Recommendations for securing Internet of Things devices using commodity hardware

摘要

The Internet of Things (IoT) describes a world where ubiquitous devices such as sensors are all capable of communicating with the Internet. The concept of Internet enabling devices is not new, however the popularity of IoT promises to increase the number of connected devices considerably. Ubiquitous IoT devices have serious security implications as they occur in large numbers, are geographically distributed and can be difficult to physically secure. These devices may contain sensitive or commercially valuable data making them attractive to various forms of attack. In this paper we provide an overview of the state-of-the-art hardware available and recommend ways for reducing the IoT attack surface. We utilise the most relevant security technologies and make four recommendations for consideration when developing end-to-end IoT systems (full disk encryption, cryptoprocessor, bootloader signing and bootloader encryption) providing a discussion of the benefits and limitations with reference to currently available commodity hardware.