Figure 1. As with other Cloud providers, AWS provides developers with a set of specialized services designed to enhance the security and effectiveness of transactions between IoT devices and enterprise Cloud services. Credit: Amazon Web Services
AWS IoT
IoT security fundamentals: connecting securely to IoT Cloud services
Using preconfigured development boards, developers can quickly gain experience with the security methods used by leading IoT Cloud services to authenticate connections and authorize use of IoT devices and Cloud resources. This article describes the connection requirements of two leading Cloud services, Amazon Web Services (AWS) and Microsoft Azure, and shows how developers can use development kits and associated software from a variety of vendors to quickly connect with these services.
Internet of Things (IoT) security depends on multiple layers of protection extending from the IoT device’s hardware foundation through its execution environment. Threats remain for any connected device, however, and typical IoT application requirements for Cloud connectivity can leave both IoT device and Cloud services open to new attacks. To mitigate these threats, IoT Cloud providers use specific security protocols and policies which, if misused, can leave IoT applications vulnerable.
Contributed By: Stephan Evanczuk, Contributing Author at Digikey
interact with each provider’s full set of Cloud resources such as virtual machines (VMs) and software- as-a-service (SaaS) offerings. Using a functionally similar set of mechanisms and capabilities, Azure IoT Hub and AWS IoT provide this portal for their respective enterprise Cloud offerings. At a minimum, these and other IoT portals use specific authentication protocols implemented through each provider’s software development kit (SDK) to create a secure connection. For AWS,
for both IoT devices and Cloud resources, Cloud services require the use of specific security protocols for mutual authentication of identity for sign in and subsequent authorization to ensure permitted usage of services. These protocols are typically included in a set of services that provide a secure portal between IoT devices and Cloud resources. As with other available IoT Cloud service platforms, AWS, and Azure each provide a specific entry portal that IoT devices need to use to
The role of IoT portals in Cloud services When an IoT device connects to a resource such as a Cloud service or remote host, it potentially exposes itself – and by extension the entire IoT network – to threats masquerading as legitimate services or servers. Conversely, the Cloud service itself similarly faces the threat of attacks from hackers mimicking IoT device transactions in an attempt to penetrate Cloud defenses. To help ensure protection
we get technical
24
25
Powered by FlippingBook