Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet of Things: Security Challenges

Similar presentations


Presentation on theme: "Internet of Things: Security Challenges"— Presentation transcript:

1 Internet of Things: Security Challenges
Csilla Farkas Department of Computer Science and Engineering University of South Carolina

2 Source: http://www. ipofferings

3 What are the security challenges?

4

5 What are the security challenges?

6 What are the security challenges?

7 Secure Software Development
Requirement and Use cases Architecture and Design Test Plans Code Tests and Test Results Feedback from the Field 5. Abuse cases 6. Security Requirements 2. Risk Analysis External Review 4. Risk-Based Security Tests 1. Code Review (Tools) 3. Penetration Testing 7. Security Operations

8 Communication Security
Passive attacks: Eavesdropping Monitoring Active attacks: Masquerade Replay Modification of messages Denial of service Cryptographic protocols

9 Device Security Source:smallbusiness.chron.com
Source mobihealthnews.com Source: Source:smallbusiness.chron.com Source: kulichet.com Surce: Source:

10 New Types of Threats

11 Secure Data Management
Data intensive applications Data driven research -- data warehouses Data Integration Sensitive data New types of misuse

12 DATA Volume Velocity Variety

13 Semantics Domain Knowledge Device information Context-specification
Security policy Data Management Data quality Data integration Data query and storage Source:

14 Security Policies . Users Roles Permissions Sessions User assignment
Constraints Role Hierarchy Property Roles as Classes Roles as Values Defining Roles <RoleName> rdfs:subclassOf rbac:Role. <Ac- tiveRoleName> rdfs:subClassOf rbac:ActiveRole. <ActiveRoleName> rdfs:subclassOf <Role- Name>. <RoleName> rbac:activeForm <ActiveRoleName> <RoleName> a rbac:Role. Role Hierarchy <RoleName> rdfs:subclassOf <SuperRole- Name> <RoleName> rbac:subRole <SuperRoleName> Permission Association OWL class expression <RoleName> rbac:permitted <Action> Static Separation of Duty Constraint <Role1> owl:disjointFrom <Role2> <Role1> rbac:ssod <Role2> Dynamic Separation of <ActiveRole1> owl:disjointFrom <ActiveRole2> <Role1> rbac:dsod <Role2> Queries role activation permitted, separation of duty, ac- cess monitoring Enforcing RBAC Mostly using DL reasoning Mostly using rules

15 What are the new security needs?
IoT in the Future Interconnection of cyber-physical systems Interoperation and adaptive policy composition Full automation What are the new security needs?


Download ppt "Internet of Things: Security Challenges"

Similar presentations


Ads by Google