In this article, we will introduce the role of information security in the Internet of Things, its architecture and importance in the field of edge computing. Information security has always followed a layered model, and this deep defense can help users protect resources in the event that one layer is compromised. Since edge devices have the ability to offload computing and analytical workloads from data center servers, they can also serve as a mechanism for end-to-end authentication. With this understanding in mind, let’s take a look at how different levels of security deal with edge workloads.
1. Hardware layer The large number of breaches and complexity has pushed OEMs to build security into devices from the design phase of the device. At the hardware level, it has established TPMs (trusted platform modules), which integrate encryption keys in the chip that can be used for device authentication at the software layer. But if the keys are shared on the bus, the keys involved may still be vulnerable. Such issues can be easily addressed if encryption/decryption via a non-shared key approach occurs in the TPM. 2. Communication Layer The medium for data transmission should be secure to avoid man-in-the-middle attacks and other similar attacks. This communication can be classified into the following: Local communication, where endpoint devices communicate with one or more edge gateways that provide an entry point to the enterprise network after authentication. Remote communication, where edge gateways communicate with each other through an orchestration layer or a centralized cloud platform Edge gateways provide security through encryption and X.509 certificates, and they also act as protocol translators, converting disparate data from multiple devices to conform to a single protocol, such as Message Queuing Telemetry Transport (MQTT). MQTT is a lightweight protocol designed for high-latency, low-bandwidth networks. 3. Cloud Security To maintain data integrity, sensitive data should be moved from the edge to the cloud in an encrypted manner. Edge orchestrators, a software layer for the management and configuration of edge devices, come into the picture and simplify the encryption of data from the edge to the cloud and vice versa. In addition, digital certificates play a vital role in the authentication of other clouds or third-party applications that try to communicate with the user's cloud service. 4. Continuous lifecycle management Without the latest patches or upgraded edge device or endpoint sensor firmware, it is extremely important to regularly remotely update all edge devices and endpoints as new and sophisticated attacks occur every day. The above control measures will reduce the number of security threat vectors, including:
With the rapid growth of connected terminals, from temperature sensors in cars to mobile devices and smart grids, a series of edge clouds are emerging. These clouds serve specific users, thereby providing low latency and consuming less bandwidth. Nevertheless, it is very important to choose the right infrastructure to run these edge workloads. Containers have great advantages in this regard, but where should containers be hosted? Virtual machines or bare metal? The answer depends on the edge workloads that users plan to run. Securing these new edge clouds is critical, and users need to enforce encryption of data in transit and at rest, and protect communications with the centralized cloud. Only through secure design and embedding security mechanisms in all components/layers involved can users' edge efforts be on the right track. |
<<: Discussing the future of TOSCA and NFV
For data center operations, it can be difficult t...
Smart home connections include not only familiar ...
The eSIM card was mentioned as early as 2011. The...
At HUAWEI CONNECT 2019, Huawei officially launche...
1. 5G initial access 1. Overview of powering on a...
[[383774]] In the previous article, we explained ...
This article mainly explains the operation of soc...
The development of the industry cannot be separat...
Although the ZTE incident has not yet reached a f...
2020 is a critical year for the large-scale const...
IoT wireless connectivity networks are booming to...
[[357301]] 5G is a cellular service, and Wi-Fi 6 ...
1. Current status of network coverage in the post...
As more employees work remotely from home during ...