Several reports on the Internet of Things have been documented with the aim of addressing privacy and security issue in recent study. The aim of this research is to point out the need for security and privacy in IoT. The research will look into a review of literature under application and threats that relate to IoT and focus on the current state of research on this study. The research will also conduct a study on the topic of privacy & security among small businesses which employ consumer-grade devices. The main objective is to ensure a safer transition of data when personal information is collected, stored or processed. The growing relevance of information privacy and security at the organizational, national and international level suggests that demand for security and privacy will amplify, making proficiency a likely bottleneck for enhancing innovation in security and privacy of information.
Internet of Things Privacy
Privacy is a serious issue for the future of Internet of Things (IoT). Through the technology employed IoT will ensure the collection of mountains of data that are both mundane and extremely intimate in nature. For the promotion of adaptation of IoT, vendors, as well as service providers, need to practice efficient care in the development and to deploy the technology. Also, generation of data by IoT needs to be scrutinized for the purpose of ensuring appropriate access control are in position, protection of data is enabled at rest and transit, data is anonymized effectively, and that data is disposed of when it is no longer important.
Security, on the other hand, is as important as privacy for devices that make up the IoT. A lack of forward thought and attention onto security leads to several breaches. Designers and data handlers need to ensure that their devices can support security enhancing features and that security is prioritized during up-front device design. Software developers need to employ security best practices in design and take into consideration the mechanism of vulnerability discovery and remediation. For those deploying IoT technologies, full attention has to be paid to ensuring devices, sensors as well as services are installed with available security enhancing features enabled and configured in a proper manner
Of all the known challenges, none has a greater influence on an adaptation of IoT compared to security and privacy. Unfortunately, users do not often have a necessary acknowledgment of the impacts of security until after breach has taken place. However, given the ongoing security breaches that have led compromising of privacy, consumers’ appetites for poor security are waning. Sadly, there isn’t enough evidence to indicate that security in the IoT lags behind and in several cases repeating the history of cyber security. This concern has become so great that Congress and Federal Trade Commission have begun to take interest for the purpose of providing greater consumer protection.
In recent privacy and security review conducted by the HP Fortify as well as Veracode teams, consumer-grade IoT devices have not fared effectively. Also, research undertaken by Valasek and Miller has indicated a great deal with vulnerability in the modern automotive systems, which are assumed to number 250 million by the year 2020 (Stankovic, 2014, pp. 3-9). Recently a session titled “The Internet of Fails” at the annual DEFCON conference in Las Vegas exposed several failures that have served in the illustration of the pervasiveness of the problem. An element that these studies have in common is that privacy and security issues that are currently exhibited are well-known security problems that are present or have been eliminated in other more typical information technology domains. The issue is so serious that Open Web Application Security Project has created an Internet of Things Top 10 list of security oversights.
Security and Privacy in Iot
The aim of this research is to point out the need for security and privacy in IoT. The effects have been enormous; in any case, the recent protective position of IoT does not get better the internet will be widespread with targets for issues of privacy and security. Several researchers have addressed difficult topics such as next generation capabilities to provide support for Confidentiality, Availability, and Integrity. However, several vulnerabilities lie in the details of configuration, implementation and administration, which this research is aimed at pointing out. Due to the resource-constrained nature of IoT devices, there is a possibility that security will remain a variable in the time, functionality and cost equation for some time to come.
The methodology of this research will comprise small businesses which employ consumer-grade devices in their networks cost saving techniques and also for privacy and security. This becomes more increasingly important as more devices integrate functionality to change the psychical environment. Because of resource constraints, the methodology in consideration of IoT devices will be mainly vulnerable to Denial of Service attack (DoS). This class of attack serves to exhaust resources on a particular device to deny service to its operators. This can have a systematic effect on the IoT as other devices that depend on information produced by the targeted devices will be denied this information. In turn, the produced information by upstream processors as well as sensors may, therefore, be deprived or skewed depending on the activity.
In addition, through conciliation, IoT devices become outstanding targets to position a Distributed Denial of Service threat. While the IoT, in general, is predictable to be largely heterogeneous, there will be classes and environments of devices that are homogeneous and employ similar underlying technology. If an attacker takes advantage of this and compromises a large swath of devices that may be used to a initiate an asymmetric threat against a target entity and overpower it (Sicari et al., 2015). The device that is compromised can also create a great threat to diagnose as they do not have a standard user interface and are expected to generate large volumes of continuous communication.
The Internet of Things offers an opportunity for re-envisioning attacks such as denial of resources, resource exhaustion, physical safety, and pervasive surveillance attacks. While none of these notions are new, the extensive allocation of IoT devices and connectivity of Internet permits an invader to track them from a distance and with virtual obscurity and impunity. Also, once a vulnerability is discovered, it becomes trivial to operate mass discovery, thanks to services such as Shodan HQ, which ensures the provision of search engine functionality to find internet-connected devices.
This project is relevant to the fact that the Internet economy future depends on whether users, business, and governments feel protected while using the network and are confident with it for significant application and services. Denial of Service (DoS), malware, attacks, and other events comprising the discretion, integrity or accessibility of information system as well as networks are increasing (Sundmaeker et al., 2010). Where personal data are collected, stored or processed, these incidents affect heavily privacy concerns. As a result, governments pay increasing attention to cyber security as well as data privacy threats. The growing relevance of information privacy and security at the organizational, national and international level suggests that demand for security and privacy will amplify, making proficiency a likely bottleneck for enhancing innovation in security and privacy of information
Future devices will be even more powerful and resourceful as any current device, and they will have all the privacy and security issues if the problem is not looked into. Miniaturization and increase in spectrum efficiency will enable a denser use of devices, which in turn, will be even more sophisticated. This effort toward understanding the future scenarios should serve as a base for better extending the current legislation to the new issues brought by the IoT paradigm.
Stankovic, J. A. (2014). Research directions for the internet of things. IEEE Internet of Things Journal, 1(1), 3-9.
Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security, privacy and trust in Internet of Things: The road ahead. Computer Networks,76, 146-164.
Sundmaeker, H., Guillemin, P., Friess, P., & Woelfflé, S. (2010). Vision and challenges for realising the Internet of Things. Cluster of European Research Projects on the Internet of Things, European Commision.