IoT Basics - Paiet/SEC-335 GitHub Wiki
Objectives:
-
Define IoT
- "The process of connecting everyday objects and systems to networks to make them globally available and interactive." - Daniel Miessler
- Consumer IoT
- Industrial IoT (IIoT)
-
IoT Components
- The IoT "THING"
- Sensor
- Camera
- IoT Gateway
- Connects IoT Devices to...
- each other
- end-user
- cloud/internet
- https://www.dell.com/en-us/work/shop/gateways-embedded-computing/sf/edge-gateway
- Connects IoT Devices to...
- Cloud Server
- Stores and/or Processes IoT Data
- Remote Apps
- End-user control panel/dashboard
- The IoT "THING"
-
IoT Architecture
- Edge Technology
- IoT Hardware Components
- Access Gateway
- Inter-technology communication devices
- Internet Layer
- IP-based communication
- Middleware
- Services that run in the background of application layer software
- Application Layer
- Provides end-user operation and interaction
- Edge Technology
-
IoT Deployment Areas
- Commercial/Industrial
- Consumer
- Healthcare
- Transportation
- Energy
- Military/Law Enforcement
- IT
-
Common IoT Technologies and Protocols
- Communication
- Wi-Fi
- RFID
- LTE-Advanced (medium-range)
- Low-Power Wide-Area Networking (LPWAN) (Long-Range)
- Sigfox (extended range)
- Ethernet (wired)
- Operating Systems for IoT
- ARM mbed OS
- Win10 IoT
- Contiki
- Ubuntu Core
- Communication
-
Communication Models
- Device-to-Device
- Device-to-Cloud
- Devices --> App Service Provider
- Device-to-Gateway
- Devices --> IoT Gateway --> App Service Provider
- Back-End Data-Sharing
- Device --> App Service Provider1 --> App Service Provider2/3/4/etc
-
IoT Security Challenges
- Weak or no intrinsic security
- Weak authentication
- Poor access control implementation
- Vulnerable web apps
- Clear-text communications
- Buffer Overflows (RCE)
- Support could be lacking or non-existent
- Device theft
- Weak or no intrinsic security