rest and in Transit -- Intel Platform Trust Technology (PTT) -- Windows PTT Architecture -- Linux PTT Software Stack -- Runtime Protection - Ever Vigilant -- Intel Virtualization Technology (Intel VT) -- Software Guard Extensions (SGX) -- Intel CSE/CSME - DAL -- Isolation from Rich Execution Environment -- Authenticity and Security -- Portability -- Intel Trusted Execution Technology (TXT) -- Threats Mitigated -- Zero-Day Attacks -- Other Attacks -- Conclusion -- References -- Chapter 4: IoT Software Security Building Blocks -- Understanding the Fundamentals of Our Architectural Model -- Operating Systems -- Threats to Operating Systems -- Zephyr: Real-Time Operating System for Devices -- Zephyr Execution Separation -- Zephyr Memory Separation -- Zephyr Privilege Levels and System Authorization -- Zephyr Programming Error Protections -- Zephyr's Other Security Features -- Zephyr Summary -- Linux Operating Systems -- Pulsar: Wind River Linux -- Ubuntu IoT Core -- Intel® Clear Linux -- Linux Summary -- Hypervisors and Virtualization -- Threats to Hypervisors -- Intel® ACRN -- Real-Time and Power Management Guarantees in ACRN -- ACRN Summary -- Software Separation and Containment -- Containment Security Principles -- Threats to Extended Application Containment -- Containers -- Kata Containers -- Kata Containers Summary -- Trusted Execution Environments -- Software Guard Extensions -- SGX Security Summary -- Android Trusty -- Trusty TEE Security Summary -- Containment Summary -- Network Stack and Security Management -- Intel Data Plane Development Kit -- Security Management -- Secure Device Onboarding -- Platform Integrity -- Network Defense -- Platform Monitoring.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">McAfee Embedded Control -- Network Stack and Security Summary -- Device Management -- Mesh Central -- Wind River Helix Device Cloud -- Device Management Summary -- System Firmware and Root-of-Trust Update Service -- Threats to Firmware and RoT Update -- Turtle Creek System Update and Manageability Service -- System Firmware and RoT Summary -- Application-Level Language Frameworks -- JavaScript and Node.js or Sails -- Java and Android -- EdgeX Foundry -- Application-Level Framework Summary -- Message Orchestration -- Message Queuing Telemetry Transport -- OPC Unified Architecture -- Constrained Application Protocol -- Message Orchestration Summary -- Applications -- Summary -- Chapter 5: Connectivity Technologies for IoT -- Ethernet Time-Sensitive Networking -- Legacy Ethernet-Based Connectivity in Industrial Applications -- Key Benefits of TSN -- TSN Standards -- TSN Profiles -- 802.1AS/AS-Rev -- 802.1Qbv -- 802.1Qbu -- 802.1CB -- 802.1Qcc -- 802.1Qci -- 802.1Qch -- 802.1Qcr -- TSN and Security -- OPC-UA Over TSN -- Overview of Wireless Connectivity Technologies -- Considerations for Choosing Wireless Technologies for IoT -- Spectrum -- Range and Capacity -- Network Topology -- Quality of Service -- Network Management -- Security -- Wi-Fi -- Bluetooth -- Zigbee -- NFC -- GPS/GNSS -- Cellular -- 5G Cellular -- Key Standards, Regulatory, and Industry Bodies Involved in 5G -- New Use Cases Enabled by 5G -- Key Technology Enablers for 5G -- LPWAN - Low-Power Wide Area Networks -- LoRa -- Sigfox -- Weightless -- Comparison of Low-Power LTE and Other LPWAN Technologies -- A Case Study - Smart Homes -- Summary -- References -- Chapter 6: IoT Vertical Applications and Associated Security Requirements -- Common Domain Requirements and the Security MVP -- Some Common Threats -- Retail Solutions -- Security Objectives and Requirements -- Threats.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Standards - Regulatory and Industry -- Transportation Solutions14 -- Connected Vehicle Infrastructure -- Security Objectives and Requirements -- Threats -- Mitigations -- Standards - Regulatory and Industry -- Industrial Control System (ICS) and Industrial IoT (IIoT) -- Security Objectives and Requirements -- Threats -- Standards - Regulatory and Industry -- Digital Surveillance System -- Security Objectives and Requirements -- Threats -- Standards - Regulatory and Industry -- Summary -- Appendix: Conclusion -- Economics of Constrained Roots-of-Trust -- IoT Frameworks - Necessary Complexity -- Hardware Security - More Than a Toolbox -- IOT Software - Building Blocks with Glue -- Ethernet TSN - Everybody's Common Choice? -- Security MVP - The Champion Within a Fractured IoT Ecosystem -- The Way Forward -- Index.</subfield></datafield><datafield tag="588" ind1=" " ind2=" "><subfield code="a">Description based on publisher supplied metadata and other sources.</subfield></datafield><datafield tag="590" ind1=" " ind2=" "><subfield code="a">Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. </subfield></datafield><datafield tag="655" ind1=" " ind2="4"><subfield code="a">Electronic books.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Kumar, Anil.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Smith, Ned.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Wheeler, David M.</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Cheruvu, Sunil</subfield><subfield code="t">Demystifying Internet of Things Security</subfield><subfield code="d">Berkeley, CA : Apress L. P.,c2019</subfield><subfield code="z">9781484228951</subfield></datafield><datafield tag="797" ind1="2" ind2=" "><subfield code="a">ProQuest (Firm)</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=5940957</subfield><subfield code="z">Click to View</subfield></datafield></record></collection> |