Demystifying Internet of Things Security : : Successful IoT Device/Edge and Platform Security Deployment.

Demystifying Internet of Things Security : : Successful IoT Device/Edge and Platform Security Deployment.

Saved in:
Bibliographic Details
:
Cheruvu, Sunil.
TeilnehmendeR:
Kumar, Anil.
Smith, Ned.
Wheeler, David M.
Place / Publishing House:Berkeley, CA : : Apress L. P.,, 2019.
©2020.
Year of Publication:2019
Edition:1st ed.
Language:English
Online Access:
Physical Description:1 online resource (515 pages)
Tags: Add Tag
No Tags, Be the first to tag this record!
Table of Contents:
  • Intro
  • Table of Contents
  • About the Authors
  • Acknowledgments
  • Foreword
  • Introduction
  • Chapter 1: Conceptualizing the Secure Internet of Things
  • The BadUSB Thumb Drive
  • Air-Gap Security
  • Stuxnet
  • Designing Safe and Secure Cyber-Physical Systems
  • Constrained Computing and Moore's Law
  • Trusted IoT Networks and the Network Edge
  • Conclusion
  • Chapter 2: IoT Frameworks and Complexity
  • Introduction
  • Historical Background to IoT
  • IoT Ecosystem
  • Connectivity Technology
  • Messaging Technology
  • Platform Technology
  • Elements of an IoT System
  • IoT Device
  • IoT Device Architectural Goals
  • Interoperability
  • Security
  • IoT Network
  • IoT System Management
  • Device Lifecycle
  • Manufacturing
  • Supply Chain
  • Deployment
  • Normal Operation and Monitoring
  • Manage
  • Update
  • Decommissioning
  • IoT Framework
  • IoT Framework Design Goals
  • IoT Data Model and System Abstractions
  • IoT Node
  • IoT Operations Abstraction
  • Connectivity Elements
  • Manageability Elements
  • Security Elements
  • Consider the Cost of Cryptography
  • Summary IoT Framework Considerations
  • IoT Framework Architecture
  • Data Object Layer
  • Node Interaction Layer
  • Platform Abstraction Layer
  • Platform Layer
  • Security Challenges with IoT Frameworks
  • Consumer IoT Framework Standards
  • Open Connectivity Foundation (OCF)
  • OCF Core Framework Layer
  • OCF Profiles Framework Layer
  • The OCF Device Abstraction
  • OCF Security
  • AllSeen Alliance/AllJoyn
  • AllJoyn Security
  • Universal Plug and Play
  • UPnP Security
  • Lightweight Machine 2 Machine (LWM2M)
  • LWM2M Architecture
  • LWM2M Device Management
  • LWM2M Security
  • One Machine to Machine (OneM2M)
  • OneM2M Security
  • Industrial IoT Framework Standards
  • Industrial Internet of Things Consortium (IIC) and OpenFog Consortium.
  • Open Platform Communications-Unified Architecture (OPC-UA)
  • OPC-UA Framework Architecture
  • OPC-UA Security
  • Data Distribution Service (DDS)
  • DDS Framework Architecture
  • DDS Security
  • Security Enveloping
  • Security Tokens
  • Security Plugin Modules
  • Framework Gateways
  • Framework Gateway Architecture
  • Type I Framework Gateway
  • Type II Framework Gateway
  • Type III Framework Gateway
  • Type IV Framework Gateway
  • Security Considerations for Framework Gateways
  • Security Endpoints Within the Gateway
  • Security Endpoints in Type I Gateways
  • Security Endpoints in Type II Gateways
  • Security Endpoints in Type III Gateways
  • Security Endpoints in Type IV Gateways
  • Security Framework Gateway Architecture
  • Summary
  • Chapter 3: Base Platform Security Hardware Building Blocks
  • Background and Terminology
  • Assets, Threats, and Threat Pyramid
  • Inverted Threat Pyramid
  • Sample IoT Device Lifecycle
  • End-to-End (E2E) Security
  • Security Essentials
  • Device Identity
  • Protected Boot
  • Protected Storage
  • Trusted Execution Environment (TEE)
  • Built-In Security
  • Base Platform Security Features Overview
  • CPU Hosted Crypto Implementations
  • Malware Protection (OS Guard)
  • OS Guard (SMEP)
  • OS Guard (SMAP)
  • Encryption/Decryption Using AES-NI
  • Sign/Verify Using Intel® SHA Extensions
  • Intel® Data Protection Technology with Secure Key (DRNG)
  • Converged Security and Manageability Engine (CSME)
  • Secure/Verified, Measured Boot and Boot Guard
  • Trusted Execution Technology (TXT)
  • Platform Trust Technology (PTT)
  • Enhanced Privacy ID (EPID)
  • Memory Encryption Technologies
  • TME
  • MKTME
  • Dynamic Application Loader (DAL)
  • Software Guard Extensions (SGX) - IA CPU Instructions
  • Identity Crisis
  • Enhanced Privacy Identifier (EPID)
  • Anonymity
  • PTT/TPM
  • Device Boot Integrity - Trust But Verify.
  • Secure Boot Mechanisms
  • Secure Boot Terminology Overview
  • Overview of BIOS/UEFI Secure Boot Using Boot Guard Version 1.0 (BtG)
  • Data Protection - Securing Keys, Data at Rest and in Transit
  • Intel Platform Trust Technology (PTT)
  • Windows PTT Architecture
  • Linux PTT Software Stack
  • Runtime Protection - Ever Vigilant
  • Intel Virtualization Technology (Intel VT)
  • Software Guard Extensions (SGX)
  • Intel CSE/CSME - DAL
  • Isolation from Rich Execution Environment
  • Authenticity and Security
  • Portability
  • Intel Trusted Execution Technology (TXT)
  • Threats Mitigated
  • Zero-Day Attacks
  • Other Attacks
  • Conclusion
  • References
  • Chapter 4: IoT Software Security Building Blocks
  • Understanding the Fundamentals of Our Architectural Model
  • Operating Systems
  • Threats to Operating Systems
  • Zephyr: Real-Time Operating System for Devices
  • Zephyr Execution Separation
  • Zephyr Memory Separation
  • Zephyr Privilege Levels and System Authorization
  • Zephyr Programming Error Protections
  • Zephyr's Other Security Features
  • Zephyr Summary
  • Linux Operating Systems
  • Pulsar: Wind River Linux
  • Ubuntu IoT Core
  • Intel® Clear Linux
  • Linux Summary
  • Hypervisors and Virtualization
  • Threats to Hypervisors
  • Intel® ACRN
  • Real-Time and Power Management Guarantees in ACRN
  • ACRN Summary
  • Software Separation and Containment
  • Containment Security Principles
  • Threats to Extended Application Containment
  • Containers
  • Kata Containers
  • Kata Containers Summary
  • Trusted Execution Environments
  • Software Guard Extensions
  • SGX Security Summary
  • Android Trusty
  • Trusty TEE Security Summary
  • Containment Summary
  • Network Stack and Security Management
  • Intel Data Plane Development Kit
  • Security Management
  • Secure Device Onboarding
  • Platform Integrity
  • Network Defense
  • Platform Monitoring.
  • McAfee Embedded Control
  • Network Stack and Security Summary
  • Device Management
  • Mesh Central
  • Wind River Helix Device Cloud
  • Device Management Summary
  • System Firmware and Root-of-Trust Update Service
  • Threats to Firmware and RoT Update
  • Turtle Creek System Update and Manageability Service
  • System Firmware and RoT Summary
  • Application-Level Language Frameworks
  • JavaScript and Node.js or Sails
  • Java and Android
  • EdgeX Foundry
  • Application-Level Framework Summary
  • Message Orchestration
  • Message Queuing Telemetry Transport
  • OPC Unified Architecture
  • Constrained Application Protocol
  • Message Orchestration Summary
  • Applications
  • Summary
  • Chapter 5: Connectivity Technologies for IoT
  • Ethernet Time-Sensitive Networking
  • Legacy Ethernet-Based Connectivity in Industrial Applications
  • Key Benefits of TSN
  • TSN Standards
  • TSN Profiles
  • 802.1AS/AS-Rev
  • 802.1Qbv
  • 802.1Qbu
  • 802.1CB
  • 802.1Qcc
  • 802.1Qci
  • 802.1Qch
  • 802.1Qcr
  • TSN and Security
  • OPC-UA Over TSN
  • Overview of Wireless Connectivity Technologies
  • Considerations for Choosing Wireless Technologies for IoT
  • Spectrum
  • Range and Capacity
  • Network Topology
  • Quality of Service
  • Network Management
  • Security
  • Wi-Fi
  • Bluetooth
  • Zigbee
  • NFC
  • GPS/GNSS
  • Cellular
  • 5G Cellular
  • Key Standards, Regulatory, and Industry Bodies Involved in 5G
  • New Use Cases Enabled by 5G
  • Key Technology Enablers for 5G
  • LPWAN - Low-Power Wide Area Networks
  • LoRa
  • Sigfox
  • Weightless
  • Comparison of Low-Power LTE and Other LPWAN Technologies
  • A Case Study - Smart Homes
  • Summary
  • References
  • Chapter 6: IoT Vertical Applications and Associated Security Requirements
  • Common Domain Requirements and the Security MVP
  • Some Common Threats
  • Retail Solutions
  • Security Objectives and Requirements
  • Threats.
  • Standards - Regulatory and Industry
  • Transportation Solutions14
  • Connected Vehicle Infrastructure
  • Security Objectives and Requirements
  • Threats
  • Mitigations
  • Standards - Regulatory and Industry
  • Industrial Control System (ICS) and Industrial IoT (IIoT)
  • Security Objectives and Requirements
  • Threats
  • Standards - Regulatory and Industry
  • Digital Surveillance System
  • Security Objectives and Requirements
  • Threats
  • Standards - Regulatory and Industry
  • Summary
  • Appendix: Conclusion
  • Economics of Constrained Roots-of-Trust
  • IoT Frameworks - Necessary Complexity
  • Hardware Security - More Than a Toolbox
  • IOT Software - Building Blocks with Glue
  • Ethernet TSN - Everybody's Common Choice?
  • Security MVP - The Champion Within a Fractured IoT Ecosystem
  • The Way Forward
  • Index.

Similar Items