{"id":1413,"date":"2021-10-13T15:12:00","date_gmt":"2021-10-13T08:12:00","guid":{"rendered":"https:\/\/htsc.vn\/bao-mat-iot\/"},"modified":"2021-10-19T09:49:37","modified_gmt":"2021-10-19T02:49:37","slug":"securing-iot","status":"publish","type":"post","link":"https:\/\/htsc.vn\/en\/securing-iot\/","title":{"rendered":"Securing IoT"},"content":{"rendered":"<h2 style=\"text-align: justify;\"><span style=\"font-size: 18px;\"><strong>What&#8217;s your approach to securing IoT devices?<\/strong><\/span><\/h2>\n<p style=\"text-align: justify;\">The history of the Internet might have been extremely brief were it not for the ability to address security issues systematically and to adapt to the many ways in which people with bad intentions have been able to be destructive. The first web browsers communicated with servers using unencrypted data streams, affording no protection against those who realized how trivial it is to \u201csniff\u201d internet traffic. Most computers, in the beginning, had their own internet addresses, without any firewalls or protection against hackers. It was a huge neighborhood full of unlocked houses.<\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1356\" src=\"https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security-300x181.jpg\" alt=\"B\u1ea3o m\u1eadt IoT\" width=\"680\" height=\"411\" srcset=\"https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security-640x387.jpg 640w, https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security-400x242.jpg 400w, https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security-367x222.jpg 367w\" sizes=\"auto, (max-width: 680px) 100vw, 680px\" \/><\/p>\n<p style=\"text-align: justify;\">There would be no eCommerce without SSL (TLS) protected communications, user credentials, and other security measures. We are all familiar with the lock icon in the browser bar, indicating a valid certificate is protecting the data being passed; we expect to enter a username and password to identify ourselves, and on our smartphones, we commit our passcodes to memory but prefer fingerprint identification and\/or facial recognition.<\/p>\n<p style=\"text-align: justify;\">We must not discount the small-form-factor of IoT devices to be any less of a threat \u2013 any device that can connect to the Internet represents a potential security breach, especially if it has some level of computing power. We\u2019ve seen how smart thermostats could be co-opted to cause damage to computers and baby cameras with limited security could be tapped by unwanted viewers. We\u2019ve seen how many devices with limited computing power could be combined to generate DDoS attacks and how connected vehicles could be hijacked remotely while in motion.<\/p>\n<h2 style=\"text-align: justify;\"><span style=\"font-size: 18px;\">Security is paramount in all IoT device designs and deployments<\/span><\/h2>\n<p style=\"text-align: justify;\">We address this issue with a multi-tiered security mechanism, not unlike a web browser, but with added measures:<\/p>\n<ul style=\"text-align: justify;\">\n<li>Smartphones, scanning devices, and other communications nodes that can access our devices using the latest SSL encryption techniques to communicate with our servers.<\/li>\n<li>Users have some read-only access to the devices without entering credentials, but all sensitive and write access requires identification.<\/li>\n<li>All devices that can interact with the IoT devices must use our Certified Security Module, with embedded credentials assigned to the registered software developer of those applications.<\/li>\n<li>All sensitive data, including the digital birth certificate assigned to each individual IoT chip, is encrypted using our product certificate authority. This is currently an in-house mechanism for maintaining the cryptographic keys used to encrypt this data. However, we will soon announce a more formal partnership that will allow third-party organizations to obtain their own certificates.<\/li>\n<li>In the future, we will be using a patented process to physically write encrypted identification onto the chips themselves in a way that can be used as yet another tier of protection.<\/li>\n<\/ul>\n<h2 style=\"text-align: justify;\"><span style=\"font-size: 18px;\"><strong>What are the most important elements of IoT security?<\/strong><\/span><\/h2>\n<p style=\"text-align: justify;\">The security of IoT devices must be part of the architecture of the overall implementation plan, something considered from the beginning. At the same time, it must be an adaptable solution, which becomes a challenge in itself. Updating firmware or security credentials on a hundred or so devices is one thing, hundreds of thousands or millions of devices is another. Additionally, the update process itself needs to be securely implemented, since this is yet another potential security weakness.<\/p>\n<h2 style=\"text-align: justify;\"><span style=\"font-size: 18px;\"><strong>How has the security of IoT devices changed and what are the most common issues you see with IoT security?<\/strong><\/span><\/h2>\n<p style=\"text-align: justify;\">How it has changed \u2013 there are dozens of different proprietary IoT security architectures from each of the major vendors. We don\u2019t see these vendors designing structures made for interoperability. In the world of IoT, many of these devices have little to no security. LocatorX is designing a security architecture that is both open and secure and uses an industry-standard certificate authority that enables interoperability. LocatorX technologies can be scanned securely by any person in possession of the device or product. Certificate authorities created the foundation of trust for web pages. By creating product certificate authorities, we are creating a foundation of trust for products in the IoT.<\/p>\n<h2 style=\"text-align: justify;\"><span style=\"font-size: 18px;\"><strong>What are some real-world problems you, or your clients, are solving by securing IoT devices?<\/strong><\/span><\/h2>\n<p style=\"text-align: justify;\">The real-world use is being able to track an individual item, case, or pallet throughout its lifecycle. Anyone who comes into contact with the product can scan the item using their smartphone and authenticate it, so you can trust the information coming from that product. This information is authenticated by an individual product certificate authority.<\/p>\n<h2 style=\"text-align: justify;\"><span style=\"font-size: 18px;\"><strong>Do you have any concerns regarding the current state of IoT security<\/strong><\/span><\/h2>\n<p style=\"text-align: justify;\">Constantly. The best practices of today can be considered potential weaknesses tomorrow. If you follow the churn of TLS versions and ciphers, for instance, you realize just how temporal any fix can be. SSL was the standard in the beginning until vulnerabilities were discovered\/exploited. Then, TLS 1.0, 1.1, 1.2 and now 1.3 will soon be the standard. The internet itself is part of the reason for this escalation. Any successful breach or methodology to infiltrate systems can be shared across the world in minutes. The other reason is that access to powerful computing platforms continues to decrease in cost and increase in availability. TLS ciphers and methods are just complex mathematical algorithms, so the tools for brute force means to crack those algorithms are easier to access.<\/p>\n<p style=\"text-align: justify;\">The other challenge is preventing \u201cTrojan Horse\u201d attacks, where a piece of hardware or software is installed inside your security sphere. This is less of an issue with IoT devices but can be another source of gaining access to sensitive data that might be used in IoT attacks outside.<\/p>\n<p style=\"text-align: justify;\">The only constant is there are hordes of attackers trying to get through the security walls \u2013 and the more sensitive or valuable the assets you are trying to protect are, the more frequent the attempts to gain control or access will be.<\/p>\n<h2 style=\"text-align: justify;\"><span style=\"font-size: 18px;\"><strong>What\u2019s the future for IoT security from your point of view \u2014 where do the greatest opportunities lie?<\/strong><\/span><\/h2>\n<p style=\"text-align: justify;\">From our perspective, security is only positive if it can be demonstrated to people using our products over time. Once trust and comfort are developed, use is encouraged. We\u2019ve seen this with Amazon and the eCommerce industry \u2013 the full potential of any IoT solution can only be realized when security is not an issue.<\/p>\n<p>&nbsp;<\/p>\n<p><em>Source: <a href=\"https:\/\/dzone.com\/articles\/securing-iot\">Securing IoT &#8211; DZone IoT<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>What&#8217;s your approach to securing IoT devices? The history of the Internet might have been extremely brief were it not for the ability to address security issues systematically and to adapt to the many ways in which people with bad intentions have been able to be destructive. The first web browsers communicated with servers using [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1356,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[105],"tags":[117,118],"class_list":["post-1413","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-bao-mat-iot-en","tag-iot-en"],"featured_image_src":{"landsacpe":["https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security-860x445.jpg",860,445,true],"list":["https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security-463x348.jpg",463,348,true],"medium":["https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security-300x181.jpg",300,181,true],"full":["https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security.jpg",860,520,false]},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.7.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Securing IoT - htsc.vn<\/title>\n<meta name=\"description\" content=\"The security of IoT devices must be part of the architecture of the overall implementation plan, something considered from the beginning.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/htsc.vn\/en\/securing-iot\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Securing IoT - htsc.vn\" \/>\n<meta property=\"og:description\" content=\"The security of IoT devices must be part of the architecture of the overall implementation plan, something considered from the beginning.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/htsc.vn\/en\/securing-iot\/\" \/>\n<meta property=\"og:site_name\" content=\"htsc.vn\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-13T08:12:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-19T02:49:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"860\" \/>\n\t<meta property=\"og:image:height\" content=\"520\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"htsc\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"htsc\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/htsc.vn\/en\/securing-iot\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/htsc.vn\/en\/securing-iot\/\"},\"author\":{\"name\":\"htsc\",\"@id\":\"https:\/\/htsc.vn\/#\/schema\/person\/c1468326ca08b41f7f7f722a52dba4a6\"},\"headline\":\"Securing IoT\",\"datePublished\":\"2021-10-13T08:12:00+00:00\",\"dateModified\":\"2021-10-19T02:49:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/htsc.vn\/en\/securing-iot\/\"},\"wordCount\":1037,\"publisher\":{\"@id\":\"https:\/\/htsc.vn\/#organization\"},\"keywords\":[\"b\u1ea3o m\u1eadt iot\",\"IoT\"],\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/htsc.vn\/en\/securing-iot\/\",\"url\":\"https:\/\/htsc.vn\/en\/securing-iot\/\",\"name\":\"Securing IoT - htsc.vn\",\"isPartOf\":{\"@id\":\"https:\/\/htsc.vn\/#website\"},\"datePublished\":\"2021-10-13T08:12:00+00:00\",\"dateModified\":\"2021-10-19T02:49:37+00:00\",\"description\":\"The security of IoT devices must be part of the architecture of the overall implementation plan, something considered from the beginning.\",\"breadcrumb\":{\"@id\":\"https:\/\/htsc.vn\/en\/securing-iot\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/htsc.vn\/en\/securing-iot\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/htsc.vn\/en\/securing-iot\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Trang ch\u1ee7\",\"item\":\"https:\/\/htsc.vn\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Securing IoT\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/htsc.vn\/#website\",\"url\":\"https:\/\/htsc.vn\/\",\"name\":\"htsc.vn\",\"description\":\"htsc.vn\",\"publisher\":{\"@id\":\"https:\/\/htsc.vn\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/htsc.vn\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/htsc.vn\/#organization\",\"name\":\"HTSC\",\"url\":\"https:\/\/htsc.vn\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/htsc.vn\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/logo.svg\",\"contentUrl\":\"https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/logo.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"HTSC\"},\"image\":{\"@id\":\"https:\/\/htsc.vn\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/htsc.vn\/#\/schema\/person\/c1468326ca08b41f7f7f722a52dba4a6\",\"name\":\"htsc\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/htsc.vn\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f6101c3bd37e99e4ff9b4a5566e742ce8f4780e43fb4b25e538d94b8ebff4dab?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f6101c3bd37e99e4ff9b4a5566e742ce8f4780e43fb4b25e538d94b8ebff4dab?s=96&d=mm&r=g\",\"caption\":\"htsc\"},\"url\":\"https:\/\/htsc.vn\/en\/author\/htsc\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Securing IoT - htsc.vn","description":"The security of IoT devices must be part of the architecture of the overall implementation plan, something considered from the beginning.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/htsc.vn\/en\/securing-iot\/","og_locale":"en_US","og_type":"article","og_title":"Securing IoT - htsc.vn","og_description":"The security of IoT devices must be part of the architecture of the overall implementation plan, something considered from the beginning.","og_url":"https:\/\/htsc.vn\/en\/securing-iot\/","og_site_name":"htsc.vn","article_published_time":"2021-10-13T08:12:00+00:00","article_modified_time":"2021-10-19T02:49:37+00:00","og_image":[{"width":860,"height":520,"url":"https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/iot-security.jpg","type":"image\/jpeg"}],"author":"htsc","twitter_card":"summary_large_image","twitter_misc":{"Written by":"htsc","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/htsc.vn\/en\/securing-iot\/#article","isPartOf":{"@id":"https:\/\/htsc.vn\/en\/securing-iot\/"},"author":{"name":"htsc","@id":"https:\/\/htsc.vn\/#\/schema\/person\/c1468326ca08b41f7f7f722a52dba4a6"},"headline":"Securing IoT","datePublished":"2021-10-13T08:12:00+00:00","dateModified":"2021-10-19T02:49:37+00:00","mainEntityOfPage":{"@id":"https:\/\/htsc.vn\/en\/securing-iot\/"},"wordCount":1037,"publisher":{"@id":"https:\/\/htsc.vn\/#organization"},"keywords":["b\u1ea3o m\u1eadt iot","IoT"],"articleSection":["News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/htsc.vn\/en\/securing-iot\/","url":"https:\/\/htsc.vn\/en\/securing-iot\/","name":"Securing IoT - htsc.vn","isPartOf":{"@id":"https:\/\/htsc.vn\/#website"},"datePublished":"2021-10-13T08:12:00+00:00","dateModified":"2021-10-19T02:49:37+00:00","description":"The security of IoT devices must be part of the architecture of the overall implementation plan, something considered from the beginning.","breadcrumb":{"@id":"https:\/\/htsc.vn\/en\/securing-iot\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/htsc.vn\/en\/securing-iot\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/htsc.vn\/en\/securing-iot\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Trang ch\u1ee7","item":"https:\/\/htsc.vn\/en\/"},{"@type":"ListItem","position":2,"name":"Securing IoT"}]},{"@type":"WebSite","@id":"https:\/\/htsc.vn\/#website","url":"https:\/\/htsc.vn\/","name":"htsc.vn","description":"htsc.vn","publisher":{"@id":"https:\/\/htsc.vn\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/htsc.vn\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/htsc.vn\/#organization","name":"HTSC","url":"https:\/\/htsc.vn\/","sameAs":[],"logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/htsc.vn\/#\/schema\/logo\/image\/","url":"https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/logo.svg","contentUrl":"https:\/\/htsc.vn\/wp-content\/uploads\/2021\/10\/logo.svg","width":"1024","height":"1024","caption":"HTSC"},"image":{"@id":"https:\/\/htsc.vn\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/htsc.vn\/#\/schema\/person\/c1468326ca08b41f7f7f722a52dba4a6","name":"htsc","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/htsc.vn\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f6101c3bd37e99e4ff9b4a5566e742ce8f4780e43fb4b25e538d94b8ebff4dab?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f6101c3bd37e99e4ff9b4a5566e742ce8f4780e43fb4b25e538d94b8ebff4dab?s=96&d=mm&r=g","caption":"htsc"},"url":"https:\/\/htsc.vn\/en\/author\/htsc\/"}]}},"_links":{"self":[{"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/posts\/1413","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/comments?post=1413"}],"version-history":[{"count":0,"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/posts\/1413\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/media\/1356"}],"wp:attachment":[{"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/media?parent=1413"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/categories?post=1413"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/htsc.vn\/en\/wp-json\/wp\/v2\/tags?post=1413"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}