Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Practical Internet of Things Security Design a security framework for an Internet connected ecosystem

Product type Paperback

Published in Nov 2018

Publisher

ISBN-13 9781788625821

Length 382 pages

Edition 2nd Edition

Tools

AWS

Concepts

Design

Authors (2):

Brian Russell

Drew Van Duren

View More author details

Table of Contents (13) Chapters

Preface

1. A Brave New World FREE CHAPTER

2. Vulnerabilities, Attacks, and Countermeasures

3. Approaches to Secure Development

4. Secure Design of IoT Devices

5. Operational Security Life Cycle

6. Cryptographic Fundamentals for IoT Security Engineering

7. Identity and Access Management Solutions for the IoT

8. Mitigating IoT Privacy Concerns

9. Setting Up an IoT Compliance Monitoring Program

10. Cloud Security for the IoT

11. IoT Incident Response and Forensic Analysis

12. Other Books You May Enjoy

Leave a review - let other readers know what you think

Defining your security policies

Define your IoT system technical security policies. Use automated tools to check for compliance with these policies whenever possible. Security policies for your system will vary based on unique system characteristics, but some recommended policies include:

Secure communications:
- All communications are authenticated and encrypted
- TCP communications are encrypted using TLS 1.2 or higher
- TLS communications are authenticated using client/server certificates
- Unneeded ports/services are disabled
- Outbound communications that did not originate from a device are rejected (DENY)
Cryptography:
- Only approved cryptographic ciphers are used within the system
- Only approved key lengths are used within the system
- Devices are configured to avoid negotiating unapproved cryptographic algorithms and protocols (negotiating downwards)
Key and certificate management...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Russell

Brian Russell is the founder of TrustThink, LLC, where he leads multiple efforts towards the development of trusted IoT solutions. He has over 20 years of information security experience and has led complex system security engineering programs in the areas of cryptographic modernization, cryptographic key management, unmanned aerial systems, and connected vehicle security. He is the co-chair of the Cloud Security Alliance (CSA) IoT Working Group and was the recipient of the 2015 and 2016 CSA Ron Knode Service Award. Brian is an adjunct professor at the University of San Diego (USD) in the Cyber Security Operations and Leadership program.

See other products by Russell

Van Duren

Drew Van Duren has provided 20 years of support to commercial and government customers in their efforts to secure safety-of-life and national security systems. He has provided extensive applied cryptographic design, key management expertise, and system security architecture design through rigorous integration of system security design with the core engineering disciplines. Drew has managed as Technical Director the two largest FIPS 140-2 test laboratories, security-consulted for the New York City Connected Vehicle Pilot Deployment, and participated in multiple standards groups such as the RTCA, SAE, and IEEE 1609 working group. Today, he supports the IEEE P1920 committee heading security architecture for unmanned aircraft aerial networks.

See other products by Van Duren