Internet of Things, Threats, Landscape, and Countermeasures

Data Protection and Privacy Issues of the Internet of ThingsIntroductionInternet of Things and Specific FocusThe Legal Framework: Privacy and Data ProtectionBackgroundThe United Nations ApproachPrivacy and Data Protection in EuropeThe Council of Europe FrameworkThe EU FrameworkPrimary LawSecondary LawDefinitionsProcessing of Personal Data According to Article 4(2) GDPR, processing refers to:Data Processing Principles and Respective Data Controllers’ ObligationsData Subjects’ RightsData TransfersChildren and Other Vulnerable Data SubjectsInferencesData Protection and Privacy Challenges raised by the IoT Technologies, Applications, and EcosystemSalient Use CasesDomotics: Smart Home AppliancesSmart GlassesConnected Vehicles and Mobility Related ApplicationsPandemics and Other Emergencies: Lessons Learnt by COVID-19Best Practices and RecommendationsHuman-Centric Approach Through Awareness and EducationIncentives and AuditsInformation by Design for the Sake of TransparencyDocumenting the Operations and Mapping the PartnershipsData Protection Impact AssessmentAppointment of a Data Protection OfficerPrivacy and Data Protection by Design and by DefaultStandardization and CertificationInvesting in Security by DesignNew Legislative Initiatives and Review of Existing LegislationConclusionsNotesReferencesIoT Reference ArchitecturesIntroduction. What is IoT?IoT ArchitectureThree Layer (Tier) IoT ArchitectureFour-Layer ArchitectureFive Layer ArchitectureApplication LayerMQTTMQTT-SNCoAPDDSXMPPAMQPNovel Application AreasSmart CitiesSmart HomeManufacturingTransport and AutomotiveEnergyHealthcareAssisted LivingSupply and LogisticsAgricultureEnvironmental MonitoringPublic SafetyService Support and Application Support LayerNetworking LayerShort-Range WirelessBluetooth Mesh Networking and Bluetooth Low EnergyZigBeeZ-WaveWi-FiLight Fidelity (Li-Fi)Cellular TechnologiesLong Range Wireless TechnologiesLoRa (LoRa PHY and LoRaWAN)SigfoxWeightlessWi-MaxSatelliteInfrared CommunicationThread ProtocolInsteonPerception LayerPressure SensorsTemperature SensorsTouch SensorsIR/Light SensorHumidity SensorAccelerometerProximity SensorActuatorsLevel SensorsGas SensorsWater Quality SensorUbiquitous ComputingIoT Security IssuesConclusionsReferencesThreats in Critical InfrastructuresIntroductionDefinition of a Critical InfrastructureCritical Infrastructure DomainsEnergy Services and MaterialsKey Security Goals of CIIs Application DomainsApplication Domain: Logistics, Tracking, Fleet ManagementApplication Domain: Smart MetersApplication Domain: Capillary NetworksCritical Infrastructures IncidentsRelevant Deployment Architectures and threats on CIIs CMSRelevant Deployment ArchitecturesFleet ManagementSmart GridCapillary NetworkThreats on CIIsAttacks on Smart Grid CIIsConclusionsReferencesThreats in Industrial loTIntroductionDefinitions IIoTIIoT Application DomainsIIoT CompaniesKey Security Goals in IIoTApplication Domain: Agriculture and FarmingApplication Domain: Industrial SafetyApplication Domain: Preventative MaintenanceIIoT TechnologiesIIoT IncidentsRelevant Deployment Architecture in IIoTApplication Domain: Agriculture and FarmingApplication Domain: Industrial SafetyApplication Domain: Preventative MaintenanceThreats Within IIoTConclusionReferencesThreats in IoT Supply ChainIntroductionIoT Application Domain in Logistics, Tracking, Fleet ManagementIoT Application Domain #8: Asset TrackingIoT Application Domain: ManufacturingConclusionReferencesThreats in IoT Smart Well-BeingIntroductionIoT Application Domain #11: Smart CitiesBackground and Driving Toward Smart CitiesThe Concept of a Smart CitySmart Cities Components, Attributes, and CharacteristicsThreats in Smart CitiesIoT-Based Smart CitiesIoT ArchitectureIoT Technologies for Smart CitiesIoT Applications for Smart CitiesSmart City and IoT: Challenges and OpportunitiesIoT Application Domain #12: Smart HomesKey Achievements of Smart Homes (Automation, Security, Sustainability)Smart Home Infrastructure and TechnologiesSmart-Home Security EcosystemSmart-Home Sustainability EcosystemSmart Home DevicesSHE ArchitectureConnectivity and ProtocolsApplication AreasKey Security Concerns and ChallengesSecurity SolutionsSocial and Economic FactorsIoT Application Domain #13: HealthcareBackground and Driving ForcesIoT in the Healthcare SectorBenefits of IoT in the Healthcare SectorBarriersSecurity Issues of IoT in the Healthcare SectorSecurity Measures of IoT in the Healthcare SectorConclusionsAcknowledgmentNotesReferencesIoT Security Frameworks and CountermeasuresIntroductionMajor Cyber-Threats to IoTOperation of Firewalls on the Network PerimeterFirewalls OverviewTypes of FirewallsEffectiveness of Firewalls in Limiting Threat ImpactFirewalls LimitationsOperation of IPS in the NetworkIPS OverviewHoney Pot for Intrusion DetectionEffectiveness of IDS Operation in Limiting Threat ImpactIPS LimitationsOperation of Antivirus/Malware Detection SoftwareAntivirus/Antimalware Software OverviewImportance of Using Antivirus/Antimalware SoftwareLimitations of Antivirus/Antimalware SoftwareSecurity Awareness of IndividualsSecurity Awareness Training and Its ImportanceLimitationsExistence of Update/Patching PolicySecurity Vulnerabilities and ExploitsUpdate/Patching PolicyEffectiveness of Update/Patching Policy in Limiting Threat ImpactLimitationsExistence of Logging/Alerting PolicyLogging/Alerting Policy OverviewLogging ManagementAlerts ManagementEffectiveness of Alerting/Logging Policy in Limiting Threat ImpactLimitationsConducting Periodic Security Checks of Security MechanismsOverviewEffectiveness of Running Periodic Security Checks in Limiting Threat ImpactLimitationsExistence of Security Policy to Install/Update Equipment/SoftwareSecurity Policy Overview, ObjectivesSecurity Policy & General Good Practices for New Software InstallationEffectiveness of Security PolicyMalware, Malicious Software, Email MalwareUse of Nonapproved HardwareLimitationsExistence of Backup PoliciesBackup Policy Overview, ObjectivesTypes of Data Backup PoliciesGood Practices for an Effective Backup PolicyEffectiveness of Backup Policy in Limiting Threat ImpactLimitationsConclusionsNotesReferencesCyber-resilienceIntroductionCyber-resilienceRisk vs ResilienceCyber-resilience FrameworksToward a Cyber-resilience Holist ViewEmerging Cyber-resilience Strategies ApproachesNetwork-Based Approach (Prevention)Moving Target Defense (Protection)Game Theory Approach (Protection)Risk Perception and Epidemiological Based Approach (Absorption)Probabilistic and Adapting Modelling (Adapt)Use CasesTransport InfrastructureFinancial SystemTelecommunicationEnergy SectorEmerging Technologies
Next >