In this chapter, you will learn following recipes:
- Securing a device with IoT Hub
- Securing a communication
- IP filtering with IoT Hub
- IoT Hub access rights
- Security best practices
In this chapter, you will learn following recipes:
The era of the Internet of Things (IoT) is growing at a tremendous pace. Digitally connected devices are innovated for every aspect of our lives, including our homes, offices, cars, and our bodies too; with researchers claiming that, by 2020, the number of active wireless connected devices will exceed 40 billion.
It's up to the manufacturer and the system implementer of these IoT devices and IoT solutions to use more effective methods of IoT security in the following four areas:
IoT Hub provides hyper-scale identity registry for millions of devices per unit. The Azure IoT Hub secures devices while they are out in the field by registering them in Hub and providing a unique identity key for each IoT device. These secured details require the IoT solution/backend application to communicate with the device while it is in the field operation. It is a quick and easy process to configure an IoT device which can communicate over the internet into the IoT Hub. The device manufacturer will associate these details during the manufacturing of the hardware unless an Over the AIR (OTA) technique is implemented.
The Azure IoT SDKs help to manage any devices that are a...
With the estimated number of IoT devices set to increase in the coming years across the globe, it is important how we connect those devices. The durability of receiving telemetry data from devices and delivering commands in response will be an important feature of any IoT solution which needs to be considered.
Azure IoT Hub does not permit insecure connections. Transport Layer Security (TLS) is always enforced. All messages are tagged with the originator on the service side, allowing the detection of in-payload origin spoofing attempts.
The Azure IoT Hub SDK provides a messaging infrastructure to establish secure communication between the connected devices using several IoT protocols...
Security is an important aspect of any IoT solution based on the Azure IoT Hub. Sometimes, your IoT solution needs to explicitly give the range of the IP addresses from which the devices can connect as part of the custom IoT security configuration. IP filtering enables customers to configure IoT Hub to only accept connections from specific IP addresses assigned to the IoT devices or to block communication for a specific range of IP addresses.
The IP filter configuration is very easy for an administrator. These rules apply any time a device or a backend application connects on any supported protocols (currently AMQP, MQTT, AMQP/WS, MQTT/WS, HTTP/1).
IoT Hub has a defined set of permissions that needs to be taken into consideration. It is used for any IoT device or backend solution to connect or communicate with the IoT Hub. Once you have the appropriate permission, only then you will be able to access the respective IoT Hub endpoints.
The different permissions that you can grant to a device or backend application to access your IoT Hub are:
The IoT security strategy defines how to secure data in the cloud and protect data integrity, while IoT device telemetry data does the communication over the public internet, and securely provisions IoT devices which are continuously running and collecting data in the field. One needs to work on this strategy from the manufacturing, development, and deployment of IoT devices and their implementation infrastructure.
In this recipe we will try to use the security practices: