Security Architecture Recommendations for IoT


Securing an IoT infrastructure requires a rigorous and an in-depth security strategy that will not only secure the data present in the cloud but also protect its integrity while in transit.

Why

Most IoT devices are “secure by design” since many manufacturers already build security features into their hardware. However, this hardware layer is just one of many required for protecting the device. Other layers such as key management, OTA infrastructure, and host-based security must be addressed to mitigate potential risks. The purpose of this Working Session is to create a set of recommendations that will help companies in their efforts of creating a long-term security strategy for IoT.

What

IoT security can be divided in three key areas:

  • Connection security
  • Device security
  • Cloud security Configuring each of those areas plays a pivotal role in securing the complete IoT infrastructure. Configuring each component to be secure is key in securing the overall IoT infrastructure and while there is a number of different design choices, detailed risk/cost assessments should be done.

Outcomes

A set of guidelines needed for creating a simple but secure IoT architecture by protecting the code that drives the IoT, as well as protecting and managing the IoT devices.

Who

The target audience for this Working Session is:

  • Security Champions
  • CISOs
  • Developers

References

IoT Security Best Practices New Security Architecture for IoT Network - Research Article IoT Security Reference Architecture


Working materials

Draft guidelines for creating a simple but secure IoT architecture by protecting the code that drives the IoT, as well as protecting and managing the IoT devices.

Content

… add content …



Back to list of all Working Sessions and Tracks

Edit this page here