One of the hottest topics at last week’s IoT StreamConf was security. In other words, how are we going to secure communication for billions of connected devices? How can we ensure that attackers can’t take control of our devices, steal information, disrupt services, or take down entire networks of expensive, imperative devices?
With IoT is still in its early stages, security is not fully understood and well-defined when compared to other industries, like the financial and E-commerce sectors. From the very beginning of developing an IoT product, whether it’s small-scale like a wearable device, to massive-scale IoT deployments, like an oil field sensor network or global delivery operation, IoT security must be a forethought.
In this talk, Rohini Pandhi, Product Manager at PubNub, walks through the ten challenges of securing Internet of Things communication. Rohini discusses flexible and secure messaging design patterns for IoT communication, and how they can be implemented and scaled. There are a number of security considerations, but after watching this talk, you should have a good idea of how you can secure your IoT deployment.
(Scroll below video for a table of contents of when individual concepts are talked about in the video).
Video Table of Contents
- Defining the Internet of Things (10:27)
- Unprotected devices will be attacked (13:15)
- Encryption (15:46)
- Single security model for all communications (17:56)
- Access control (20:13)
- Tracking device metadata (21:14)
- Provisioning in the field (22:38)
- Firmware updates in the field (24:07)
- Compliance with regulations (25:15)
- Reinventing the wheel (26:17)
More Resources on Securing IoT Communication
Below are a couple great pieces on IoT security, and some code tutorials for IoT developers:
- The Next Generation of IoT: PubNub CEO Todd Greene walks through the evolution of the IoT stack, and how it’s continuing to change, with security at the forefront.
- Securing the Internet of Streams: Doron Sherman discusses the need for a new approach to IoT security, built on a loosely-coupled, smarter network.
- Securing the Internet of Things (MicroChip Publication): Building a secure publish/subscribe design pattern for the Internet of Things.