The recent advancements in machine learning have enabled market innovators to build insights from IoT sensors in the wild. As a result, these insights can be used to solve complex real-world challenges.
At SeeChange, we use the understanding of environments gleaned from insights to solve challenges within (but not limited to) the retail, occupancy, smart streets, and healthcare spaces. To understand more around SeeChange’s offerings, refer to https://seechange.com/.
The remainder of this blog provides an overview of the state of security within the context of the Cloud to IoT continuum[1] and sets the scene for SeeChange’s application of security.
State of security in the continuum
Although it’s clear that since IoT’s inception and the introduction of Industry 4.0[2] there’s opportunity to greatly advance the state of the art in various fields, there has also been a range of new challenges around security and privacy.
Cloud to Fog to IoT continuum
Established research[3] in this area highlights that traditional security solutions are not fit for purpose when applied to IoT and Fog computing[4]. In order to reduce risk of an exploit, it’s critical that and security and privacy are designed within the context of heterogeneous environments from the ground up.
Where other IoT solutions have fallen short is around the implementation of security within the context of IoT. As various research and industry leaders have stated[5], negligence around IoT Cybersecurity can be attributed to the intimidation of a new field. This is in part impacted by the infancy of IoT and lack of mature relevant security frameworks. The result of security negligence within IoT has resulted in data leaks, breaches, and hacks[6].
Frameworks and guidance
A typical approach to cybersecurity is to start off with a framework as a guide to developing secure solutions. However, most of the contemporary and widely adopted frameworks for managing the security of deployed systems are geared towards a traditional client-server architecture. As a consequence, the primary focus for security is on the server and the communication to and from the client.
Conversely, in an IoT and Fog infrastructure, devices and environments are heterogeneous. As such, threats and their actors are diverse, communication flow is more complex, and the owners of the network and the infrastructure are separate.
At the time of writing, there are frameworks that attempt to close this gap. However, these frameworks vary in maturity and focus on largely different challenges. This is in part due to the space of IoT and Fog computing expanding into different directions.
It’s not all doom and gloom
Nevertheless, IoT-based solutions can be made secure, if care is given to implement security holistically from the ground up[7]. Tackling this, at SeeChange, we take a multi-faceted approach to security and consider a range of elements.
Among other technology leaders, we believe in transparency around security; in future blogs, we’ll be covering the key components summarised in the diagram below.
A glimpse into the SeeChange security blog series.
Ensuring that security challenges are mitigated, at SeeChange we are committed to all aspects of security. To guide us, we are leaning on tried and tested security frameworks[8] whilst making use of cutting-edge patterns where relevant.
Over the coming months, we’ll be detailing our continuing approach to security. For now, you can learn more about what we offer at https://seechange.com/privacy-and-security/ or by contacting us directly.
About Dr. Lyndon Fawcett
A technology enthusiast with a passion for designing and delivering Cloud, IoT and telecoms solutions in a secure manner. Lyndon is responsible for our design and validation of end-to-end security. Ultimately he ensures that partners and users of our products can rest easy. Within the security research field, Lyndon has co-authored multiple journals, presented internationally, and is a reviewer for IEEE sec conferences. Prior to SeeChange, he worked with and advised CDN providers, Telcos, TV broadcasters, and HMG within areas of Cloud scalability and SDN security.
References:
- link.springer.com/book/10.1007/978-3-030-41110-7
- https://en.wikipedia.org/wiki/Fourth_Industrial_Revolution
- https://iacis.org/iis/2016/4_iis_2016_21-28.pdf
- en.wikipedia.org/wiki/Fog_computing
- par.nsf.gov/servlets/purl/10081976
- https://www.iotforall.com/5-worst-iot-hacking-vulnerabilities
- https://www.nist.gov/internet-things-iot
- https://www.nist.gov/cyberframework
