Demystifying Internet of Things Security: Successful Iot Device/Edge and Platform Security Deployment

Cheruvu, Sunil, Kumar, Anil, Smith, Ned

  • 出版商: Apress
  • 出版日期: 2019-08-14
  • 定價: $1,398
  • 售價: 9.0$1,258
  • 語言: 英文
  • 頁數: 488
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1484228952
  • ISBN-13: 9781484228951
  • 相關分類: 物聯網 IoT資訊安全
  • 立即出貨(限量) (庫存=2)

商品描述

Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth.
The IoT presents unique challenges in implementing security and Intel has both CPU and Isolated Security Engine capabilities to simplify it. This book explores the challenges to secure these devices to make them immune to different threats originating from within and outside the network. The requirements and robustness rules to protect the assets vary greatly and there is no single blanket solution approach to implement security.

Demystifying Internet of Things Security provides clarity to industry professionals and provides and overview of different security solutions
What You'll Learn

  • Secure devices, immunizing them against different threats originating from inside and outside the network
  • Gather an overview of the different security building blocks available in Intel Architecture (IA) based IoT platforms
  • Understand the threat pyramid, secure boot, chain of trust, and the software stack leading up to defense-in-depth


Who This Book Is For
Strategists, developers, architects, and managers in the embedded and Internet of Things (IoT) space trying to understand and implement the security in the IoT devices/platforms.

 

商品描述(中文翻譯)

解密物聯網安全

通過檢視基於Intel架構(IA)的物聯網平台中可用的不同安全構建塊,來解開對物聯網的誤解。這本開放存取的書籍回顧了威脅金字塔、安全啟動、信任鏈以及防禦深度之前的軟體堆疊。

物聯網在實施安全方面面臨獨特的挑戰,Intel擁有CPU和隔離安全引擎的能力,以簡化這一過程。本書探討了保護這些設備使其對來自內部和外部網絡的不同威脅免疫的挑戰。保護資產的要求和強健性規則差異很大,並且沒有單一的統一解決方案來實施安全。

《解密物聯網安全》為業界專業人士提供了清晰的指引,並概述了不同的安全解決方案。

你將學到什麼:

- 保護設備,使其對來自內部和外部網絡的不同威脅免疫
- 獲取基於Intel架構(IA)的物聯網平台中可用的不同安全構建塊的概述
- 了解威脅金字塔、安全啟動、信任鏈以及軟體堆疊之前的防禦深度

適合閱讀對象:

嵌入式和物聯網(IoT)領域的策略師、開發人員、架構師和經理,試圖理解和實施物聯網設備/平台的安全性。

作者簡介

Sunil Cheruvu is a Principal Engineer in the Platform Engineering Division of IOTG at Intel Corporation and has been involved in architecting complex systems involving HW/FW/SW for almost 23 years. Implementing the code for Baseline Privacy security in DOCSIS compliant Cable Modems when he was a Senior SW Engineer at 3com and a SW Staff Engineer at Conexant. Working at Microsoft as a SW Design Engineer, he was the tech lead for Vehicle Networking involving the Bus and Protocol driver stacks. He took the stacks through the threat modeling and implemented the resolutions in what was released as the Windows Mobile for Automotive (WMfA) platform.

At Intel, he was the Content Protection lead and owned the system level architecture of Conditional Access and Trusted Data Path (end-2-end premium content protection within a SoC.) Architecting the security for embedded devices and in his current role as the Principal Engineer, owns the scaling of security (from below Atom to Xeon) and on multiple Operating Systems. He is the subject matter expert for IOTG security across Intel and outside of Intel.

Anil Kumar is a Principal Engineer in the Platform Engineering Division of IOTG at Intel Corporation, and is responsible for the Connectivity Platform Architecture across IOTG. In this role, he leads the effort with the planning team to create IOTG's first ever roadmap for connectivity solutions. He is currently driving platform and chip level integration of several key connectivity and communication technologies which are critical for Cyber Physical Systems. Anil joined Intel in 2007 as a design engineer in Digital Home Group. He served as Platform Architect for several Intel Architecture based Media Processors for TV and Set Top Box applications. As the chief architect in Intel Media Group Anil lead several designs that resulted in award winning consumer electronic device designs at CES. The world's first Google TV devices were based on reference design efforts lead by Anil as well. Prior to joining Intel, Anil held design engineering positions at multinational companies such as Fujitsu & Alcatel. He was instrumental in taking several designs from concept to production throughout his career.

Ned Smith is a Principal Engineer in the Open Technology Center (OTC) team in the Software Solutions Group at Intel Corporation. He is responsible for defining Internet of Things security architecture and standards for open IoT technologies. This includes defining IoT architecture for Open Connectivity Foundation (OCF) and IPSO Alliance. Ned chairs the Security, Privacy and Identity (SPI) work group in IPSO Alliance. He is co-author of the Internet Engineering Task Force (IETF) draft specification, draft-hardjono-ace-fluffy-03 that defines key management for constrained environments.
Ned joined Intel Labs in 1995 where he helped define the Common Data Security Architecture (CDSA) that was standardized by the Open Group. He chaired the Infrastructure Workgroup (IWG) in the Trusted Computing Group (TCG) from its inception until 2006. The IWG may best be known for its work on Network Access Control (NAC) standards that later became the Trusted Network Connect (TNC) working group within the TCG. The TNC standards were adopted by a majority of network security vendors supplying NAC products.
Ned has been highly influential within Intel having contributed to a long list of enterprise and office security technologies including Intel(R) Identity Protection Technology, Intel(R) Anti-theft Technology, Intel(R) Manageability Engine, Intel(R) Converged Security Engine, Intel(R) Trusted Execution Technology, Intel(R) Insider(TM), Intel(R) Virtualization Technology, Intel(R) Deep Defender(TM), Intel(R) Platform Trust Technology, Intel(R) Software Guard Extensions and numerous other security, privacy, identity and access management related projects.
Ned is a prolific inventor having received Intel's highest award for patent filing in 2014. He has more than 115 patents granted and over 290 patents pending.
Dave Wheeler is a Senior Principal Engineer in the Platform Security Division of IAGS at Intel Corporation and has thirty years' experience in software, security and networking. In his current role, Dave is responsible for research and development of new cryptographic algorithms and protocols, security APIs and libraries across Intel including for IoT platforms, performs security reviews on Intel's cryptographic implementations, and represents Intel at the IETF. Within the Internet of Things, Dave has contributed to Intel's Software-Defined Industrial Systems architecture and IOTG's Health Application Platform. Prior to Intel, Dave held various lead software and systems architecture positions at Motorola, Honeywell Bull, General Dynamics, as well as his own consulting firm. Dave has designed and built several hardware security engines, including a Type-2 security coprocessor for a software defined radio, and the Intel Wireless Trust Module, a hardware cryptographic coprocessor on the Intel XScale processor. He has implemented several cryptographic libraries and protocol layers, including an IPSec-type implementation for an SDR radio, header compression protocol layers for IP, TCP, and UDP over multicast, a connectionless network layer protocol, two-factor authentication verification over RADIUS for a firewall VPN, PPP for serial, an instant messaging protocol over Bluetooth, and many others. Dave has been a key contributor to other full-stack product implementations including Intel's Blue River Network appliance, several complete public Internet applications in PHP, JavaScript/Sails, and even VBScript. Dave has also worked on smartcard security for banking and gaming applications at a startup, Touch Technology. While at Motorola in 1992, Dave authored the "Security Association Management Protocol" for the National Security Agency, and subsequently spoke nationally about key management and key management protocols. He has led clean-room implementations for ISAKMP, IKEv2, and a custom network-keying protocol. Dave's extensive experience in security, networking, software and hardware is leveraged across a broad segment of Intel's Internet of Things to make Intel's products and software projects secure.

作者簡介(中文翻譯)

Sunil Cheruvu 是英特爾公司 IOTG 的平台工程部門的首席工程師,他在設計涉及硬體/韌體/軟體的複雜系統方面已經有近23年的經驗。當他在3com擔任高級軟體工程師和Conexant的軟體高級工程師時,他實現了DOCSIS兼容的有線數據機中的基線隱私安全代碼。在微軟工作期間,他是車輛網絡的技術負責人,涉及匯流排和協議驅動程序堆棧。他將堆棧通過威脅建模並實施解決方案,最終發布了Windows Mobile for Automotive(WMfA)平台。

在英特爾,他是內容保護負責人,擁有條件訪問和可信數據通道(SoC內的端到端高級內容保護)的系統級架構。他負責嵌入式設備的安全性,並在他目前的職位作為首席工程師,負責安全性的擴展(從Atom到Xeon)和多個操作系統。他是英特爾內外IOTG安全性的專家。

Anil Kumar 是英特爾公司 IOTG 的平台工程部門的首席工程師,負責 IOTG 的連接平台架構。在這個角色中,他與規劃團隊合作,創建了 IOTG 的首個連接解決方案路線圖。他目前正在推動幾個關鍵連接和通信技術的平台和芯片級集成,這對於物聯網系統至關重要。Anil 於 2007 年加入英特爾,擔任數字家庭組的設計工程師。他擔任過多個基於英特爾架構的電視和機頂盒應用的平台架構師。作為英特爾媒體集團的首席架構師,Anil 領導了多個設計,這些設計在 CES 上獲得了獎項。世界上第一批 Google TV 設備就是基於 Anil 領導的參考設計工作。在加入英特爾之前,Anil 在富士通和阿爾卡特等跨國公司擔任設計工程師職位。在他的職業生涯中,他將多個設計從概念到生產。

Ned Smith 是英特爾公司軟體解決方案組的開放技術中心(OTC)團隊的首席工程師。他負責為開放的物聯網技術定義物聯網安全架構和標準。這包括為開放連接基金會(OCF)和IPSO聯盟定義物聯網架構。Ned 是 IPSO 聯盟的安全、隱私和身份(SPI)工作組主席。他是互聯網工程任務組(IETF)草案規範的共同作者,該規範定義了受限環境的金鑰管理。

Ned 於 1995 年加入英特爾實驗室,幫助定義了由開放組織標準化的通用數據安全架構(CDSA)。他從成立到 2006 年一直擔任可信計算組織(TCG)的基礎設施工作組(IWG)主席。IWG 最著名的工作是在 TCG 內部成為 Trusted Network Connect(TNC)工作組的網絡訪問控制(NAC)標準。TNC 標準被大多數提供 NAC 產品的網絡安全供應商採用。

Ned 在英特爾內部具有很大的影響力,為一長串企業和辦公室安全技術做出了貢獻,包括 Intel(R) Identity Protection Technology、Intel(R) Anti-theft Technology、Intel(R) Manageability Engine、Intel(R) Converged Security Engine、Intel(R) Trusted Execution Technology、Intel(R) Insider(TM)、Intel(R) Virtualization Technology、Intel(R) Deep Defender(TM)、Intel(R) Platform Trust Technology、Intel(R) Software Guard Extensions 和其他許多安全、隱私、身份和訪問管理相關項目。

Ned 是一位多產的發明家。