It’s fascinating how the size of computers have gradually deceased in past 2 -3 decades. We used to have big desktops with big towers. But slowly and gradually we now are in a time where we can get a computer for just $50. It is all because of Single-Board Computers (SBCs) that came in use and is still in use for various experimental and study purposes.

Get Help With Your Essay

If you need assistance with writing your essay, our professional essay writing service is here to help!

Essay Writing Service

It can be defined as a complete computer which is made up of a single circuit board comprising of memory, microprocessor, input/output and every other necessary feature. Its example is Raspberry Pi. It has got a lot of advantages when compared to a personal computer. The main advantage is that it is lighter in weight, compact in size and much more power efficient. Also, it is very cheap. However, unlike personal computer, it has got some limitations. It does not support expansions of hardware for other purposes. It’s standard format my not be suitable for some customers with particular need. They may also not support heavy applications that require a huge computing power in terms of CPU and memory as they lack it. For this reason, they are mostly used in embedded control system as they are considered a best alternative to microcontrollers.

Internet of Things (IoT) is a concept of connecting billions of devices of any shape and size to the internet with a purpose of collecting and sharing data with each other. It is made possible by the cheap processors and wireless networks. The devices range from a smart microwave that automatically cooks food for you to self-driving cars whose smart sensors detect objects in its path. Thus, it is a fantastic technology that has made our life a lot easier. (Anon., n.d.)

How does IoT work?

Devices with sensors are connected to an IoT cloud platform that collects data from different devices for analysis process and shares only the most valuable information with applications built to address specific needs. In other words, the sensors gather the information from its surroundings and passes it to the gateway (Raspberry Pi for instance). The gateway then integrates and sorts the data from sensors and passes only the most relevant data to the IoT cloud platform. But before sending these organized data, the gateway and platform must first register with each other and confirm a secure connection. The platform is constantly gathering and storing hundreds and thousands of bits of information from hundreds and thousands of gateways. This poses a lot of challenges and issues in terms of deployment and security. (Clark, 2016)

Since the assignment specification wants us to briefly discuss the challenges and issues of using SBCs in Internet of Things (IoT), I will be discussing many aspects of SBCs and IoT that will help us better understand the challenges and Issues it faces.

Security Issues

It is the most important aspect of IoT when it comes to deploying it in the enterprise environment. The main thing that is affecting the IoT security is the lack of industry-accepted standards. There are many frameworks for IoT security but there is not even one agreed-upon security framework. Many companies and industries have their own specific standards. Due to these varieties in standards, it not only makes it difficult to secure the system but also creates an interoperability issues between them. (Rouse, n.d.). The followings are some of the security issues associated to IoT:

Figure 1: Security Challenges of IoT

1. Distributed Denial of Service (DDoS)

We all know that IoT collects a ton of data as data retrieval and processing are the integral part of IoT environment. So, data encryption is one of the issues related to it. Majority of the data are personal and hence needs to be protected through encryption. The main solution to this issue is to use Secure Sockets Layer Protocol (SSL) to access our data present online as websites nowadays use SSL certification to encrypt and protect user’s data online. This represents only the half part of the equation as the other half remains in the protection of wireless protocol that IoT uses. The wireless transfer of data in IoT device also needs to be encrypted by using a wireless protocol with inbuilt encryption. After that comes authentication. Even after a successful encryption, there still remains a chance of device getting hacked if failed to establish authenticity of the data being communicated to and from an IoT device. (Singh, 2016)

Find Out How UKEssays.com Can Help You!

Our academic experts are ready and waiting to assist with any writing project you may have. From simple essay plans, through to full dissertations, you can guarantee we have a service perfectly matched to your needs.

View our services

Failing to implement the above-mentioned security practices puts the organization in a high risk of Distributed Denial of Service (DDoS) attacks. As we are already seeing a soaring adoption rate of IoT in enterprise environment, we can’t deny the fact that they can be used to launch DDoS against organization. We know IoT is a new technology with lack of fundamental security controls. So, this gives an attacker an opportunity to use these vulnerabilities to build a large botnet to perform targeted attacks which are very difficult to stop. It is expected that 20.4 billion IoT devices will come in use by 2020. Thus, it is safe to say that DDoS attacks utilizing these security vulnerabilities could have a disastrous consequence. (Weagle, 2018)

In 2016 October 21, hackers used IoT devices to launch 3 DDoS attacks on a company called Dyn. It is a company that provides Domain Name Service (DNS). Later on, after the attack, Dyn estimated that millions of IP addresses were involved. The attack affected number of well-known websites by using unknown number of IP address that belonged to IoT devices. (Greenstein, 2016)

2. Sending Data Securely to the Cloud

Organizations nowadays, use IoT devices collect real time and continuous data to make better business decision and also to increase customer satisfaction. As the data produced from these IoT devices is growing exponentially, it has compelled the enterprises to think about cloud storage to store such massive data. It is also found some organizations store such data on premises storage saying that it is costly or sensitive to store in cloud. But actually, storing the data in cloud has more advantages over storing in on-premises storage. The first advantage is that a direct connection is provided between the device and a public cloud provider. Secondly, the most important one is, the data and storage management is not the organization’s problem. It’s the responsibility of the cloud provider. We just pay and use the services provided by the cloud provider.

Now, while storing the IoT data in a cloud, along with the advantages comes the security issues as well. In many situations the data generated from IoT devices are very sensitive to the organization. So, they worry about cloud security issue when storing such data in the cloud. It is for sure that when sharing the computing resources with the cloud provider, the physical security is lost. Since data is stored in third party cloud provider, we have no idea where the data is stored and we do not have any control over it. This issue can be mitigated by ensuring a secure data transfer by using cryptographic protocols such as Transfer Layer Security (TLS) and Secure Socket Layer (SSL) that provide secure communication between the cloud and the IoT devices hence transferring the data securely to the cloud. Furthermore, the other issue is preserving the integrity and truthfulness of the data which can be solved by providing a secure user interface. At last, the possibility of the cloud service providers not following the privacy rights can also be solved by applying cryptography techniques such as symmetric and asymmetric cryptography to the data. (Jayant D. Bokefodea, 2016)

3. Access Control

Access control can be defined as a system in which the authority controls the access to the resources by making sure it is accessible to those authorized only. Majority of the recent proposals have solved the problems of the traditional access control model which lack flexibility, scalability and usability in an environment where billions of IoT devices are connected. The distributed approach has been found to be the most efficient one in solving these issues as the devices are able to make their own authorization decision without consulting the central entity. There are number of access control models which are applied to different scenarios. Some of them are as follows:

a) Mandatory Access Control (MAC)

In this model, the system administrator gives the permission to access object. It assigns the security labels to the subject and objects and is independent of the user operations where only the administrator has the privilege to modify the security labels. MAC model is expensive thus, very hard to implement and maintain. It is only used in military applications. This is the reason why MAC models are not used as access control system.

b) Discretionary Access Control (DAC)

This model of access control is completely different than the MAC model as this model allows the users to access and maintain the resources by giving permissions to their resources by being included in the Access Control List (ACL). Each entry present in access control list allows the users to access the resources. These permissions are mostly stored by objects. Unlike in MAC, where permissions are provided to the users in predefined policies by the administrator, in DAC, the permissions are given by the users. They have the right to decide to access the resources they belong. Operating systems such as UNIX and Windows have already adopted this model.

c) Role-Based Access Control (RBAC)

This model assigns the users to roles and the security policies giving privileges to roles instead of users since users are associated to roles. This model also allows creating the hierarchies of permissions and inheritance. (Y. Andaloussi1, 2018)

In summary, if MAC is applied in the system, the administrator has all the rights to manage the user’s roles and right as all rights for modifying access policies are incorporated by the administrator. Without the authority of the administrator, the users are not able to access the system. This model is incorporated in very sensitive environments such as military and research centers where data protection is very important. Similarly, if DAC is applied into the system, then the users have the right to modify the access rules for any object but it poses a security threat because if an attacker get the user’s rights over the user account, it is very dangerous. Hence, giving a complete right to any user is a risk for an organization. But if RBAC model is applied in the system, the rights are given to the users according to the roles played by them in organization. So, RBAC is the best model to apply in an enterprise environment. (Jayant D. Bokefodea, 2016)

So, in my view, while connecting the IoT devices to the IoT cloud, we should be very careful in giving the privileges to the users to access the data present in cloud. We should provide the access privileges in such a way that only few people who are required to manage the data and look after the infrastructure get the access privilege. What I mean to say is, only IT personnel in an organization are to be allowed to access those data. The reason behind that is if we grant the access permission to unwanted employees of other field such as finance for example, there is a risk of mishandling of data as it is not their field. For this, I believe applying the RBAC model will provide us with more security over the data stored in IoT cloud. Thus, access control plays a very important role in an IoT environment.

4. Privacy Implication

As IoT is facilitating the life of humans, it is also bringing the privacy issues as these devices lack the security required and are vulnerable to attacks. The small modules and sensors are installed in many appliances from car to a baby’s toy. These modules give the criminals an opportunity to get far more information than they currently can. For example, a criminal may be able to monitor a child by hacking into the cameras installed in toys or they might even keep track of what you are cooking as we get a smart microwave in market these days. The most funny and ridiculous one is an IoT condom. There is a condom named I.Con that has a Bluetooth connection which measures different variables during sex including calories burned, average skin temperature etc. This certainly proves how much we are surrounded by necessary and unnecessary IoT devices. This poses a great amount of security issue in our privacy.

So, the only solution to this issue is self-cautiousness when using an IoT device i.e. we should only use what is necessary for us knowing its security vulnerabilities. Talking about an enterprise environment, it is extremely dangerous to connect the IoT devices to the production network as it will create a high chance of DDoS attacks which will create a complete chaos by totally dismantling the infrastructure network depriving us from the service.

Wireless Challenges

There are wide range of wireless technologies that allows devices to send and receive data with each other and web TCP/IP networks without cables. They can also be used in number of hardware for IoT. There are a number of wireless technologies out there but we should choose what is best for us by taking into account the required operating range, data rate, power consumption and cost as these are the core criteria for selection a particular wireless technology. Each of them has got same advantages and disadvantages to them. So, the followings are the wireless technologies that we can implement in our IoT environment:

1. Short Range and Low Power Technologies

Four of the wireless technologies namely, Bluetooth Low-Energy, Zigbee, Z-Wave and 6LoWPAN are used for creating networks consuming low power and low data. If our IoT device is battery powered and need to send relatively low amount of data to shorter distance then we definitely should consider these four technologies over others. The common feature shared by all four of these technologies is ‘mesh network’, also known as many-to-many network. (Anon., n.d.)

Figure 2: A Mesh Network

The main advantage of mesh networking is that data can be sent from one device to the other by relaying the data to the device in the middle. For example, in peer-to-peer technologies such as Bluetooth and WiFi Direct, to send data from device A to C, we must form a direct link between them but in mesh networking, the data can be sent from A to C via B. This allows us to create a large interconnected network with very low amount of power. So, if we are using these technologies, mesh topology should be applied so that each node is interconnected which makes it easy to send data. The technologies that support mesh networking are as follows:

a) Bluetooth Low-Energy (BLE)

It is a low-energy version of the Bluetooth classic. It is mainly designed to send and receive small amounts of data by consuming a very little amount of energy. The most common application of BLE is, it is used for transmitting the sensor data such as temperature measuring sensor and GPS device transmitting location etc. It is powered by a coin battery and it consumes so much less power that the coin battery lasts for a year or a longer. Also, it has a pretty descent data rate of 1Mbps (Bluetooth classic supports up to 2-1 Mbps). It supports mesh networking like I have mentioned above. It supports mesh network up to 32,767 devices. (Anon., n.d.)

b) Zigbee

It is also a wireless technology that is deployed in short range which is similar to the BLE in many aspects. It runs on 2.4 GHz frequency, runs on a very small power and supports mesh networking. It allows us to create a mesh network of up to 65,000 devices. It is commonly used in home automation application such as smart lighting, smart thermostat etc. (Anon., n.d.)

c) Z-Wave

It is a proprietary wireless technology acquired by Silicon Labs in 2018. While BLE and Zigbee operates on 2.4 GHz frequency band, Z-Wave operates under 1 GHz band and it varies from country to country. For example, in U.S, it runs on 908 MHz whereas in Europe, it runs at 868 MHz .Other countries use from 865 MHz to 921 MHz .The main advantage offered by Z-Wave is that unlike the BLE and Zigbee, it offers less amount of interference and increased range since it uses a lower band of frequency. Since the BLE and Zigbee runs on 2.4 GHz frequency band., it suffers from interference from other technologies using the same band such as Bluetooth Classic, WiFi and even microwave. The Z-Wave technology allows mesh networks up to 232 devices. (Anon., n.d.)

2. Local Area Network Technology

WiFi is the wireless technology that also falls under LAN due to its moderate area coverage. It does not require more introduction as we are quite familiar to it. If we want the internet connection in our device then WiFi the solution. It is fast, cheap and has a good coverage but has a higher power consumption. It is a star network with a central hub and all the nodes and devices connect to it. It is 801.11 standard given by the IEEE.

Now, having said all these, the real question is which one do we deploy in our IoT environment. For this, it is very important to compare the pros and cons of these technologies. When it comes to the technologies such as Zigbee, BLE and Z-Wave, their main advantage is that they run on very low power and offer mesh networking. But when it come to WiFi (801.11), there are a lot of advantages offered by it. The first and the most important one is the data transfer speed. The data transfer offered by 802.11b GHz is 11mbps and other versions such as a and g have maximum of 54mbps. That is way more compared to the mesh technologies such as Zigbee offering 250kbps max. Also, WiFi cover a very wide range of area between 30 to 100 meters while Zigbee and other mesh technologies cover 10 to 30 meters for usual applications. (Ray, 2015)

Conclusion

This assignment helped me a lot in understanding the usage of IoT and how it is transforming our lives. I researched many aspects of it including security and privacy implications. What I came to know is that these devices are vulnerable to threats and we should be very cautious in deploying these devices in enterprise environment as it may give an attacker an opportunity to hack into our system. It is very important to follow the security measures I have mentioned above. I also discussed about the various wireless technologies that we can use for our IoT environment. It is very hard to pick any one technology as they all have their own positive and negative sides. What we gain in bandwidth with WiFi is lost in battery power and range and what we gain in power consumption in Zigbee is lost in range and bandwidth. (Ray, 2015). But since we are talking about the IoT solution in an enterprise scenario, it becomes mandatory to use WiFi as a wireless technology in SBC because of the wide range of advantages it offers compared to other technologies. Coverage and speed are very important when it comes to enterprise environment which it is not addressed by the mesh technologies such as Zigbee, BLE and Z-Wave. But it is addressed by WiFi. Hence, I believe WiFi is the better technology to deploy for SBCs.

Bibliography

Anon., n.d. – Comparison of Wireless Technologies – Bluetooth, WiFi, BLE, Zigbee, Z-Wave, 6LoWPAN, NFC, WiFi Direct, GSM, LTE, LoRa, NB-IoT, and LTE-M. [Online]
Available at: https://predictabledesigns.com/wireless_technologies_bluetooth_wifi_zigbee_gsm_lte_lora_nb-iot_lte-m/
[Accessed 26 05 2019].
Jayant D. Bokefodea, A. S. B. P. A. S. a. D. G. M., 2016. Developing A Secure Cloud Storage System for Storing IoT, s.l.: https://www.researchgate.net.
Ray, B., 2015. The ZigBee Vs WiFi Battle For M2M Communication. [Online]
Available at: https://www.link-labs.com/blog/zigbee-vs-wifi-802-11ah
[Accessed 26 05 2019].
Rouse, M., n.d. IoT security (internet of things security). [Online]
Available at: https://internetofthingsagenda.techtarget.com/definition/IoT-security-Internet-of-Things-security
[Accessed 26 05 2019].
Y. Andaloussi1, M. D. E. O. Y. M. J. M. B. H. C., 2018. Access control in IoT environments: Feasible scenarios. [Online]
Available at: https://reader.elsevier.com/reader/sd/pii/S1877050918305064?token=44E28242566FC859CCD83D659EA4A51E1AB1EE4093A092E6315B40F7B337A52E9B6817F9D196DB2746BD154AEBE7BCD1
[Accessed 19 05 2019].