IoT Security
Engineering Internet Of Things Secure network for our upcoming IoT service.
Goals:
- Security
- Redundancy
- End to End Security
- Secure Firmware Upgrades
Threats:
- DoS Attacks
- DDoS Attacks
- DNS spoofing /don’t even think of DynDNS/
- Sniffing
- man in the middle
Security:
- Using a VPN -> takes the problem away and requires extra settup. Not user friendly. The only pro is that it can use an existing infrastructure if present. A Big NO
- SSL -> expired certificates , heavy overhead, often exploited. Closed source library, may already be hacked. NO
- AES all the Way. A big YES
- DoS/DDoS prevention – redundant MQTT brokers, with dns/firmware fallback
So Why AES?