Top 12 layer-wise security challenges and a secure architectural solution for Internet of Things

Abstract

Digitalization, intelligent virtual assistants, and smart consumer products prepare us for life at every stage. Smart IoT, Sensor nodes, software communicate with one another via voice and emotions, simplifying our lives. Smart IoT is becoming more prevalent in our daily lives. Even though the use of Smart IOTs has grown in Geometric progression, the security of these devices remains traditional. Technically, most security discussions revolve around the implementation of better Network Intrusion Prevention/Detection Systems (NIPS/NIDS), the installation of a traditional firewall, or the use of proxy scanners, which is the standard recommendation of security vendors. All architectures are rooted in the same zeal that drives cyber warfare. However, when considering the Narrowband Internet of Things, the packet size is too small, and the memory and processors are so small that they cannot hold the packets for inspections, and the lucrative protocols will not work. Malicious hackers, BOTs, Trozens, and Honeypots may tamper with and virtually control these smart Internet of Things (IoT) to steal/tamper sensitive information for filthy lucre, financial reward, or, to put it simply, money in this cyber warfare. All of these issues stem from a lack of proper security design controls, architectural security flaws, and a failure to apply Secure by Design principles. Fixing these security controls earlier in the process will save us a significant amount of time, energy, and money spent on repairing broken IoT security flaws and performance aesthetics. If we consider the Shift Left Secure by Design/Architecture Journey in the Internet of Things Security Architecture, these Architectural/Design flaws can be identified in earlier stages and will help the delivery teams to plan necessary security controls in the IoT use cases.In this paper, the author discusses Layer-wise Security Challenges, Attack Vectors, and Architectural Flaws, and proposes a secure architectural solution for the Internet of Things (IoT) that assists delivery teams in securely designing/architecting resource-intensive smart Internet of Things (IoT)/Narrowband (NIoT) use cases earlier in the Life cycle by employing the Secure Design Shift Left approach. In this smart digital IoT era, the author also suggests future research directions for future generations to increase security.