Signed Firmware
The approach which we just discussed above can also be used for firmware images and secure
boot. Such a signature makes sure that only an authorized machine or user marks a firmware
prior to execution. This makes it tougher for hackers to create rogue firmware and infect a
system—since there is no chance that they could sign the code which was created by them.
Secure boot is a functionality which leverages this electronic signature. It makes sure all
the code which is defined be run on a machine is signed appropriately. After the booting pro-
cess, the device’s initial bits run and can process the verification of the electronic signature.
Moreover, the PKI (private key infrastructure) along with secure boot allows developers with a
backup option in case the code is compromised by a secret key signature.
Resource Constraints
After you spend a considerable amount of time in the Internet of Things, you are bound to face
dierent scenarios, in which you use IoT devices with resource constraints at the edge. Such IoT
devices are known to have limited memory, processing, power, and may create technical hurdles
for their developers.
However, the latest cryptographic techniques are known as a resource hog which raises a
question: How to develop IoT devices which are secure while at the same time adhering to their
constraints? Luckily, it is possible to make smart compromises in such scenarios. For example,
suppose if the integrity of data is crucial but you are not required to focus on its secrecy, then
you can apply complete encryption on its streams. In such a strategy, a hash can be created with
a secret and shared salt.
Doing this can help the system in data validation and make sure that only the authorized
machines were responsible for producing the data. Following this strategy may not be ideal;
however, it is still an acceptable strategy for certain environments.
When was the word cryptography first used?
Flash Question
BLOCKCHAIN IN IoT
Currently, the Internet of Things ecosystem is based on a centralized model. In such a model,
multiple IoT devices are connected, identified, and verified via the cloud which oers strong
support to store data.
The centralized model is quite ineective and out-dated. Businesses that use them have to
pay high costs to manage and support their IT infrastructure. Moreover, since the number of
IoT devices is continuously increasing at a rapid pace, therefore, these expenses are expected to
reach unprecedented heights, thereby making things quite harder for businesses, particularly
the smaller ones. Similarly, they will also have to deal with more maintenance issues such as
engineering and scalability.
Even if such issues are solved, there are also concerns regarding the bottleneck of cloud
services. This makes the provision of cyber security in IoT systems a lot more dicult. In order
to combat such issues, a decentralized approach is necessary.
314 Internet of Things
Internet_of_Things_CH12_pp309-326.indd 314 9/3/2019 10:16:42 AM
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.