Use edge computing for IoT security, says IEEE

When it comes to the Internet of Things (IoT), security always seems to be the main sticking point among IT leaders in organizations considering integrating the technology.

According to IEEE (Institute of Electrical and Electronics Engineers) researchers, those businesses looking to make the leap should implement a new security framework. This approach sees ‘security agents’ integrated into local routers and networks to handle IoT security, and edge computing is expected to play a key role.

Edge computing and IoT

Edge computing is a new computing model where a near-user device with stronger computing power provides required resources for the applications of other resource-limited IoT devices. A reconfigurable security framework for IoT (ReSIoT) can overcome security challenges without changing the infrastructure or redesigning the standard protocol flows of IoT applications.

The IEEE framework utilizes a new component— a security agent (SA)— which is a near-user-edge device such as wireless router, base station or service router.

With this approach, key management can be simplified, says the organization, with even low-end devices protected by advanced security algorithms, while near-user edge devices provide more availability and usability compared to cloud-based solutions.

The introduction of this reconfigurable system for IoT devices will not require a change in system architectures, original protocols, and standards. Researchers believe that cloud-based computing may also help to offload the computation overhead of security protections.

Users could then give their security keys to cloud servers, where the reconfigurable security system still retains the confidentiality of the users’ security keys.

Improving Iot security

The new framework could potentially open up new frontiers in terms of the security of IoT networks— a common blocker to the technology’s uptake. Maintaining confidentiality of message exchange between IoT devices is of paramount importance, and the IEEE says this can be assured with the new framework.

In the case of malicious IoT devices, the identity of each device can be verified by the SAs, and the authentication process can guarantee that malicious devices do not access the network. Meanwhile, there is no ‘paper trail’ between the IoT device and the network. This ensures that the footprints of all communications are kept secret to SAs involved in the computation.

Spend on IoT technologies, apps and solutions is expected to hit US$267 billion by 2020, security in this area is of paramount importance to IT leaders in organizations that are interested in deploying this new system.