Internet of Things

Table of Contents

What is Internet of Things?

The Internet of Things (IoT for short), also known as the Internet of Things, originated in 1999.

The term refers to the networking of devices that independently talk to other devices over the Internet and exchange information.

These include device classes that cannot be assigned to the classic device classes, such as servers, desktop computers or smartphones (see Vollmer 2018).

Normally, a command that a person enters into the system triggers a process. With the Internet of Things, it is the devices themselves that give the command. The basic requirement is of course that the device is connected to the Internet. The current term “smart” devices (translated: intelligent devices) is on everyone’s lips these days. The basic setting of these devices means that the user does not have to take action himself, but rather the devices start communication as soon as a certain event has been reached or triggered.

Practical examples

  • Nowadays, printers in private households independently check the ink level. Once a certain limit is reached, the printer itself places the order with the manufacturer via the Internet.
  • Digital fitness bracelets (“fitness trackers”), so-called “wearables”, are being used more and more in today’s fitness industry. These fitness bracelets measure people's movements and also collect information about their heartbeat, during exercise or even during rest. The collected data can be evaluated using appropriate mobile devices and, in combination with sports applications, fitness plans can be automatically created or updated from time to time.
  • Amazon Dash was a pioneer of Internet of Things devices. The Amazon Dash Wand was a device the size of a USB stick with WiFi functionality. The device was also able to read barcodes from food and provide the user with a description of the product via integrated speakers. At the push of a button, the device could place an order via the Amazon-affiliated grocery store if the user wanted it.
  • Further examples in this segment are digital refrigerators, which regularly trigger an order for a pre-programmed supply via a grocer and are sent to the customer by their delivery service.
 
Internet of Things
Figure 1: Image Internet of Things | Source: expressvpn.com
Do you need IT security solutions?
Increase your company security now!
Go to page

Basic requirement

In order to efficiently connect functionally limited devices to the Internet, the network settings also had to be standardized. The so-called Internet Engineering Task Force (IETF for short) introduced a new IEEE 802.15.4 standard in 2004 specifically for this purpose. This standard supports an energy-efficient radio connection between devices. Another basic requirement was the introduction of Bluetooth 4.0 for mobile devices. Bluetooth enables data exchange between two devices that are within a short distance of each other.

In addition, the standard of network protocols was raised from IPv4 to IPv6. This change supports a higher number of possible addresses on the Internet. As in real life, each device on the Internet receives its own address, which other devices can use to contact this device or the device itself can send packets to other addresses.

In addition, a simplified version of the HTML protocol was introduced into the digital world with the Constrained Application Protocol (CoAP protocol for short). Here too, the background to the introduction was that transmission is also possible with the lowest possible transmission rates. The CoAP protocol enables access to services on the Internet (e.g. websites)1.

1 See complete paragraph Prehofer 2014.

challenges:

When connecting many different devices over the Internet and collecting personal information, this in turn offers scope for criminal activities. Therefore, ensuring the protection of data during collection and transmission is the central challenge in the Internet of Things area. The biggest problem in the area of ​​“smart devices” is customers’ purchasing decisions, which are based on the device functions and do not take the security settings into account. Furthermore, most intelligent devices do not have sufficient basic security settings and manufacturers cannot keep up with the necessary software updates for known vulnerabilities in their end products quickly enough or at all. This offers cybercriminals easy entry doors to obtain sensitive information from private individuals or companies (see Vollmer 2018).

IPv6 addresses

The handling and allocation of IPv6 addresses presents a major security gap for private individuals, but especially for companies. Due to the technical properties and the differences between the two protocol types IPv4 and IPv6, new security gaps have arisen2. As already mentioned in the previous chapter, the IPv6 standard was introduced because the possible IP addresses in the IPv4 network had been used up since 2011. With the IPv6 standard, 19 times as many possible IP addresses can now be assigned. This is accompanied by talk among network architects of the “principle of small networks”. Every device can be connected directly to the Internet and has global access. Due to the scarcity of IP addresses in the IPv4 standard, this was not possible for every device. These were often linked to a local network and this network only had one IP address through which it communicated with the global Internet. With additional configurations of a so-called network address translation (NAT for short) between the global Internet and your own network, the security of your own network could be increased. Because with network address translation, the address in the header of the Internet protocol is changed when packets are sent.

The “small network principle” currently poses the risk that every device, no matter how small, can be attacked from the outside because it is directly accessible from the Internet. Insofar as a network address translation has not been correctly configured by the user. If the configuration is inadequate, for example, movement profiles of individual devices can be created, making it easier for potential hacker groups to take over the devices.

There are also possible disadvantages Denial of Service Attacks on individual devices; This can cause devices to crash. It is recommended that the devices communicate with the Internet via a proxy (see BSI Guide 2012). Depending on the configuration of the proxy, an analysis or evaluation of the data traffic can be created afterwards.

The new IPv6 standard entails increased configuration effort for the device owners and also new security techniques that should in turn be applied.

The BSI recommends that companies work with IT security companies to set up the configurations and architecture of their networks (see BSI Guide 2012, p. 13, Chapter 3.5).

For more detailed information, ProSec Networks GmbH recommends reading the BSI guidelines in the sources listed below.

future

In the coming years we will face further exciting challenges in the area of ​​the Internet of Things in Germany. Through the implementation of 5G technology and the associated increase in network bandwidth. This allows devices to transmit more information and data in less time via mobile data. This opens up completely new possibilities in logistics or in the healthcare industry. Conversely, it also offers new challenges, especially in the area of ​​IT security as well as filtering and processing extremely large amounts of data in order to derive the right insights.

Sources

  1. Vollmer, Jörg (2018): “Fundamentals of IoT Security(Date: December 23.12.2019, XNUMX).
  2. Prehofer, Christian (2014): “From the Internet of Things to Apps for Things(Date: December 23.12.2019, XNUMX).
  3. Federal Office for Information Security (2012): “Guidelines for its secure IPv6 network architecture (ISi-L-IPv6)”. Version 1.1, based on a draft by Hans-Peter Dittler and Benedikt Stockebrand.
Newsletter Form

Become a Cyber ​​Security Insider

Get early access and exclusive content!


OTHER CONTRIBUTIONS

Table of Contents

PSN_KU_Cover
NewsLetter Form Pop Up New

Become a Cyber ​​Security Insider

Subscribe to our knowledge base and get:

Early access to new blog posts
Exclusive content
Regular updates on industry trends and best practices


Please accept the cookies at the bottom of this page to be able to submit the form!