Urban and suburban transport intelligent management. Textbook. Vadim Shmal
Читать онлайн книгу.for data transmission over the network, as well as data storage and analysis in the cloud; [30]
– IoT systems must be protected from threats to other networks and users (external security), as well as from threats to their users and property (internal security); [30]
– the Internet is an interconnected network of networks in which the security of each of them affects the security of the others. [30]
Let’s look at some IoT security threats:
– Malware distribution botnets can be used to attack IoT devices connected to the global network;
– Denial of service DoS attack to slow down services and discredit businesses;
– social engineering attacks aimed at illegally obtaining confidential information about users can also be exposed to devices connected to IoT;
– targeted cyber attacks in order to gain illegal control and access to the network while remaining unnoticed for a long period of time;
– ransomware virus;
– remote recording of Internet of Things users in order to obtain confidential data;
– physical damage to equipment controlled by the Internet of Things by obtaining control;
– falsification of data in order to make wrong decisions;
– digital espionage.
As you can see, information in the modern world plays a very important role, especially when it is possible to remotely control various devices or predict the implementation and manage business or technological processes, so cybersecurity issues come to the fore.
Some methods of IoT risk reduction:
– Management and control of Internet of Things endpoints by identifying and adding to the inventory of resources to reduce the likelihood of cyber attacks;
– identify the IT security vulnerability zone;
– detection of abnormal deviations in data during the interaction of devices and servers;
– using a good data encryption system and protocols;
– management control at the identity level to identify users and their actions. Authentication helps companies better understand how users access devices, which increases the level of protection against vulnerabilities and misuse.
It is worth noting that with the development of IoT, it is necessary to guarantee sufficient security of solutions, since they operate with a large amount of confidential data that directly affects the most important production processes. For this purpose, measures are carried out aimed at:
– Security of devices and sensors. Device security is implemented through device authentication, partial message encryption, and sensor firmware updates.;
– Connection protection. Ensuring the confidentiality of data and their protection from unauthorized modification is necessary when transferring data between the device and the IoT platform. Here the protection is based on Transport Layer Security (TLS) technology. At the same time, the data is encrypted to prevent unauthorized listening and understanding of the content.
1.1.3 Authentication as an important factor of the Internet of Things
It is necessary to ensure the following security properties of Internet of Things devices:
1) a reliable access and authentication system based on cryptography. Encryption is necessary to protect communication between iOS devices, and cryptographic device identifiers are needed for this. You need to make sure that only authorized users have access to connected devices;
2) cryptographic security of the software. Using the PKI system to sign the code and verify its authenticity;
3) software updates throughout the entire lifecycle of devices.
From the point of view of ensuring the security of Yota networks should be provided:
1) cryptographic data protection;
2) the absence of critical dependencies on connectivity. Maintaining critical functionality by the system even in the absence of communication;
3) creating an additional device specification that describes in detail the required security policy for a specific device. [31]
The security of the cloud platform is ensured by:
1) control of access to device resources. The application declares a set of resources that it would like to access, while the platform provides a list of devices with these resources. Accordingly, the user gets the opportunity to choose which devices and their capabilities this application can have access to, thereby authorizing the application.;
2) two-factor user authentication technology to increase the level of security;
3) verification of applications for the presence of malicious code. [31]
1.2 Internet of Things in the transport industry
Modern transport management is integrated, much attention is currently being paid to the development of multimodal and intermodal transport, since rail, road, aviation and sea modes of transport are closely interrelated. [66]
As noted in the study [66], in addition to the Internet of Things, cyber-physical systems (CPS) are used to manage transport facilities, and then cyber-physical transport systems (TCPS). They allow you to monitor and control physical devices in real time. An important feature of IoT is the use of mobile smart devices.
Communications between particularly responsible elements in transport play a key role. The functioning of modern rolling stock as a set of interconnected parts is largely provided by smart mobile devices. [66]
In addition to the types of IoT information interaction in TCPS transport cyberspace, V2V (Vehicular-to-Vehicular communications) interaction is often used, based on information interaction between single vehicles based on a variety of sensors that are installed on each mobile object. At the same time, information from individual vehicles enters a single information space for optimal control and interaction of moving objects. [66]
In the field of transport, a special wireless mobile communication network VANET is used. This network allows vehicles to exchange a variety of information over a wireless environment and contributes to the intensification of transportation. [66]
The transport industry plays a direct and significant role in the country’s economy. Many aspects depend on the efficient functioning of the transport system, such as timely delivery of goods to consumers, mobility of passengers in cities, logistics of large industrial institutions. [23,24,27,30]
Experts [30] identify several IoT functions in the transport industry, which include:
– obtaining the necessary data from the transport system;
– measurement of read data;
– providing a wireless connection for the exchange of sent data;
– functioning of a cloud platform to support management decision-making based on predictive analytics;
– implementation of the regulatory impact according to the decisions taken.
For the successful operation of the Internet of Things, several functional levels are distinguished:
– the level of communication channels;
– analytical level;
– service level;
– the level of infrastructure.
The communication channel layer helps in transmitting data from the analytical layer through various networks. An important factor in the development of the level of communication channels is the issue of data transmission security. In addition, it is necessary to take