Discuss about the Security and Privacy Issues in Internet of Things and Infrastructure.
Rapid development in the advancement in the infrastructure of the hardware and software has been the major reason behind the emergence of internet serving devices that provides complete connectivity f the computing devices (Alrawais, Alhothaily, & Cheng, 2017). The total number of devices utilizing internet is expected to increase by a huge number in the next 20 years (Oravec, 2017, July). With an increase in growth of the Internet using devices the usage of the platform of Internet of Things has increased to a great extent. The emergence of internet of things has brought in several advantages like that of increase in the connectivity among the computers that are connected in the same networking module (Li & Da Xu, 2017). With the advantage of increased connectivity, the disadvantage of less robustness of the platform comes in disguise. Despite the advantages, that the Internet of Things the only aspect of concern of this platform is the security of the platform. The aspect of data being accessed by unauthorized personnel acts to be the major threat. The challenges thrown by the cyber criminal on the platform of Internet of Things can be dethroned by the methodologies that are being used in daily basis. The security aspect of the data base seems to be the major concern in today’s world. The security problem regarding the social networking comes in disguise with the advantages that are been enjoyed due to the platform of Internet of things. These challenges caused by the cyber criminals in the platform of the Internet of things are both physical as well as virtual in nature. The security problems that are physical in nature consist of the hacks that include the hardware terminology and controlling the hardware without proper authentication of the user. The virtual hacks include gaining access to the personal portal of an individual without proper authentication and modulating the data in accord to harm the personnel. After performing rigorous experiments regarding the aspect of security in the field of Internet of things, procedures of facing these cyber criminals have been found out with the help of the usage of the platform of Internet of Things. After the advancement in the process of retaining, the services of the security processes in the field of Internet of Things the privacy of the users and the clients are at a better security stature. This advancement in the technology still yields loopholes that must be incarnated by the service providers or the clients in order to stay protected from the cyber criminals.
According to Li & Da Xu, 2017, Internet of things has been gaining the global acceptance from the audience all over the globe. This global acceptance increases the usage of the technology Internet of Thing are nothing but simple electronic devices which has the transmitter and the receiver embedded in the electronic device that enables them to communicate and transact over the platform of the digital communication and the internet. With the benefit of gaining the advantage of gaining communication through put the globe comes the disadvantage of security in disguise. Security of the data base has been the major issue for the application of the Internet of things in regular life.
According to O’Neill, M. 2016, the most important aspect that affects the infrastructure of the computing system is the Web Interface of the company. The security aspect of the Web Interface is also the major concern for the organizations that are dependent on this feature as their networking system. Web interface proves to be important as it cuts as the link between the user and the computing device. An attack on the web interface allows the cyber criminal to get access on the direct interface of the networking system. Modulations made on the interface reflects instantly on the web media and the clients of the database and the web service aces a lot of problem as the data that is to be present in the web is modulated and wrong information is posted in the web leading to the conflict between the user and the employees of the organization who provide the web services.
Recommendation
According to Kraijak & Tuwanut, 2015, the methodologies that are undertaken to prevent the attack on the Web Interfaces are setting up of password and user name different from the initial username and the password that was already set during the installation if the web services. This aspect of changing the initial password and the username gives the web services robustness in the accounting of the database of the web. Another methodology that is being used in the process to protecting the web interface from the cyber criminals are by processing of the password recovery method as in case the password of the web service is changed by the cyber criminal then the genuine client can gain access of the data in the web service with the help of the restoring password methodology. Another way of terminating the risk of ten cyber attack in the web interface is by setting reference for the password so that the password that is set is well strong for the cyber criminals to harm the web interface and the gain access to the front end of the web interface.
According to Hahn 2017, the inefficient methodology that is applied in the usage of the process from securing the web services has been acting as one of the major causes for the security issues in the field of Internet of things. The computing devices that deploy the methodology of the authentication of the user of the web services is very inefficient as the imposters can use the identity of the genuine clients and gain access to the web services and modulate the information that harms the clients who use the web service. This security problems faced is due to the fact that the password complexity of the web services are not as strong as it is required for preventing the imposters to gain access to the personal accent source data that are private in nature. Another reason of insufficient authentication problem is that credentials of the data base are very poorly protected which matches the credentials vulnerable to the imposters. The authentication systems that are applied in the data base are one factor authentication system. The ability of the one factor authentication is limited and v the robustness of the platform is affected due to this terminology of one factor authentication methodology. Insecurity in the password recovery methodology is availed due to the fact the lack of robustness in the setting of the password. The control of rile based access is not well maintained which leads to the fact of lack of authentication robustness of the data base.
Recommendation
According to Hu, 2016, The password that is being set for the database has to be strong enough to be cracked by the imposters in order to keep the database protected from the imposters are by ensuring that the password that s et for the data base is strong enough to be cracked. To prevent the access of the imposters the most important thing that should be checked is the positioning of the granular access control. To keep the data base protected the granular access control must be placed in the right place and the use of the granular access control, us be made efficiently. The password that is set for the database must be recoverable by the client in case of misplacing the password.
According to Li & Da Xu, 2017, Insecure Network services deals with the methodologies that are caused due to the vulnerabilities of the networking system that requires Internet of Things in the process of the infrastructural methodology. The platform of Internet of Things provides the intruders the access in an unauthorized manner to the data that is associate in nature. Vulnerable services that are provided by the Internet of Things are proven to be the main reason behind the lack of robustness of the network services. Another main reason of this lack of robustness of the platform is the buffer over flow of the networking services. The overflow of the buffer provides the imposters an opportunity to gain access t the personal data of the clients who has been using the platform network services for the transaction purpose. The major reason behind the improper access of data in the networking services are the opening of the ports that are accessible by the means of UPnP. The UDP services that are exploitable in nature also acts as the gateway for the imposters to gain access to the data as the imposters exploits the UDP gateway to enter into the database of the clients and modulate the same. Usage of the DOS via Network Fuzzing is also the major reason of the data insecurity of the Insecure Networking services. This fuzzing of the networking infrastructure via the DS infrastructure has attracted many cyber criminals to poach against the databases that are stored in the network services.
Recommendation
According to O’Neill, M. 2016, the recommendations that are required for the protection of the data from the in secured data services is by the means of the fact that the ports that are needed and the ports that are not in use must be closed as the data that is present in the networking system will ensure the fact that the leakage of the data from the other ports are minimized and the data security and privacy is maintained. In case the ports of the database that are not in use cannot be closed due to the complications in the infrastructure of the system the entire data is passed through the UPnP. This also ensures that the data that is passed through the network is secured and the encryption of the data is efficient. The strategy of fuzzing attacks ensure the fact are diminished and the concern for the buffer over flow is taken into consideration. These recommendation ensures the fact that the data that si stored in the processing of the overflow of the buffer. .
According to Hahn 2017, this exchanges data with the Internet of Things device. In order to do this it follows an unencrypted format. This leads a way for cyber criminals to steal the data for ill purposes. Some security susceptibilities that could lead to this particular issue are as follows. The services that are unencrypted via the internet.SSL or TLS that are poorly implemented.SSL or TLS that are misconfigured.
Recommendation
According to Hanck & Markantonakis, 2015, the recommendations that must be taken in order secure the data that are in the processing of the database is by the methodologies that will include the fact that the encryption of the data includes the protocols. The mostly used protocols are namely the TLS and the SSL. This fact ensures the processing of the data that will ensure that thee encryption of the data is performed with efficiency .hence it is ensured that the data is encrypted using various protocols. Such protocols include TLS and SSL while transmitting them through networks. Another mode of prevention of the task is that the entire proprietary of the encryption mode is controlled by the accepted module of the TLS and the SSL module. To ensure that the encryption techniques used for protecting data while transporting are accepted and not proprietary encryption protocols.
According to Premnath & Haas, 2015, privacy concerns are faced when personal data is collected but not well secured. It can be discovered by reviewing the data that has been collected and activates the device. The security vulnerability, which can lead to such issues, is the collection of useless personal information. The privacy concern acts to be the major problem as the data that are stored in the processing of the data by the imposters. This fact ensures the feature that the data that is present in the database gets accessed by the imposters.
Recommendation:
According to Kraijak & Tuwanut, 2015, the recommendations that are will act helpful for the progression of the data privacy and the security of the data regarding the identification of the source of the access as this will help on tracking of the lost data and regaining the data might also be possible for the progression of the privacy. This will ensure that the data collected is de-identified this will ensure that a specific retention limit is set for collected data. The encryption of the data must be done properly. This will ensure that the data collected is protected by encryption.
According to Kraija & Tuwanut, 2015, it is concerned with the issues related to cloud interface which is used to interact with Internet of Things device. This would result in poor data transporting in unencrypted format. This allows an attacker the access to the data. Factors that can lead to these issues are enumeration of account, details exposed in network traffic. The traffic that is made to pass through the cloud computing networking system ensures the fact that the interface that the cloud computing format is using lacks the robustness of the infrastructure. This ensures the fact that the data stored in the cloud will ensure the fact that the data will regain the progression of the data.
Recommendation:
According to Premnath & Haas, 2015, some measures that can be taken to prevent them include the methodology that intend on the methodology of the resetting the password and the security instances of the database. This includes setting new passwords and the passwords resetting from that which are applied in default mode. The changing to default users and default passwords during initial setup acts helpful in the purpose of the detection of the problems. The number of attempts must be fixed in order to set the security tire for the organization. By setting the bar for the processing of the security chain it disables the imposters to guess the password of the account which in turn helps the organization to keep the database protected. This fact ensure that account logs out after several failed to login. For securing the access to the database of the system it enables the factor that the data that is stored in the data base is supported with 2 way authentication system. This includes the factor that the data that are stored in the database of the organization is secured and the processing of the data is more difficult because of the lack of prevention of the data with respect to the processing of the security. This fact will help to ensure that personal information is not shared via internet, implement 2 factor authentication for better security.
According to Li & Da Xu, 2017, unencrypted data or weak authentication can let the attackers have the access to the data of an Internet of Things device. Factors that can lead to these factors include enumeration of account and personal details exposed in network traffic.
Recommendation:
According to Hahn 2017, some measures to be taken to prevent these threats includes ensuring that personal information is not shared via internet. Default passwords and usernames must changed while initial setup.
According to Lee & Lee, 2015, it is present when the users of device have no ability to change its security controls. The risk is that the Internet of Things device can be easily too attacked. This can be done by unauthorized access to the data. Factors that can lead to this threat is the lack of options in password security, no security monitoring and no security logging.
Recommendation:
According to Hahn 2017, some measures that can be taken to prevent this kind of threats are that it separates administrative users from normal users. This will help in ensuring the ability to notify the end users of security events. This factor will also help in ensuring the ability to provide strong passwords.
Insecure Software
According to Bertino & Ferrari, 2018, software is insecure when they contain hardcoded data such as credentials. The inability of a software to get updated means that the device is vulnerable to the security issue. The factors leading to these threats are the updated file that is not encrypted, the update is not verified before an upload and when there is no update functionality.
Recommendation:
According to Hahn 2017, some measures that can be taken to prevent these threats are also ensures that the update server is secured. This will also help to ensure that the data has the ability to update. This will help to ensure that the updated file does not reveal any sensitive data. The factor will help ensure that the file is transmitted via an encrypted connection.
According to O’Neill, M. 2016, Poor physical security takes place when an attacker is able to disassemble a device in order to get access to the storage medium as well as the data stored in it. The weakness can also be detected when an USB port is used to access a device that uses features intended for maintenance. The factors that causes these threats are getting access to software with the help of USB ports and removing storage media.
According to Kraijak & Tuwanut, 2015, measures to be taken to prevent these threats are ensuring that the data storage medium is not easily removed. Ensuring that the device cannot be easily disassembled is also required. Ensuring that the product has the ability to limit the capabilities of administrative is also required for the processing of the data. Ensuring that the product has the ability to limit the capabilities of administrative is also required for the processing of the data framework.
According to Li & Da Xu, 2017, Internet of Things has been here, and will be here. By 2020, Gartner predicts that the Internet of Things would be made up of 26 billion “units.” The measures stated above will be nothing if the manufacturers of Internet of Things devices do not consider them.
References
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download