Académique Documents
Professionnel Documents
Culture Documents
“Internet of Things” was first coined by the co- Physical devices and sensors
founder and Executive Director of MIT’s Auto-ID lab,
Physical devices and sensors are able to gather and
Kevin Ashton in the mid-1990s1. Major vendors and
sense first-hand and multidimensional information,
technology leaders are announcing initiatives to
and evidence of the objective condition of an event
leverage the Internet of Things’ opportunities, and
autonomously without human intervention. In
define IoT differently, according to each of their area
addition, when devices function to capture
of specialty. Nevertheless, there are salient
information with embedded intelligence, devices
attributes across array of definitions, such as
can act and react. Environment context will then be
sensors, things, people, process, automation, data,
modified and the devices will respond differently. As
network, connectivity, convergence, and
such, this circular process will be repeated
intelligence. Hence, Internet of Things can be
continuously.
defined as “Intelligent interactivity between human
and things to exchange information & knowledge for Connection and infrastructure
new value creation”.
Page 1
Connection and infrastructure, such as cloud, richest source of information, and since then the
security, storage, security, privacy and processing, number of websites has exploded.
facilitate continuous, real-time data and information
flow and feedback loops. Yesterday’s Internet was a universe of interlinked
human and creates new generations of interactive
Analytics and applications experiences. Internet usage had exploded since
1995 to reach the first billion users in 2005. The
Analytics and applications transform sensor- second billion was in 2010, and the third billion is
generated information to a new and key source of expected to be reached by the end of 20142.
knowledge for action-taking. They enable users to
leverage the large amount of data gather, converge The next phase of the Internet will be IoT: a world of
information for further analysis provides actionable networked smart devices equipped with sensors,
insight for the enterprise for productivity connected to the Internet, all sharing information
enhancement, offer unique solutions, and enhance
life experience.
Page 2
that drives the revolution of sensors and connected
Value Propositions things, data capturing is no longer restricted by
locations and a single dimension. Data collection
With the rise of connected devices and connected process escalated both in speed and scale and multi-
individuals, technology experts forecast four dimensional variables can be captured
interwoven and interaction technology pillars which simultaneously within the same environment.
will fuel and shape the IoT, namely big data, cloud,
social media, and mobile devices and things.
Challenges
Big Data
Several challenges need to be addressed in order to
With the variety and enormity of data and encourage higher growth rate of IoT and
information collected by the sensors, Big Data subsequently provide opportunities for Universities
technologies will be the cornerstone in extracting and the industry to capture new competencies and
meanings and insights of this exponentially capacities Several thematic challenges have been
increased data, which will enrich the user identified from various stakeholders of the IoT
experiences and enable new business processes and ecosystem.
models.
Infrastructure
Cloud
Infrastructure is the catalyst to reach an
Cloud serves as delivery platform of information and interoperable, trustable, mobile, distributed,
functionality to users. Cloud allows information and valuable, and powerful enabler for emerging
knowledge to be accessed and delivered to anyone, applications such as Smarter Cities, Smart Grid,
anytime and anywhere. Smart Building, Smart Home, Intelligent Transport
Systems, and ubiquitous healthcare, to name a few.
Social media The massiveness of sensors and smart things to be
connected to the Internet will pressure the adoption
Social media is transforming interaction and
of IPv6, which is a technology considered most
communication modes between individuals in new
suitable for IoT, as it offers scalability, flexibility,
and unexpected ways. Information will be sourced
tested, extended, ubiquitous, open, and end-to-end
from physical movement and interactions
connectivity11.
happening in the Web 2.0. Interconnected societal
promote engagements, share information, Data & Information
collaborate and innovate.
The tremendous volume of data that pours in from
Mobile devices/things devices presents a huge challenge for service
providers in the IoT ecosystem. Big Data solutions
Mobile devices/things are the platforms of social
will be instrumental in overcoming this challenge by
communication and network in both personal and
giving IoT service providers the capacity to analyse
work spheres. With the diminishing cost of device
data, and discover relevant trends and patterns.
Page 3
Issues including privacy related to personal data,
and data sharing12 will emerge, denoting the
importance of trust in establishing the ecosystem
that supports consumers in donating their data for
public good.
Page 4
Security & Privacy connecting devices without proper security
measures. The key threat vectors are described as
Connected devices can communicate with below:
consumers, transmit data back to service providers,
and compile data for third parties such as Threat Posed by Compromised
researchers, health care providers, or even other Devices
consumers. The supply chain of information in the
Since many devices contain inherent values by their
era of IoT brings new challenges for regulators,
design and nature of functions, a connected device
enterprises and consumers. Findings from TRUSTe
presents a potential target to be exploited by an
Internet of Things Privacy Index reveal that UK
attacker. A connected security camera could expose
consumers’ comfort level varies widely depending
personal information, such as user’s location when
on responsibility, ownership and usage of collected
compromised. As devices will be trusted with the
personal data13.
ability to control and manage things, they are also
Ecosystem capable of impacting things. This could be
something as simple as controlling the lights in
The IoT revolution is already under way. ‘Things’ house or business premises, or something as
(for example, everyday objects, environments, malicious as controlling an automobile or medical
vehicles and clothing) will have more and more device in a way that could cause physical harm.
information associated with them, and are
beginning to sense, communicate, and produce new Threat over Communication Link
information, to become an integral part of the Threat over communication link involves
Internet. Added value services using the IoT could monitoring and intercepting messages during a
reach £200bn a year worldwide14, with new communication session. Due to the volume and
business models, applications and services sensitivity of data traversing the IoT eco-systems,
developing across different sectors of the economy. attacks of targeting communication link are
These will also stimulate innovation and growth in especially dangerous, as messages and data might be
areas such as components, devices, wireless intercepted, captured, or manipulated while in
connectivity, system integration and decision- transit. For example, an attacker could track the
support tools. energy usage to learn of the downtime or uptime of
a system (for example business premises) to plan an
attack on the entire core smart cities command &
control systems; the other attacker could
Potential Threat to IoT Ecosystem manipulate the data transmitted to the utility
company and alter the information. Successful
As more connected devices join the IoT ecosystem, breaches, such as these examples, may compromise
researchers has run a range of security tests to the trust in the information and data transmitted
expose IoT vulnerabilities, and make the world across IoT infrastructure.
aware of the potential security concerns of
Page 5
Manipulation of
Connected Cars Threat on the Master The Trusted IoT Master
Threats against IoT device manufacturer A trusted master must have secure
Security researcher Chris
and cloud service providers have the communication with dependent sensor
Valasek and Charlie
potential to compromise the entire IoT devices, and issue firmware/software
Miller in their research
15
Page 7
• Data-at-Rest Protection other communications via the Internet. Transport
layer security (TLS)20 is a good example of
Encrypting data is all about providing scalable, cost- encryption protocols that could be used for this
effective storage, and fast processing of large data purpose. Encryption is also needed at the back-end
sets that facilitates the availability and usage of the infrastructure level of manufacturers, cloud service
said data. Typically, this data will be stored in providers, and IoT solution providers.
clusters spread across hundreds to thousands of
data nodes. This data is largely unprotected, making
each data node a potential entry point for a rogue
insider or malicious threat, and leaves sensitive data
Conclusion
in clear view should an unauthorised user or service
gain access. This presents a tremendous, and Security at the device level, protecting the master,
potentially costly, risk for organizations. and encrypting communication links are critical to
the secure operations of IoT. In addition, leveraging
To overcome this challenge, organizations need to PKI for the IoT ecosystem will allow devices to
be able to lock down sensitive data at rest in big data implement uniquely authentication in order to
clusters without impacting performance. Doing so counteract counterfeits. Securing IoT ecosystem
requires transparent and automated file-system- does not require a revolutionary approach. The
level encryption that is capable of protecting techniques that have proven success in modern IT
sensitive data at rest on these distributed nodes. environment can be adapted to address the
challenges brought by IoT. Instead of searching for a
Data-in-Motion Protection new method, or proposing a revolutionary approach
Encrypting communication as data moves through to security, universities and the industry should
the IoT ecosystem presents a unique challenge. As focus on delivering the current state-of-the-art
data moves from one location to another, it is highly security controls, and optimise the new and complex
vulnerable to attacks such as fibre tapping. An embedded applications to drive the further
attacker can attach an evanescent fibre coupling adoption of IoT.
device to the cable without detection. This allows
the attacker to record all activity that runs across the
network, and data is captured and stolen without
the owner’s knowledge. Worst, this type of attack
can also be used to change data, and has the
potential to override the controls on the entire
system.
Page 8
References
Copyright Statement
All material in this document is, unless otherwise stated, the property of the Joint Universities Computer Centre (“JUCC”). Copyright
and other intellectual property laws protect these materials. Reproduction or retransmission of the materials, in whole or in part, in
any manner, without the prior written consent of the copyright holder, is a violation of copyright law.
A single copy of the materials available through this document may be made, solely for personal, non-commercial use. Individuals must
preserve any copyright or other notices contained in or associated with them. Users may not distribute such copies to others, whether
or not in electronic form, whether or not for a charge or other consideration, without prior written consent of the copyright holder of
the materials. Contact information for requests for permission to reproduce or distribute materials available through this document
are listed below:
copyright@jucc.edu.hkf
Joint Universities Computer Centre Limited (JUCC) Page 9
c/o Information Technology Services
The University of Hong Kong
Pokfulam Road, Hong Kong