In this post we will discuss the security aspects around connected devices solution. As typically goes in M2M information flow, from connected devices hardware till the information is available to end-user on dashboard or mobile gadget.
There are varieties of connected devices getting in market day by day. The size and processing power of each of such devices put extra emphasis on the security aspects around these devices. Here we will discuss the information flow in case of connected devices, how data flows from devices to end users of those devices. On top of that what are different attack surface areas, what common vulnerabilities those expose and what are the common ways to eliminate those threats for connected devices.
In the previous posts, we discussed about availability of different type of IOT platforms in market, typical characteristics of such a platform and the technical challenges in building your own IOT platform.
Below diagram explains the typical IOT data flow, possible vulnerabilities is such system and the considerations to build strong and secure security architecture model for such solution.
Information Flow Networks
In a typical IOT scenario, the device captures the data, either using local gateway or telecom the data is transmitted to cloud server for further processing. The processed data is further made available to end consumer or respective events are triggered or information shared further with ecosystem parties.
Commonly below different data flow networks are used in the system,
- Device Network
- Device Communication Network
- Telecom Network
- Hosting/Cloud environment Network
- IOT Platform
- Mobile applications/Gadgets network
- Data Privacy