IoT Device Security for Smart Cities: Difference between revisions

From OpenCommons
Jump to navigation Jump to search
m (1 revision imported)
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{ActionCluster
{{ActionCluster
| title              = IoT Device Security for Smart Cities
|image=tIoT-Enabled_Smart_City_Framework.png
| team               = Device Authority, Gemalto, Joint Venture Silicon Valley
|team=Device Authority, Gemalto, Joint Venture Silicon Valley
| leader             = Damon Kachur
|leader=Damon Kachur
| email              = damon.kachur@comodoca.com
|municipalities=Silicon Valley
| image              = tIoT-Enabled_Smart_City_Framework.png
|status=Ready for Public Announcement
| imagecaption      =
|description=Objectives
| municipalities     = Silicon Valley
| status             = Ready for Public Announcement
| website            =
| download          =
| description       =  
* Use of PKI to mutually-authenticate IoT devices to networks & gateways
* Use of PKI to mutually-authenticate IoT devices to networks & gateways
* Secure provisioning, registration and production PKI certificates  
* Secure provisioning, registration and production PKI certificates  
* Life-Cycle Management of IoT Device certificates  
* Life-Cycle Management of IoT Device certificates
| challenges         =  
|challenges=* Communities are realizing the size and scale of IoT devices within their networks are challenging to manage.  
* Communities are realizing the size and scale of IoT devices within their networks are challenging to manage.  
* Botnet and DDOS attacks are threats to a healthy ecosystem, how can communities be secure from these threats?
* Botnet and DDOS attacks are threats to a healthy ecosystem, how can communities be secure from these threats?
| requirements   =
|solutions=* Gather requirement and training needs from the City of Rohnert park. We are planning to kick off this project by inviting all stakeholders from the city as well few residents and seek their inputs on what are training needs.
* Creation of an IoT Framework and security architecture
* Create scope of workshop/ tutorials and requirements, project plan
* Develop syllabus of the workshop based on the requirement gathering
* Recruit instructors (within SSU) and TA’s (students) for teaching and lab exercises.
* Create tutorials and lab documentations.
|requirements=* Creation of an IoT Framework and security architecture
* Creation of standards that can be shared across a city and/or county
* Creation of standards that can be shared across a city and/or county
* Use of trusted 3rd PKI services that include Private CA’s and certificates for IoT devices and servers
* Use of trusted 3rd PKI services that include Private CA’s and certificates for IoT devices and servers
* Life-cycle management for IoT devices and servers
* Life-cycle management for IoT devices and servers
* Ecosystem management and administration
* Ecosystem management and administration
| solutions          =
|kpi=Using PKI to perform mutual authentication of an IoT device to a cloud or network the project will reduce the risk of a communities IoT connected devices being subject to a Botnet or DDoS attack by 50%
* Gather requirement and training needs from the City of Rohnert park. We are planning to kick off this project by inviting all stakeholders from the city as well few residents and seek their inputs on what are training needs.
|measurement=Performing proactive pen-testing to an IoT network can prove the reduction of vulnerable devices across an IoT network.
* Create scope of workshop/ tutorials and requirements, project plan
|standards=The security framework that is established by a city/community will be the foundation for many years to come.  The cable industry has been doing this since the early 2000’s and were able to stop pirated cable.  The WiMAX Forum provided spectrum to over 200 countries in the world with only authenticate devices being used on these networks with standards based PKI.  The global aviation community  is adopting a PKI based standard for use around the world.
* Develop syllabus of the workshop based on the requirement gathering
|cybersecurity=The solution takes away the risk of any unknown or unwanted devices getting onto a community network because of the ability to use PKI to perform mutual authentication of an IoT device to the correct corresponding community IoT network.    If a device doesn’t have the appropriate PKI certificate issued by the community, the device will not authenticate, thus not be allowed on a community  IoT network.  The use of a trusted party CA should be mandatory because a community has full knowledge and control  of their PKI rather You can control that only authenticated devices are being allowed onto your networks.
* Recruit instructors (within SSU) and TA’s (students) for teaching and lab exercises.
|impacts=This solution will provide a layer of security around IoT connected devices and networks.  It will contribute to the overall health and safety of the entire community.  With more and more community dependencies on connected devices, the proper security framework and on-going support is critical to health and safety of a community.
* Create tutorials and lab documentations.
|demonstration=Comodo CA and our partners would be happy to put together a POC with GCTC to prove out the functionality of mutual-authentication of IoT devices and servers during an encrypted session within a private ecosystem.  We would also be demonstrating the provisioning and life-cycle management functionality of the service.
| kpi               =  
|chapter=Internet of Things, Smart Buildings and IOT
Using PKI to perform mutual authentication of an IoT device to a cloud or network the project will reduce the risk of a communities IoT connected devices being subject to a Botnet or DDoS attack by 50%
|supercluster=Wireless
| measurement       =
|year=2018
Performing proactive pen-testing to an IoT network can prove the reduction of vulnerable devices across an IoT network.
|title=IoT Device Security for Smart Cities
| standards         =  
|email=damon.kachur@comodoca.com
The security framework that is established by a city/community will be the foundation for many years to come.  The cable industry has been doing this since the early 2000’s and were able to stop pirated cable.  The WiMAX Forum provided spectrum to over 200 countries in the world with only authenticate devices being used on these networks with standards based PKI.  The global aviation community  is adopting a PKI based standard for use around the world.
| replicability      =
|impacts              =
This solution will provide a layer of security around IoT connected devices and networks.  It will contribute to the overall health and safety of the entire community.  With more and more community dependencies on connected devices, the proper security framework and on-going support is critical to health and safety of a community.
| cybersecurity     =  
The solution takes away the risk of any unknown or unwanted devices getting onto a community network because of the ability to use PKI to perform mutual authentication of an IoT device to the correct corresponding community IoT network.    If a device doesn’t have the appropriate PKI certificate issued by the community, the device will not authenticate, thus not be allowed on a community  IoT network.  The use of a trusted party CA should be mandatory because a community has full knowledge and control  of their PKI rather You can control that only authenticated devices are being allowed onto your networks.
| demonstration     =  
Comodo CA and our partners would be happy to put together a POC with GCTC to prove out the functionality of mutual-authentication of IoT devices and servers during an encrypted session within a private ecosystem.  We would also be demonstrating the provisioning and life-cycle management functionality of the service.  
| supercluster       = Wireless
| year               = 2018
}}
}}
[[Category:Cybersecurity and Privacy]]
[[Category:Cybersecurity and Privacy]]

Latest revision as of 06:37, March 16, 2023


IoT Device Security for Smart Cities
GCTC logo 344x80.png
TIoT-Enabled Smart City Framework.png
{{{imagecaption}}}
Team Organizations Device Authority
Gemalto
Joint Venture Silicon Valley
Team Leaders Damon Kachur
Participating Municipalities Silicon Valley
Status Ready for Public Announcement
Document None

Description

Objectives

  • Use of PKI to mutually-authenticate IoT devices to networks & gateways
  • Secure provisioning, registration and production PKI certificates
  • Life-Cycle Management of IoT Device certificates

Challenges

  • Communities are realizing the size and scale of IoT devices within their networks are challenging to manage.
  • Botnet and DDOS attacks are threats to a healthy ecosystem, how can communities be secure from these threats?

Solutions

  • Gather requirement and training needs from the City of Rohnert park. We are planning to kick off this project by inviting all stakeholders from the city as well few residents and seek their inputs on what are training needs.
  • Create scope of workshop/ tutorials and requirements, project plan
  • Develop syllabus of the workshop based on the requirement gathering
  • Recruit instructors (within SSU) and TA’s (students) for teaching and lab exercises.
  • Create tutorials and lab documentations.

Major Requirements

  • Creation of an IoT Framework and security architecture
  • Creation of standards that can be shared across a city and/or county
  • Use of trusted 3rd PKI services that include Private CA’s and certificates for IoT devices and servers
  • Life-cycle management for IoT devices and servers
  • Ecosystem management and administration

Performance Targets

Key Performance Indicators (KPIs) Measurement Methods

Using PKI to perform mutual authentication of an IoT device to a cloud or network the project will reduce the risk of a communities IoT connected devices being subject to a Botnet or DDoS attack by 50%

Performing proactive pen-testing to an IoT network can prove the reduction of vulnerable devices across an IoT network.

Standards, Replicability, Scalability, and Sustainability

The security framework that is established by a city/community will be the foundation for many years to come. The cable industry has been doing this since the early 2000’s and were able to stop pirated cable. The WiMAX Forum provided spectrum to over 200 countries in the world with only authenticate devices being used on these networks with standards based PKI. The global aviation community is adopting a PKI based standard for use around the world.

Cybersecurity and Privacy

The solution takes away the risk of any unknown or unwanted devices getting onto a community network because of the ability to use PKI to perform mutual authentication of an IoT device to the correct corresponding community IoT network. If a device doesn’t have the appropriate PKI certificate issued by the community, the device will not authenticate, thus not be allowed on a community IoT network. The use of a trusted party CA should be mandatory because a community has full knowledge and control of their PKI rather You can control that only authenticated devices are being allowed onto your networks.

Impacts

This solution will provide a layer of security around IoT connected devices and networks. It will contribute to the overall health and safety of the entire community. With more and more community dependencies on connected devices, the proper security framework and on-going support is critical to health and safety of a community.

Demonstration/Deployment

Comodo CA and our partners would be happy to put together a POC with GCTC to prove out the functionality of mutual-authentication of IoT devices and servers during an encrypted session within a private ecosystem. We would also be demonstrating the provisioning and life-cycle management functionality of the service.