IoT Security 培训

课程编码

IotS

课程时长

21 小时 通常来说是3天,包括中间休息。

要求

There are no specific requirements needed to attend this course.

课程概览

物联网安全101:

本课程概述了物联网安全的最新现行做法以及该主题的内容
不断发展的。它旨在让物联网开发人员,管理人员为其物联网产品做出战略决策
作为供应商和客户。

课程结构为24小时,12个模块,12x2。每个模块2个小时。

Machine Translated

课程大纲

1. Mod-1 :

Understanding IoT system risks & challenges

  • Disruption and Denial of Service attack
  • Vulnerability of API end points
  • Vulnerability of Gate way devices
  • Vulnerability of connected sensors and devices
  • Vulnerability of Gateway- Server communication
  • Vulnerability of Cloud services

2. Mod-2 :

OSASP 2014, Top 10 security risk :

  • I1 Insecure Web Interface
  • I2 Insufficient Authentication/Authorization
  • I3 Insecure Network Services
  • I4 Lack of Transport Encryption
  • I5 Privacy Concerns
  • I6 Insecure Cloud Interface
  • I7 Insecure Mobile Interface
  • I8 Insufficient Security Configurability
  • I9 Insecure Software/Firmware
  • I10 Poor Physical Security
  • References to OWASP and other related resources

3. Mod-3 :

Understanding challenges of IoT security:

Massive deployments – Many simultaneous connections – Huge increase in data traffic
Constrained devices (Sensors, Actuators) – 16 KB RAM, 128 KB Flash, battery-driven
Low-Power Lossy Networks – 100 kbit/s, high packet loss ( ~ 20%) – Physical layer
packet size limited ( ~ 100 bytes) :
Too much network traffic – Too many messages • TLS: 2 round trips – Too large
messages • TLS certificates > 1 KB
Too much RAM needed – Example: Minimal TLS ~ 4 KB
Too large libraries required – Example: TLS has over 100 algorithm options → Standard
security needs profiling

4. Mod-4 :

4 Recent case studies of IoT hacking

5. Mod-5 :

Security issues in Industrial Internet of Thing ( IIOT )- how secure Industrial control network like PLC, DAC interacting with IoT systems

6. Mod-6 :

Security issues in Medical/Health care IoT system : Securing patients from IoT hackers

7. Mod-7 :

Security issues in Connected cars

8. Mod-8 :

IoT Security implementation case study and prevailing art from known IoT Platform

  • AWS IoT standard for device authentication
  • Microsoft Azure IoT security standards
  • IBM IoT security standards

9. Mod-9 :

Legal issues in different verticals of IoT

  • Manufacturing
  • Healthcare
  • Connected Car
  • Service aggregation like Uber
  • Banking

10. Mod-10 :

Block Chain and IoT security :

Conventional security and privacy approaches tend tobe inapplicable for IoT, mainly due to its decentralized topology and the resource-constraints of
the majority of its devices. BlockChain (BC) that underpin the cryptocurrency Bitcoin have been
recently used to provide security and privacy in peer-to- peer networks with similar topologies to
IoT. However, BCs are computationally expensive and involve high bandwidth overhead and
delays, which are not suitable for IoT devices. Therefore new kind of BC approaches are evolving
for IoT security specially when control is involved. This module will touch the BC initiative in IoT
security with 3 case studies.

11. Mod-11 :

IoT security and standards: IETF, Most relevant for IoT: – ACE (Authorization and
Authentication in Constrained Environments) – CoRE (Constrained Restful Environments) – COSE
(CBOR Object Signing & Encryption). Existing standards – CoAP (Constrained Application
Protocol) • Similar to HTTP but for constrained devices – CBOR (Concise Binary Object
Representation) • Similar to JSON but binary and more compact  Work in progress – COSE
(CBOR Object Signing and Encryption) • Securing CBOR objects – OSCoAP (Object Security for
CoAP)

12. Mod-12 :

Active areas of IoT security research, future and Q/A session.

客户评论

★★★★★
★★★★★

课程分类

相关课程

促销课程

订阅促销课程

为尊重您的隐私,我公司不会把您的邮箱地址提供给任何人。您可以享有优先权和随时取消订阅的权利。

我们的客户

is growing fast!

We are looking to expand our presence in China!

As a Business Development Manager you will:

  • expand business in China
  • recruit local talent (sales, agents, trainers, consultants)
  • recruit local trainers and consultants

We offer:

  • Artificial Intelligence and Big Data systems to support your local operation
  • high-tech automation
  • continuously upgraded course catalogue and content
  • good fun in international team

If you are interested in running a high-tech, high-quality training and consulting business.

Apply now!