物联网网络安全
This article is based on a guest lecture delivered at the Technical University of Denmark.
本文基于丹麦技术大学的客座演讲。
I’m an IoT researcher with more than 10 years of experience in low-power wireless networks and embedded systems. In the early days, often our main goal was to make things work at all. Security was an afterthought; besides the fact that many of the first uses of IoT were in “toy” applications, few people were even aware of the existence of these low-power wireless sensor networks, and fewer still had the means to attack them. Now, IoT becomes more and more widely used, and we start to make important decisions based on data coming from these low-cost low-power devices, IoT security must become now a sharp point of focus. Otherwise, our field risks to obtain and keep a troubled and untrustworthy reputation.
我是一名物联网研究员,在低功耗无线网络和嵌入式系统方面拥有超过10年的经验。 在早期,我们的主要目标通常是使一切正常运行。 安全是事后的想法; 除了IoT的许多首次使用是在“玩具”应用程序中的事实之外,很少有人甚至意识到这些低功率无线传感器网络的存在,并且很少有人能够攻击它们。 现在,物联网越来越广泛地使用,并且我们开始根据来自这些低成本,低功耗设备的数据做出重要决策,物联网安全现在必须成为重点。 否则,我们的领域就有可能获得并保持麻烦和不信任的声誉。
The problem is hard as IoT networks are vulnerable to all of the usual security threats affecting other, more traditional computer networks. On top of that, they are more severely vulnerable or additionally vulnerable to specific attacks, such as sniffing and jamming.
这个问题很难解决,因为物联网网络容易受到影响其他更传统的计算机网络的所有常规安全威胁的攻击。 最重要的是,它们更容易受到攻击,或者更容易受到特定攻击(例如嗅探和干扰)的攻击。
什么是物联网网络? (What is an IoT network?)
“Internet of Things” has many definitions. Here are some of my favorite:
“物联网”有许多定义。 这是我最喜欢的一些东西:
“A network of Internet connected objects able to collect and exchange data.” (source)
“一个互联网连接的对象网络,能够收集和交换数据。” (来源)
“A system of interrelated computing devices, mechanical and digital machines provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.” (source)
“由相互关联的计算设备,机械和数字机器组成的系统,具有唯一的标识符,并且能够通过网络传输数据,而无需人与人或人与计算机的交互。” (来源)
Clearly, networking is an essential aspect of IoT. Personally, I define an IoT network simply as a network of low-power wireless devices that may or may not be connected to the Internet.
显然,网络是物联网的重要方面。 就个人而言,我将IoT网络简单地定义为可能连接或可能不连接到Internet的低功率无线设备网络。
The applications of IoT include industrial monitoring and control (Industry 4.0), smart homes, smart cities, smart agriculture, as well as many use cases for healthcare and fitness, for example, in the form of body area networks composed of wearable sensors. Applications are also emerging for wireless in-car and in-airplane networks (for example, for on-board entertainment).
物联网的应用包括工业监测和控制(工业4.0 ),智能家居,智能城市,智能农业以及医疗保健和健身的许多用例,例如以可穿戴式传感器组成的人体局域网的形式。 无线车载和飞机网络(例如,车载娱乐)的应用也正在兴起。
The technologies used in IoT networks include both traditional WiFi and cellular communications and more specific protocols:
物联网网络中使用的技术包括传统的WiFi和蜂窝通信以及更具体的协议:
Short range protocols: IEEE 802.15.4, Bluetooth and Bluetooth Low Energy (BLE), and for some applications WiFi. While there are “low power” WiFi devices, the dedicated low-power protocols usually are better choice for battery powered devices, as its difficult to conform to the WiFi standards while saving a lot of energy. These are mainly used in body area, healthcare/fitness and smart home applications, as well as in industrial automation.
短程协议: IEEE 802.15.4,蓝牙和低功耗蓝牙(BLE),以及某些应用程序的WiFi。 尽管存在“低功耗” WiFi设备,但是专用的低功耗协议通常是电池供电设备的更好选择,因为它难以符合WiFi标准,同时又节省了大量能源。 这些主要用于人体区域,医疗保健/健身和智能家居应用,以及工业自动化。
Long range protocols: LoRa/LoRaWAN, NB-IoT, Sigfox, IEEE 802.15.4g, IEEE 802.11ah (“WiFi HaLow”). These are mainly used in smart agriculture, smart city, and smart home applications.
远程协议: LoRa / LoRaWAN,NB-IoT,Sigfox,IEEE 802.15.4g,IEEE 802.11ah(“ WiFi HaLow”)。 这些主要用于智慧农业,智慧城市和智慧家庭应用。
最低0.47元/天 解锁文章
9123
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
