You're reading from Arduino Data Communications

Product typeBook

Published inNov 2023

PublisherPackt

ISBN-139781837632619

Edition1st Edition

Concepts

Embedded Systems

Author (1)

Robert Thas John

Enhancing Security for Reducing Risk

Security is something that you need to consider before you place any new product on a shelf. By the end of this chapter, you will have learned about some of the threats that devices are exposed to when they send data over a network. You will have also learned how to reduce some of those risks.

In this chapter, we will cover the following topics:

Learning about the threat landscape
Embracing cloud security
Enforcing edge security
Learning about certificate authorities

We will not make use of any hardware in this chapter.

Learning about the threat landscape

The Internet of Things (IoT) is all about data. You have hardware in the mix, but the hardware collects and transmits data.

The importance of data in this era has been compared to the importance of oil in the industrial era. Data is considered to be a valuable resource by most people. Data can be used for making predictions, such as the data collected from weather stations being used to forecast weather patterns.

Data collected from a smart home system can be used to understand user behavior, such as what appliances are being used at certain times leading you to understand room occupancy. A positive application of user behavior is targeted advertising. However, it is also possible to utilize data negatively. Knowing when a room is occupied implies that bad actors know when the room isn’t occupied.

Another example is with fitness trackers that collect location information. If this information falls into the wrong hands, it becomes...

Embracing cloud security

There are various providers of cloud computing both at the platform level and at the infrastructure level. All providers have security features native to them that might appear to be overwhelming at first. You only need to do a bit of studying to get up to speed.

Multi-factor authentication

We already discussed MFA in the previous section, but repeating it here will only reinforce its importance. Every cloud provider worth using will have MFA baked in. Ensure that all of your users utilize MFA.

Identity and access management

Identity and Access Management (IAM) is how you control access to what a user can do on your cloud platform. On a cloud platform, users aren’t limited to humans. They could also be services. When it comes to controlling or granting permissions, apply the principle of least privilege. This simply means that you grant privileges or permissions that let the user do only what they need to do. For example, on GCP, you can...

Enforcing edge security

Your edge devices are computers. A lot of the things that apply to VMs apply to the computers that you will be setting up and deploying. However, you will not have the support of the cloud providers when you set up your edge devices, so you need to take care of everything yourself.

Operating system

The choice of the operating system that you install on your edge device is critical. You will want to avoid bleeding-edge and beta software. If possible, go for long-term support (LTS) variants of any operating system. Also, consider operating systems that will only run signed software. This will ensure that the computer will not run malicious software. One example of this is Ubuntu Core, which is designed for embedded applications and optimized for security.

Login and access control

Your computer can be accessed physically, so you want to ensure that bad actors can’t brute-force their way onto the computer. The way to avoid this is by disabling...

Learning about certificate authorities

A CA is a trusted third party that issues certificates. These certificates are used to verify the identity of a computer or a website, as well as for encrypting and decrypting data.

While you can issue your own certificates, these are only for your private use. When you consider a website that you access using HTTPS, the web server uses a digital certificate that is globally recognized. The essence of the certificate is to confirm to others that the site they are visiting is what it claims to be.

The certificate contains the identity information of the entity that it is issued to, along with the entity’s public encryption key. This key is used by browsers to encrypt and decrypt data that is passed along between web/application servers and browsers/clients.

But how can you get a globally acceptable digital certificate?

Let’s Encrypt

Let’s Encrypt is a non-profit that makes obtaining certificates relatively easy...

Summary

In this chapter, you learned about various security topics to consider when your product idea is about to go live, including what sort of security flaws you might be exposing and how to go about reducing them. In the next chapter, we will look at what you need to take care of when the demand exceeds your expectations and you have more than a handful of users – that is, how to go about creating systems with high availability.

The rest of the chapter is locked

You have been reading a chapter from

Arduino Data Communications

Published in: Nov 2023Publisher: PacktISBN-13: 9781837632619

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

undefined

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Author (1)

Robert Thas John

Robert Thas John is a data engineer with a career that spans two decades. He manages a team of data engineers, analysts, and machine learning engineers – roles that he has held in the past. He leads a number of efforts aimed at increasing the adoption of machine learning on embedded devices through various programs from Google Developers and ARM Ltd, which licenses the chips found in Arduinos and other microcontrollers. He started his career as a software engineer with work that has spanned various industries. His first experience with embedded systems was in programming payment terminals.
Read more about Robert Thas John

Personalised recommendations for you

Based on your interests and search pattern

Architectural Patterns and Techniques for Developing IoT Solutions

This book covers all the patterns and considerations that give you both the power and flexibility to build scalable, secure, and performant IoT solutions by combining various patterns in interesting ways. It also lists the benefits of combining IoT with technologies like blockchain, 3D-printing, 5G, Generative AI, quantum computing, and LLMs.

BookSep 2023304 pages

Arduino Data Communications

Arduino Data Communication focuses on IoT’s Internet aspect, guiding you in setting up your own infrastructure for storing and managing the data collected from sensors. This book goes beyond microcontroller basics, equipping you with the knowledge essential for building real-world projects.

BookNov 2023286 pages5

Arduino IoT Cloud for Developers

From fundamental principles to advanced techniques, this comprehensive book equips you with the knowledge and skills needed to design and deploy IoT applications seamlessly. Explore cloud integration, best practices, and real-world projects to harness the full potential of IoT application development with the Arduino IoT Cloud.

BookNov 2023402 pages

The Azure IoT Handbook

Building IoT Systems with Azure IoT is a comprehensive introduction for those who are new to the Internet of Things and looking to get up to speed in no time. This book will teach you how to create and develop IoT solutions with intelligent edge-to-cloud technologies in the Azure cloud.

BookDec 2023248 pages