Introduction to Distributed Systems and IoT Security PDF

Introduction to Distributed Systems and IoT Security References Introduction to the Security of Distributed Systems and the IoT Prof. Dr. Ste...

Introduction to Distributed Systems and IoT Security References Introduction to the Security of Distributed Systems and the IoT Prof. Dr. Steffen Wendzel and Team Hochschule Worms summer term 2024 https://www.hs-worms.de/wendzel (DE) — https://www.wendzel.de (EN) Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 1 Introduction to Distributed Systems and IoT Security References Introduction to Distributed Systems and IoT Security Author: Steffen Wendzel Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 2 Introduction to Distributed Systems and IoT Security References Security of Distributed Systems and the IoT (SecDSIoT) SecDSIoT involves the security of any networked environment, including connected systems, cyber-physical systems (CPS) and Internet of Things (IoT). Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 3 Introduction to Distributed Systems and IoT Security References Security of Distributed Systems and the IoT (SecDSIoT) SecDSIoT involves the security of any networked environment, including connected systems, cyber-physical systems (CPS) and Internet of Things (IoT). Please note that this master’s class requires some basic understanding of information security and mathematics. Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 4 Introduction to Distributed Systems and IoT Security References Security of Distributed Systems and the IoT (SecDSIoT) SecDSIoT involves the security of any networked environment, including connected systems, cyber-physical systems (CPS) and Internet of Things (IoT). Please note that this master’s class requires some basic understanding of information security and mathematics. This means that I expect you to already know about the meaning of terms such as risk, anonymity, confidentiality, availability, and integrity. If you are not familiar with these topics, please read any book that introduces InfoSec fundamentals. Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 5 Introduction to Distributed Systems and IoT Security References Structure of this Class Please note that this class is currently constructed as the semester progresses; thus there might be changes in the structure. Also, I do not plan to have all material available as slides, e.g., the cryptography parts might be more based on the whiteboard. 1. Introduction to the Topic 2. Standardization, Certification, Organizational Aspects, Risk 3. Darkweb Cyber Threat Intelligence 4. Selected Topics of Cryptography 5. Security of Automated Buildings 6. Security of Industrial Control Systems (alternatively: Device Fingerprinting) 7. Formal Methods and Reliability 8. Human Aspects of Information Security (Usable Security) Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 6 Introduction to Distributed Systems and IoT Security References What is the IoT? The Internet of Things (IoT) concept was proposed in 1999 by the Auto-ID lab of the MIT : ▶ Driving aspects: RFID, sensors, smart technologies, and nanotechnogies → allow for new services ▶ RFID: “track[ing] and identify[ing] the data of things” ▶ sensors: “to collect and process data” / “to detect changes in physical status of things” ▶ smart tech.: “to enhance the power of the network by developing processing capabilities to different parts of the network” ▶ nanotech.: “to give smaller and smaller things the ability to connect and interact” Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 7 Introduction to Distributed Systems and IoT Security References What is the IoT? The Internet of Things (IoT) concept was proposed in 1999 by the Auto-ID lab of the MIT : ▶ Driving aspects: RFID, sensors, smart technologies, and nanotechnogies → allow for new services ▶ RFID: “track[ing] and identify[ing] the data of things” ▶ sensors: “to collect and process data” / “to detect changes in physical status of things” ▶ smart tech.: “to enhance the power of the network by developing processing capabilities to different parts of the network” ▶ nanotech.: “to give smaller and smaller things the ability to connect and interact” ▶ View “everything as the same, not even discriminating between humans and machines”, be it physical or virtual. Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 8 Introduction to Distributed Systems and IoT Security References What is the IoT? The Internet of Things (IoT) concept was proposed in 1999 by the Auto-ID lab of the MIT : ▶ Driving aspects: RFID, sensors, smart technologies, and nanotechnogies → allow for new services ▶ RFID: “track[ing] and identify[ing] the data of things” ▶ sensors: “to collect and process data” / “to detect changes in physical status of things” ▶ smart tech.: “to enhance the power of the network by developing processing capabilities to different parts of the network” ▶ nanotech.: “to give smaller and smaller things the ability to connect and interact” ▶ View “everything as the same, not even discriminating between humans and machines”, be it physical or virtual. ▶ “Protection was a major issue when just two devices were coupled. Protection for the IoT would be unimaginably complex.” Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 9 Introduction to Distributed Systems and IoT Security References What is the IoT? – Smart Cities Another re-occurring term used in the context of the IoT is the smart city, which is... “the effective integration of physical, digital and human systems in the built environment to deliver a sustainable, prosperous and inclusive future for its citizens”.1 1 BSI Group website, 2019. Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 10 Introduction to Distributed Systems and IoT Security References What is the IoT? – CPS There are also Cyber-physical Systems (CPS), defined as “integrations of computation with physical processes”. “Notable examples include smart homes and buildings, industrial control systems (ICS), electronic health-care (e-Health) equipment, wearables and smart cars”. Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 11 Introduction to Distributed Systems and IoT Security References What is the IoT? – CPS Internet of Things (IoT) = Cyber Physical Systems (CPS)? Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 12 Introduction to Distributed Systems and IoT Security References What is the IoT? – CPS Internet of Things (IoT) = Cyber Physical Systems (CPS)? Greer et al. report that there is a vivid discussion in the literature in which essentially four categories of taught are present : i) partial overlap; ii) equivalence; iii) CPS as a subset of the IoT; iv ) the IoT as a subset of CPSs. Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 13 Introduction to Distributed Systems and IoT Security References What is the IoT? – CPS Internet of Things (IoT) = Cyber Physical Systems (CPS)? Greer et al. report that there is a vivid discussion in the literature in which essentially four categories of taught are present : i) partial overlap; ii) equivalence; iii) CPS as a subset of the IoT; iv ) the IoT as a subset of CPSs. During this course, we will make no distinction between IoT security and CPS security. Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 14 Introduction to Distributed Systems and IoT Security References Security & Privacy in the IoT Several questions arise when security and privacy are taken into account for the IoT or CPS, for instance those mentioned by Ullrich et al. on the related topic of CPPS2 : ▶ How trustworthy are information collected from sensors? ▶ Do actuators receive commands send to them? (Unaltered?) ▶ Are back-end algorithms unmodified? ▶ Are production system control loops able to cope with internally-manipulated information? ▶ Are there new safety-related threats arising from CPS? 2 Cyber-physical production systems. Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 15 Introduction to Distributed Systems and IoT Security References Security of Mobile Systems Other questions are focusing on privacy (taken from ): ▶ Can mobile/IoT devices be used to (remotely) monitor people? ▶ Which conclusion can be drawn about individuals based on what kind of data? ▶ How can sensitive information be leaked from one IoT component to another when they are inter-connected? ▶ Does the behavior of individuals change once they are aware of being monitored? Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 16 Introduction to Distributed Systems and IoT Security References References I N. Jeyanthi: Internet of Things (IoT) as Interconnection of Threats (IoT), in: F. Hu: Security and Privacy in the Internet of Things (IoTs), CRC Press, 2016. C. Greer, M. Burns, D. Wollman, and E. Griffor: Cyber-physical Systems and Internet of Things, NIST, Tech. Rep., 2019. https://doi.org/10.6028/NIST.SP.1900-202. E. A. Lee: Cyber physical systems: Design challenges, in Proc. IEEE Symp. Object Oriented Real-Time Distributed Comp. (ISORC), 2008. J. Ullrich, A. G. Voyiatzis, E. R. Weippl: Secure Cyber-physical production systems: solid steps towards realization, in Proc. 2016 1st International Workshop on Cyber-Physical Production Systems (CPPS), IEEE, 2016. https://doi.org/10.1109/CPPS.2016.7483921. S. Wendzel, W. Mazurczyk, G. Haas: Don’t You Touch My Nuts: Information Hiding In Cyber Physical Systems, in Proc. IEEE Security & Privacy Workshops, 2017. S. Wendzel, J. Tonejc, J. Kaur, A. Kobekova: Security of Smart Buildings, in: H. Song (Ed.): Security and Privacy in Cyber-physical Systems: Foundations and Applications, Chapter 16, pp. 327–352, Wiley, 2017. https://doi.org/10.1002/9781119226079.ch16. Security of Distributed Systems and the IoT Steffen Wendzel and Team / HS Worms 17

Introduction to Distributed Systems and IoT Security PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue