Differences

This shows you the differences between two versions of the page.

Link to this comparison view

--- en:iot-open:security_and_privacy_in_iot_ume:iot_security [2018/10/10 16:34] – kap2fox
+++ en:iot-open:security_and_privacy_in_iot_ume:iot_security [2020/07/20 12:00] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
-====== IoT security and privacy======
+======  ======
+<box #d04a25></box>
+<box #d04a25></box>
+====== IoT Security and Privacy======
+<box #d04a25></box>
+<box #d04a25></box>
 **// Concept of information security and its importance. //**
@@ Line 5: / Line 10: @@
 There are two approaches to the determination of the concept of “information security”:
-**1. Information security** — the status of the safety of information resources and the protection of the legitimate rights of the personality and society in the information sphere.
+  - **Information security** – the status of the safety of information resources and the protection of the legitimate rights of the personality and society in the information sphere.
+  - **Information security** – is a process of support for confidentiality, integrity and accessibility of information.
-**2. Information security** is a process of support for confidentiality, integrity and accessibility of information.
-**Confidentiality**: Ensuring access to information only to authorised users.
+**Confidentiality** – ensuring access to information only to authorised users.
-**Integrity**: Support of reliability and completeness of information and processing methods.
+**Integrity** – support of reliability and completeness of information and processing methods.
-**Accessibility**: Ensuring access to information and related assets of authorised users as required.
+**Accessibility** – ensuring access to information and related assets of authorised users as required.
 The properties given above are fundamental bases in the sphere of protection and safety of information.
-**Safety of information** — a status of the security of data in the case of which their confidentiality, accessibility and integrity are provided.
+**Safety of information** – a status of the security of data in the case of which their confidentiality, accessibility and integrity are provided.
-Safety of information is defined by absence of the unacceptable risk connected to information leakage on technical channels, unauthorised and inadvertent impacts on data and (or) on other resources of an automated information system used in the automated system.  ((R. Minerva, and A. Biru, "Towards a Definition of the Internet of Things," in IEEE IoT Initiative White Paper))
+Safety of information is defined by the absence of the unacceptable risk connected to information leakage on technical channels, unauthorised and inadvertent impacts on data and (or) on other resources of an automated information system used in the automated system  ((R. Minerva, and A. Biru, "Towards a Definition of the Internet of Things," in IEEE IoT Initiative White Paper)).
 To understand what activities for the support of information security consist of, it is necessary to understand the value of three major concepts clearly: risk, threat and vulnerability.
-**The risk of information security** - a possibility that this threat will be able to use the vulnerability of an asset or group of assets and by that will cause damage to the organisation.
+**The risk of information security** – a possibility that this threat will be able to use the vulnerability of an asset or group of assets and by that will cause damage to the organisation.
-**The threat** is a potential or real-life danger of making of any act (actions or inactivities) directed against the subject to protection (information resources) causing damage to the owner or user, which is shown it is in danger of distortion and losses of information.
+**The threat** – a potential or real-life danger of making of any act (actions or inactivities) directed against the subject to protection (information resources) causing damage to the owner or user, which is shown it is in danger of distortion and losses of information.
-**Vulnerability** is a shortcoming, the error in implementation which does possibly the unforeseen impact on system attracting failures in system operation is more often. Vulnerabilities are classified by a set of signs. One of the most important signs — harm which can be caused by the system, using vulnerability. Most often understand the specific mistake made in case of design or coding of the system as a vulnerability.
+**Vulnerability** – a shortcoming, the error in implementation which does possibly the unforeseen impact on system attracting failures in system operation is more often. Vulnerabilities are classified by a set of signs. One of the most important signs – harm which can be caused by the system, using vulnerability. Most often understand the specific mistake made in case of design or coding of the system as a vulnerability.
-In case of the appearance of new information technologies and furthermore the whole information branches, there is a vast number of potential threats and vulnerabilities which shall be probed correctly. Indeed, the Internet of Things did not become an exception.  ((H. Reza Ghorbani, M. Hossein Ahmadzadegan, "Security challenges in the Internet of Things: a survey", Wireless Sensors (ICWiSe) 2017 IEEE Conference on, pp. 1-6, 2017.))
+In case of the appearance of new information technologies and furthermore the whole information branches, there is a vast number of potential threats and vulnerabilities which shall be probed correctly. Indeed, the Internet of Things did not become an exception  ((H. Reza Ghorbani, M. Hossein Ahmadzadegan, "Security challenges in the Internet of Things: a survey", Wireless Sensors (ICWiSe) 2017 IEEE Conference on, pp. 1-6, 2017.)).
-The recent report of Gartner predicts that by 2020 20,4 billion devices will be connected to IoT, and at the same time will be joined every day by 5,5 million new devices. Besides, by 2020 more than a half of sizeable new business processes and systems will include the IoT component.
+The recent report of Gartner predicts that by 2020, 20.4 billion devices will be connected to IoT, and at the same time will be joined every day by 5,5 million new devices. Besides, by 2020, more than half of sizeable new business processes and systems will include the IoT component.
-These digits are suprising and assume that standard protection the PC and anti-virus solutions will not be able to resist to future threats of cybersecurity on the attached devices IoT.
+These digits are surprising and assume that standard protection the PC and anti-virus solutions will not be able to resist future threats of cybersecurity on the attached devices IoT.
@@ Line 44: / Line 48: @@
 In November 2016 ((https://www.welivesecurity.com/2016/12/30/biggest-security-incidents-2016)) cybercriminals closed heating of two buildings in the city of Lappeenranta, Finland. It was the DDoS-attack; in this case, the attack allowed heating controllers to reboot the system permanently, so heating was not made. As the temperature in Finland fell below zero at this time, this attack caused very unpleasant consequences.
-Even if you take reasonable measures of the safety of IoT, your connected gadgets can be compromised by criminals. Last fall the DSN Dyn-Internet service provider got under the attack which broke access to favourite websites. Attackers could take under control a large number of the devices connected to the Internet, such as video recorders and cameras. These devices than were used for carrying out the attack.  ((Z. K. Zhang, M. C. Y. Cho, C. W. Wang, C. W. Hsu, C. K. Chen, S. Shieh, "IoT security: Ongoing challenges and research opportunities", Proc. IEEE 7th Int. Conf. Service-Oriented ))
+Even if you take reasonable measures of the safety of IoT, your connected gadgets can be compromised by criminals. Last fall the DSN Dyn-Internet service provider got under the attack which broke access to favourite websites. Attackers could take under control a large number of devices connected to the Internet, such as video recorders and cameras. These devices that were used for carrying out the attack  ((Z. K. Zhang, M. C. Y. Cho, C. W. Wang, C. W. Hsu, C. K. Chen, S. Shieh, "IoT security: Ongoing challenges and research opportunities", Proc. IEEE 7th Int. Conf. Service-Oriented )).
-IoT gives the almost infinite opportunities for connection of our devices and the equipment. From the point of view of creativity, this field is widely opened, with the endless set of methods “to connect devices”. It can become the ample platform for people with the innovative ideas, but also it concerns also malefactors. Therefore, IoT offers both new opportunities for development, and potential security concerns.
-[[en:iot-open:security_and_privacy_in_iot_ume:iot_security:Types of vulnerabilities of IoT]]
-[[en:iot-open:security_and_privacy_in_iot_ume:iot_security:security_monitoring_for_the_iot]]
-[[en:iot-open:security_and_privacy_in_iot_ume:iot_security:malware_detection_in_the_iot]]
-[[en:iot-open:security_and_privacy_in_iot_ume:iot_security:iot_security_protocols]]
-[[en:iot-open:security_and_privacy_in_iot_ume:iot_privacy]]
-[[en:iot-open:security_and_privacy_in_iot_ume:iot_privacy:iot_privacy_in_common:privacy_preservation_in_the_iot]]
-[[en:iot-open:security_and_privacy_in_iot_ume:iot_privacy:trust_and_trust_models_for_the_iot]]
-[[en:iot-open:security_and_privacy_in_iot_ume:iot_privacy:authentification_methods_in_iot_devices]]
-[[en:iot-open:security_and_privacy_in_iot_ume:Questions on the chapter]]
+IoT gives the almost infinite opportunities for connection of our devices and the equipment. From the point of view of creativity, this field is widely opened, with the endless set of methods “to connect devices”. It can become an ample platform for people with innovative ideas, but also it concerns also malefactors. Therefore, IoT offers new opportunities for development and potential security concerns.

en/iot-open/security_and_privacy_in_iot_ume/iot_security.1539178485.txt.gz · Last modified: 2020/07/20 12:00 (external edit)