Security and Privacy for a Green Internet of things

 

Abstract:  

 The Internet of Things (IoT) will control the critical infrastructure of the 21st century, including smart cities, smart manufacturing, the smart power grid, and smart transportation systems. These smart cyberphysical systems will interconnect billions of smart devices with IoT control systems, thus requiring an IoT with exceptionally low latencies and exceptionally high cybersecurity. The US National Academy of Engineering recently identified 14 grand challenges for the 21st century, including achieving cybersecurity for the IoT (bit.ly/1UObLEq). Fundamentally new approaches to achieving cybersecurity, privacy, and trust in the IoT are needed that go well beyond current approaches.

 

Existing System: 

Unfortunately, today’s best-effort IoT (BE-IoT) suffers from severe weaknesses. For example, it has no inherent admission control or rate control for billions of IoT users. Any user can send data at any rate to any destination at any time. Consequently, the BE-IoT suffers from frequent congestion, excessive delays, excessive packet loss, and poor energy efficiency. Delays approaching hundreds of milliseconds occur often, and denial-of-service (DoS) attacks are easy to create. The BE-IoT also offers no guarantees that data will be delivered within a strict delay deadline, or at all. According to General Electric, the future IoT could control roughly US$82 trillion in global GDP by 2030.1 According to Juniper Research, DoS and cyberattacks could cost global industries more than $2 trillion by the year 2020. Several international efforts are exploring ways to improve the BE-IoT to support machineto- machine and device-to-device communications. The Industrial Internet Consortium (IIC) consists of more than 250 companies and is developing a new Industrial Internet to interconnect smart factories and industrial machines.2 The IEEE and ITU are developing a new Tactile Internet with very low latencies for humanto- machine communications.3,4 Neither effort has considered deterministic communications, which can be inherently NP-hard. A unified, ultra-low-latency IoT network could be called the Industrial and Tactile IoT, and new approaches to achieving improved security and privacy in this Industrial-Tactile IoT are required.

 

Proposed System: 

 A  new approach to achieving exceptional security and privacy in the IoT is explored. The combination of a centralized control plane using software-defined networking (SDN) technologies, the use of deterministic virtual networks (DVNs), and lightweight encryption with long keys in layer 2 can offer significant benefits. In contrast, a virtual intranet can be created for a single entity that requires exceptional security, privacy, performance, and energy efficiency. A virtual intranet is essentially a private DVN that operates in layer 2. A cyber-physical control system for the smart power grid can reserve its own virtual intranet to manage its resources. Likewise, a government agency such as the US Department of Homeland Security can reserve its own virtual intranet to manage its resources. These virtual intranets are logically disconnected from the BE-IoT and are therefore immune to DoS attacks and cyberattacks.

Conclusion:  

 The future Industrial and Tactile IoT must support the demanding, smart cyberphysical systems of the 21st century, such as smart cities and the smart power grid. Cybersecurity remains an outstanding challenge. This article shows that the combination of a centralized SDN control plane, DVNs, and lightweight encryption in layer 2 can achieve exceptional security, privacy, performance, and energy efficiency in the IoT, in datacenters, and in cloud computing systems. The proposed SDN control plane can embed millions of distinct DVNs into a layer-2 green deterministic host network. The use of deterministic switches creates an inherent intrusion detection system in which the arrival of any unauthorized packets from a cyberattacker, even a single packet, can be detected in microseconds, leading to corrective action by the SDN control plane. As a result, the DVNs are immune to congestion, interference, DoS attacks, and targeted cyberattacks in layer 2. Future smart systems can reserve their own mutually exclusive and interferencefree DVNs to achieve significantly improved security, privacy, performance, and energy efficiency well beyond what is possible with today’s BE-IoT.

 

Reference: 

 P.C. Evans and M. Annunziata, Industrial Internet: Pushing the Boundaries of Minds and Machines, General Electric, Nov. 2012, pp. 1–37.

 

  1. T.H. Szymanski, “Supporting Consumer Services in a Deterministic Industrial Internet Core Network,” IEEE Comm., vol. 54, no. 6, 2016, pp. 110–117.

 

  1. G. Fettweis et al., The Tactile Internet, ITU-T Technology Watch Report, Aug. 2014, pp. 1–24.

 

  1. M. Maier et al., “Tactile Internet: Vision, Recent Progress, and Open Challenges,” IEEE Comm., vol. 54, no. 5, 2016, pp. 138–145.

 

  1. T.H. Szymanski, “Securing the Industrial-Tactile Internet of Things with Deterministic Silicon Photonic Switches,” IEEE Access, vol. 4, 2016, pp. 8236–8249.

 

  1. T.H. Szymanski, “An Ultra-Low Latency Guaranteed Rate Internet for Cloud Services,” IEEE Trans. Networking, vol. 24, no. 1, 2016, pp. 123–136.

 

  1. “Announcing the Advanced Encryption Standard (AES),” Federal Information Processing Standards (FIPS) publication 197, 2001, pp. 1–51.

 

  1. G. Varghese and N. Bjorner, “Network Verification,” ACM SIGCOMM tutorial, Aug. 2015.

 

  1. E. Barker, Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms, NIST special publication 800-175B, Mar. 2016, pp. 1–79.