Samsung says ‘Safety First’ on the Internet of Things: IoT Security
The Internet of Things is not simply a phrase that refers to things that are connected to the internet. The Internet of Things is a developed form of the existing Internet, or the mobile internet, where devices connected to the Internet exchange information with one another, often without human intervention.
One of the key technologies in realizing the Internet of Things is ‘security.’ Although the Internet of Things is in the limelight for the convenience it would bring to users in the future, the components of the Internet of Things could be a potential threat to users, as the exchanged data could be hacked or leaked.
So what do we have to consider in ensuring the security of the Internet of Things? Just last month, Samsung’s S.LSI Division hosted a colloquium to discuss the security of the Internet of Things and ways to improve security issues at Samsung’s Hwasung campus. For those who are not familiar with the S.LSI Division Colloquium, it is a regular event where Samsung invites experts from various fields to discuss or lecture on promising future technology to Samsung employees.
A new approach to the security of the Internet of Things is necessary
At the colloquium, Kiyoung Kim, the chief of the AhnLab in Korea, lectured on how to look at the problem of existing security of the Internet of Things from a new perspective. According to Kim, reinterpreting security begins with the very basics of security.
To begin with, according to Kim, security consists of three elements: confidentiality, integrity, and availability. When we think of security, confidentiality is the only trait that usually comes to mind, as it makes data that is not permitted to be seen invisible or indiscernible. However, Kim claimed that both availability, which satisfies users when using data, and integrity, which encompasses security policy that has integrity and consistency in data, are essential factors.
As a way to visualize these factors, cellophane paper presents an interesting insight on security. The principle of the security model is similar to the principle where light cannot penetrate through two or more different colored cellophane papers overlapped. Thus, the convergence of two different security factors and the security architecture that effectively connects those factors are indispensable.
Security Attacks on the Internet of Things Era and its Defensive Plans
Then what are the security issues that need to be focused on in the Internet of Things era? According to Kim, vulnerable parts could be attacked through exterior attack analysis; weak points could be found on the network of things and existing devices; and exterior attacks could happen through the analysis of firmware, like in the case of firmware hacking. On the other hand, since hardware analysis is relatively difficult, Kim suggested the possibility of dealing with it by strengthening the security features of the device.
▲ Kiyoung Kim, the Chief of the AhnLab in Korea, talking about security issues of the Internet of Things
In addition, Kim stated that it is imperative for the scheme of future security measures on the Internet of Things to be approached on a multilateral level based on architecture, going beyond a unilateral defense that is focused only on malicious code.
Kim presented several words of caution to effectively respond to security threats in the Internet of Things era. First is the danger of familiarity. In terms of technology, the trend is to solve everything with what one does well or plan a product based on the technology already on hand, instead of using the appropriate technology for the right purpose. In fact, thinking of the purpose first and then considering the technology right for it will not only lead to producing an effective product, but also developments in technology.
Second is the loss of purpose. While developing a product, there are many times where one loses the original purpose on the usage of that particular technology. Third is a caution on theory. Whether the theory that derives results under controlled variables would apply in reality, where there are many variables, should be considered.
Thus, based on these three precautions, Kim gave three pieces of advice that can strengthen security even more. These included enhancing efficiency through the improvement of the surrounding environment, such as device protection and mutual authentication, reducing exterior attacks by removing unnecessary features, and thinking of vulnerabilities based on the understanding and consideration of people.
Kim ended the lecture saying, “You must remember that security technology is only a means to achieve security, not the purpose. When constantly thinking about things that must be protected, you can protect them all like a superhero in a movie.”
“I participated in this colloquium as I have majored in the field of security and needed some knowledge on security for business. I’ve learned the philosophical approach and perspective on security and the scheme, which will be helpful to me. Through the lecture, it was an opportunity to think about the importance of software as well as hardware.” said Junho Lee, one of the active listeners at the colloquium.
As the technology of the Internet of Things evolves day by day, we expect to see advances in security technology that will protect the enormous amount of data that is produced in this kind of environment.
About Samsung’s Focus on Internet of Things
Samsung has been investing and focusing on the Internet of Things (IoT) since the beginning of the year. At CES 2014, Samsung demonstrated how device-to-device communication in its Smart Home could make for a more efficient and enjoyable experience. In February, Samsung showed how the Internet of Things could expand on a much larger scale with its connectivity products at MWC 2014.
In addition, Samsung established the Open Interconnect Consortium in July, with 5 other companies, to improve interoperability and define connectivity requirements for the billions of devices that make up the Internet of Things. Samsung also joined forces with the Thread Group in the same month. A month later, Samsung acquired SmartThings, the creator of the leading open platform for the Internet of Things.
* The contents from the lecture are of Kiyoung Kim, the chief of the AhnLab in Korea, and do not necessarily represent those of Samsung Electronics
** Link to original article (in Korean): http://www.samsungsemiconstory.com/850
Corporate > Technology